I have a standard tcode IW22 (change PM Notification) and I would lock changing when some users modify the field Functional Location (field TPLNR).
Since this field does not have an authorization object associated, I've tried to solve this problem with the following steps:
- tcode SU20 - creation of new authorization field TPLNR with data element TPLNR
- tcode SU21 - creation of a new auth object in transaction SU21 with name ZPM and field (TPLNR, ACTVT and TCOD)
- tcode SU24 - insert of new authorization field e check indicator (green)
- tcode SU22 - check indicator - check (green)
After this we have created a new role with PFCG and add transaction IW22; the new auth.ZPM was added manually.
We have try to analyze log (ST01 trace) but it seems no check was made in the trace file.
It seems new authorization object was not checked.
My question is: "Is it possible to add a custom authorization object into standard transaction and implementing authorization check without writing abap code in exit or badi ?"