2009 Jan 28 10:05 AM
Hi All,
I want to check programmatically whether a specific user has authorization to a specific transaction. The statement AUTHORITY-CHECK OBJECT 'S_TCODE' works only for the current user.
Is there any function module where i can pass the User name and transaction and check whether the user have access to the transaction ?
Thanks in advance
Kasi
2009 Jan 28 10:37 AM
The program checks whether an authorization object is assigned to the transaction code. If this is the case, the program checks whether the user has an authorization for this authorization object. The transaction code/authorization object assignment is stored in table TSTCA.
The system performs authorization checks in the ABAP program using the ABAP statement AUTHORITY-CHECK.
Call 'AUTHORITY_CHECK'
EXPORTING
USER = <USER>
OBJECT = 'S_TCODE'
FIELD1 = 'TCD'
VALUE1 = <TRANSACTION CODE>
IMPORTING
SY-SUBRC = <VAL>.
2009 Jan 28 10:29 AM
Hi,
you can use the additional
... FOR USER user
option with
AUTHORITY-CHECK OBJECT
2009 Jan 28 10:36 AM
hi,
UST04 table can used to get the list of users for specific authorization.
2009 Jan 28 10:37 AM
The program checks whether an authorization object is assigned to the transaction code. If this is the case, the program checks whether the user has an authorization for this authorization object. The transaction code/authorization object assignment is stored in table TSTCA.
The system performs authorization checks in the ABAP program using the ABAP statement AUTHORITY-CHECK.
Call 'AUTHORITY_CHECK'
EXPORTING
USER = <USER>
OBJECT = 'S_TCODE'
FIELD1 = 'TCD'
VALUE1 = <TRANSACTION CODE>
IMPORTING
SY-SUBRC = <VAL>.
2009 Jan 28 10:39 AM
2009 Jan 28 10:50 AM
Hi,
try this short report:
SELECT * FROM USR01.
*
CALL FUNCTION 'AUTHORITY_CHECK'
EXPORTING
USER = USR01-BNAME
OBJECT = 'S_TCODE'
FIELD1 = 'TCD'
VALUE1 = 'FB01'
EXCEPTIONS
USER_DONT_EXIST = 1
USER_IS_AUTHORIZED = 2
USER_NOT_AUTHORIZED = 3
USER_IS_LOCKED = 4
OTHERS = 5.
*
WRITE: / USR01-BNAME.
*
CASE SY-SUBRC.
WHEN 2. WRITE: 'USER_IS_AUTHORIZED'.
WHEN 3. WRITE: 'USER_NOT_AUTHORIZED'.
WHEN OTHERS. WRITE: 'ERROR', SY-SUBRC.
ENDCASE.
*
ENDSELECT.
regards, Dieter
2009 Jan 28 12:19 PM