Skip to Content
0
Mar 27, 2020 at 05:29 PM

How to check if an user has a required authorization role in ABAP?

3779 Views Last edit Mar 27, 2020 at 05:31 PM 3 rev

I want to add an authorization check prior execution of function module. I need to ensure that the user has a specific role to be able to execute the function module.

Currently, I have two possible approaches:

  1. Create a TCODE for the function module and check an access to the TCODE with S_TCODE:
AUTHORITY-CHECK OBJECT 'S_TCODE'
ID 'TCD' FIELD 'TCODE'.
IF sy-subrc <> 0.
  WRITE: 'Access denied'.
  EXIT.
ENDIF.
  1. Write an SQL-query and get the data directly from the AGR_USERS table.

Both of these approaches will do the job, but it looks like more work around rather then a best practice.

My question:
Is there any common approach to check if a user is allowed to execute specific function module?