Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Showing results for 
Search instead for 
Did you mean: 

SALV - authorization check before list the data

Former Member
0 Kudos
279


Dear All,

Maybe my question is not difficult or maybe the answer is already here - but I did not found the needed post.

I have a report and I use SALV. I would like to check a user authorization (a Z* authorization) in order to see if the user is allowed to access the information contained in a column of my report. If the user does not have the authorization - the column should be restricted. I used a layout where the column is eliminated but still the user is able to change the layout (to add the restricted column).

Could you give me some idea - what class and method should I use? I tried to eliminate the Change Layout function....but it did not work (I'm sure I do not have all the knowledge I need...yet ).

Regards,

Florina R.

9 REPLIES 9

Former Member
0 Kudos
204

Hi Rau,

As per your post if you need to check a user authorization you should have the access to below tcodes in your sap system

SU01---User maintainence

PFCG---Roles and authorization Maintainence

SUIM-----User master Records

SA38-----To run the Reports (RSUSR*)

Regards,

Eswar.

0 Kudos
204

Hi,

I think my question was not very clear. I create a Z* authorization object in order to check if the user has to see prices in the report or not. If the authorization check returns sy-subrc not equal to 0, the user should not be able to se the price column. I create a specific layout but I do not how to restrict the user to change the layout (by adding the price column). The question is about CL_SALV* classes and their methods.

Regards,

Florina R.

0 Kudos
204

Solved.

gr_functionslist->set_layout_maintain( abap_false ) .

gr_functionslist->set_layout_change( abap_false ) .

0 Kudos
204

Check the authority object by -

AUTHORITY-CHECK OBJECT <authorization object>
ID <authority field 1> FIELD <field value 1>.
ID <authority field 2> FIELD <field value 2>.


With the result of Authority check, prepare the column settings. I guess you can use CL_SALV_COLUMN to hide fields in SALV.

Google on classes, CL_SALV_COLUMNS and CL_SALV_COLUMN for more details.

http://help.sap.com/saphelp_nw04/helpdata/en/10/e4eb40c4f8712ae10000000a155106/content.htm

Thanks, Abhinab

SuhaSaha
Advisor
Advisor
0 Kudos
204

I used a layout where the column is eliminated but still the user is able to change the layout (to add the restricted column).

Did you create the layout from the ALV application or in your code?

When you say column is eliminated, what do you mean & how do you do it?

BR,

Suhas

PS - Please make sure you post relevant portions of the code so that it helps others to analyze your problem.

Former Member
0 Kudos
204

Hi,

I eliminated the column like this:

TRY.
   gr_column ?= gr_columns->get_column( columnname = 'NETPR' ).
CATCH cx_salv_not_found .
ENDTRY.
gr_column->set_visible( value  = if_salv_c_bool_sap=>false ).

Regards,

Florina R

Or, set a specific layout:

i_variant = '/CL VNZ' .
IF i_variant IS NOT INITIAL.
    gr_layout->set_initial_layout( i_variant ).
ENDIF.

0 Kudos
204
gr_column->set_visible( value  = if_salv_c_bool_sap=>false ).

Instead of SET_VISIBLE( ), use SET_TECHNICAL( ) & the user will not be able to change it via the layout management as well.

former_member129652
Active Participant
0 Kudos
204

Hi,

  Instead of setting the 'NETPR' column invisible, please delete the field catalog of the 'NETPR' column.  If you delete the field catalog, the user is NOT able to see the column via the "change layout" function.

Please use gr_columns->REMOVE_COLUMN( 'NETPR' )

0 Kudos
204

Dear All,

I will try to use your ideas (set technical and remove from field catalog) - thank you for answers.

The code is (before using your suggestions):

gr_functions = gr_table->get_functions( ).
gr_functions->set_all( abap_true ).
gr_functionslist = gr_table->get_functions( ).
gr_columns = gr_table->get_columns( ).
AUTHORITY-CHECK OBJECT 'ZVALORI'
                     ID 'ACTVT' FIELD '03'
                     ID 'TCODE' FIELD 'ZCLAV'.
  IF NOT sy-subrc IS INITIAL .
     gr_functionslist->set_layout_maintain( abap_false ) .
     gr_functionslist->set_layout_change( abap_false ) .
     TRY.
       gr_column ?= gr_columns->get_column( columnname = 'NETPR' ).
     CATCH cx_salv_not_found .
     ENDTRY.
     gr_column->set_visible( value  = if_salv_c_bool_sap=>false ).
     TRY.
       gr_column ?= gr_columns->get_column( columnname = 'NETWR' ).
     CATCH cx_salv_not_found .
     ENDTRY.
     gr_column->set_visible( value  = if_salv_c_bool_sap=>false ).
  ELSE .
     gr_layout = gr_table->get_layout( ).
     key-report = sy-repid.
     gr_layout->set_key( key ).
     gr_layout->set_save_restriction( cl_salv_layout=>restrict_none ).
  ENDIF .

Regards,

Florina R.