authority-check for particular comp code

Former Member · ‎2007 May 14

Hi All,

when i'm using standard Authority Object F_BKPF_BUK for a particular standard code say 'CO01'. but it is working for all company code, but i want work for only one company code say 'CO01' ONLY.i'm using in report program (zreport prog)

I written code as

AUTHORITY-CHECK OBJECT 'F_BKPF_BUK'

ID 'BUKRS' FIELD 'BE10'

ID 'ACTVT' FIELD '03'.

Please can u advice on this .

Many Thanks in Advance for u r Answer

Naren

Former Member · ‎2007 May 14

Hi

In general different users will be given different authorizations based on their role in the orgn.

We create ROLES and assign the Authorization and TCODES for that role, so only that user can have access to those T Codes.

USe SUIM and SU21 T codes for this.

Much of the data in an R/3 system has to be protected so that unauthorized users cannot access it. Therefore the appropriate authorization is required before a user can carry out certain actions in the system. When you log on to the R/3 system, the system checks in the user master record to see which transactions you are authorized to use. An authorization check is implemented for every sensitive transaction.

If you wish to protect a transaction that you have programmed yourself, then you must implement an authorization check.

This means you have to allocate an authorization object in the definition of the transaction.

For example:

program an AUTHORITY-CHECK.

AUTHORITY-CHECK OBJECT <authorization object>

ID <authority field 1> FIELD <field value 1>.

ID <authority field 2> FIELD <field value 2>.

...

ID <authority-field n> FIELD <field value n>.

The OBJECT parameter specifies the authorization object.

The ID parameter specifies an authorization field (in the authorization object).

The FIELD parameter specifies a value for the authorization field.

The authorization object and its fields have to be suitable for the transaction. In most cases you will be able to use the existing authorization objects to protect your data. But new developments may require that you define new authorization objects and fields.

http://help.sap.com/saphelp_nw04s/helpdata/en/52/67167f439b11d1896f0000e8322d00/content.htm

To ensure that a user has the appropriate authorizations when he or she performs an action, users are subject to authorization checks.

Authorization : An authorization enables you to perform a particular activity in the SAP System, based on a set of authorization object field values.

You program the authorization check using the ABAP statement AUTHORITY-CHECK.

AUTHORITY-CHECK OBJECT 'S_TRVL_BKS'

ID 'ACTVT' FIELD '02'

ID 'CUSTTYPE' FIELD 'B'.

IF SY-SUBRC <> 0.

MESSAGE E...

ENDIF.

'S_TRVL_BKS' is a auth. object

ID 'ACTVT' FIELD '02' in place 2 you can put 1,2, 3 for change create or display.

The AUTHORITY-CHECK checks whether a user has the appropriate authorization to execute a particular activity.

This Authorization concept is somewhat linked with BASIS people.

As a developer you may not have access to access to SU21 Transaction where you have to define, authorizations, Objects and for nthat object you assign fields and values. Another Tcode is PFCG where you can assign these authrization objects and TCodes for a profile and that profile in turn attached to a particular user.

Take the help of the basis Guy and create and use.

Reward points if useful

Regards

Anji

Former Member · ‎2007 May 14

Hi Reddy,

Can u please tell me other way to use the authority check object for one particular company code, please help me on this . i'm waiting for u r answer.

Many Thanks for sending answer, i tried u r answer(created one object) but it is show as sy-subrc = 12.

Thanks and Regards

Naren

alison_lloyd · ‎2007 May 14

That should work

AUTHORITY-CHECK OBJECT 'F_BKPF_BUK'

ID 'BUKRS' FIELD 'CO01'

ID 'ACTVT' FIELD '03'.

Have you checked the return code? Have you defined a test user which definitely doesn't have authority?

This checks that the user has authorisation to see CO01 data. If you do not want them to see data for other comany codes you need to do the check against all other company codes.

sreeramkumar_madisetty · ‎2007 May 14

Hi Narender

Have a look on the link:

<b>http://help.sap.com/saphelp_nw04s/helpdata/en/52/67167f439b11d1896f0000e8322d00/content.htm</b>

Regards,

Sreeram

Former Member · ‎2007 May 14

Have a look at sample code :

AUTHORITY-CHECK OBJECT 'T_FTI_LDB'

ID 'BUKRS' FIELD lt_bukrs

ID 'VAL_AREA' FIELD space

ID 'VVSART' FIELD lt_vvsart.

Former Member · ‎2007 May 14

Hi,

I want for a particular company code, table name is BKPF , if u have an any standard Authority Object please send me (only one company code).

Many Thanks in Adviance

Naren

Former Member · ‎2007 May 14

SY-SUBRC = 12 implies that

Specified object not maintained in the user

master record.

have you added the authority object in your profile, chk in SU01

and then use

AUTHORITY-CHECK OBJECT 'XXXXX'
    ID 'BUKRS' FIELD 'CO01'
    ID 'ACTVT' FIELD '03'.

Former Member · ‎2007 May 14

Hi,

Can u please help me for this , is there any standard authority object for using the company code, that it is used for only one company code.

please help me on this.

Thanks

Naren

Former Member · ‎2007 May 14

NR ,

here u are missing one more point ---> that is If user have the authorization then it will allow to run the report.

first u have to check the profile of that user in PFCG, and remove * from this BUKRS values, then check it will work.

Regards

Prabhu

By Category

Related Content

Activity Groups

Industry Groups

Influence and Feedback Groups

Interest Groups

Location Groups

Customer Only Groups

Forums

Related Resources

Products

Learning and Support

About

My SAP Profile

My SAP Profile

authority-check for particular comp code