Community
Application Development and Automation Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Read only

Delete only own batch-inputs

maite_egea
Explorer

‎2008 Feb 20 11:31 AM

0 Likes
1,110

Hello,

I am having some problems with batch input authorizations. I want to give users authorizations only to delete the batch-inputs which have been created with their own user. I have seen the object S_BDC_MONI, but this object does not allow me to indicate that the user is only authorized to delete his/her own batch-inputs. Is there an standard authorization object that allows users only to delete their own batch-inputs?

I have also checked the possibility to create my own authorization object, the same as S_BDC_MONI but with a new field where I can indicate that only the own batch-inputs can be deleted. But if I do it will SM37 check this authorization? I don't want to indicate the user in this field, because then I would need a new role for each user. I need a field (similar to PSIGN) where I can say each user can delete only their own batch-inputs.

Any idea?

Thank you very much in advance.

Regards,

Maite

4 REPLIES 4
Read only

Former Member

‎2008 Feb 20 1:10 PM

0 Likes
916

there's no solution to your problem, i'm sorry.

S_BDC_MONI only checks the name of the batch-inputs, not the creator or the username with whos authorization it is run.

creating your own object will only work if the calling program (SM35, SM37 ...) does the counterpart of the checking using authority-check. so simply creating an object and adding it to a transaction with SU24 will not work without the coding of the caller being adjusted. of course, this would be a major modification.

all you can do is to adjust your batch-input creating programs to apply those names to the batch-inputs that you can easily cover using S_BDC_moni.

Read only

RaymondGiuseppi
Active Contributor

‎2008 Feb 20 1:36 PM

0 Likes
916

There is an authorization object based on APQI-USERID, checked in SM35 

 authority-check object 'S_BTCH_NAM'
            id 'BTCUNAME'    field auth_user.

Background user name for authorization check. But i'm not sure it is checked for deletion. (In fact I am convinced to the contrary)

Regards

Read only

Former Member
In response to RaymondGiuseppi

‎2008 Feb 20 1:39 PM

0 Likes
916

i'm sorry raymond but that object runs on the user with whos authorization the batch input is run (see my post above) this is usually the one executing the program which creates the batch-inputs in the first place ... unless you set it otherwise, but even that would mean adjusting your programs.

Read only

RaymondGiuseppi
Active Contributor
In response to RaymondGiuseppi

‎2008 Feb 20 1:43 PM

0 Likes
916

That confirm my "I am convinced to the contrary". So i fear that without changing the standard program to add a specific authority check, that can not be done.

(FORM loeschen_mappen in SAPMSBDC_CC) but i cannot suggest such a thing

no i cannot

Regards