cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

is it possible to do User authorization testing using SAP Ecatt?

Go to solution
Former Member

on ‎02-18-2014 7:20 AM

0 Kudos

    Hi guys.

          i am new to SAP Ecatt. i want to do authorization testing in user level.

    

          I don't have idea about Authorization testing using ECATT. Whether is it possible to do User authorization testing using SAP Ecatt?

     Thanks in Advance.

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
‎02-18-2014 9:39 AM
0 Kudos

Hi Sankar.

I do not have any documents but i can elaborate on the structure of the code.

In case of positive check (authorization expected) :

    SAPGUI recording of the transaction (here parameterize the "available" field with say "V_AVAIL")

    CHEVAR V_AVAIL = 'X'.   (fails in case of no authorization )

   the below code can be added for more clarity:

        IF V_AVAIL = 'X'.

         LOGTEXT ( 0 , 'Authorization is available to the user' ).

         ELSEIF V_AVAIL <> 'X'.

         LOGTEXT ( 1 , 'Authorization is not available to the user' ).

         ENDIF.

In case of negative check (authorization not expected) :

  

MESSAGE ( MSG_1 ). (in the message interface parameterize the message type , number and ID with MSGTYP, MSGID and MSGNR respectively. Keep MODE as 'E" )

SAPGUI recording of the first screen

ENDMESSAGE ( MSG_1 ).

     the script would fail at this point in case there is authorization

Best Regards

Sheetal    

Show replies
Show replies
Former Member
‎02-18-2014 10:06 AM
0 Kudos

Hi Sheetal Singh,

It is very helpful. Your ideas about authorization scenarios is also helpful

But we need one more clarification..

Whether it is possible to login to the application using external test data (like excel,txt files)?

Regards

Robert Baggio A.P

Former Member
‎02-18-2014 10:50 AM
0 Kudos

hello Robert and Sankar,

My understanding of your 2nd doubt is that once you have logged in, you want to use data from an excel or a note... right ???

First thins, it is poosible to load data externally only from a .txt file.

To use data from a note, you need to create a TestConfiguration for that script and then call this Test Configuration in your main script.

In your test Configuration mention the path and file name of your .txt file.

File name can be given directly.

To give the Path, goto Utilities --> Settings --> eCATT --> External

Give the path in the Variants field.

In order to know the format in which the data has to be saved in the .txt file, here's a work around.

Save your data in the table given in the TestConfig by selecting "Internal Variants".

Now download this to a .txt file. From this file your will get a clue of the structure in which you need to save our data.... hope this is not very confusing. Let me know for more information.

Hope it helps.

Best Regards

Sheetal

Former Member
‎02-18-2014 11:13 AM
0 Kudos

Hi Sheetal,

Thanks for your info.We understood how do use external data.

Is it possible to log in with external file(txt) using Ecatt.

for ex:

Scenario: While doing authorization testing I need to run set of  20 T.codes for 10 user profiles.

questions for the above scenario.

1. Whether we need to login the user profile manually?

2. Whether we can log-in the user credentials via external datas(txt)?

Regards,

P.Sankar

Former Member
‎02-19-2014 4:08 AM
0 Kudos

Hi Sankar.

For such a scenario, you will need 20 scripts (one for each t.code ) and 10 RFC ( one for each user )

and you will have to execute each of these 20 scripts with every RFC.

There's one work around to reduce your execution time.

Create another script which runs locally where your scripts are saved.

In this script, record the execution of another script.

( this script should execute SECATT, enter the script name, press EXECUTE (F8) button,

  enter the SDC and Target system and press EXECUTE (F8) again..... Parameterize the script name and the Target system field )

This executing script will have to be called for all combinations of the t.codes and users (200 data entries).

Hope this solution helps.

I will anyways try to find out if there's a better way of doing it.

Best Regards

Sheetal

Former Member
‎02-19-2014 6:13 AM
0 Kudos

Hi Sheetal,   

your last post gave more idea about it.

1 .How we can create RFC for the user for Authorization testing?

2. is it All the scripts should be record using RFC ?

Regards

P.Sankar

Former Member
‎02-19-2014 6:17 AM
0 Kudos

hi Sankar,

1. you can create RFC using the transaction SM59 ... not very difficult to find out how....

2. for recording a tcode ou need an RFC to connect to the target system... later the same script can be run multiple times using different RFC

Best Regards

Sheetal

Former Member
‎02-19-2014 8:49 AM
0 Kudos

Hi Sheetal Singh

What is the connection type need to use while creating RFC Destination.?

Regards

P.Sankar

Former Member
‎02-19-2014 9:34 AM
0 Kudos


Hi Sankar,

It depends on the target system you want to connect.

Most of the time it is '3' for R3 systems.

BR

Sheetal

Former Member
‎02-21-2014 5:16 AM
0 Kudos

Hi Sheetal,

Thanks,

How can i call all combinations of the T.codes and users while executing scripts

For example the T.codes are called by using new scripts via parametrization  test script name

but i want to know how we can parametrize user credentials?

Regards

P.Sankar

Former Member
‎02-21-2014 5:54 AM
0 Kudos

HI Sankar,

The best thing to do would be to create a script which changes the user credentials.

For each setting of the user credential execute the 20 scripts you have created.

you can forget the method where 10 RFC were to be created.

The same user can be re-used. The basic structure of your script would be :

Main script calling 2 scripts...

     Script 1 : saves the settings for the user authorization

     Script 2 : executes the t.code to check for auhtorization

you will need 20 such scripts ( one for each tcode ).

BR

Sheetal


Former Member
‎02-21-2014 6:17 AM
0 Kudos

Hi Sheetel,

As per above your comment, The testing team does not have authorization to change the user settings.

Regards,

P.Sankar

Former Member
‎02-24-2014 5:06 AM
0 Kudos

Hi Sheetel,

What type of RFC connection is required create when we need to execute the Authorization testing in Local Ides Demo system..

Regards,

P.Sankar

Former Member
‎02-24-2014 8:45 AM
0 Kudos

hello Sankar,

for any R3, it should be '3'.

BR

Sheetal

Answers (1)

Answers (1)

Former Member
‎02-18-2014 8:29 AM
0 Kudos

hi Robert,

It is possible .

What you can do is :

1. log in to the system from eCATT with the user under test ( create RFC which has this user credentials)

2. run the transaction for which the user's authorization is to be tested.

3. if its a positive check ( the user is supposed to have authorization ) then check for the expected screen. This can be done by using SAPGUI recording.

    Parameterize the "Available" field which has value 'X' only if the screen appears.

4. if its a negative check ( the user is not supposed to have authorization ) then check for the error message that the user has no authorization. this can be done by using MESSAGE-ENDMESSAGE block around the recording. Pass the message ID, message number and keep the mode as 'E' (expected)

Hope this answers your question.

Best Regards

Sheetal

Show replies
Show replies
Former Member
‎02-18-2014 9:17 AM
0 Kudos

Hi Sheetal Singh,

              


Sheetal Singh, if you have any document relevant to this kindly attach.


Thanks.

P.Sankar

Ask a Question