I want to add an authorization check prior execution of function module. I need to ensure that the user has a specific role to be able to execute the function module.
Currently, I have two possible approaches:
AUTHORITY-CHECK OBJECT 'S_TCODE' ID 'TCD' FIELD 'TCODE'. IF sy-subrc <> 0. WRITE: 'Access denied'. EXIT. ENDIF.
Both of these approaches will do the job, but it looks like more work around rather then a best practice.
Is there any common approach to check if a user is allowed to execute specific function module?