Community
Application Development and Automation Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Read only

Authorization check

Former Member

‎2012 Jan 18 2:49 PM

0 Likes
571

Hi,

I developed a custom report that creates Material master record, Bill of Material and Routing. As it includes, Master data, I want to have authorization check. Access for tcode of my custom report will be given only to a few members, but there are chances of having access for tcode is given to an user(who is not eligible), So my manager want to have 1 more authorization check inside the program.

I am not understanding on what can I preventing the execution or program or stop creation of New Material Record, BOM, and ROUTING. Please comment on this along with Objects for Material Master, BOM and Routing .

Thanks in Advance

3 REPLIES 3
Read only

Former Member

‎2012 Jan 18 3:18 PM

0 Likes
522

Hi,

At program level you can restrict by calling function module AUTHORITY-CHECK.

AUTHORITY-CHECK OBJECT 'S_TRVL_BKS'

ID 'ACTVT' FIELD '02'

ID 'CUSTTYPE' FIELD 'B'.

IF SY-SUBRC <> 0.

MESSAGE E...

ENDIF.

In the ABAP Development workbench goto More Tools - Authorization - Objects. You will find a list of all the objects with the relevant fields and documents, organized by class.

Alternatively,

You can try creating authorisation object with the help of Tcode SU21.

Take help of your basis team to restrict authorisation for particular user group .

Regards,

Ramya

Read only

former_member226519
Active Contributor

‎2012 Jan 18 4:18 PM

0 Likes
522

if customers/managers don't trust in the authorisation checks you could go a "Stone Age" way:

create a table where you hold all the users names who are allowed to run the report.

At the beginning of your report SELECT from that table with SY-UNAME and if you don't find the name EXIT the report.

Read only

Former Member

‎2012 Jan 20 6:24 AM

0 Likes
522

Hi,

For performing the authorization you can create a an authorization object and ask the basis team to configure the usernames having the authorization.Then use that authorization object to limit the users using your program to create Material master record, Bill of Material and Routing.

For creating the authorization object and using it in your program follow the below link:

http://www.richardsantos.net/2009/03/16/sap-how-to-create-and-use-the-authorization-objects-in-abap/

<begging removed by moderator>

Edited by: Thomas Zloch on Jan 20, 2012