Re: Run Time Authorization

former_member375795 · ‎2014 Feb 26

How to give Run time authorization

Scenarios Like that

Username --- Alok1

( Not having a authorization to Change material details )

but

There is a zprogram Username - ALOK1 having authorization to use but in ZPROGRAM contain MM02 to change the material how i give runtime Authorization to user ALOK1 to zprogram->MM01

Former Member · ‎2014 Feb 26

hi alok,

you have to maintain the authrozation object for that in t-code su21.

later you have to provide this in to the user role of required user .

after that in coding part of your program.

you haver to do like that.

at selection-screen.

         AUTHORITY-CHECK OBJECT 'ZSSS'
           ID 'VKBUR' FIELD VKBUR-LOW
           ID 'ACTVT' FIELD '16'.
IF SY-SUBRC NE '0'.

MESSAGE I0001

ENDIF.

hope it helps.

vikas

Former Member · ‎2014 Feb 26

Please check T-CODE SE97.

BR,

Prakash

former_member187748 · ‎2014 Feb 26

Hi Alok,

talk to your basis person, and ask if any standard object exits for MM01 or MM02,

if the persists on it, you can make a change in your zprogram to restrict user

for any transaction, if they are not able to configure any standard object, then please

talk to them to create a zobject in SU21 tcode.

Now you can use this zobject in your zprogram , to restrict or use particular user.

The basis guys generally provides authorization, so they will provide it in SU21

transaction.

The general for of authorization check is as shown below

IF SY-TCODE = 'MM01' .

AUTHORITY-CHECK OBJECT 'your zobject name'

ID 'ACTVT' FIELD '01'

id 'ACTVT' field '02'

id 'ACTVT' field '03'

ID 'WERKS' FIELD VBAP-WERKS.

IF SY-SUBRC EQ 0.

ELSE.

MESSAGE 'YOU ARE NOT AUTHORISED ' TYPE 'E'.

MESSAGE E000(ZMSGCLASS) WITH VBAP-WERKS.

ENDIF.

Here activities are like change, display, etc

former_member183073 · ‎2014 Feb 26

Hi Alok,

You want to allow user to access MM02 even though the user doesnt have authorization to it.

you cannot do that even though you write code and allow only specific users through zprogram they still need to have access to MM02 because the SAP will again check the Authorization before starting the Transaction

former_member187748 · ‎2014 Feb 26

Hi Ali,

if i am not wrong user does not have authorization for MM02, but can get authorization for MM01

through zobject, if he has not authorization for MM01 at all, then its not possible to assign authorization

through any code.

former_member183073 · ‎2014 Feb 26

Didnt get you Sanjeev,

If user dont have authorization to a transaction, how can you allow it to be accessed by code. There will Standard Code for Authorization which executes each time you call a Transaction.

former_member187748 · ‎2014 Feb 26

Hi Syed,

i means to say that, if user have no authorization at all, we can't provide it through our custom code.

But in this case user don't have authorization for MM02, but he can get authorization for MM01

and it can be (for MM01) controlled through our custom program

former_member183073 · ‎2014 Feb 26

I stated your first point in my earlier reply..

ThangaPrakash · ‎2014 Feb 26

Hello Alok,

You can try to do the coding as suggested by

It will work I guess. Please refer the below link for the list of authorization objects for Material master.

Maintain Authorizations and Authorization Profiles (SAP Library - Material Master)

Regards,

TP

By Category

Related Content

Activity Groups

Industry Groups

Influence and Feedback Groups

Interest Groups

Location Groups

Customer Only Groups

Forums

Related Resources

Products

Learning and Support

About

My Account

My Account

Run Time Authorization