topic Re: Authorization for user on document type and company code in Application Development and Automation Discussions

Authorization for user on document type and company code

priyank_dev2 — Tue, 25 Apr 2017 07:14:40 GMT

Hi,

I have a custom report where I need to add a code for the authorization check.The check should perform "If the user has proper authorization for FI document type "EB" posting for the company code(company code is a parameter from the selection screen)".If the above check is successful then he/she should be able to post the entries(A bapi is called to post the entries). I have checked the config part(OBA7) where the authorization group 'ZFX3' is added for document type 'EB'.However there is no further entries under the object F_BKPF_BLA configured. Please let me know how to proceed here and how the code needs to be implemented in my report.

Re: Authorization for user on document type and company code

RaymondGiuseppi — Tue, 25 Apr 2017 09:19:32 GMT

Look at F_BKPF_BLA with SU21 to identify the activity to check.

In your report:

Read authorization group from T003 for document type 'EN'
Execute statement AUTHORITY-CHECK with values BRGU = T003-BRGRU and ACTVT = '01'

You may also be required to check authorization for the company code (so F_BKPF_BUK)

Re: Authorization for user on document type and company code

Jelena_Perfiljeva — Tue, 25 Apr 2017 20:29:29 GMT

Just to clarify - BAPIs have built-in authorization checks, usually the same ones as in the transactions. The only authorizations the program would have to check would be the additional ones, on top of the standard.

For the FI documents I believe F_BKPF_BLA should already be covered in BAPI. You can easily confirm this using Authorization Trace.