-
Products and Technology
By Category
-
Groups
Activity Groups
Industry Groups
Influence and Feedback Groups
Interest Groups
Location Groups
Customer Only Groups
- Developers
- Partners
- Events
- Help Center
- Topic Pages
-
Explore SAP
Products
Learning and Support
-
- Products and Technology
- Groups
- Developers
- Partners
- Events
- Help Center
- Topic Pages
-
Explore SAP
- Explore SAP
-
Products
- Products
- SAP Business Suite
- Artificial Intelligence
- Business applications
- Data and analytics
- Technology Platform
- Financial Management
- Spend Management
- Supply Chain Management
- Human Capital Management
- Customer Experience
- SAP Business Network
- View products A-Z
- View industries
- Try SAP
- Partners
- Services
- Learning and Support
- About
- SAP Community
- Groups
- Interest Groups
- Application Development and Automation
- Discussions
- Authorization Objects - TR
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Authorization Objects - TR
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎2006 Apr 05 7:41 AM
- SAP Managed Tags
- ABAP Development
Hi
I created a authorisation object in transaction su20 and i created a profile for in pfcg.
When i call the object in my code as
AUTHORITY-CHECK OBJECT 'ZSRNEWOBJ1'
ID 'ZSRVBELN' FIELD svbeln
ID 'ACTVT' FIELD '03'.
IF SY-SUBRC = 0.
ENDIF.
My sy-subrc is 12, can anybody help me where i am going wrong.
Thanks,
Thirumal
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎2006 Apr 05 7:58 AM
- SAP Managed Tags
- ABAP Development
hi thirumal,
if sy-subrc = 12.. it means <b>No authorization was found for the authorization object in the user master record</b>..
double click the object ZSRNEWOBJ1 to change it..this oblect must contain the authorization fields specified in the program..
<b>for more details press f1 on 'AUTHORITY-CHECK'..</b>
The authorization fields of an authorization object are fields for data and a field with the name ACTVT for activities. Activities are represented by abbreviations with two characters that are defined in the ACTVT column of the database table TACT or have a customer-specific definition in TACTZ. Possible activitieis are assigned to the aurhorization field ACTVT in the authorization object. In the user master record, you have authorizations for data and activities in the form of operands for logical expressions stored as value sets. Here, masking characters can be used for generic authorizations.
<b>reward using your left panel if it is useful.</b>
Message was edited by: Ashok Kumar Prithiviraj
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎2006 Apr 05 9:36 AM
- SAP Managed Tags
- ABAP Development
Hi Prasanna,
Thanks for you response
I have maintained the authorization field, i think i am going wrong when creating the role for the user in pfcg, can you help me out there.
Thanks,
Thirumal
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎2006 Apr 05 9:53 AM
- SAP Managed Tags
- ABAP Development
Hi thirumal,
1. run your program again,
and after getting sy-subrc =12,
2. in new session,
run SU53 (evaluate authorisation check)
3. There u will get the
information
which authorisation object was checked
and
which values are available for that particular user.
4. then u can accordingly
change the role
and RE-GENERATE the role,
and assign it to the login user.
regards,
amit m.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎2006 Apr 05 10:13 AM
- SAP Managed Tags
- ABAP Development
Hi Amit,
I tried that it is checking the correct object.
Available authorisations for the object in the master record is : -
blank-----
Does this mean that there is no authorizations for the user.
Thanks,
Thirumal
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎2006 Apr 05 10:19 AM
- SAP Managed Tags
- ABAP Development
Hi again,
1. yes u are right.
2. may be u have generated the role,
but not assigned to the login user.
3. in the role,
u must also add the authorisation object,
and give all fields * (or as required)
4. do not forget to re-generate the role.
regards,
amit m.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎2006 Apr 05 10:53 AM
- SAP Managed Tags
- ABAP Development
Hi Amit,
I had created three profiles for the user earlier, i removed them and just had one active profile, now it works.
Thanks for you support.
Regards,
Thirumal
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎2006 Apr 05 2:28 PM
- SAP Managed Tags
- ABAP Development
Hi,
I have a requirement to create authorization object on a screen with 20 fields and there are 3 users, each user for eg: User-A has rights to change a few for modifying and only display a few fields and same is for the case for the other 2 users.
what i can do is create <b>2 authorization objects for each user</b> one with all fields that he can write & Display and other with all fields which he can display only. In this way i will have to create 6 authorization objects for 3 users, is there a way to reduce to 3, one for each user.
Thanks,
Thirumal
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎2006 Apr 06 11:23 PM
- SAP Managed Tags
- ABAP Development
You can accomplish this using just one Authorization Object with two Auth Fields.
Auth-Object 01 contains:
Auth-Field 01 (Activity): 02 (Change), 03 (Display).
Auth-Field 02 (Screen Field): Screen Field 01, Screen Field 02, , Screen Field 20
Let say User A can only change screen field 01, 03 & 10, but can display all screen fields. The role will look like:
Auth-Object 01
Activity: 02 (Change)
Screen Field: 01, 03, 10.
Auth-Object 01
Activity: 03 (Display)
Screen Field: *
Thanks,
Lye
Bluesky