2008 Jun 12 10:37 AM
2008 Jun 12 10:38 AM
2008 Jun 12 10:38 AM
2008 Jun 12 10:43 AM
Hi snehi chouhan ,
i wont to add to my program authorization check
if user can have access or don't how i can do that?
Regards
2008 Jun 12 10:47 AM
Hi,
REPORT YUSRLOCK MESSAGE-ID Z1 .
TABLES: USR02.
PARAMETERS: LOCK AS CHECKBOX, LISTLOCK AS CHECKBOX.
DATA: UFLAGVAL TYPE I, LOCKSTRING(8) TYPE C.
----
AUTHORITY-CHECK OBJECT 'ZPROG_RUN' ID 'PROGRAM' FIELD SY-CPROG.
IF SY-SUBRC <> 0.
IF SY-SUBRC = 4.
MESSAGE E000 WITH SY-CPROG. "some message about authorization check failure
ELSE.
MESSAGE E005 WITH SY-SUBRC. "some message about authorization check failure
ENDIF.
ENDIF.
IF LISTLOCK = 'X'.
WRITE:/ 'List all locked users: '.
SELECT * FROM USR02 WHERE UFLAG = 64.
WRITE: / USR02-BNAME.
ENDSELECT.
EXIT.
ENDIF.
IF LOCK = 'X'.
UFLAGVAL = 64. "lock all users
LOCKSTRING = 'locked'.
ELSE.
UFLAGVAL = 0. "unlock all users
LOCKSTRING = 'unlocked'.
ENDIF.
SELECT * FROM USR02 WHERE BNAME <> 'SAP*' AND BNAME <> SY-UNAME.
IF USR02-UFLAG <> 0 AND USR02-UFLAG <> 64.
WRITE: 'User', USR02-BNAME, 'untouched; please handle manually.'.
CONTINUE.
ENDIF.
check that user has authority to make these changes
AUTHORITY-CHECK OBJECT 'S_USER_GRP'
ID 'CLASS' FIELD USR02-CLASS
ID 'ACTVT' FIELD '05'.
IF SY-SUBRC <> 0.
IF SY-SUBRC = 4.
WRITE: /'You are not authorized to lock/unlock user ',
USR02-BNAME, USR02-CLASS.
ELSE.
WRITE: /'Authorization error checking user ',
USR02-BNAME, USR02-CLASS, '(return code', SY-SUBRC, ').'.
ENDIF.
ELSE. "has authority
UPDATE USR02 SET UFLAG = UFLAGVAL WHERE BNAME = USR02-BNAME.
WRITE: / 'User', USR02-BNAME, LOCKSTRING, '.'.
ENDIF.
Regards,
Jagadish
2008 Jun 12 10:41 AM
http://help.sap.com/saphelp_banking463/helpdata/en/5c/deaa74d3d411d3970a0000e82de14a/content.htm
The SAP authorization concept protects transactions, programs, and services in SAP systems from unauthorized access. On the basis of the authorization concept, the administrator assigns authorizations to the users that determine which actions a user can execute in the SAP System, after he or she has logged on to the system and authenticated himself or herself.
To access business objects or execute SAP transactions, a user requires corresponding authorizations, as business objects or transactions are protected by authorization objects. The authorizations represent instances of generic authorization objects and are defined depending on the activity and responsibilities of the employee. The authorizations are combined in an authorization profile that is associated with a role. The user administrators then assign the corresponding roles using the user master record, so that the user can use the appropriate transactions for his or her tasks.
http://help.sap.com/saphelp_nw04/helpdata/en/52/671285439b11d1896f0000e8322d00/content.htm
http://www.sap-img.com/abap/abap-self-test-q-and-a.htm
Regards,
Jagadish
2008 Jun 12 10:56 AM
2008 Jun 12 10:57 AM
Hi, u can use the function modules for this.
Example:
FORM REPORT_AUTHORIZATION_CHECK
USING S_REPID LIKE SY-REPID
S_SUBRC LIKE SY-SUBRC.
AUTHORITY-CHECK OBJECT 'Z:REPORT01'
ID 'ACTVT' FIELD '16'
ID 'PROGRAM' FIELD S_REPID.
S_SUBRC = SY-SUBRC.
IF SY-SUBRC NE 0.
MESSAGE ID 'ZS' TYPE 'E' NUMBER 900 WITH S_REPID.
ENDIF.
ENDFORM. " REPORT_AUTHORIZATION_CHECK