Skip to Content
author's profile photo Former Member
Former Member

authorization check

Hi All!

I have found a WD tutorial in the Galileo Press Book

This tutorial is about Customer Orderlist (SD).

I get always the message you are not authorized to run

this application. Whats is wrong. Where is the

authorization check made ?

This the FM which is called via Adaptive RFC

FUNCTION z_sdorder_getdetailedlist.

*"----


""Lokale Schnittstelle:

*" IMPORTING

*" VALUE( I_SD_DOC ) TYPE VBELN

*" TABLES

*" ORDER_HEADERS_OUT STRUCTURE BAPISDHD OPTIONAL

*" ORDER_ITEMS_OUT STRUCTURE BAPISDIT OPTIONAL

*"----


DATA: i_bapi_view TYPE order_view,

sales_documents TYPE TABLE OF sales_key,

wa_sales_documents LIKE LINE OF sales_documents.

wa_sales_documents-vbeln = i_sd_doc.

APPEND wa_sales_documents TO sales_documents.

i_bapi_view-header = 'X'.

i_bapi_view-item = 'X'.

CALL FUNCTION 'BAPISDORDER_GETDETAILEDLIST'

EXPORTING

i_bapi_view = i_bapi_view

TABLES

sales_documents = sales_documents

order_headers_out = order_headers_out

order_items_out = order_items_out.

ENDFUNCTION.

Rgd

sas

Add a comment
10|10000 characters needed characters exceeded

Assigned Tags

Related questions

2 Answers

  • Best Answer
    author's profile photo Former Member
    Former Member
    Posted on Jan 29, 2008 at 09:17 AM

    Hi Erdem,

    This authorization check is made when you are calling RFC through JCo connection. Check whether your JCo is configured with the user ID with appropriate authorization. If SSO is configured for your Portal check Portal logged in user has sufficient authorization.

    regards,

    Siva

    Add a comment
    10|10000 characters needed characters exceeded

  • author's profile photo Former Member
    Former Member
    Posted on Jan 29, 2008 at 09:32 AM

    Hello

    I have found the appropriate passage in the code.

    How can I ever reach that this if clause returns true ?

    -


    Remark:

    Please notice ! The class Authorization extends from NamePermission

    import com.sap.security.api.permissions.NamePermission;

    public class Authorization extends NamePermission

    -


    //code fragment

    if (user.hasPermission(new Authorization("CALL_WDGETSALESORDER")))

    Rgds

    sas

    public void wdDoInit()

    {

    //@@begin wdDoInit()

    IWDClientUser user = null;

    IUser iuser = null;

    String kunnr = null;

    String vkorg = null;

    String[] attributeNames = null;

    try {

    user = WDClientUser.getCurrentUser();

    } catch (WDUMException e) {

    wdThis.wdFirePlugToPermissionError();

    }

    if (user.hasPermission(new Authorization("CALL_WDGETSALESORDER"))) {

    iuser = user.getSAPUser();

    attributeNames =

    iuser.getAttributeNames("com.sap.security.core.usermanagement");

    for (int i = 0; i < attributeNames.length; i++) {

    if (attributeNames<i>.equals("Kundennummer")) {

    kunnr =

    iuser.getAttribute(

    "com.sap.security.core.usermanagement",

    "Kundennummer")[0];

    if (kunnr != null) {

    for (int i1 = kunnr.length(); i1 < 10; i1++) {

    kunnr = "0" + kunnr;

    }

    wdContext

    .currentBAPI_SALESORDER_GETLIST_INPUTElement()

    .setCustomer_Number(

    kunnr);

    }

    }

    }

    for (int i = 0; i < attributeNames.length; i++) {

    if (attributeNames<i>.equals("Verkaufsorganisation"))

    vkorg =

    iuser.getAttribute(

    "com.sap.security.core.usermanagement",

    "Verkaufsorganisation")[0];

    if (vkorg != null) {

    for (int i2 = vkorg.length(); i2 < 4; i2++) {

    vkorg = "0" + vkorg;

    }

    wdContext

    .currentBAPI_SALESORDER_GETLIST_INPUTElement()

    .setSales_Organization(

    vkorg);

    }

    }

    if (user

    .hasPermission(

    new Authorization("CUSTOMER_SELECTION_ALLOWED"))) {

    wdContext.currentContextElement().setCustomerNoEnabled(true);

    wdContext.currentContextElement().setSalesOrgEnabled(true);

    } else {

    wdContext.currentContextElement().setCustomerNoEnabled(false);

    wdContext.currentContextElement().setSalesOrgEnabled(false);

    }

    } else {

    wdThis.wdFirePlugToPermissionError();

    }

    //@@end

    }

    Add a comment
    10|10000 characters needed characters exceeded

    • Former Member

      Hi Erdem,

      First check the value of user.hasPermission() like this:

      wdComponentAPI.getMessageManager().reportSuccess("Permission"+

      user.hasPermission(new Authorization("CALL_WDGETSALESORDER"))) ;

      Put this line just above if condition.

      regards,

      Siva

Before answering

You should only submit an answer when you are proposing a solution to the poster's problem. If you want the poster to clarify the question or provide more information, please leave a comment instead, requesting additional details. When answering, please include specifics, such as step-by-step instructions, context for the solution, and links to useful resources. Also, please make sure that you answer complies with our Rules of Engagement.
You must be Logged in to submit an answer.

Up to 10 attachments (including images) can be used with a maximum of 1.0 MB each and 10.5 MB total.