10-20-2006 4:23 PM
hallo,
I am no expert in security.
I am trying to help to define a requirement with my security team.
I have a ztable with key field LAND1 (country key).
Is it possibile to define a role that allows access to the ztable and:
- view record only with LAND1 = 'GB'
- create new record only with LAND1 = 'GB'
(where for example 'GB' is a value for LAND1)
Best Regards,
Marco
10-20-2006 4:49 PM
Without needing a zprogram for your ztable, you can use SAP standard views (SM30) using S_TABU_LIN object to do this. But you need to activate it first.
There are a few SAP notes on it and Su21 -> BC_A -> S_TABU_LIN -> Documentation explains the concept in more detail.
Cheers,
Julius
10-20-2006 4:59 PM
But it won't work for creating only 'GB' records as the value will not be known yet. I think you will have to code that piece on your own, but as you have the role already for the above display and edit activities, you could re-use it for the check in your create record view.
10-25-2006 3:18 PM
Marco,
One place you could put additional auth-check for you custom table is SE11 -> Utilities -> Table maintenance generator -> Environment -> Modification -> Events.
I believe Event 25 is for inserting Auth-Check on table fields.
Hope this help.
Lye