07-15-2008 9:10 AM
Hi,
How to handle authorization levels in LSMW. Please explain me step by step process.
Thanks
Nagendra
07-15-2008 9:15 AM
nagendra,
just refer:
http://help.sap.com/saphelp_nw04/helpdata/en/dc/1a6a2e337e11d3bc3c00105a6588b2/frameset.htm
Amit.
07-15-2008 9:21 AM
Hi,
I need to know how to use authorization levels in LSMW and Where can i use . please provide the code for this.
07-15-2008 9:26 AM
07-15-2008 9:32 AM
I need to use authorization function B_LSMW_EXEC for executing the LSMW.
07-15-2008 9:49 AM
The objects are checked anyway by the LSMW, no need to add coding anywhere.
If you want check these objects in your own programs, just insert a pattern for statement AUTHORITY-CHECK and object B_LSMW_EXEC. Use the info as provided in the link by Amit.
Thomas
07-15-2008 9:41 AM
Hi,
I hope we can do the validations for LSMW in two ways
1) User profile level (Basis team work)
2) Validating authorization object in LSMW. In the fift step of LSMW, we can write the cosding. Double click on the Begin of processing block and write the code to check the authorization same as norma ABAP program.
This code will execute during the convert data step.
If the user has the proper authorizations, will execute smoothly, if not through an error.
Thanks,
Rajinikanth
07-15-2008 9:51 AM
Can you please provide the code for authorization check for the object B_LSMW_EXEC.
07-15-2008 10:27 AM
Hi,
U can try to call the LSMW object from a report program and there u can try to check the authorization for the LSMW object...
Type pools
TYPE-POOLS: tumls. " LSM Workbench: Type-Pool
Data declaration
DATA: project TYPE tumls_project, " Project
subproj TYPE tumls_subproj, " Subproject
object TYPE tumls_objectnew. " Object
START-OF-SELECTION.
Store project
project = 'TPISP - DC'.
Store subproject
subproj = 'VARIANT_MAT'.
Store object
object = '6GSC022_TS3'.
<< Put ur authorization check here..
Call the function module to display object (LSMW) maintenance screen
CALL FUNCTION '/SAPDMC/LSM_OBJ_STARTER'
EXPORTING
project = project
subproj = subproj
object = object
EXCEPTIONS
no_such_object = 1
OTHERS = 2.
Basically from LSMWu2019s initial screen whenever you press enter or continue button it calls the FM /SAPDMC/LSM_OBJ_STARTER and there is no authorisation check prior to do this, only LSMW checks for authorisation when you press Administration from GOTO menu using the FM /SAPDMC/LSM_AUTHORIZATN_CHECK. That means any body can access any object and can do any unwanted change. And it is really hard to track the changes as LSMW does not have any inbuilt version management. So to avoid this before calling the FM we can do the authorisation check based on certain conditions (not necessary to do authority check, but can be achieved by maintaining parameter ID in the user profile or through maintaining custom table) and by this way we can restrict unwanted user access.
Regards,
Joy.
07-15-2008 11:44 AM
>
> That means any body can access any object and can do any unwanted change.
That's wrong. You need S_TCODE for "LSMW" and B_LSMW with at least ACTVT = "02" as well as B_LSMW_PRO for the related project to be able to change an object. You can check yourself by looking at the authorization trace in ST01.
Thomas
01-21-2009 5:23 AM