Solved: authority object

Former Member · ‎2013 Oct 28

Hi guys,

I need to do a validation of some users (like this)

IF SY-UNAME = 'ES1234' AND SY-UNAME = 'FR2345' AND [......] " lots of users

ADD 1 TO CONT.

MESSATE S34(ZHR) TYPE 'I'.

ENDIF.

The quantity of users are a lot to write 'IF SY-UNAME = ''

I don't know if I can use a rol or something like this.

Thanks a lot.

Best regards.

Ana.

Ajit_K_Panda · ‎2013 Oct 29

Hi Ana,

If all the user fall into a single role, then you can use authorization object which can be assigned to the ROLE.. And in your program you can check that authorization object's value and write your code accordingly.

Check the following link:

http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/a92195a9-0b01-0010-909c-f330ea4a5...

Hope this helps.

Regards,

Ajit

Former Member · ‎2013 Oct 28

Hi Ana,

I do not think you should hard code the user ids. Can they be put into a configuration type of table and retrieved in the program and loaded into a range table? Then you can use "If sy-uname in r_uname....

Regards,

Steve

ThomasZloch · ‎2013 Oct 28

Never hard code checks on user IDs. Please explain more about the rationale for this check, otherwise it is not possible to recommend a good solution.

Thomas

vladimir_erakovic · ‎2013 Oct 28

Hi Ana,

In case of some kind of validation, usually the best practice is to create configuration table along with a simple program for filling the entries. Then when you need to validate something in any of your programs you can just declare you configuration table, e.g. :

TABLES: zconf1.

and then do an 'empty' select:

SELECT SINGLE * FROM zconf1

WHERE some condition.

IF sy-subrc = 0.

Entry exists.

ELSE.

Entry doesn't exists.

ENDIF.

Hope it helps.

Best regards,

Vladimir

JimRadiantExplorer · ‎2013 Oct 29

Hi,

In this case, I recommend you use user group(Tab Groups in SU01).

Groups can be maintained in SUGR.

The user's group information is stored in table USGRP_USER.

Thanks.

Jim

Ajit_K_Panda · ‎2013 Oct 29

Hi Ana,

If all the user fall into a single role, then you can use authorization object which can be assigned to the ROLE.. And in your program you can check that authorization object's value and write your code accordingly.

Check the following link:

http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/a92195a9-0b01-0010-909c-f330ea4a5...

Hope this helps.

Regards,

Ajit

Former Member · ‎2013 Oct 30

Thanks Ajit . I have do it a new role with all users.

Then I used the function module 'CRM_ROLES_OF_USER_GET' , in the report to validate the user.

CALL FUNCTION 'CRM_ROLES_OF_USER_GET'

EXPORTING

USER_NAME = SY-UNAME

TABLES

ROLES_OF_USER = T_ROLES

EXCEPTIONS

NO_ROLES_AVAILABLE = 1

OTHERS = 2.

Thanks to all.

Regards.

Ana.

Ruediger_Plantiko · ‎2013 Oct 29

If the users in question are only technical users (developers and other geeks), who want to see some technical background of the program, I would recommend a log-point or even break-point with checkpoint ID. Users can subscribe to the checkpoint ID using transaction SAAB.Only when they activated the checkpoint for themselves, the data will be logged at the log-point, and only then the system will stop at a "break-point id ..." statement.

See

http://help.sap.com/abapdocu_702/en/abencheckpoints.htm

By Category

Related Content

Activity Groups

Industry Groups

Influence and Feedback Groups

Interest Groups

Location Groups

Customer Only Groups

Forums

Related Resources

Products

Learning and Support

About

My Account

My Account

authority object