https://community.sap.com/t5/application-development-and-automation-discussions/regarding-authorization/m-p/3472520#M834681 <HTML><HEAD></HEAD><BODY><P>You are checking whether the user has the authorization for the CLASS ( User group in user master maintenance) which he is using. </P><P></P><P>So the CLASS parameter you got from direct input from selection screen from your program or from a database select in your code. Now two senerio possible : </P><P></P><P>1. CLASS have a single value in your program</P><P>2. CLASS have a list values in your program</P><P></P><P><U>1. When CLASS have a single value</U></P><P></P><P></P><P>Suppose the value is P_CLASS. Now you check the authorization of user by the following code: </P><P></P><P>AUTHORITY-CHECK OBJECT 'S_USER_GRP'</P><P>ID 'ClASS' FIELD P_CLASS</P><P>ID 'ACTVT' FIELD '01'.</P><P>IF SY-SUBRC NE 0.</P><P> </P><P>ENDIF.</P><P></P><P></P><P>SY-SUBRC EQ 0 means user has the authorization. In that case carryout the normal prossaing. If authorization fails (sy-subrc NE 0). Then you need to carryout operation according your logic. That may be stoping your program execution and display a error message. But it can varry according to your senerio.</P><P></P><P><U>CLASS have a list values</U></P><P></P><P>Suppose values are in LT_CLASS table. Then you need to loop LT_CLASS and check the authorization of each CLASS and if authorization fails you have to delete it from LT_CLASS table. Rest of your program will only consider the CLASS for which user has authorization.</P><P></P><PRE><CODE> LOOP AT LT_CLASS INTO LW_CLASS. AUTHORITY-CHECK OBJECT 'S_USER_GRP' ID 'ClASS' FIELD LW_CLASS-CLASS ID 'ACTVT' FIELD '01'. IF SY-SUBRC NE 0. DELETE LT_CLASS. ENDIF. CLEAR: LW_CLASS. ENDLOOP. </CODE></PRE><P></P></BODY></HTML> Wed, 05 Mar 2008 05:34:13 GMT Former Member 2008-03-05T05:34:13Z https://community.sap.com/t5/application-development-and-automation-discussions/regarding-authorization/m-p/3472518#M834679 <HTML><HEAD></HEAD><BODY><P>hello everyone,</P><P></P><P>plz tell me how i can use this code in my report.</P><P></P><P>AUTHORITY-CHECK OBJECT 'S_USER_GRP'</P><P> ID 'ClASS' FIELD 'AUDIT'</P><P> ID 'ACTVT' FIELD '01'.</P><P> IF SY-SUBRC NE 0.</P><UL><LI level="1" type="ul"><P> 041 Keine Berechtigung zum Anlegen von Benutzergruppe &amp;</P></LI></UL><P> MESSAGE E041(01) WITH ' '.</P><P> endif.</P><P></P><P>i have written this code in my report but it's not working.</P></BODY></HTML> Wed, 05 Mar 2008 05:20:34 GMT https://community.sap.com/t5/application-development-and-automation-discussions/regarding-authorization/m-p/3472518#M834679 Former Member 2008-03-05T05:20:34Z https://community.sap.com/t5/application-development-and-automation-discussions/regarding-authorization/m-p/3472519#M834680 <HTML><HEAD></HEAD><BODY><P>Hi,</P><P></P><P>Authority check is just for checking that if any user wants to access the report then does he has that authority, if yes then report will be displayed otherwise the Error message will be displayed.</P><P></P><P>For more information Write </P><P></P><P>AUTHORITY-CHECK and press F1 on it.</P><P></P><P>HTH,</P><P></P><P>Regards,</P><P></P><P>Dhruv Shah</P></BODY></HTML> Wed, 05 Mar 2008 05:28:01 GMT https://community.sap.com/t5/application-development-and-automation-discussions/regarding-authorization/m-p/3472519#M834680 dhruv_shah3 2008-03-05T05:28:01Z https://community.sap.com/t5/application-development-and-automation-discussions/regarding-authorization/m-p/3472520#M834681 <HTML><HEAD></HEAD><BODY><P>You are checking whether the user has the authorization for the CLASS ( User group in user master maintenance) which he is using. </P><P></P><P>So the CLASS parameter you got from direct input from selection screen from your program or from a database select in your code. Now two senerio possible : </P><P></P><P>1. CLASS have a single value in your program</P><P>2. CLASS have a list values in your program</P><P></P><P><U>1. When CLASS have a single value</U></P><P></P><P></P><P>Suppose the value is P_CLASS. Now you check the authorization of user by the following code: </P><P></P><P>AUTHORITY-CHECK OBJECT 'S_USER_GRP'</P><P>ID 'ClASS' FIELD P_CLASS</P><P>ID 'ACTVT' FIELD '01'.</P><P>IF SY-SUBRC NE 0.</P><P> </P><P>ENDIF.</P><P></P><P></P><P>SY-SUBRC EQ 0 means user has the authorization. In that case carryout the normal prossaing. If authorization fails (sy-subrc NE 0). Then you need to carryout operation according your logic. That may be stoping your program execution and display a error message. But it can varry according to your senerio.</P><P></P><P><U>CLASS have a list values</U></P><P></P><P>Suppose values are in LT_CLASS table. Then you need to loop LT_CLASS and check the authorization of each CLASS and if authorization fails you have to delete it from LT_CLASS table. Rest of your program will only consider the CLASS for which user has authorization.</P><P></P><PRE><CODE> LOOP AT LT_CLASS INTO LW_CLASS. AUTHORITY-CHECK OBJECT 'S_USER_GRP' ID 'ClASS' FIELD LW_CLASS-CLASS ID 'ACTVT' FIELD '01'. IF SY-SUBRC NE 0. DELETE LT_CLASS. ENDIF. CLEAR: LW_CLASS. ENDLOOP. </CODE></PRE><P></P></BODY></HTML> Wed, 05 Mar 2008 05:34:13 GMT https://community.sap.com/t5/application-development-and-automation-discussions/regarding-authorization/m-p/3472520#M834681 Former Member 2008-03-05T05:34:13Z