cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

ABAP Selection Options and V_VBAK_VKO authorization

Former Member

on ‎08-31-2017 2:46 PM

0 Kudos

HI ,

I need advice from abapers :

when i create report reading from VBRK/VBRP and and want restrict authorization to Sales Area V_VBAK_VKO (auth object) and i have selection options for vkorg/vtweg/spart how i can check authorization for combination those 3 (sales area) and later run SELECT only for authorized sales area?

thx a lot for help in advance.

sample code would be very welcome.

BR Rafal

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (4)

Answers (4)

horst_keller
Product and Topic Expert
Product and Topic Expert
‎09-17-2017 2:29 PM
0 Kudos

https://help.sap.com/http.svc/rc/abapdocu_751_index_htm/7.51/en-US/index.htm?file=abenbc_authority_c...

Show replies
Show replies
Former Member
‎09-16-2017 8:30 AM
0 Kudos

thank you for answer , it s quite easy in we talk about sale organization but in case selection-options and sales area it is quite hard.

option for removing rows is quite slow i guess as i must read all records first in select and remove them (performance)

option for checking authorization on selection options is ok but how i remove proper sales area ? i can remove Sales organization , Distribution Channel or Division , but if some has authorization to Sales Area A1/B1/C1 and A1/B2/C1 and not to C2/B2/C1 so i can not remove B2 from list.

now some good ABAPER advised me to do authorization on sales org level and delete entry later for DC and Division.

in S/4HANA i have option in new ALV IDA to go for ROW authorization during select from VIEW or TABLE will try to test that but it is not working from temp table.

Show replies
Show replies
Jelena
Active Contributor
‎08-31-2017 10:31 PM
0 Kudos

V_VBAK_VKO is for sales documents, I believe the right object for billing is V_VBRK_VKO.

Personally, I'm not a big fan of the "quietly hide unauthorized content" option as this always leads to "why am I not seeing this invoice on the list?!!!" tickets. In our system, we just do the authorization check on the selection screen and throw an error if the users try to enter a Sales Org they have no authorization for. For this check we use the approach similar to what Raymond suggested (config table as a reference).

Of course, the hiding approach might work better in some scenarios, I'm not saying my way is the best. Just another option.

Show replies
Show replies
raymond_giuseppi
Active Contributor
‎08-31-2017 3:05 PM
0 Kudos

You could select data from table TVTA in an internal table for the selection options. Execute authority-check statement for each record and remove the records not allowed. From remaining records you should try to either build a dynamic string for the WHERE clause or build some new select-options to use in a following query.

Show replies
Show replies
Ask a Question