I am currently trying to restrict user access by company code and cost center combination.
We have roles defined for each user and I am trying to use the standard authorization object A_S_KOSTL in this role . It seems that since it is not a 'maintianed' object no activity can be assigned to this autorization object.
currently the values are :
company Code : 1110 , 1112, 1114
Cost Center : *
i am getting sy-subrc as 0 even when i test for company code : 1110 for a user with the above role.
My code is :
AUTHORITY-CHECK OBJECT 'A_S_KOSTL' ID 'BUKRS' FIELD '1110'. F sy-subrc EQ 0. AUTHORITY-CHECK OBJECT 'A_S_KOSTL' ID 'KOSTL' FIELD '*' . IF sy-subrc EQ 0. MESSAGE 'Success with KOSTL also' TYPE 'S'. ELSE. MESSAGE 'Success with BUKRS only' TYPE 'S'. ENDIF. ELSE. MESSAGE 'Failure' TYPE 'S'. ENDIF .
I get a subrc NE 0 for the KOSTL part. The test passes for BUKRS.
Please advise on how to proceed.
Thanks and Regards