https://community.sap.com/t5/application-development-and-automation-discussions/authorisation-grp/m-p/2668108#M615845 <HTML><HEAD></HEAD><BODY><P>chk the table USR07</P><P>and transaction SU53</P></BODY></HTML> Mon, 20 Aug 2007 13:04:48 GMT Former Member 2007-08-20T13:04:48Z https://community.sap.com/t5/application-development-and-automation-discussions/authorisation-grp/m-p/2668107#M615844 <HTML><HEAD></HEAD><BODY><P>Hi all,</P><P></P><P>In a report tree, we can state the authorisation grp which can access that tree. This auth grp will then be tied to a user role to restrict certain users from accessing the tree. </P><P></P><P>I have created a custom program to access a custom table which stores these authorisation grp. this program is supposed to check if the user has the authorisation to access the tree. If he/she has then show the tree, if not do not show. </P><P></P><P>the problem is i'm not really sure which table hold the link between the user role and auth grp. does anyone know how to go abt this problem?</P><P></P><P>thanks alot!</P><P></P><P>r3gards,</P><P>r3venant</P></BODY></HTML> Mon, 20 Aug 2007 13:00:09 GMT https://community.sap.com/t5/application-development-and-automation-discussions/authorisation-grp/m-p/2668107#M615844 Former Member 2007-08-20T13:00:09Z https://community.sap.com/t5/application-development-and-automation-discussions/authorisation-grp/m-p/2668108#M615845 <HTML><HEAD></HEAD><BODY><P>chk the table USR07</P><P>and transaction SU53</P></BODY></HTML> Mon, 20 Aug 2007 13:04:48 GMT https://community.sap.com/t5/application-development-and-automation-discussions/authorisation-grp/m-p/2668108#M615845 Former Member 2007-08-20T13:04:48Z https://community.sap.com/t5/application-development-and-automation-discussions/authorisation-grp/m-p/2668109#M615846 <HTML><HEAD></HEAD><BODY><P>why don't you use sap standard and give the authorisation where it's normally done in a role which is maintained in tcode PFCG</P><P></P><P>when you want to check authorisation in abap use the function for that</P><P></P><P>for I_TCODE you can fill in you're own name. and the field is ofcourse different also </P><PRE><CODE> authority-check object 'I_TCODE' ID 'TCD' field 'IW32'. *ads IF t370a-aktyp = 'V'. if sy-subrc = 0. f_tcode = 'IW32'. ELSE. f_tcode = 'IW33'. ENDIF. </CODE></PRE><P></P></BODY></HTML> Mon, 20 Aug 2007 13:05:28 GMT https://community.sap.com/t5/application-development-and-automation-discussions/authorisation-grp/m-p/2668109#M615846 Former Member 2007-08-20T13:05:28Z https://community.sap.com/t5/application-development-and-automation-discussions/authorisation-grp/m-p/2668110#M615847 <HTML><HEAD></HEAD><BODY><P>Hi A. de Smidt,</P><P></P><P>those are auth objects, do u know where the auth grps are stores?</P><P></P><P>the thing is a they are going to create an FOP to call the tree which needs to be done thru a custom program. </P><P></P><P>So the check has to be done in this program to determine which tree to call. </P><P></P><P>Regards,</P><P>r3venant</P></BODY></HTML> Mon, 20 Aug 2007 13:15:23 GMT https://community.sap.com/t5/application-development-and-automation-discussions/authorisation-grp/m-p/2668110#M615847 Former Member 2007-08-20T13:15:23Z https://community.sap.com/t5/application-development-and-automation-discussions/authorisation-grp/m-p/2668111#M615848 <HTML><HEAD></HEAD><BODY><P>but why do you need to know where they are stored.??</P><P></P><P>if you have the name and you have the function you get back true or false if it passes the autorisation check.</P><P></P><P>really sap has provided a lot of functions that can do the work for you <SPAN __jive_emoticon_name="wink"></SPAN></P><P></P><P>the example above can also be used for you own created authorization groups and on which values you want to check</P><P></P><P>Message was edited by: </P><P> A. de Smidt</P></BODY></HTML> Mon, 20 Aug 2007 13:45:14 GMT https://community.sap.com/t5/application-development-and-automation-discussions/authorisation-grp/m-p/2668111#M615848 Former Member 2007-08-20T13:45:14Z