topic Re: SAP query -Security at plant/Comp Code level in Application Development and Automation Discussions

SAP query -Security at plant/Comp Code level

Former Member — Mon, 19 Mar 2007 14:34:27 GMT

Hi,

How can we secure SAP queries on Plant level/Co code level ?

I developed Query using Sq01.

Regards

Pravenn

Re: SAP query -Security at plant/Comp Code level

former_member194669 — Mon, 19 Mar 2007 19:08:01 GMT

Hi,

Generate ABAP code from query and assign a transaction code and attached to plant/Code level user profiles.

aRs

Re: SAP query -Security at plant/Comp Code level

Former Member — Mon, 19 Mar 2007 19:20:29 GMT

How can we generate ABAP Code? I never done that Could you explain in detail?

Or atleast tell me steps.

regards

Praveen

Re: SAP query -Security at plant/Comp Code level

former_member194669 — Mon, 19 Mar 2007 19:34:51 GMT

Hi,

GO TO SE93....

Just create a parameter transaction with reference to START_REPORT transaction. When creating a parameter transaction you have to set the following parameters:

D_SREPOVARI-REPORTTYPE = AQ

D_SREPOVARI-REPORT = precisely the first 12 characters - query user group (including trailing spaces), 13-th character is G for global queries

D_SREPOVARI-EXTDREPORT = Query name as shown in SQ01.

Do not forget to check the flag "Skip first screen".

within SQ01 go to "Query~~>More Functions~~>Display report name".

Then you create a t-code from SE93 with the shown report name...

May be you also use this report, This i have copied from the SDN.


REPORT ZRUN_QUERY .

************************************************************************
* DECLARACIÓNES *
************************************************************************
DATA:
REPORTNAME LIKE AQADEF-PGNAME.


************************************************************************
* PANTALLA DE SELECCION *
************************************************************************

SELECTION-SCREEN BEGIN OF BLOCK B0 WITH FRAME TITLE TEXT-001.
SELECTION-SCREEN BEGIN OF BLOCK B1 WITH FRAME.
PARAMETERS: P_BGNAME LIKE AQADEF-BGNAME OBLIGATORY,
P_QUNAME LIKE AQADEF-QUNAME OBLIGATORY.
SELECTION-SCREEN END OF BLOCK B1.
SELECTION-SCREEN END OF BLOCK B0.


************************************************************************
* CUERPO DEL PROGRAMA *
************************************************************************


CALL FUNCTION 'RSAQ_REPORT_NAME'
EXPORTING
WORKSPACE = SPACE
USERGROUP = P_BGNAME
QUERY = P_QUNAME
IMPORTING
REPORTNAME = REPORTNAME.


CALL FUNCTION 'RSAQ_SUBMIT_QUERY_REPORT'
EXPORTING
QUERYREPORT = REPORTNAME
VARIANTE = SPACE
EXCEPTIONS
ONLY_WITH_VARIANT = 1
VARIANT_NOT_EXIST = 2
OTHERS = 3
.
IF SY-SUBRC <> 0.
MESSAGE ID SY-MSGID TYPE SY-MSGTY NUMBER SY-MSGNO
WITH SY-MSGV1 SY-MSGV2 SY-MSGV3 SY-MSGV4.
ENDIF.

Please search SDN for "transaction AND sq01" you will get lot links , that will give useful info related to creating transaction code to SQ01.

aRs

Re: SAP query -Security at plant/Comp Code level

ferry_lianto — Mon, 19 Mar 2007 19:35:51 GMT

Hi,

Please check this PDF document on how to set authorization on SAP query.

http://help.sap.com/printdocu/core/Print46c/en/data/pdf/BCSRVQUE/BCSRVQUE.pdf

Hope this will help.

Regards,

Ferry Lianto

Re: SAP query -Security at plant/Comp Code level

Former Member — Mon, 19 Mar 2007 20:54:29 GMT

Hi,

Thank you for your Input.

I have a select-options for Plant in my Query with MARC-WERKS.

I noticed that we can code in QUERY with GOTO/CODE from Sq02.

I want to check authorization against users Input on Plant( MARC-WERKS)

How do i bring it in to code? Like what will be code?

SELECT DISTINCT werks FROM t001w

INTO TABLE plant WHERE werks IN MARC-WERKS???? is not working.

FYI.. I am using JOINS in my QUERY

please help.

regards

Praveen

Message was edited by:

PRAVEEN s

Re: SAP query -Security at plant/Comp Code level

former_member194669 — Tue, 20 Mar 2007 01:38:44 GMT

Hi,

u have to put Authorization Objects in ur Program

object is M_MATE_WRK

smaple code will be like this

AUTHORITY-CHECK OBJECT 'M_MATE_WRK

ID 'ACTVT' FIELD '03' " 01-Create 02-Change 03-display

ID 'WERKS' FIELD I_AUTH_WERKS-WERKS.

aRs

Re: SAP query -Security at plant/Comp Code level

Former Member — Tue, 20 Mar 2007 18:48:48 GMT

yes,

I know it but where to put this code?

Also how to bring in the selection-screen varaible to cross check?

DATA: plant TYPE TABLE OF marc-werks.

break-point.

FIELD-SYMBOLS: <plnt> TYPE ANY.

SELECT DISTINCT werks FROM t001w

INTO TABLE plant WHERE werks <b>eq BSIS-WERKS.</b>

I am confused on above bold part & I am placing it in START-OF-SELECTION branch which we go by GOTO/CODE..

LOOP AT plant ASSIGNING <plnt>.

AUTHORITY-CHECK OBJECT 'M_MATE_WRK'

ID 'ACTVT' FIELD '08'

ID 'WERKS' FIELD <plnt>.

IF sy-subrc NE 0.

MESSAGE 'No Authorization at Plant level' TYPE 'E'.

ENDIF.

ENDLOOP.

null

Re: SAP query -Security at plant/Comp Code level

Former Member — Mon, 16 Apr 2007 10:04:31 GMT

Hi,

I have the same concern on how to bring in the selection-screen variable to cross check with the authority-check. May i know how you solve the issue?

Thanks in advance.