Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Showing results for 
Search instead for 
Did you mean: 

authority check

Former Member
0 Kudos
386

any one explain about authority check .

pls

thank's

anil

6 REPLIES 6

Former Member
0 Kudos
169

AUTHORITY-CHECK OBJECT used to check whether authorization is entered in the user master record of the current user.

It is used to restrict users from executing the code and allowing only users with the permissions to execute it.

Former Member
0 Kudos
169

Hi Anil,

Please check the SAP HELP on this.

AUTHORITY-CHECK checks for one object whether the user has an authorization for that.

Example :

authority-check object 'S_TCODE'

id 'TCD'

field 'SM35'.

if sy-subrc ne 0.

  • User does not have authority for transaction SM35!!!

endif.

Documentation:

<a href="http://help.sap.com/saphelp_nw04s/helpdata/en/52/67129f439b11d1896f0000e8322d00/content.htm">Authority-Check</a>

Lanka

Former Member
0 Kudos
169

To check the authorization of the user of an ABAP program, we use the AUTHORITY-CHECK statement...

eg.

There is an authorization object called F_SPFLI. It contains the fields ACTVT,

NAME, and CITY.

SELECT * FROM SPFLI.

AUTHORITY-CHECK OBJECT 'F_SPFLI'

ID 'ACTVT' FIELD '02'

ID 'NAME' FIELD SPFLI-CARRID

ID 'CITY' DUMMY.

IF SY-SUBRC NE 0. EXIT. ENDIF.

ENDSELECT.

If the user has the following authorizations for F_SPFLI:

ACTVT 01-03, NAME AA-LH, CITY none,

and the value of SPFLI-CARRID is not between “AA” and “LH”, the authorization

check terminates the SELECT loop.

hope this helps you...

regards

satesh

Former Member
0 Kudos
169

Former Member
0 Kudos
169

Hi,

Authorization check in abap programs is possible using the Authority-Check statement. It allows you to check the entries in the user master record for specific authorization objects against any other values. Therefore, if a transaction or program is not sufficiently protected or not every user that is authorized to use the program can also execute all the actions, this statement must be used.

AUTHORITY-CHECK OBJECT 0.

MESSAGE e184(sabapdocu) WITH text-010.

ENDIF.

START-OF-SELECTION.

SELECT carrid connid fldate seatsmax seatsocc

FROM sflight

INTO CORRESPONDING FIELDS OF wa_flights

WHERE carrid = pa_carr.

WRITE: / wa_flights-carrid,

wa_flights-connid,

wa_flights-fldate,

wa_flights-seatsmax,

wa_flights-seatsocc.

ENDSELECT.

In this example, the system checks with the authorization object S_CARRID whether or not the user has a display authorization (03) for the airline entered on a selection screen.

FOr futher more details, check out this

http://www.sapdevelopment.co.uk/security/authority/authority_tcode.htm

http://help.sap.com/saphelp_nw04/helpdata/en/9f/dbaccb35c111d1829f0000e829fbfe/content.htm.

regards,

prema.A

Former Member
0 Kudos
169

Hi anilchoudary,

authority-check

1. suppose you are developing a report in FI

and u want to check, whether the user

has the right for company code 1000

(for eg, which is provided on selection screen)

2. HOW DO U CHECK ?

3. For that purpose, SAP has devised

the concept of AUTHORITY-OBJECTS.

4. In these objects, there are FIELDS

for eg. BUKRS

here u can specify 1000

and if sy-subrc =0, then the user has right.

5. Similary there are OTHER objects

for other PURPOSES.

eg. plant, pernr, org unit etc.

6. Please see syntax of AUTHORITY-CHECK

ITS VERY SIMPLE TO USE.

7. IMPORTANT THING IS

if we / sap

do not TAKE CARE OF THIS DISCIPLINE

IN THE CODING ITSELF,

then nothing can be done.

THIS RESTRICTION / CHECKING OF RIGHTS/AUTHORITY

HAS TO BE DONE WHILE CODING ITSELF.

OTHER WISE NOTHING PREVENTS THE USER

TO SEE ALL INFORMATION.

regards,

amit m.

Message was edited by: Amit Mittal