regd autherisation code for a field

Former Member — Tue, 27 May 2008 12:31:52 GMT

Hi All,

i have one user-exit requirement in VA01 . in va01 i need to provide the autherisation on ORDER-REASION field.

ex:in order resion field F4 (have 5 option there, autherised user need to secect one then document saved else it will the error.

based on my autherisaion code basis will create a role and they will assign the users.

is there any special code to provide autherisations for users.

Re: regd autherisation code for a field

Sm1tje — Tue, 27 May 2008 12:36:36 GMT

Something like this (not sure if I get your requirement):

Authorization Check in ABAP Programs

A more sophisticated, user-programmed authorization check is possible using the Authority-Check statement. It allows you to check the entries in the user master record for specific authorization objects against any other values. Therefore, if a transaction or program is not sufficiently protected or not every user that is authorized to use the program can also execute all the actions, this statement must be used.

AUTHORITY-CHECK OBJECT object

ID name1 FIELD f1

ID name2 FIELD f2

...

ID namen FIELD fn.

object is the name of an authorization object. With name1, name2 ... , and so on, you must list all fields of the authorization object object. With f1, f2 ... , and so on, you must specify the values that the system is to check against the entries in the relevant authorization of the user master record. The AUTHORITY-CHECK statement searches for the specified object in the user profile and checks the useru2019s authorizations for all values of f1, f2 ... . You can avoid checking a field name1, name2 ... by replacing FIELD f1 FIELD f2 with DUMMY.

After the FIELD addition, you can only specify an elementary field, not a selection table. However, there are function modules available that execute the AUTHORITY-CHECK statement for all values of selection tables. The AUTHORITY-CHECK statement is supported by a statement pattern.

Only if the user has all authorizations, is the return value sy-subrc of the AUTHORITY-CHECK statement set to 0. The most important return values are:

· 0: The user has an authorization for all specified values.

· 4: The user does not have the authorization.

· 8: The number of specified fields is incorrect.

· 12: The specified authorization object does not exist.

A list of all possible return values is available in the ABAP keyword documentation. The content of sy-subrc has to be closely examined to ascertain the result of the authorization check and react accordingly.

REPORT demo_authorithy_check.

PARAMETERS pa_carr LIKE sflight-carrid.

DATA wa_flights LIKE demo_focc.

AT SELECTION-SCREEN.

AUTHORITY-CHECK OBJECT 'S_CARRID'

ID 'CARRID' FIELD pa_carr

ID 'ACTVT' FIELD '03'.

IF sy-subrc = 4.

MESSAGE e045(sabapdocu) WITH pa_carr.

ELSEIF sy-subrc <> 0.

MESSAGE e184(sabapdocu) WITH text-010.

ENDIF.

START-OF-SELECTION.

SELECT carrid connid fldate seatsmax seatsocc

FROM sflight

INTO CORRESPONDING FIELDS OF wa_flights

WHERE carrid = pa_carr.

WRITE: / wa_flights-carrid,

wa_flights-connid,

wa_flights-fldate,

wa_flights-seatsmax,

wa_flights-seatsocc.

ENDSELECT.

In this example, the system checks with the authorization object S_CARRID whether or not the user has a display authorization (03) for the airline entered on a selection screen. If this is not the case, or a different error occurs, the Selection Screen Processing goes back to the display of the selection screen.

topic regd autherisation code for a field in Application Development and Automation Discussions

regd autherisation code for a field

Re: regd autherisation code for a field