Solved: Info about Authorization Object

Former Member · ‎2009 Feb 24

Hi,

What is Authorization Object?

Where it can be used? In which scenarios, it is useful?

How is it related with ABAP and Functional?

Plz send some sample code

Thanks

Please do not ask broad, vague questions; please search the forum before asking.

And please do not respond to such questions - the moderators watch.

Edited by: Rob Burbank on Feb 24, 2009 11:01 AM

Former Member · ‎2009 Feb 24

hi,

can you please check this link

http://help.sap.com/saphelp_nw70/helpdata/en/52/671285439b11d1896f0000e8322d00/content.htm

and sample code for that as below

SU21 is the tcode for authorization objects.

sample code

authority-check object 'V_VBAK_VKO'
id 'VKORG' field it_salesorg-vkorg
id 'VTWEG' dummy "FIELD '*'
id 'SPART' dummy "FIELD '*'
id 'ACTVT' dummy.
*If the user is not authorised
if sy-subrc 0.
*Give the error message.
endif.

Thanks and regards

Durga.K

Former Member · ‎2009 Feb 24

hi,

can you please check this link

http://help.sap.com/saphelp_nw70/helpdata/en/52/671285439b11d1896f0000e8322d00/content.htm

and sample code for that as below

SU21 is the tcode for authorization objects.

sample code

authority-check object 'V_VBAK_VKO'
id 'VKORG' field it_salesorg-vkorg
id 'VTWEG' dummy "FIELD '*'
id 'SPART' dummy "FIELD '*'
id 'ACTVT' dummy.
*If the user is not authorised
if sy-subrc 0.
*Give the error message.
endif.

Thanks and regards

Durga.K

Former Member · ‎2009 Feb 24

Hi,

Authorization object is used to check the User Authority for a perticulaer activity (as the name itself sugests).

You can create a Auth Object from transaction from Tcode : SU21.

For Example: You have a Z Program and you want to ensure that only speific users will be able to run this report.

Then in your program you will write a Logic like:

AUTHORITY-CHECK 'ZAUTH_OBJ'

FIELDS 'FNAME' VALUE 'SOMEVALUE' .*

IF SY-SUBRC <> 0.

LEAVE-PROGRAM.

ENDIF.

The above statement checks that whether user has the Object ZAUTH_OBJ assigned to his profile (Auth object is assigned to the user profile through tcode PFCG--- basis activity).

So you can achieve a Authorization specific functionality using these Objects.

Tell me if you want more documents on this.

Regards,

Prakash Pandey

Former Member · ‎2009 Feb 24

hi...

use link

regards

Former Member · ‎2009 Feb 24

Hi

Here is some info about the authorization object :

Authorization objects allow complex checks that involve multiple

conditions that allow a user to perform an action. The conditions are

specified in authorization fields for the authorization objects and are AND

linked for the check. Authorization objects and their fields have descriptive

and technical names.

source code :

authority-check object <object name>

id 'ACTVT' field <value>

id <fieldname> field <value>

if sy-subrc ne 0.

message error

endif.

where

actvty :

01 Create or generate

02 Change

03 Display

09 Display prices

36 Extended maintenance

70 Administer

these activities define the authorization for the user.

basis ppl will set the authorisations for each user , per transaction per activity.

Former Member · ‎2009 Feb 24

Hi Read this link, it has my answer.

Amresh.

Former Member · ‎2009 Feb 24

How is it diiffer from USER ROLES created by basis or functionals?

Former Member · ‎2009 Feb 24

HI Narendra,

It is not different from the USER ROLES created by the basis team.

The basis team uses Objects like these (Standard or Custom (Z) ) to create a role.

It is create in the transaction PFCG.

Once you create an object and code accordingly in your Z program. Then your object needs to be assigned in the USER role created by your basis consultant in order to achieve the complete functionality.

Regards,

Prakash Pandey

By Category

Related Content

Activity Groups

Industry Groups

Influence and Feedback Groups

Interest Groups

Location Groups

Customer Only Groups

Forums

Related Resources

Products

Learning and Support

About

My Account

My Account

Info about Authorization Object