Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Showing results for 
Search instead for 
Did you mean: 

authorization check

Former Member
0 Kudos
249

Hi,

their is authorization check for user ?

Regards

1 ACCEPTED SOLUTION

Former Member
0 Kudos
107

hi dear

can u plz explain ur problem

Cheers

Snehi Chouhan

6 REPLIES 6

Former Member
0 Kudos
108

hi dear

can u plz explain ur problem

Cheers

Snehi Chouhan

0 Kudos
107

Hi snehi chouhan ,

i wont to add to my program authorization check

if user can have access or don't how i can do that?

Regards

0 Kudos
107

Hi,

REPORT YUSRLOCK MESSAGE-ID Z1 .

TABLES: USR02.

PARAMETERS: LOCK AS CHECKBOX, LISTLOCK AS CHECKBOX.

DATA: UFLAGVAL TYPE I, LOCKSTRING(8) TYPE C.

----


Authorization check -

AUTHORITY-CHECK OBJECT 'ZPROG_RUN' ID 'PROGRAM' FIELD SY-CPROG.

IF SY-SUBRC <> 0.

IF SY-SUBRC = 4.

MESSAGE E000 WITH SY-CPROG. "some message about authorization check failure

ELSE.

MESSAGE E005 WITH SY-SUBRC. "some message about authorization check failure

ENDIF.

ENDIF.

IF LISTLOCK = 'X'.

WRITE:/ 'List all locked users: '.

SELECT * FROM USR02 WHERE UFLAG = 64.

WRITE: / USR02-BNAME.

ENDSELECT.

EXIT.

ENDIF.

IF LOCK = 'X'.

UFLAGVAL = 64. "lock all users

LOCKSTRING = 'locked'.

ELSE.

UFLAGVAL = 0. "unlock all users

LOCKSTRING = 'unlocked'.

ENDIF.

SELECT * FROM USR02 WHERE BNAME <> 'SAP*' AND BNAME <> SY-UNAME.

IF USR02-UFLAG <> 0 AND USR02-UFLAG <> 64.

WRITE: 'User', USR02-BNAME, 'untouched; please handle manually.'.

CONTINUE.

ENDIF.

    • check that user has authority to make these changes

AUTHORITY-CHECK OBJECT 'S_USER_GRP'

ID 'CLASS' FIELD USR02-CLASS

ID 'ACTVT' FIELD '05'.

IF SY-SUBRC <> 0.

IF SY-SUBRC = 4.

WRITE: /'You are not authorized to lock/unlock user ',

USR02-BNAME, USR02-CLASS.

ELSE.

WRITE: /'Authorization error checking user ',

USR02-BNAME, USR02-CLASS, '(return code', SY-SUBRC, ').'.

ENDIF.

ELSE. "has authority

UPDATE USR02 SET UFLAG = UFLAGVAL WHERE BNAME = USR02-BNAME.

WRITE: / 'User', USR02-BNAME, LOCKSTRING, '.'.

ENDIF.

Regards,

Jagadish

Former Member
0 Kudos
107

http://help.sap.com/saphelp_banking463/helpdata/en/5c/deaa74d3d411d3970a0000e82de14a/content.htm

The SAP authorization concept protects transactions, programs, and services in SAP systems from unauthorized access. On the basis of the authorization concept, the administrator assigns authorizations to the users that determine which actions a user can execute in the SAP System, after he or she has logged on to the system and authenticated himself or herself.

To access business objects or execute SAP transactions, a user requires corresponding authorizations, as business objects or transactions are protected by authorization objects. The authorizations represent instances of generic authorization objects and are defined depending on the activity and responsibilities of the employee. The authorizations are combined in an authorization profile that is associated with a role. The user administrators then assign the corresponding roles using the user master record, so that the user can use the appropriate transactions for his or her tasks.

http://help.sap.com/saphelp_nw04/helpdata/en/52/671285439b11d1896f0000e8322d00/content.htm

http://www.sap-img.com/abap/abap-self-test-q-and-a.htm

Regards,

Jagadish

Former Member
0 Kudos
107

Hi, u can use the function modules for this.

Example:

FORM REPORT_AUTHORIZATION_CHECK

USING S_REPID LIKE SY-REPID

S_SUBRC LIKE SY-SUBRC.

AUTHORITY-CHECK OBJECT 'Z:REPORT01'

ID 'ACTVT' FIELD '16'

ID 'PROGRAM' FIELD S_REPID.

S_SUBRC = SY-SUBRC.

IF SY-SUBRC NE 0.

MESSAGE ID 'ZS' TYPE 'E' NUMBER 900 WITH S_REPID.

ENDIF.

ENDFORM. " REPORT_AUTHORIZATION_CHECK