Community
Application Development and Automation Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Read only

AUTHORITY-CHECK for other user

Go to solution
Former Member

‎2005 Nov 03 3:12 PM

0 Likes
11,098

Hi,

I would need to run an AUTHORITY-CHECK on a certain authority object, but I have to run the AUTHORITY-CHECK not for the currently logged in user, but for a different sap userId. How can I do this?

AUTHORITY-CHECK does not allow you to supply a userId as parameter. Changing sy-uname is probably not possible, and even if it was, this solution would just be too stupid and ugly for me to even try. There must be some simpler/better solution?

The Business Case for this is very simple: In my dialog program the currently logged in user is presented with a form to enter a SAP-userId, and attach a document. The user should only be allowed to post this form, if the supplied userId is authorized to receive this kind of document.

Thanks for any help in advance,

-Hans

1 ACCEPTED SOLUTION
Read only

Go to solution
Former Member

‎2005 Nov 03 4:18 PM

4,957

Hans,

You can use the function module 'authority_check' to check whether a specific user has authorization for the required authorization object.

Thanks

Giridhar

7 REPLIES 7
Read only

Go to solution
former_member517
Participant

‎2005 Nov 03 3:40 PM

0 Likes
4,957

Hi Hans,

I think there are little chances to switch the user context. The only solution I see, is based on batch jobs, which you could run under a different user. But this contradicts a dialog application.

Best regards

Rabanus

Read only

Go to solution
Former Member
In response to former_member517

‎2005 Nov 03 3:42 PM

0 Likes
4,957

Hi Hans,

You can do the posting part in RFC. In the RFC you can pass the user id and checks and all will be executed for that user with which RFC is being accessed.

Thanks,

Anuranjan

Read only

Go to solution
christian_wohlfahrt
Active Contributor
In response to former_member517

‎2005 Nov 03 3:54 PM

0 Likes
4,957

Hi Hans!

Sounds like an own authority-check (is there a standard transaction where you can enter the user-id?). Why don't you just add user-id as a field in the authority object?

The test would be, if your user is allowed to send to this user-id, so maintenance might be a little strange.

If it's really own development, then your check is not necessarily going for authority: you might test for a 'customizing' entry in an own table.

Regards,

Christian

Read only

Go to solution
FredericGirod
Active Contributor

‎2005 Nov 03 3:56 PM

0 Likes
4,957

Hi Hans,

have a look to this function : SUSR_USER_AUTH_FOR_OBJ_GET

Regards

Frédéric

Read only

Go to solution
ramki_maley
Active Contributor

‎2005 Nov 03 3:57 PM

0 Likes
4,957

Hans,

Please follow the link below to see my answer for an earlier post on the same subject.

Cheers,

Ramki Maley.

Read only

Go to solution
Former Member

‎2005 Nov 03 4:18 PM

4,958

Hans,

You can use the function module 'authority_check' to check whether a specific user has authorization for the required authorization object.

Thanks

Giridhar

Read only

Go to solution
Former Member

‎2005 Nov 07 10:07 AM

0 Likes
4,957

Hi,

Thanks a lot for all your replies. The FM authority_check seems to be the way to go

-Hans