2006 Feb 21 3:38 AM
2006 Feb 21 3:41 AM
AUTHORITY-CHECK OBJECT used to check whether authorization is entered in the user master record of the current user.
It is used to restrict users from executing the code and allowing only users with the permissions to execute it.
2006 Feb 21 3:44 AM
Hi Anil,
Please check the SAP HELP on this.
AUTHORITY-CHECK checks for one object whether the user has an authorization for that.
Example :
authority-check object 'S_TCODE'
id 'TCD'
field 'SM35'.
if sy-subrc ne 0.
User does not have authority for transaction SM35!!!
endif.
Documentation:
<a href="http://help.sap.com/saphelp_nw04s/helpdata/en/52/67129f439b11d1896f0000e8322d00/content.htm">Authority-Check</a>
Lanka
2006 Feb 21 3:52 AM
To check the authorization of the user of an ABAP program, we use the AUTHORITY-CHECK statement...
eg.
There is an authorization object called F_SPFLI. It contains the fields ACTVT,
NAME, and CITY.
SELECT * FROM SPFLI.
AUTHORITY-CHECK OBJECT 'F_SPFLI'
ID 'ACTVT' FIELD '02'
ID 'NAME' FIELD SPFLI-CARRID
ID 'CITY' DUMMY.
IF SY-SUBRC NE 0. EXIT. ENDIF.
ENDSELECT.
If the user has the following authorizations for F_SPFLI:
ACTVT 01-03, NAME AA-LH, CITY none,
and the value of SPFLI-CARRID is not between AA and LH, the authorization
check terminates the SELECT loop.
hope this helps you...
regards
satesh
2006 Feb 21 4:03 AM
Hi,
Go through the link:
http://www.sapdevelopment.co.uk/security/authority/authhome.htm
Regards,
Gayathri
2006 Feb 21 4:07 AM
Hi,
Authorization check in abap programs is possible using the Authority-Check statement. It allows you to check the entries in the user master record for specific authorization objects against any other values. Therefore, if a transaction or program is not sufficiently protected or not every user that is authorized to use the program can also execute all the actions, this statement must be used.
AUTHORITY-CHECK OBJECT 0.
MESSAGE e184(sabapdocu) WITH text-010.
ENDIF.
START-OF-SELECTION.
SELECT carrid connid fldate seatsmax seatsocc
FROM sflight
INTO CORRESPONDING FIELDS OF wa_flights
WHERE carrid = pa_carr.
WRITE: / wa_flights-carrid,
wa_flights-connid,
wa_flights-fldate,
wa_flights-seatsmax,
wa_flights-seatsocc.
ENDSELECT.
In this example, the system checks with the authorization object S_CARRID whether or not the user has a display authorization (03) for the airline entered on a selection screen.
FOr futher more details, check out this
http://www.sapdevelopment.co.uk/security/authority/authority_tcode.htm
http://help.sap.com/saphelp_nw04/helpdata/en/9f/dbaccb35c111d1829f0000e829fbfe/content.htm.
regards,
prema.A
2006 Feb 21 4:41 AM
Hi anilchoudary,
authority-check
1. suppose you are developing a report in FI
and u want to check, whether the user
has the right for company code 1000
(for eg, which is provided on selection screen)
2. HOW DO U CHECK ?
3. For that purpose, SAP has devised
the concept of AUTHORITY-OBJECTS.
4. In these objects, there are FIELDS
for eg. BUKRS
here u can specify 1000
and if sy-subrc =0, then the user has right.
5. Similary there are OTHER objects
for other PURPOSES.
eg. plant, pernr, org unit etc.
6. Please see syntax of AUTHORITY-CHECK
ITS VERY SIMPLE TO USE.
7. IMPORTANT THING IS
if we / sap
do not TAKE CARE OF THIS DISCIPLINE
IN THE CODING ITSELF,
then nothing can be done.
THIS RESTRICTION / CHECKING OF RIGHTS/AUTHORITY
HAS TO BE DONE WHILE CODING ITSELF.
OTHER WISE NOTHING PREVENTS THE USER
TO SEE ALL INFORMATION.
regards,
amit m.
Message was edited by: Amit Mittal