cancel
Showing results for 
Search instead for 
Did you mean: 

Authorization Validation Service Request Display

Former Member
0 Kudos

Dear All, I have a link that goes directly to the web IC with the following parameters: &crm-object-type=CRM_SRQM_INCIDENT &crm-object-action=B &crm-object-keyname=ORDER&= &crm-object-value=E4CD6F5418369B09E1000000AC1C9B12 (SR ID) I need to do a custom authorization check to check if the user can display this service request. Do you know in which class and method i can put my custom code to check the authorizations? I did the code for edit and save of the service request, and also when you click on the service request ID on agent inbox search and SR search, but when using the link the validation is never checked. Many Thans in advance for your help and best Regards, João gaifém

Accepted Solutions (0)

Answers (1)

Answers (1)

BGarcia
Active Contributor
0 Kudos

Hi Joao,

You can add custom authorization logic in BADI CRM_ORDER_AUTH_CHECK. Even that you call a business transaction through an URL, I believe this BADI will be checked.

Do you want to give it a try?

Kind regards,

Garcia

Former Member
0 Kudos

Hello Bruno, Thanks for the help, i've debug it and it stops on the active implementation for this BADI. I've also found out that standard FM CRM_ORDER_CHECK_AUTHORITY_ACE runs this BADI. My only issues now are : - Only one implementation can be active for this BADI, meaning that i need to copy everything from the standard implementation to the custom one. - This BADI Implementation checks all business transactions and it's called on search, display and edit; is there any way to check if the business transaction comes from a parameter on the URL and only for this case check my custom authorization? Many thanks for your help and Kind Regards, João gaifém

BGarcia
Active Contributor
0 Kudos

Hi Joao,

I'm not sure if I you can know if business transaction comes from a parameter on URL, maybe some static class/attribute may have that....but I'm not aware how to do it Joao.  Sorry not having a better answer for this!

But I guess you'll want to do this verification every time this business transaction will be displayed. If so, just pay attention to impact when doing business transaction searches, like in inbox: If user is not allowed to display it, I believe it will not appear in result list.

Check if this helps you a little more!

Kind regards,

Garcia

Former Member
0 Kudos

Hi Bruno, I have a custom development to check authorizations on the agent inbox based on category and business transaction, so i'm going to try to find a solution based also on this. I have another issue that maybe you can help me with: i want to change the code behing the event handler of the BSP page default.htm of CL_CRM_UI_START, this is because i have a SAPROLE parameter fixed on the link, but for some type of users i want to change this value on the backend. Do you know if i can change the event handler of this standard class? many Thanks and best regards, João gaifém