Community
Application Development and Automation Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Read only

Regarding Authority check objects

Former Member

‎2009 May 13 8:11 AM

0 Likes
649

Hi All,

I have some confusion on Authority-check and its working.

AUTHORITY-CHECK OBJECT 'S_TABU_DIS'

ID 'ACTVT' FIELD '03'

ID 'DICBERCLS' FIELD tddat-cclass.

In the above code, 'DICBERCLS' FIELD tddat-cclass... these values will take and compare with tddat table list.

but my question is how it will check the ID 'ACTVT' FIELD '03' ??How it will check for the ACTVT is '03'.

It will take it from any table?

Thanks in advance,

Madhu

3 REPLIES 3
Read only

Former Member

‎2009 May 13 8:16 AM

0 Likes
476

Hi,

The value of the ACTVT field will be in the user's profile.

Check in SU01D in teh role of teh user.

The BASIS people will assign the authority object to some role.

In that if you see you will find that they will assign some value to ACTVT field.

If it is * it will mean that the user has a right for everything.

If 3 then may be he is authorised only for display.

I hope this helps you.

Regads,

Ankur Parab

Read only

Former Member
In response to Former Member

‎2009 May 13 8:31 AM

0 Likes
476

Hi Ankur,

Yes.. but how my authorisation object checks? where these authorisation ACTVT are stored for a perticular user ? the t code SU01D will giving me information on user and its role.In role iam able to see ACTVT and its value.How it will checks users profile's? any table is there to store these values?

Madhu

Edited by: madhubabu rao on May 13, 2009 9:36 AM

Read only

Former Member
In response to Former Member

‎2009 May 13 8:43 AM

0 Likes
476

Hi,

You are coding as follows:-

AUTHORITY-CHECK OBJECT 'S_TABU_DIS'

ID 'ACTVT' FIELD '03'

ID 'DICBERCLS' FIELD tddat-cclass

This authorisation object is for Table Maintenance (via standard tools such as SM30).

Now when the code is executed, SAP will check that whether the current user has an Authorization Group as the value in TDDAT-CLASS in the user role and the activity is 03 or display.

If in the user role, the basis guys have given the Authorization Group(DICBERCLS) value as XYZ and the value in tddat-cclass is also 'XYZ' and the value of ACTVT field in the user role is '03', SAP will allow the user only to display the table via SM30.

If the authorisation group is different or if the ACTVT is different, the user will not be allowed for this authority check.

I hope this is clear for you.

Regards,

Ankur Parab