Community
Application Development and Automation Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Read only

authorisation checks

Go to solution
Former Member

‎2009 Mar 06 5:44 AM

0 Likes
1,003

hello frnds

I have a a document number and listbox on selection screen. There are 5 vales in listbox ( create, save, cancel, park, post), my program works according to the vale selected in listbox.

Now i have to add authorisation check in it, means if some user does not have the role to cancel/create it then it shuld give the message ' you are not authorised to cancel/create it' and for other values in listbox.

In other words i have to give authorisation according to roles.

Kindly suggest how can i do it???

regds

1 ACCEPTED SOLUTION
Read only

Go to solution
Former Member

‎2009 Mar 06 6:10 AM

0 Likes
935

Hi,

Just see hoe we are doing authority check for company code.

CONSTANTS : l_c_object TYPE char10 VALUE 'F_BKPF_BUK',

l_c_actvt_03 TYPE char2 VALUE '03'.

IF NOT s_bukrs IS INITIAL.

SELECT bukrs

FROM t001

INTO TABLE l_i_t001

WHERE bukrs IN s_bukrs.

IF sy-subrc = 0.

LOOP AT l_i_t001 INTO l_wa_bukrs.

  • Authorization Check

AUTHORITY-CHECK OBJECT l_c_object

ID 'BUKRS' FIELD l_wa_bukrs-bukrs

ID 'ACTVT' FIELD l_c_actvt_03.

  • Authorization Fail

IF sy-subrc NE 0.

MESSAGE i085 WITH l_wa_bukrs. "Authorization failed for Company Code &

LEAVE LIST-PROCESSING.

ENDIF. "sy-subrc

ENDLOOP.

ENDIF. "sy-subrc

ENDIF.

Like this you can implement authority check in your application.

Thanks,

Asit Purbey.

8 REPLIES 8
Read only

Go to solution
Former Member

‎2009 Mar 06 5:48 AM

0 Likes
935

HI,

Use the AUthrization object..

AUTHORITY-CHECK OBJECT 'S_TCODE' ID 'TCD' FIELD 'ZPPUTR05'.

Read only

Go to solution
former_member632729
Contributor

‎2009 Mar 06 5:56 AM

0 Likes
935

Hi,

The following actions are subject to authorization checks that are performed before the start of a program or table maintenance and which the SAP applications cannot avoid:

  • Starting SAP transactions (authorization object S_TCODE)

  • starting reports (authorization object S_PROGRAM)

  • Calling RFC function modules (authorization object S_RFC)

  • Table maintenance with generic tools (S_TABU_DIS)

The authorization objects S_TCODE, S_PROGRAM, S_RFC, and S_TABU_DIS are standard SAP provided.


data: wa_tstc type tstc.
parameters: p_tcode type tcode.
authority-check object 'Z_TCODE'
id 'ACTVT' field '03' " read access
id 'ZTCODE' field p_tcode. " actual value
if sy-subrc eq 0. " check authorization
* fetch record
select single *
from tstc
into wa_tstc
where tcode eq p_tcode.
write:/ wa_tstc-tcode,
wa_tstc-pgmna,
wa_tstc-dypno,
wa_tstc-menue,
wa_tstc-cinfo,
wa_tstc-arbgb.
else.
* bad authorization
write:/ 'Bad Authorization'.
endif.

Read only

Go to solution
Former Member

‎2009 Mar 06 5:59 AM

0 Likes
935

Hi,

Refer below link.

Read only

Go to solution
Former Member

‎2009 Mar 06 6:01 AM

0 Likes
935

hi,

can you please che this link it's having same requirement

it would be helpful

Thanks and regards

Durga.K

Read only

Go to solution
Former Member

‎2009 Mar 06 6:08 AM

0 Likes
935

hello dear

user would be having access to the Transaction but that would be specific to values in listbox.

values in listbox are:

created, save, cancelled, park and post.

all users will not be having authorisation to created, save, cancelled, park and post. the document number.

i need to check authorisation not per transation wise but according to vaules in listbox.

kindly help...

Read only

Go to solution
Former Member

‎2009 Mar 06 6:10 AM

0 Likes
936

Hi,

Just see hoe we are doing authority check for company code.

CONSTANTS : l_c_object TYPE char10 VALUE 'F_BKPF_BUK',

l_c_actvt_03 TYPE char2 VALUE '03'.

IF NOT s_bukrs IS INITIAL.

SELECT bukrs

FROM t001

INTO TABLE l_i_t001

WHERE bukrs IN s_bukrs.

IF sy-subrc = 0.

LOOP AT l_i_t001 INTO l_wa_bukrs.

  • Authorization Check

AUTHORITY-CHECK OBJECT l_c_object

ID 'BUKRS' FIELD l_wa_bukrs-bukrs

ID 'ACTVT' FIELD l_c_actvt_03.

  • Authorization Fail

IF sy-subrc NE 0.

MESSAGE i085 WITH l_wa_bukrs. "Authorization failed for Company Code &

LEAVE LIST-PROCESSING.

ENDIF. "sy-subrc

ENDLOOP.

ENDIF. "sy-subrc

ENDIF.

Like this you can implement authority check in your application.

Thanks,

Asit Purbey.

Read only

Go to solution
Former Member

‎2009 Mar 06 6:14 AM

0 Likes
935

Hi,

check below link

http://www.sapmaterial.com/authorization_checks.html

Regards,

Madhu

Read only

Go to solution
Former Member

‎2009 Mar 06 6:19 AM

0 Likes
935

Anjali,

you will not have standard authorization object for your custom requireement.

you can achive your requirement by creating a Z table which stores a user and related operation he can do like create/; save/...etc.

you can add this check in your program to check the table entry and accordingly restirct user for processing the transaction else flag error message.