topic Re: Info about Authorization Object in Application Development and Automation Discussions

Info about Authorization Object

Former Member — Tue, 24 Feb 2009 10:50:32 GMT

Hi,

What is Authorization Object?

Where it can be used? In which scenarios, it is useful?

How is it related with ABAP and Functional?

Plz send some sample code

Thanks

Please do not ask broad, vague questions; please search the forum before asking.

And please do not respond to such questions - the moderators watch.

Edited by: Rob Burbank on Feb 24, 2009 11:01 AM

Re: Info about Authorization Object

Former Member — Tue, 24 Feb 2009 10:56:13 GMT

hi,

can you please check this link

http://help.sap.com/saphelp_nw70/helpdata/en/52/671285439b11d1896f0000e8322d00/content.htm

and sample code for that as below

SU21 is the tcode for authorization objects.

sample code

authority-check object 'V_VBAK_VKO'
id 'VKORG' field it_salesorg-vkorg
id 'VTWEG' dummy "FIELD '*'
id 'SPART' dummy "FIELD '*'
id 'ACTVT' dummy.
*If the user is not authorised
if sy-subrc 0.
*Give the error message.
endif.

Thanks and regards

Durga.K

Re: Info about Authorization Object

Former Member — Tue, 24 Feb 2009 10:56:41 GMT

Hi,

Authorization object is used to check the User Authority for a perticulaer activity (as the name itself sugests).

You can create a Auth Object from transaction from Tcode : SU21.

For Example: You have a Z Program and you want to ensure that only speific users will be able to run this report.

Then in your program you will write a Logic like:

AUTHORITY-CHECK 'ZAUTH_OBJ'

FIELDS 'FNAME' VALUE 'SOMEVALUE' .*

IF SY-SUBRC <> 0.

LEAVE-PROGRAM.

ENDIF.

The above statement checks that whether user has the Object ZAUTH_OBJ assigned to his profile (Auth object is assigned to the user profile through tcode PFCG--- basis activity).

So you can achieve a Authorization specific functionality using these Objects.

Tell me if you want more documents on this.

Regards,

Prakash Pandey

Re: Info about Authorization Object

Former Member — Tue, 24 Feb 2009 10:57:24 GMT

hi...

use link

regards

Re: Info about Authorization Object

Former Member — Tue, 24 Feb 2009 10:59:09 GMT

Here is some info about the authorization object :

Authorization objects allow complex checks that involve multiple

conditions that allow a user to perform an action. The conditions are

specified in authorization fields for the authorization objects and are AND

linked for the check. Authorization objects and their fields have descriptive

and technical names.

source code :

authority-check object <object name>

id 'ACTVT' field <value>

id <fieldname> field <value>

if sy-subrc ne 0.

message error

endif.

where

actvty :

01 Create or generate

02 Change

03 Display

09 Display prices

36 Extended maintenance

70 Administer

these activities define the authorization for the user.

basis ppl will set the authorisations for each user , per transaction per activity.

Re: Info about Authorization Object

Former Member — Tue, 24 Feb 2009 11:01:34 GMT

Hi Read this link, it has my answer.

Amresh.

Re: Info about Authorization Object

Former Member — Tue, 24 Feb 2009 11:13:20 GMT

How is it diiffer from USER ROLES created by basis or functionals?

Re: Info about Authorization Object

Former Member — Tue, 24 Feb 2009 11:20:08 GMT

HI Narendra,

It is not different from the USER ROLES created by the basis team.

The basis team uses Objects like these (Standard or Custom (Z) ) to create a role.

It is create in the transaction PFCG.

Once you create an object and code accordingly in your Z program. Then your object needs to be assigned in the USER role created by your basis consultant in order to achieve the complete functionality.

Regards,

Prakash Pandey