Authorizations

Former Member — Wed, 06 Feb 2008 16:24:30 GMT

Is there a way for me to know if a user has access to execute a specific function module or transaction? I want to know authorizations for BAPI_USER_GET_DETAIL.

Re: Authorizations

Former Member — Wed, 06 Feb 2008 16:27:55 GMT

Hi Megan,

Any user who has authorization for the transaction SE37(to Run it) can run this BAPI.

If used in a program, then only those who have authorizations to run that particular program/ transaction will have authorzations.

Regards,

Ravi Kanth Talagana

Re: Authorizations

former_member194669 — Wed, 06 Feb 2008 16:29:18 GMT

Hi,

The BAPI check for following auth objects


form auth_check using objtype val1 val2 val3 rc.
* lokale Definiton der Konstante aus Include MS01CTCO
* notwendig, da nicht alle Verwender des Includes MS01CC10 das o.g.
* Include aufrufen
data: obj_sys(3)        value 'SYS'.

  case objtype.
    when obj_objct.
      if val1 = space and val2 = space.
        authority-check object 'S_DEVELOP'
                 id 'DEVCLASS' dummy
                 id 'OBJTYPE' field 'SUSO'
                 id 'OBJNAME' dummy
                 id 'P_GROUP' dummy
                 id 'ACTVT' field val3.
      else.
        authority-check object 'S_DEVELOP'
                 id 'DEVCLASS' dummy
                 id 'OBJTYPE' field 'SUSO'
                 id 'OBJNAME' field val1
                 id 'P_GROUP' dummy
                 id 'ACTVT' field val3.
      endif.
    when obj_auth.
      if val1 = space and val2 = space.
        authority-check object 'S_USER_AUT'
                        id 'OBJECT' dummy
                        id 'AUTH' dummy
                        id 'ACTVT' field val3.
      else.
        if val1 = space.
          authority-check object 'S_USER_AUT'
                          id 'OBJECT' dummy
                          id 'AUTH' field val2
                          id 'ACTVT' field val3.
        else.
          if val2 = space.
            authority-check object 'S_USER_AUT'
                            id 'OBJECT' field val1
                            id 'AUTH' dummy
                            id 'ACTVT' field val3.
          else.
            authority-check object 'S_USER_AUT'
                            id 'OBJECT' field val1
                            id 'AUTH' field val2
                            id 'ACTVT' field val3.
          endif.
        endif.
      endif.
    when obj_prof.
      if val1 = space.
        authority-check object 'S_USER_PRO'
                        id 'PROFILE' dummy
                        id 'ACTVT' field val3.
      else.
        authority-check object 'S_USER_PRO'
                        id 'PROFILE' field val1
                        id 'ACTVT' field val3.
      endif.
    when obj_group.
      if val1 = space.
        authority-check object 'S_USER_GRP'
                        id 'CLASS' dummy
                        id 'ACTVT' field val3.
      else.
        authority-check object 'S_USER_GRP'
                        id 'CLASS' field val1
                        id 'ACTVT' field val3.
      endif.
      when obj_sys.
      if val1 = space.
        authority-check object 'S_USER_SYS'
                        id 'SUBSYSTEM' dummy
                        id 'ACTVT' field val3.
      else.
        authority-check object 'S_USER_SYS'
                        id 'SUBSYSTEM' field val1
                        id 'ACTVT' field val3.
      endif.
  endcase.
  rc = sy-subrc.
endform.

Use Report RSUSR002 and check for above said objects you can find how many users have authorisation.

a®

Re: Authorizations

Former Member — Wed, 06 Feb 2008 16:29:22 GMT

Hi after executing the transaction please check the SU53 transaction.. whcih will list out if the user does not have any specific roles to execute the BAPI...

Regards,

Swaroop Patri

topic Re: Authorizations in Application Development and Automation Discussions

Authorizations

Re: Authorizations

Re: Authorizations

Re: Authorizations