Community
Application Development and Automation Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Read only

Custom Table Authorization Control

Former Member

‎2010 Mar 02 2:29 PM

0 Likes
2,176

Hi gurus-

I got the following scenerios-

The scenario is-

We have a custom table. On that custom table, there are couple of fields that we want to control access (display access, edit access, no access etc.) based on different user profile role. I know you can control access on table basis by Authorization Group but for access control within a field (some records within that field will be accessed by only few people, other records by other group of people), how can these be accomplished, if possible. Authorization Object Controls access for a particular field. But my understanding is for all records in the field. Can you subdivide those into different groups of records?

The logic is-

After user enters input values (key fields in the custom table maintenance program), the program looks up the authorization group for the user and checks if the key combination has authorization to change access, if yes it executes the program, otherwise returns an error message. Can you accomplish that with the use of another field like Profile Group to maintain a list of records for different user groups?

Any help will be greatly appreciated!!!

Thanks!

4 REPLIES 4
Read only

Former Member

‎2010 Mar 02 2:44 PM

0 Likes
1,214

If you have table maintanance generator for the table, you can use events to check the authorizations at the record level. To restrict only for few fields use LOOP at screen at PBO for the generated program and make it SCREEN-INVISIBLE = 'X'. for those fields.

Edited by: Rajanya kumar Kolavennu on Mar 2, 2010 3:44 PM

Read only

SuhaSaha
Product and Topic Expert
Product and Topic Expert

‎2010 Mar 02 2:47 PM

0 Likes
1,214

Hey James,

Cant you use TMG events to accomplish this requirement ?

Before saving the data you can check if the user has auth. to perform the activity & give the relevant message if the check fails.

BR,

Suhas

Read only

Former Member

‎2010 Mar 02 2:53 PM

0 Likes
1,214

Thanks Suhas and Rajanya! I'm a functional guy. Can you please explain that littlebit more. According to Rajanya, I can check the authorization at record level. If I include a separate field such as "Profile Group" to group together the records that I want to separate authorization, how can I assign those fields different "Profile Groups" to have different authorizations?

Please help!

Thanks again!

Read only

vinod_vemuru2
Active Contributor
In response to Former Member

‎2010 Mar 02 3:08 PM

0 Likes
1,214

Hi,

you can ask your ABAP consultant to code in the table maintenance events. We need to call appropriate authorization objects in the events and allow/disallow the changes for a field/record based on the authorization.

If you want more details on TMG events, just search in SCN. We have lot of information on this.

Thanks,

Vinod.