Community
Application Development and Automation Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Read only

Authorization check

Former Member

‎2012 Dec 03 4:11 PM

0 Likes
485

Hi all

I have created two roles with one transaction each (FB03 and S_ALR_87012357) and assigned thi sroles to one user. Both transactions have object f_bkpf_buk.

I defined activity 03 and company code 1000,2000 for fb03 object and activity 03 and company code 1000 for s_alr_87012357.

The system let me execute s_alr_87012357 for company code 2000.

Does anybody mind to explain how it works exactly?

Thanx

Luca

1 REPLY 1
Read only

Former Member

‎2012 Dec 04 4:38 AM

0 Likes
364

Dear Luca,

 

The Authorization Object mechanism is used to inspect the current user’s privileges for specific data selection and activities from within a program.

The Authorization Object is where Permitted Activity configurations are performed against specific fields. E.g. Change (being the activity) the material’s text – MAKTX (being the specific field), or Read (being the activity) a certain Customer (using Customer Number – KUNNR, as the specific field).

Note the Authorization check with the syntax beginning AUTHORITY-CHECK and the checking of the sy-subrc. Also, the ‘03’ literal that is being passed into the Object check field “ACTVT” which denotes a “read”, and the p_tcode parameter being passed into the Object check field “ZTCODE” which represents the actual data, wishing to “read”.

In your case if your company code is 200 , the sy-subrc become <> 0 .

Thanks ,

Anoop Satheesan