Skip to Content
avatar image
Former Member

Adding New Auth Object to a Tx

I am facing problem in adding client specific Auth restriction in a Tx: CJ20n.

I tried makig new aurth object with u201Cauth fieldsu201D containg the above fileds . And added the Auth object to Tx : CJ20n using su24.

But it is not checking the Auth Oject at all. I am not sure if some Authority-check needs to need to be coded in CJ20n program. I spoke to ABAPer to modify the STD CJ20n program to insert AUTHORITY-CHECK but he said it will be a huge modification and such things should be avoided, even I feel the same.

Let me know what are the possible solutions and how to go about it.

Details of the Requirement:

In Tx: CJ20n which is PS Project Builder. We need to implement a specific senario in which Project builder (CJ20n) the WBS elements are to restricted on basis of HR positions.

Assignment of WBS elements to project team is done in the same tcode. In which a Relationship between WBS element and HR postion is doneu2026.And HR postion in turn is assigned to a user id.

Requirement :

Not sure of the funtionality provided by SAP of the above assignment. It just assigns team members to the WBS elements but dose not restic the access of that WBS elements only to those assigned users.We need to restric this WBS elemets according to the assigments made here.

i.e. for eg. only user whos are assigned to HR postion u201Cmanageru201D should be able to access WBS element u201CTEST(00000106)u201D

Difficulty:

NON of the auth objects provided by SAP in su24 contain HR position as field. Hence not able to check the postion of the user accessing the WBS element.

Further Findings:

The above relation is stored in two different tables

Table 1 : PRPS

field name1: POSID (contains wbs project)

field name2: OBJNR (WBS id)

Table 2 : HRPS1001

field name1: SOBID (WBS id)

field name2: OBJID (HR position id)

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

2 Answers

  • avatar image
    Former Member
    Sep 18, 2008 at 07:15 AM

    > I tried makig new aurth object with u201Cauth fieldsu201D containg the above fileds . And added the Auth object to Tx : CJ20n using su24.

    > But it is not checking the Auth Oject at all. I am not sure if some Authority-check needs to need to be coded in CJ20n program. I spoke to ABAPer to modify the STD CJ20n program to insert AUTHORITY-CHECK but he said it will be a huge modification and such things should be avoided, even I feel the same.

    I think your abaper is right. Authority checks need to be in the code to work. One thing that is worth investigating is the availability of user exits in the program. Maybe there is one in the right part of the program that can be activated to create additional authorization checks.

    I do not know enough about CJ20n to comment on your requirements.

    Jurjen

    Add comment
    10|10000 characters needed characters exceeded

    • Former Member Former Member

      > I didnt get you ????

      What I meant is that if the checks are added to the standard system, then they are added for everyone (with a standard system).

      Cheers,

      Julius

  • avatar image
    Former Member
    Feb 11, 2009 at 05:08 AM

    Ok accepted the SAP standards. ANd have to find out some unique way for work with my unique requirement.

    Add comment
    10|10000 characters needed characters exceeded