https://community.sap.com/t5/application-development-and-automation-discussions/authority-check-and-s-program/m-p/1832934#M354834 <HTML><HEAD></HEAD><BODY><P>The requirement is to restrict the execution of a report to only a certain group of users. So what I've done is create an authorization group for the report/program. How do I use the authority-check keyword to check for it? </P><P></P><P>Program: Z_MMRALV</P><P>auth. group: ZMMR</P><P></P><P>Note: This program is being called by another program (ZPROGA) so it should first check if user is authorized to use it. This check should be incorporated in the calling program. </P><P></P><P>AUTHORITY-CHECK OBJECT 'S_PROGRAM'</P><P> ID 'ZMMR' FIELD 'Z_MMRALV'.</P><P></P><P>Is this the correct way to do it?</P></BODY></HTML> Fri, 05 Jan 2007 00:43:29 GMT Former Member 2007-01-05T00:43:29Z https://community.sap.com/t5/application-development-and-automation-discussions/authority-check-and-s-program/m-p/1832934#M354834 <HTML><HEAD></HEAD><BODY><P>The requirement is to restrict the execution of a report to only a certain group of users. So what I've done is create an authorization group for the report/program. How do I use the authority-check keyword to check for it? </P><P></P><P>Program: Z_MMRALV</P><P>auth. group: ZMMR</P><P></P><P>Note: This program is being called by another program (ZPROGA) so it should first check if user is authorized to use it. This check should be incorporated in the calling program. </P><P></P><P>AUTHORITY-CHECK OBJECT 'S_PROGRAM'</P><P> ID 'ZMMR' FIELD 'Z_MMRALV'.</P><P></P><P>Is this the correct way to do it?</P></BODY></HTML> Fri, 05 Jan 2007 00:43:29 GMT https://community.sap.com/t5/application-development-and-automation-discussions/authority-check-and-s-program/m-p/1832934#M354834 Former Member 2007-01-05T00:43:29Z https://community.sap.com/t5/application-development-and-automation-discussions/authority-check-and-s-program/m-p/1832935#M354835 <HTML><HEAD></HEAD><BODY><P>It does not matter where you put it...i.e. in the calling program or in the actual program...as in both the places the check will be done and will stop the report if he is not authorised to execute.</P><P></P><P>- Guru</P><P>Reward points for helpful answers</P></BODY></HTML> Fri, 05 Jan 2007 00:57:36 GMT https://community.sap.com/t5/application-development-and-automation-discussions/authority-check-and-s-program/m-p/1832935#M354835 Former Member 2007-01-05T00:57:36Z https://community.sap.com/t5/application-development-and-automation-discussions/authority-check-and-s-program/m-p/1832936#M354836 <HTML><HEAD></HEAD><BODY><P>Dear Jess</P><P></P><P>Please check the option we have in attributes of a program.</P><P></P><P>We can find field "Authorization Group" in attributes.</P><P></P><P>Below is extract from documentation:</P><P>Authorization Group</P><P>Authorization group to which the program is assigned.</P><P></P><P>The assignment of a program to an authorization group plays a role when the system checks whether the user is authorized to:</P><P></P><P>Execute a program</P><P>--&gt; Authorization object S_PROGRAM</P><P>Edit a program (-Include) in the ABAP Workbench</P><P>--&gt; Authorization object S_DEVELOP</P><P>Programs that are not assigned to an authorization group are not protected against display and execution.</P><P>Security-related programs should, therefore, always be assigned to an authorization group.</P><P></P><P>Report RSCSAUTH can also be used to assign programs to authorization groups. This report is documented in detail.</P><P></P><P></P><P>Kind Regards</P><P>Eswar</P></BODY></HTML> Fri, 05 Jan 2007 01:00:55 GMT https://community.sap.com/t5/application-development-and-automation-discussions/authority-check-and-s-program/m-p/1832936#M354836 Former Member 2007-01-05T01:00:55Z