cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Auth object for prod orders and MRP Controller

Former Member

on ‎02-07-2018 12:01 PM

0 Kudos

Hi all. My need is to find or create particular authorization object. It should differentiate production orders by MRP Controller. Say, we have 2 prod orders №1111 and №2222, and they have MRP Controllers №100 and №200 respectively. The goal is that some users should have access to create or edit prod orders with MRP Contr. №100 (prod ord №1111), but not with MRP Contr. №200 (prod ord №2222).

Existing auth field (DISPO) relates only to MRP process, but not to prod orders.

Any ideas how to solve the problem?

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (1)

Answers (1)

TammyPowlas
Active Contributor
‎02-07-2018 12:04 PM
0 Kudos

Hi Bill - to try to find it please perform an STAUTHTRACE in your backend system. If it exists, it will appear there. If not, then you know it will need to be created.

Show replies
Show replies
Former Member
‎02-07-2018 12:52 PM
0 Kudos

Thanks Tammy.

I've run the tcode and object doesn't appear.

I created cusom auth field and custom auth object, but it doesn't work as desired. I mean, I add it to role, fill it with particular value (for instance MRP Contr. = 100), but system lets the user edit prod orders with other MRP Controllers.

Apparently, system doesn't associate auth field with field on a screen.

Now I need to know how to link them.

TammyPowlas
Active Contributor
‎02-07-2018 12:53 PM
0 Kudos

I would work with your ABAP developer to implement the custom authorization object

Former Member
‎02-07-2018 12:57 PM
0 Kudos

Could you please guide me how to do this? Maybe some links or code examples?

TammyPowlas
Active Contributor
‎02-07-2018 12:59 PM
0 Kudos

Please search - there are several blogs on this topic that explain it - for example https://blogs.sap.com/2012/08/27/one-custom-authorization-object-for-all/

Caetano
Product and Topic Expert
Product and Topic Expert
‎02-09-2018 3:28 AM
0 Kudos

Hello Bill

If the statement AUTHORITY-CHECK is not called for this specific authorization object during the program execution, then it will not be checked in the transactions.

The following blog explains how to check if this statement is called during the transaction execution:

https://blogs.sap.com/2014/03/19/how-to-analyze-authorization-issues-in-debug/

If the authorization is not called, then you can implement your own check using BAdI WORKORDER_UPDATE.


Regards,

Caetano

Ask a Question