03-12-2007 11:06 AM
If One Authority Object used in the Z report and that Authority object added in the role. This Role assigned to Two user.
But one of the user not required authorization for the Z report.
How actually this situation ideally handle ? New authority object need to create for that Z report or using the existing object we can solve the problem.
Regards
Nilesh Shete
03-12-2007 11:18 AM
Hi,
You should have two roles, one with desired object and the second one without that object. One role should be assigned to user that needs an access to a report and another one to the user that should not run a report. Just make sure that the authorization object is not required by any other reports or transactions, which user, without access to your report, may need to execute.
03-12-2007 11:09 AM
Hi,
Remove the Assignment of the Role to the user who doesn't want to see that Z object.
Give him a sepearte role.Hope this helps.
Regards,
Anji
03-12-2007 11:16 AM
Hi
U have to create two separatly roles to be assigjned to the two users, in this way you can give two differents values to authorization object.
Max
03-12-2007 11:17 AM
then dont give authorization for this report(tcode) itself, and in ur program u have to check for the same.
<b> call function 'AUTHORITY_CHECK_TCODE'
exporting
tcode = 'YSCC'
exceptions
ok = 0
not_ok = 2.
if sy-subrc eq 2.
message e077(s#) with 'YSCC'. " No authorization to transaction
endif.</b>
if u want to create one more role,then no nedd to change ur program.
Regards
Prabhu
03-12-2007 11:18 AM
Hi,
You should have two roles, one with desired object and the second one without that object. One role should be assigned to user that needs an access to a report and another one to the user that should not run a report. Just make sure that the authorization object is not required by any other reports or transactions, which user, without access to your report, may need to execute.