Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Showing results for 
Search instead for 
Did you mean: 

AUTHORITY-CHECK for advertising material flag in change contact VAP2

Former Member
0 Kudos
184

I can't seem to find any specific instructions on implemention the AUTHORITY-CHECK function.

I have to add additional authorization to transaction vap2, program SAPMF02D - change contact person for customer.

The requirement is to check whether user has authority to change "Advertising Material" flag. I have created an authorization object in SAP FI authorization class

ZF_KNA1_AM with the following authorization fields:

ACTVT (possible activities are 01, 02, 03)

ZNMAIL (advertising material)

I guess the next step is actually inserting the authority check method into the program?

Where exactly do I insert the method to?

Could someone provide some instructions on this?

Thanks,

Sergiy

8 REPLIES 8

Former Member
0 Kudos
104

What you need to do is look for a user-exit or enhancement point (an appropriate correct one, if available) and then add your logic (authority-check) there.

For information on the AUTHORITY-CHECK statement, just place your cursor on the statement in the editor and hit F1 on the keyboard (same as transaction ABAPDOCU for the ABAP keyword documentation).

Note that as you are wanting to control the change of an existing contact, your object would perhaps require some value field of the record selected to be checked against a field value of the authorization object. Don't hardcode it!

If you have not done this before, then it is advisable to get some help from an ABAPer who has, as it can be tricky...

Cheers,

Julius

0 Kudos
104

So as I understand is not to write code to check whether the value of the Advertising Material checkbox has changed or not right and then call the authority-check if it did change?

I am guessing I will have to find an ABAPer that should be able to show me how this is done.

Thank you for your input however,

Sergiy

0 Kudos
104

I dont have a SAP system infront of me right now to look at the exits and enhancement-points (or possibly even config pssibilities which are sometimes neglected in favour of additional coding...), but something puzzles me here...

> Sergiy Mysyk wrote:

> So as I understand is not to write code to check

and

>... I will have to find an ABAPer

How were you going to add ABAP code (initially you mentioned changing...) without an ABAP programmer?

Cheers,

Julius

0 Kudos
104

Well I have done some minor ABAP programming, reports mostly. So if it was something easy I was attempting to do it myself but it seems like something that an inexperienced programmer should stay away from. I just did not undestand your "Don't Hard Code it!" part.

Edited by: Sergiy Mysyk on Oct 2, 2008 9:05 PM

0 Kudos
104

I am also just a hobby-ABAPer and have witnessed (even contributed to) a few messes in my time

That is why I was mentioning a word of caution.

- Changing SAP code should be your very last option...

- Exits you need to be carefull of because they may be used by several transactions and you might only want the exit to fire for a certain screen. It is quite easy to make mistakes in this area...

- Perhaps the best first resort is to talk to a functional consultant together with someone who is familiar with your authorization concept to find out whether there is an option there without changing or adding code to complicate matters.

Cheers,

Julius

0 Kudos
104

Thanks Julius,

You do have some good reason not to mess with the code for me.

That is also what I was looking for here. Some suggestions as to how this can be done without complicating myself too much.

They just want certain people only to be able to change the Advertising Material flag and others to be able to change everything in Change Contact - VAP2. First I created a transaction variant to hide the field and have the transaction run without a variant for those that need access to it, but then when the program is called from other transactions, VD03 for example - to maintain customer, the field was visible.

Do you have any ideas as to how this can be done without implementing the AUTHORITY_CHECK?

Sergiy

0 Kudos
104

It has been a while but I was actually able to figure out the problem without changing the ABAP code.

Good point there! If someone stumbles across a similar problem here is how I solved it.

There is an authorization object called F_KNA1_AEN which checks for field groups that can be defined in SPRO>....>Define Field Groups for Customer Master Records you can define field groups and assign fields to them.

0 Kudos
104

Glad to hear that. It looks like you did the right thing to let the standard system modify the standard screen depending on authority for a standard object. That way you will also have far fewer hassles at SP and release upgrades.

>Perhaps the best first resort is to talk to a functional consultant together with someone who is familiar with your authorization concept to find out whether there is an option there without changing or adding code to complicate matters.

In hindsight, it is a bit of an "Ahhh, yes!" moment reading that protecting field groups solved the problem...