Skip to Content

Error in authorization control

Hi, Expert.

Kindly need your help regarding to authorization control;

The program always return error message eventhough the sales organization (VKORG) is authorize

Below is my code:

DATA:

   BEGIN OF it_output OCCURS 0,

     KUNNR    TYPE kunnr,

     NAME1    TYPE name1_gp,

     STRAS    TYPE stras,

     ZTERM    TYPE KNVV-ZTERM,

     VKORG    TYPE KNVV-VKORG,

     VTWEG    TYPE KNVV-VTWEG,

     SPART    TYPE KNVV-SPART,

     VTEXT    TYPE TVTWT-VTEXT,

     VTEXTP   TYPE TVZBT-VTEXT,

     VTEXTS   TYPE TVKOT-VTEXT,

   END OF it_output.

SELECTION-SCREEN BEGIN OF BLOCK a1 WITH FRAME TITLE text-001.

*sales organization for authorization

SELECT-OPTIONS: s_vkorg FOR knvv-vkorg OBLIGATORY.

* 1. Customer No

SELECT-OPTIONS: s_kunnr FOR kna1-kunnr OBLIGATORY.

SELECTION-SCREEN END OF BLOCK a1.

IF s_vkorg IS NOT INITIAL.

AUTHORITY-CHECK OBJECT 'Z_VKORG'

          ID 'ACTVT' FIELD '03'           " read access

          ID 'ZVKORG' FIELD s_vkorg.      " actual value

   IF sy-subrc EQ 0.                        " check authorization

     SELECT  KNA1~KUNNR

             KNA1~NAME1

             KNA1~STRAS

             KNVV~ZTERM

             KNVV~VKORG

             KNVV~VTWEG

             KNVV~SPART

             TVTWT~VTEXT

             TVZBT~VTEXT

             TVKOT~VTEXT

     INTO TABLE it_output

     FROM KNA1

     INNER JOIN KNVV

     ON KNVV~KUNNR = KNA1~KUNNR

     INNER JOIN TVTWT

     ON TVTWT~VTWEG = KNVV~VTWEG

     INNER JOIN TVZBT

     ON TVZBT~ZTERM = KNVV~ZTERM

     INNER JOIN TVKOT

     ON TVKOT~VKORG = KNVV~VKORG

     WHERE KNA1~KUNNR IN s_kunnr.

     WRITE:/ 'SUCCESSFUL RETRIEVE THE DATA'.

   ELSE.

     MESSAGE E014(ZMSG) WITH 'Not Authorize !!'.

   ENDIF.

   ENDIF.



Thanks and Regards,

Liyana

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

1 Answer

  • Best Answer
    Jan 09, 2015 at 08:22 AM

    Read online documentation on select-option s_vkorg is an internal table with a defined format (sign, option, low and high values) So you CANNOT use it in a single AUTHORITY-CHECK that only expect single or dummy values.

    In AT SELECTION-SCREEN OUTPUT you could/should loop in the internal table and remove some single value input (SIGN  = 'I', OPTION = 'E', value to check is LOW). But you should not be able to do this for wildcard or range of values. So you should then add another LOOP after actual database select to remove not allowed records, and add another error message when every record is suppressed.


    Alternative : In AT SELECTION-SCREEN OUTPUT select every value from the table TVKO for the input select-options, and loop at this table to remove not allowed values, then build another range with allowed values, use this new range in the following select,

    NB: For last versions, you can add the authorization check in the SELECT (but it's is fairly recent, @SAPTechEd.)

    Regards,

    Raymond

    Add comment
    10|10000 characters needed characters exceeded