Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Verify Authorization for a differnt UserID

Former Member

‎01-09-2008 3:58 AM

0 Kudos

Hi all,

Hope you are all doing great. I need some help from the experts.

My question is that I am storing UserID in a Table Field as input from end users. I have to make sure that the entered Userid (not the current end user) has a authorization for a given auth Object field/value combination. I did a search for Function Modules that begin with Authority_Check but didn't see any obvious ones.

I think this should be possible, i.e. "AUTHORITY-CHECK OBJECT 'xx' " with also supplying the UserID.

Please let me know if you know how to do so.

Thanks.

8 REPLIES 8

Former Member

‎01-09-2008 4:04 AM

0 Kudos

HI,

see this link for creating the authority check object,field creating and the syntax need to be used in the program.

http://help.sap.com/saphelp_nw70/helpdata/en/52/67167f439b11d1896f0000e8322d00/content.htm

rgds,

bharat.

Former Member

‎01-09-2008 4:06 AM

0 Kudos

hi

Login to SAP with the normal user and click on the Form Settings button (the one with some little gears) situated in the tools bar .

with regards,

Hema.

Former Member

‎01-09-2008 4:19 AM

0 Kudos

Thanks Bharat. I looked at the help earlier. It shows regular check for current logged in user. note some random user.

Hema, not sure what u r referring to.

I tried the Function Code Behind the Authority-check but it gives me Another Auth Error. Still tryng to find out what is the Auth error running the code bewow.

REPORT ZAUTHCHECK.

&----

*& Report ZAUTHCHECK

*&

&----

*&

*&

&----

WRITE: / 'begin of test'.

CALL FUNCTION 'AUTHORITY_CHECK'

EXPORTING

  • NEW_BUFFERING = 3

USER = 'SAPID'

OBJECT = 'B_USERSTAT'

FIELD1 = 'BERSL'

VALUE1 = 'PS_APPD'

  • FIELD2 = ' '

  • VALUE2 = ' '

  • FIELD3 = ' '

  • VALUE3 = ' '

  • FIELD4 = ' '

  • VALUE4 = ' '

  • FIELD5 = ' '

  • VALUE5 = ' '

  • FIELD6 = ' '

  • VALUE6 = ' '

  • FIELD7 = ' '

  • VALUE7 = ' '

  • FIELD8 = ' '

  • VALUE8 = ' '

  • FIELD9 = ' '

  • VALUE9 = ' '

  • FIELD10 = ' '

  • VALUE10 = ' '

  • EXCEPTIONS

  • USER_DONT_EXIST = 1

  • USER_IS_AUTHORIZED = 2

  • USER_NOT_AUTHORIZED = 3

  • USER_IS_LOCKED = 4

  • OTHERS = 5

.

IF SY-SUBRC <> 0.

  • MESSAGE ID SY-MSGID TYPE SY-MSGTY NUMBER SY-MSGNO

  • WITH SY-MSGV1 SY-MSGV2 SY-MSGV3 SY-MSGV4.

ENDIF.

WRITE: / 'End of Check.'.

Former Member
In response to Former Member

‎01-09-2008 2:28 PM

0 Kudos

nevermind. I found an answer. It was in my face. When I inserted the Authority-Check using the pattern, the Exceptions section was commented out.

For others: How to to check for authorization for a user other than the one running the transaction.

Insert Function Module "Authority_Check" using Edit -> Pattern. Pass appropriate parameters.

Make sure you UNCOMMENT THE EXCEPTIONS SECTION!!! Normally it is for other functions, but not this!

Edited by: brd drb on Jan 9, 2008 9:29 AM

Former Member

‎01-09-2008 4:24 AM

0 Kudos

Hi...

For the issue you stated you can use AUTHORITY-CHECK OBJECT ... The syantx for it is

AUTHORITY-CHECK OBJECT objectname

ID userid1 FIELD fieldvalue1

.

.

ID userid10 FIELD fieldvalue10.

1) you have to create the authorization object...you can ask Basis people to create it.

2) specify proper values to it...

3) Now in the program you can check the authorization against the required user id and the then process further...

Hope this will solve your issue....If not let me know..

Regard....

Reward if useful !!!!

Former Member
In response to Former Member

‎01-09-2008 5:12 AM

0 Kudos

I tried the "For userID' addition as below, but it fails the syntex check. It looked to be the most promising though

I aa familier with the regualr Authority-Check... but it runs for the logged in user. I want to run it for some other users. All the authorizations fields - roles - profiles, are already there. I want to be able to check as if the user was actually logged in.

May be I didn't word the question right.

I want to do 'Authorization-check' in the program for some other user, who is currently NOT running the program.

thanks for all the input so far.

************

REPORT ZZAUTHCHECK .

write: / 'beging test'.

authority-check object 'A_ALL' for 'sapuser'

id 'M_ACT_PER' field '30'

id 'BUKRS' field '*'.

IF SY-SUBRC 0.

write: / 'sy-subrc = 0'.

ENDIF.

write: / 'end test'.

Former Member

‎01-09-2008 4:36 AM

0 Kudos

please chk this link

[Authorization for user|https://www.sdn.sap.com/irj/sdn/wiki?path=/display/snippets/conceptofAuthorizationForusers&]

in the code

AUTHORITY-CHECK OBJECT 'ZAUTH' for userid

ID 'ACTVT' FIELD '02'.

IF sy-subrc <> 0.

APPEND 'EDIT' TO fcode.

ENDIF.

where user id contains the userid from the table

Former Member

‎01-09-2008 2:28 PM

0 Kudos

See my post above.