Community
Application Development and Automation Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Read only

problem with authorization

Former Member

‎2007 Jan 24 10:01 AM

0 Likes
1,245

A test user id has been created which has been assigned a role with one of authorization objects as F_BKPF_BUP having field T001B-BRGRU = 0002.

We have the following code in our program

AUTHORITY-CHECK OBJECT 'F_BKPF_BUP'

ID 'BRGRU' FIELD '0001'.

The above code returns Sy-SUBRC = 0 when we execute the program with the above test user, even though the auth object has field BRGRU with value 0002 for the user. Ideally the above code should return sy-subrc not equal to 0 as the user is not authorized.

Does any one know where can the problem be and why the authorization check is not working?

Regards,

Simmi

9 REPLIES 9
Read only

Former Member

‎2007 Jan 24 10:11 AM

0 Likes
1,065

The auth object has field <b>BRGRU with value 0002</b> for the user, but u are checking <b>for 0001</b>. Then any way it will return sy-subrc NE 0.

check whether the object is correct and it may also hold '0002'.

What value sy-subrc is returning.

Read only

Former Member

‎2007 Jan 24 10:18 AM

0 Likes
1,065

Please check it in SU53.

Read only

Former Member

‎2007 Jan 24 10:18 AM

0 Likes
1,065

Hi Judith,

My problem is the code is returning SY_SUBRC = 0 while it should return sy-subrc not equal 0. I am stuck up as to why it is returning sy-subrc = 0 though the user is not authorized for 0001.

Read only

Former Member
In response to Former Member

‎2007 Jan 24 10:21 AM

0 Likes
1,065

Have you checked whether they have maintained any other values?

Read only

Former Member

‎2007 Jan 24 10:27 AM

0 Likes
1,065

It could be that this user also has other roles attached which has authorization for 0002 as well. Did you check all the roles attached to this user.

Hope this is useful.

Read only

Former Member

‎2007 Jan 24 10:33 AM

0 Likes
1,065

Hi Simmi,

Could u plz clarify one thing. r u login with the new user id that u created for testing or u loged on with u r user id.?

If u loged on with u r user id, lets check the field for u r user.

Regards,

Sunil

Read only

Former Member

‎2007 Jan 24 10:43 AM

0 Likes
1,065

Sunil, I am using the new test user id for testing.

Gururaj, there is only one role created for this user, but there are many auth objects under this role out of which F_BKPF_BUP is one of them with value BRGRU value 0002. But since I am specifying the authorization object this should not matter.

Read only

Former Member

‎2007 Jan 24 10:49 AM

0 Likes
1,065

the syntax written is wrong here.

AUTHORITY-CHECK OBJECT 'F_BKPF_BUP'

ID 'BRGRU' FIELD '0001'.

it should be

AUTHORITY-CHECK OBJECT 'F_BKPF_BUP'

ID 'BRGRU' <b>VALUE</b> '0001'.

check this way and it should work properly...We have implemented in our project and it is working fine.

Read only

Former Member

‎2007 Jan 24 10:54 AM

0 Likes
1,065

Ramesh, it's giving syntax error stating " FIELD expected after BRGRU ".