Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Authority Object

Go to solution
Former Member

‎03-12-2007 11:06 AM

0 Kudos

If One Authority Object used in the Z report and that Authority object added in the role. This Role assigned to Two user.

But one of the user not required authorization for the Z report.

How actually this situation ideally handle ? New authority object need to create for that Z report or using the existing object we can solve the problem.

Regards

Nilesh Shete

1 ACCEPTED SOLUTION

Go to solution
Former Member

‎03-12-2007 11:18 AM

0 Kudos

Hi,

You should have two roles, one with desired object and the second one without that object. One role should be assigned to user that needs an access to a report and another one to the user that should not run a report. Just make sure that the authorization object is not required by any other reports or transactions, which user, without access to your report, may need to execute.

4 REPLIES 4

Go to solution
Former Member

‎03-12-2007 11:09 AM

0 Kudos

Hi,

Remove the Assignment of the Role to the user who doesn't want to see that Z object.

Give him a sepearte role.Hope this helps.

Regards,

Anji

Go to solution
Former Member

‎03-12-2007 11:16 AM

0 Kudos

Hi

U have to create two separatly roles to be assigjned to the two users, in this way you can give two differents values to authorization object.

Max

Go to solution
Former Member

‎03-12-2007 11:17 AM

0 Kudos

then dont give authorization for this report(tcode) itself, and in ur program u have to check for the same.

<b> call function 'AUTHORITY_CHECK_TCODE'

exporting

tcode = 'YSCC'

exceptions

ok = 0

not_ok = 2.

if sy-subrc eq 2.

message e077(s#) with 'YSCC'. " No authorization to transaction

endif.</b>

if u want to create one more role,then no nedd to change ur program.

Regards

Prabhu

Go to solution
Former Member

‎03-12-2007 11:18 AM

0 Kudos

Hi,

You should have two roles, one with desired object and the second one without that object. One role should be assigned to user that needs an access to a report and another one to the user that should not run a report. Just make sure that the authorization object is not required by any other reports or transactions, which user, without access to your report, may need to execute.