Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Showing results for 
Search instead for 
Did you mean: 

regd autherisation code for a field

Former Member
0 Kudos

Hi All,

i have one user-exit requirement in VA01 . in va01 i need to provide the autherisation on ORDER-REASION field.

ex:in order resion field F4 (have 5 option there, autherised user need to secect one then document saved else it will the error.

based on my autherisaion code basis will create a role and they will assign the users.

is there any special code to provide autherisations for users.

1 REPLY 1

Sm1tje
Active Contributor
0 Kudos

Something like this (not sure if I get your requirement):

Authorization Check in ABAP Programs

A more sophisticated, user-programmed authorization check is possible using the Authority-Check statement. It allows you to check the entries in the user master record for specific authorization objects against any other values. Therefore, if a transaction or program is not sufficiently protected or not every user that is authorized to use the program can also execute all the actions, this statement must be used.

AUTHORITY-CHECK OBJECT object

ID name1 FIELD f1

ID name2 FIELD f2

...

ID namen FIELD fn.

object is the name of an authorization object. With name1, name2 ... , and so on, you must list all fields of the authorization object object. With f1, f2 ... , and so on, you must specify the values that the system is to check against the entries in the relevant authorization of the user master record. The AUTHORITY-CHECK statement searches for the specified object in the user profile and checks the useru2019s authorizations for all values of f1, f2 ... . You can avoid checking a field name1, name2 ... by replacing FIELD f1 FIELD f2 with DUMMY.

After the FIELD addition, you can only specify an elementary field, not a selection table. However, there are function modules available that execute the AUTHORITY-CHECK statement for all values of selection tables. The AUTHORITY-CHECK statement is supported by a statement pattern.

Only if the user has all authorizations, is the return value sy-subrc of the AUTHORITY-CHECK statement set to 0. The most important return values are:

· 0: The user has an authorization for all specified values.

· 4: The user does not have the authorization.

· 8: The number of specified fields is incorrect.

· 12: The specified authorization object does not exist.

A list of all possible return values is available in the ABAP keyword documentation. The content of sy-subrc has to be closely examined to ascertain the result of the authorization check and react accordingly.

REPORT demo_authorithy_check.

PARAMETERS pa_carr LIKE sflight-carrid.

DATA wa_flights LIKE demo_focc.

AT SELECTION-SCREEN.

AUTHORITY-CHECK OBJECT 'S_CARRID'

ID 'CARRID' FIELD pa_carr

ID 'ACTVT' FIELD '03'.

IF sy-subrc = 4.

MESSAGE e045(sabapdocu) WITH pa_carr.

ELSEIF sy-subrc <> 0.

MESSAGE e184(sabapdocu) WITH text-010.

ENDIF.

START-OF-SELECTION.

SELECT carrid connid fldate seatsmax seatsocc

FROM sflight

INTO CORRESPONDING FIELDS OF wa_flights

WHERE carrid = pa_carr.

WRITE: / wa_flights-carrid,

wa_flights-connid,

wa_flights-fldate,

wa_flights-seatsmax,

wa_flights-seatsocc.

ENDSELECT.

In this example, the system checks with the authorization object S_CARRID whether or not the user has a display authorization (03) for the airline entered on a selection screen. If this is not the case, or a different error occurs, the Selection Screen Processing goes back to the display of the selection screen.