Community
Application Development and Automation Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Read only

Authorisation-check-

Go to solution
Former Member

‎2007 Apr 11 9:49 AM

0 Likes
454

Hi,

I have a selection screen with BUKRS having from and to range.I have to do an authorisation check for this company code such that user should have authorisation to post FI documents for the company code.For this should the object for the company code have posting as an activity associated with it?If so how dp I add this new activity.

Also can you please shed some light on use of TVARV table,how to check for entries in the table ,etc.

Thanks in advance.

Regards,

Reni

1 ACCEPTED SOLUTION
Read only

Go to solution
Former Member

‎2007 Apr 11 9:54 AM

0 Likes
411

first get the objects ?

check Su22 u will get list of objects

Regards

Prabhu

2 REPLIES 2
Read only

Go to solution
Former Member

‎2007 Apr 11 9:52 AM

0 Likes
411

Hi,

See the doc for Authorization and create the object for Company code and use

In general different users will be given different authorizations based on their role in the orgn.

We create ROLES and assign the Authorization and TCODES for that role, so only that user can have access to those T Codes.

USe SUIM and SU21 T codes for this.

Much of the data in an R/3 system has to be protected so that unauthorized users cannot access it. Therefore the appropriate authorization is required before a user can carry out certain actions in the system. When you log on to the R/3 system, the system checks in the user master record to see which transactions you are authorized to use. An authorization check is implemented for every sensitive transaction.

If you wish to protect a transaction that you have programmed yourself, then you must implement an authorization check.

This means you have to allocate an authorization object in the definition of the transaction.

For example:

program an AUTHORITY-CHECK.

AUTHORITY-CHECK OBJECT <authorization object>

ID <authority field 1> FIELD <field value 1>.

ID <authority field 2> FIELD <field value 2>.

...

ID <authority-field n> FIELD <field value n>.

The OBJECT parameter specifies the authorization object.

The ID parameter specifies an authorization field (in the authorization object).

The FIELD parameter specifies a value for the authorization field.

The authorization object and its fields have to be suitable for the transaction. In most cases you will be able to use the existing authorization objects to protect your data. But new developments may require that you define new authorization objects and fields.

http://help.sap.com/saphelp_nw04s/helpdata/en/52/67167f439b11d1896f0000e8322d00/content.htm

To ensure that a user has the appropriate authorizations when he or she performs an action, users are subject to authorization checks.

Authorization : An authorization enables you to perform a particular activity in the SAP System, based on a set of authorization object field values.

You program the authorization check using the ABAP statement AUTHORITY-CHECK.

AUTHORITY-CHECK OBJECT 'S_TRVL_BKS'

ID 'ACTVT' FIELD '02'

ID 'CUSTTYPE' FIELD 'B'.

IF SY-SUBRC <> 0.

MESSAGE E...

ENDIF.

'S_TRVL_BKS' is a auth. object

ID 'ACTVT' FIELD '02' in place 2 you can put 1,2, 3 for change create or display.

The AUTHORITY-CHECK checks whether a user has the appropriate authorization to execute a particular activity.

refere SU21 T code for creating the authorization object/class.

reward if useful

regards,

ANJI

Read only

Go to solution
Former Member

‎2007 Apr 11 9:54 AM

0 Likes
412

first get the objects ?

check Su22 u will get list of objects

Regards

Prabhu