topic Re: AUTHORITY-CHECK FOR CUSTOM TCODE in Application Development and Automation Discussions

AUTHORITY-CHECK FOR CUSTOM TCODE

Former Member — Tue, 03 May 2016 11:37:19 GMT

Dear experts ,

i am facing a problem that i have to give the authorization of my custom tcode which contains simple report to the specific user ?

please share with me if you know how to do.

Thank you.

Re: AUTHORITY-CHECK FOR CUSTOM TCODE

jogeswararao_kavala — Tue, 03 May 2016 11:42:39 GMT

Create a Role with Auth Object S_TCODE like shown below (tcode PFCG) and assign to the users.

Re: AUTHORITY-CHECK FOR CUSTOM TCODE

PeterJonker — Tue, 03 May 2016 11:48:12 GMT

Addition to the post of Jogeswara:

I think you also need to fill the field Authorization object in the transaction code with S_TCODE for it to work. (n SE93)

Re: AUTHORITY-CHECK FOR CUSTOM TCODE

jogeswararao_kavala — Tue, 03 May 2016 11:51:53 GMT

I always did without that. But the role works. I did not use SE93 Auth Obj field ever. It is always blank.

Re: AUTHORITY-CHECK FOR CUSTOM TCODE

Former Member — Tue, 03 May 2016 11:54:59 GMT

Thank you sir for your valuble response.

please guide me how to assign this role to the users in IDES system.

Thank you.

Re: AUTHORITY-CHECK FOR CUSTOM TCODE

jogeswararao_kavala — Tue, 03 May 2016 11:57:00 GMT

Approach to your BASIS (or SECURITY) group , Tell your requirement and show this discussion. They will make a Role and assign to users as per your list. Discussions beyond this will be very basic.

Re: AUTHORITY-CHECK FOR CUSTOM TCODE

PeterJonker — Tue, 03 May 2016 11:57:42 GMT

OK, well here we always fill it. So what you are saying is that it is not necessary. I didn't know that.

Re: AUTHORITY-CHECK FOR CUSTOM TCODE

pranay570708 — Tue, 03 May 2016 12:03:51 GMT

1. Create authorization object for your tcode in SU21.

2. Create a role via PFCG tcode to attach your authorization object. Select the “Authorizations” tab. And Click on the icon next to “profile name”to generate a Profile name and a description for the same. Click on the “Change authorization data, You’ll see a new screen with the Role Name on top left. Here you will have to add your ‘Authorization Object’. you need to add values (Employee numbers) in your object, for those who would be given authorization. Save and then Generate the profile by clicking on ‘generate’ icon.

3. if you want to give authorizations, Go to Transaction SU01, click on the Roles tab and assign role name.

4. you need to write a small code in your report for authorization check:

AUTHORITY-CHECK OBJECT 'ZTCODE'.
IF sy-subrc <> 0.
MESSAGE 'No authorization' TYPE 'E'.
Endif.

Re: AUTHORITY-CHECK FOR CUSTOM TCODE

Former Member — Tue, 03 May 2016 12:04:07 GMT

Actually there is no BASIS people in my office now . That is the problem.

In PFCG , there is a USER tab is there can i add the users there who are not authorized to execute that Tcode.

2) Is it required to add AUTHORITY-CHECK in the program under TCODE.

Re: AUTHORITY-CHECK FOR CUSTOM TCODE

jogeswararao_kavala — Tue, 03 May 2016 13:49:23 GMT

No I never used Authority check in my Z-programs.
Developed a Z-program
Created a ZTcode for this program
Got created a Role as given above
Assigned to users.

Re: AUTHORITY-CHECK FOR CUSTOM TCODE

Former Member — Wed, 04 May 2016 16:01:46 GMT

Anytime you execute a transaction, SAP checks automatically authorization object S_TCODE.

Custom authorization object are used in order to give differents kind of access to some funcionalities in the same transaction /program. eg. Read Only vs Write.

If any user that is allowed to execute your custom transaction, lets call it ZTCODE, can do anything in that transaction, is not necessary to create customer authorization object and check it in your program/transaction.

If this is your scenario, you have just to follow Jogeswara Rao Kavala instructions.