http://help.sap.com/saphelp_nw04s/helpdata/en/52/67129f439b11d1896f0000e8322d00/content.htm

http://www.sts.tu-harburg.de/teaching/sap_r3/ABAP4/authorit.htm

Check these links for further info...........

Regards,

Pavan

Hi,

You can refer following link:

http://www.sts.tu-harburg.de/teaching/sap_r3/ABAP4/authorit.htm

Hello,

AUTHORITY-CHECK

Basic form

<b>AUTHORITY-CHECK OBJECT object ID name1 FIELD f1

ID name2 FIELD f2

...

ID name10 FIELD f10.</b>

Effect

Explanation of IDs:

<b>object

Field which contains the name of the object for which the authorization is to be checked.

name1 ...

Fields which contain the names of the

name10

authorization fields defined in the object.

f1 ...

Fields which contain the values for which the

f10

authorization is to be checked.</b>

AUTHORITY-CHECK checks for one object whether the user has an authorization that contains all values of f (see SAP authorization concept).

You must specify all authorizations for an object and a also a value for each ID (or DUMMY).

The system checks the values for the IDs by AND-ing them together, i.e. all values must be part of an authorization assigned to the user.

If a user has several authorizations for an object, the values are OR-ed together. This means that if the CHECK finds all the specified values in one authorization, the user can proceed. Only if none of the authorizations for a user contains all the required values is the user rejected.

If the return code value in SY-SUBRC is 0, the user has the required authorization and may continue.

The return code value changes according to the different error scenarios

Reward if helpful,

Regards,

LIJO

Hi,

To check the authorization of the user of an ABAP program, use the AUTHORITY-CHECK statement:

AUTHORITY-CHECK OBJECT '<object>'

ID '<name1>' FIELD <f1>

ID '<name2>' FIELD <f2>

.............

ID '<name10>' FIELD <f10>.

<object> is the name of the object that you want to check. You must list the names (<name1>,

<name2> ...) of all authorization fields that occur in <object>. You can enter the values <f1>,

<f2>.... for which the authorization is to be checked either as variables or as literals. The AUTHORITY-CHECK statement checks the user’s profile for the listed object, to see whether the user has authorization for all values of <f>. Then, and only then, is SY-SUBRC set to 0. You can avoid checking a field by replacing FIELD <f> with DUMMY. You can only evaluate the result of the authorization check by checking the contents of SY-SUBRC. For a list of the possible return values and further information, see the keyword documentation for the AUTHORITY-CHECK statement. For further general information about the SAP authorization concept, refer to Users and Authorizations.

There is an authorization object called F_SPFLI. It contains the fields ACTVT,

NAME, and CITY.

SELECT * FROM SPFLI.

AUTHORITY-CHECK OBJECT 'F_SPFLI'

ID 'ACTVT' FIELD '02'

ID 'NAME' FIELD SPFLI-CARRID

ID 'CITY' DUMMY.

IF SY-SUBRC NE 0. EXIT. ENDIF.

ENDSELECT.

If the user has the following authorizations for F_SPFLI:

ACTVT 01-03, NAME AA-LH, CITY none, and the value of SPFLI-CARRID is not between “AA” and “LH”, the authorization check terminates the SELECT loop.

Regards,

Bhaskar