https://community.sap.com/t5/application-development-and-automation-discussions/authorization-check/m-p/1985384#M402452 <HTML><HEAD></HEAD><BODY><P>I dont understand. if you are given an auth object and asked to restrict your t-code against it then why do you need to make additional check in your code? if there user does not have the authorization object in his/her role, then it will restricted automatically.</P></BODY></HTML> Fri, 16 Feb 2007 02:58:45 GMT Former Member 2007-02-16T02:58:45Z https://community.sap.com/t5/application-development-and-automation-discussions/authorization-check/m-p/1985372#M402440 <HTML><HEAD></HEAD><BODY><P>Hi SDN's,</P><P></P><P>I am asked to do some authorisation checks on one of the Z Tcode. I am given the Auth Object Name and am asked to implement in my ABAP Code for the ZTcode.</P><P></P><P>What am i supposed to do?</P><P></P><P>Since that i have never done this before, Plz help me.</P><P></P><P>Thanks</P><P>Pratyusha</P></BODY></HTML> Fri, 16 Feb 2007 01:54:05 GMT https://community.sap.com/t5/application-development-and-automation-discussions/authorization-check/m-p/1985372#M402440 Former Member 2007-02-16T01:54:05Z https://community.sap.com/t5/application-development-and-automation-discussions/authorization-check/m-p/1985373#M402441 <HTML><HEAD></HEAD><BODY><P>Hi,</P><P></P><P>You need to add code similar to the below one in your Z report:</P><P></P><P> authority-check object 'Z_PLNT_AUT'</P><P> id 'ACTVT' field '03'</P><P> id 'WERKS' field i_auth_werks-werks.</P><P> </P><P> if sy-subrc ne 0 .</P><P> message e398(00) with</P><P> 'User' sy-uname 'not authorised for Plant : ' i_auth_werks-werks.</P><P> endif.</P><P></P><P>Thanks.</P></BODY></HTML> Fri, 16 Feb 2007 02:14:50 GMT https://community.sap.com/t5/application-development-and-automation-discussions/authorization-check/m-p/1985373#M402441 Former Member 2007-02-16T02:14:50Z https://community.sap.com/t5/application-development-and-automation-discussions/authorization-check/m-p/1985374#M402442 <HTML><HEAD></HEAD><BODY><P>Hi Rahul,</P><P>Thnk u for the reply,</P><P></P><P>lets consider my example. my Z tcode is not allowed for few users with diff company codes. so the auth obj given to me is doing that.</P><P></P><P>but i am doing another thing similar in my module pool PBO</P><P>i select the same from USR05 table and validate it against the PARID value having BUK ie the comp code</P><P>if sy-subrc ne 0 then i am giving an error msg</P><P></P><P>is this similar to the auth obj which i am asked to do</P><P></P><P>Regards</P><P>Pratyusha</P></BODY></HTML> Fri, 16 Feb 2007 02:29:47 GMT https://community.sap.com/t5/application-development-and-automation-discussions/authorization-check/m-p/1985374#M402442 Former Member 2007-02-16T02:29:47Z https://community.sap.com/t5/application-development-and-automation-discussions/authorization-check/m-p/1985375#M402443 <HTML><HEAD></HEAD><BODY><P>When you create the Z-tcode there is a field to enter the authorization object. </P><P></P><P>Display your z-transaction (SE93) and look for the field below your program name/selection screen/variant/.</P></BODY></HTML> Fri, 16 Feb 2007 02:34:52 GMT https://community.sap.com/t5/application-development-and-automation-discussions/authorization-check/m-p/1985375#M402443 Former Member 2007-02-16T02:34:52Z https://community.sap.com/t5/application-development-and-automation-discussions/authorization-check/m-p/1985376#M402444 <HTML><HEAD></HEAD><BODY><P>Usha,</P><P></P><P>Both the validations are different...</P><P></P><P>The one you have used in the Module Pool checks the Parameter Value Set for an User. If users have authorization for setting the parameters in their USER Profile, they can change this value. </P><P></P><P>Best would be to you AUTHORITY-CHECK command.</P><P></P><P>Thanks.</P></BODY></HTML> Fri, 16 Feb 2007 02:37:48 GMT https://community.sap.com/t5/application-development-and-automation-discussions/authorization-check/m-p/1985376#M402444 Former Member 2007-02-16T02:37:48Z https://community.sap.com/t5/application-development-and-automation-discussions/authorization-check/m-p/1985377#M402445 <HTML><HEAD></HEAD><BODY><P>Hi Sam,</P><P></P><P>Does this mean that we need nothing to do in our ABAP even after assigning the Auth Obj in SE93</P><P></P><P>I suppose not, as we need to give an error msg to the user.</P><P></P><P>So i had a check on the auth obj using auth check statemtn in the PBO. this shud be correct right?</P><P></P><P>Regards</P><P>Pratyusha</P></BODY></HTML> Fri, 16 Feb 2007 02:43:08 GMT https://community.sap.com/t5/application-development-and-automation-discussions/authorization-check/m-p/1985377#M402445 Former Member 2007-02-16T02:43:08Z https://community.sap.com/t5/application-development-and-automation-discussions/authorization-check/m-p/1985378#M402446 <HTML><HEAD></HEAD><BODY><P>Thnx Rahul,</P><P></P><P>one last thing the auth check which i am supposed to do shud be done in the PBO of the screen right?</P><P>Plz correct me if i am wrong</P><P></P><P>Regards</P><P>Pratyusha</P></BODY></HTML> Fri, 16 Feb 2007 02:44:16 GMT https://community.sap.com/t5/application-development-and-automation-discussions/authorization-check/m-p/1985378#M402446 Former Member 2007-02-16T02:44:16Z https://community.sap.com/t5/application-development-and-automation-discussions/authorization-check/m-p/1985379#M402447 <HTML><HEAD></HEAD><BODY><P>No Usha,</P><P></P><P>This should be in the PAI, as in the PBO event you won't have the Company Code for which user is executing the transaction.</P><P></P><P>Right?</P><P></P><P>Thanks.</P></BODY></HTML> Fri, 16 Feb 2007 02:46:55 GMT https://community.sap.com/t5/application-development-and-automation-discussions/authorization-check/m-p/1985379#M402447 Former Member 2007-02-16T02:46:55Z https://community.sap.com/t5/application-development-and-automation-discussions/authorization-check/m-p/1985380#M402448 <HTML><HEAD></HEAD><BODY><P>I default the Comp Code in the PBO itself.</P><P>So shud be OK right?</P><P></P><P>Regards</P><P>Pratyusha</P></BODY></HTML> Fri, 16 Feb 2007 02:49:05 GMT https://community.sap.com/t5/application-development-and-automation-discussions/authorization-check/m-p/1985380#M402448 Former Member 2007-02-16T02:49:05Z https://community.sap.com/t5/application-development-and-automation-discussions/authorization-check/m-p/1985381#M402449 <HTML><HEAD></HEAD><BODY><P>You mean user can not change this Company Code? If so, it will work. But am surprised as how are you defaulting the CO code?</P><P></P><P>I mean, how are you getting (selecting) this default Company code?</P><P></P><P>Message was edited by: </P><P> Rahul Patni</P></BODY></HTML> Fri, 16 Feb 2007 02:51:09 GMT https://community.sap.com/t5/application-development-and-automation-discussions/authorization-check/m-p/1985381#M402449 Former Member 2007-02-16T02:51:09Z https://community.sap.com/t5/application-development-and-automation-discussions/authorization-check/m-p/1985382#M402450 <HTML><HEAD></HEAD><BODY><P>Based on the SAP User ID i get if from USR05 and default it and the user can not change it.</P><P></P><P>Regards</P><P>Pratyusha</P></BODY></HTML> Fri, 16 Feb 2007 02:53:50 GMT https://community.sap.com/t5/application-development-and-automation-discussions/authorization-check/m-p/1985382#M402450 Former Member 2007-02-16T02:53:50Z https://community.sap.com/t5/application-development-and-automation-discussions/authorization-check/m-p/1985383#M402451 <HTML><HEAD></HEAD><BODY><P>Have you given authorization to the user to set parameter values in User Profiles?</P><P></P><P>If yes, then this check is fine. Or else I doubt how is this going to help.......?</P><P></P><P>Thanks</P></BODY></HTML> Fri, 16 Feb 2007 02:57:00 GMT https://community.sap.com/t5/application-development-and-automation-discussions/authorization-check/m-p/1985383#M402451 Former Member 2007-02-16T02:57:00Z https://community.sap.com/t5/application-development-and-automation-discussions/authorization-check/m-p/1985384#M402452 <HTML><HEAD></HEAD><BODY><P>I dont understand. if you are given an auth object and asked to restrict your t-code against it then why do you need to make additional check in your code? if there user does not have the authorization object in his/her role, then it will restricted automatically.</P></BODY></HTML> Fri, 16 Feb 2007 02:58:45 GMT https://community.sap.com/t5/application-development-and-automation-discussions/authorization-check/m-p/1985384#M402452 Former Member 2007-02-16T02:58:45Z https://community.sap.com/t5/application-development-and-automation-discussions/authorization-check/m-p/1985385#M402453 <HTML><HEAD></HEAD><BODY><P>HI,</P><P>Write code like this,</P><P></P><P>data: tcode like sy-tcode.</P><P></P><P>tcode = sy-tcode.</P><P></P><P>AUTHORITY-CHECK OBJECT 'P_TCODE'</P><P> ID 'TCD' FIELD TCODE.</P><P></P><P>if sy-subrc &lt;&gt; 0.</P><P> message error.</P><P> exit.</P><P>endif.</P><P></P><P></P><P>Regards</P><P>Subramanian</P></BODY></HTML> Fri, 16 Feb 2007 03:08:56 GMT https://community.sap.com/t5/application-development-and-automation-discussions/authorization-check/m-p/1985385#M402453 Former Member 2007-02-16T03:08:56Z