Community
Application Development and Automation Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Read only

Authorization object coding in ABAP report

Go to solution
Former Member

‎2011 Aug 25 2:21 PM

0 Likes
8,907

Hi,

I am working on a report. The output of the report is details regarding vendor based on purchasing organization. When user executes the reports, they should be only able to see details if they are authorized to (create, change and display) for the purchasing org of vendor.

The authrorization object by SAP security team is 'M_LFM1_EKO' for standard access to vendors (via MK01, MK02 AND MK03).

How can I use same authorization object to do check in my program for the user in ABAP so that if user is not authroized he will not be able to see details during output for those vendor.

Regards,

Tgshah.

1 ACCEPTED SOLUTION
Read only

Go to solution
AnjaneyaBhardwaj
Contributor

‎2011 Aug 25 2:45 PM

0 Likes
3,629

Hi ,

Basically you need to call Authority-check using the pattern option and then pass the object name and field name .If the user has been assigned that object in his profile sy-subrc will succed otherwise fail .



AUTHORITY-CHECK OBJECT 'M_LFM1_EKO'
         ID 'ACTVT' FIELD '1/2/3'
         ID 'EKORG' FIELD 'value of purchase organization'.
IF sy-subrc eq 0 .
WRITE :'authorization' .
ELSE .
  WRITE 'no authorization' .
ENDIF.

The below lonk explains it more ...

[http://help.sap.com/saphelp_40b/helpdata/fr/d4/e02c7dd435d1118b3f0060b03ca329/content.htm]

Thank you .

Anjaneya .

3 REPLIES 3
Read only

Go to solution
Former Member

‎2011 Aug 25 2:42 PM

0 Likes
3,629

Hi,

You have to use the below code to get the solution.

AUTHORITY-CHECK OBJECT 'M_LFM1_EKO'

ID 'EKORG' FIELD LFM1-EKORG

ID 'ACTVT' FIELD ACTVT.

ACTVT will be your create change and display. You need to pass 01,02 and 03. If SY-SUBRC <> 0 for all of these then remove that Pur ORG.

Generally we check 01, if user has creation authorization, then he should have others also.

Shiva

Read only

Go to solution
AnjaneyaBhardwaj
Contributor

‎2011 Aug 25 2:45 PM

0 Likes
3,630

Hi ,

Basically you need to call Authority-check using the pattern option and then pass the object name and field name .If the user has been assigned that object in his profile sy-subrc will succed otherwise fail .



AUTHORITY-CHECK OBJECT 'M_LFM1_EKO'
         ID 'ACTVT' FIELD '1/2/3'
         ID 'EKORG' FIELD 'value of purchase organization'.
IF sy-subrc eq 0 .
WRITE :'authorization' .
ELSE .
  WRITE 'no authorization' .
ENDIF.

The below lonk explains it more ...

[http://help.sap.com/saphelp_40b/helpdata/fr/d4/e02c7dd435d1118b3f0060b03ca329/content.htm]

Thank you .

Anjaneya .

Read only

Go to solution
Former Member

‎2011 Aug 25 2:48 PM

0 Likes
3,629

Hi,

I don't really understand your question. You answered it yourself. Just use the authorization object, mentioned in your question

You can use for instance form like this one:


form authority_check.
  authority-check object 'M_LFM1_EKO'
    ID 'EKORG' FIELD iv_ekorg
    ID 'ACTVT' FIELD iv_actvt   " '03'

  if sy-subrc <> 0.
    message 'No authorization' type 'E'.
  endif.
endform.