Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

autharization on company code--BUKRS

Former Member

‎07-30-2009 3:21 AM

0 Kudos

Hi Experts,

Please provide me the code to implement authority check company code wise......from where i get authority object so that i can implement the check for particular user vise.....and aloso tell me how it works .........

thanks

babbal

5 REPLIES 5

Former Member

‎07-30-2009 5:42 AM

0 Kudos

Hi,

Did you check 'AUTH_CHECK_BUKRS' function module?

Former Member
In response to Former Member

‎07-30-2009 5:49 AM

0 Kudos

Hi,

SAP Basis

Return to Technical & Functional Groups

Group Home / About This Group / Invite peers to this group

Ask This Group a Question Join This Group

Watch This Thread

<< Previous Thread < Previous Message | Next Message > Next Thread >>

About SAP Basis

The SAP Basis group is for the discussion of specific configuration and development issues that arise when utilizing the SAP Basis & System Administration.

Please Sign In or Register to mark this reply as helpful. 0member

votesplease how to create an authorization object..?Reply from PrakashPalani on 12/30/2003 11:52 PM

Using SU21 u can create Authorisation Object.

Details to give an authorisation for ABAP PROGRAMS

The smallest unit against which the check should be run is the authorization

field.

The ABAP command AUTHORITY-CHECK is used for performing authorizaton checks

in programs. Before accessing the database the user should carry out an

authorization check which is implemented in the ABAP program. The

AUTHORITY-CHECK statement first checks if the user has the authorization

containing all the required values. Then the code value in the system field

SY-SUBRC is checked. If the required value is available for each

authorization field, the check is successful (SY-SUBRC = 0). If the value is

not 0, then the check is unsuccessful, which means that the user does not

possess the required authorization and an error message will be displayed.

AUTHORITY-CHECK sets SY-SUBRC to 4, 8, 12, 16, 24, 28, 32 or 36 depending on

the cause of the authorization failure, e.g. return code 4 means that the

user does not have the required authorization; SY-SUBRC = 8 means that the

check could not successfully be carried out since not all fields of the

object were specified. The field SUBRC is in the APAB Dictionary SYST. To

address the system field in an ABAP program, the form SY-<fieldname> is

used.

The ABAP syntax of the AUTHORITY-CHECK statement is:

AUTHORITY-CHECK OBJECT '<object>' (which created by you in SU21)

ID '<name1>' FIELD <f1> (fields given in Authorisation object)

u2026u2026u2026u2026u2026u2026u2026u2026u2026u2026u2026

ID '<name10>' FIELD <f10>.

Where <object> is the name of the authorization object that has to be

checked, <name1>,..., <name10> are the authorization fields in the object,

and <f1>,... ,<f10> are the values for which the authorization is to be

checked. If after the field name is entered DUMMY, the check for a

particular field will not be carried out.

Note: Keywords and options of statements are uppercase. Each statement ends

with a period or U can consult with ur ABAP consultant regarding

authority-check syntax.

authority-check object 'Z_COMPCODE'

id 'BUKRS' field <fs_bukrs>

id 'WERKS' field <fs_werks>

id 'EKORG' field <fs_ekorg>

id 'EKGRP' field <fs_ekgrp>.

Thanks.

Former Member
In response to Former Member

‎07-30-2009 5:51 AM

0 Kudos

Hi,

SAP Basis

Return to Technical & Functional Groups

Group Home / About This Group / Invite peers to this group

Ask This Group a Question Join This Group

Watch This Thread

<< Previous Thread < Previous Message | Next Message > Next Thread >>

About SAP Basis

The SAP Basis group is for the discussion of specific configuration and development issues that arise when utilizing the SAP Basis & System Administration.

Please Sign In or Register to mark this reply as helpful. 0member

votesplease how to create an authorization object..?Reply from PrakashPalani on 12/30/2003 11:52 PM

Using SU21 u can create Authorisation Object.

Details to give an authorisation for ABAP PROGRAMS

The smallest unit against which the check should be run is the authorization

field.

The ABAP command AUTHORITY-CHECK is used for performing authorizaton checks

in programs. Before accessing the database the user should carry out an

authorization check which is implemented in the ABAP program. The

AUTHORITY-CHECK statement first checks if the user has the authorization

containing all the required values. Then the code value in the system field

SY-SUBRC is checked. If the required value is available for each

authorization field, the check is successful (SY-SUBRC = 0). If the value is

not 0, then the check is unsuccessful, which means that the user does not

possess the required authorization and an error message will be displayed.

AUTHORITY-CHECK sets SY-SUBRC to 4, 8, 12, 16, 24, 28, 32 or 36 depending on

the cause of the authorization failure, e.g. return code 4 means that the

user does not have the required authorization; SY-SUBRC = 8 means that the

check could not successfully be carried out since not all fields of the

object were specified. The field SUBRC is in the APAB Dictionary SYST. To

address the system field in an ABAP program, the form SY-<fieldname> is

used.

The ABAP syntax of the AUTHORITY-CHECK statement is:

AUTHORITY-CHECK OBJECT '<object>' (which created by you in SU21)

ID '<name1>' FIELD <f1> (fields given in Authorisation object)

u2026u2026u2026u2026u2026u2026u2026u2026u2026u2026u2026

ID '<name10>' FIELD <f10>.

Where <object> is the name of the authorization object that has to be

checked, <name1>,..., <name10> are the authorization fields in the object,

and <f1>,... ,<f10> are the values for which the authorization is to be

checked. If after the field name is entered DUMMY, the check for a

particular field will not be carried out.

Note: Keywords and options of statements are uppercase. Each statement ends

with a period or U can consult with ur ABAP consultant regarding

authority-check syntax. 

authority-check object 'Z_COMPCODE'
           id 'BUKRS' field <fs_bukrs>
           id 'WERKS' field <fs_werks>
           id 'EKORG' field <fs_ekorg>
           id 'EKGRP' field <fs_ekgrp>.

Thanks.

Former Member
In response to Former Member

‎07-30-2009 5:54 AM

0 Kudos

Steps to create authorization field

1. Go to transaction code SU20

2. Click the create new button on the application toolbar.

3. Enter u201CZTCODEu201D in the Field Name and u201CTCODEu201D in the Data Element, then hit Enter.

4. Click the save button on the system toolbar.

Next step is to create the authorization class(see #1 in figure 1) and authorization object(see #2 in figure 1).

Steps to create authorization class

1. Go to transaction code SU21

2. Click on the Create buttonu2019s drop down icon and select u201CObject Classu201D.

3. Enter u201CZTRNu201D on the Object Class field.

4. Give it a description and save it.

Steps to create authorization object

1. Again in SU21, in the list of authorization class(folder icon), click the one that weu2019ve created(ZTRN).

2. Click on the Create buttodrop down, this time selecting u201CAuthorization Objectu201D.

3. Enter u201CZ_TCODEu201D on the Object field and give it a description.

4. On the authorization fields section, enter ACTVT and ZTCODE. ACTVT is used to set and limit the activity of the user, while the ZTCODE is the authorization field that weu2019ve created earlier which is

responsible for holding a list of tcodes.

5. On the Further Authorization Object Settings, click on u201CPermitted activitiesu201D button. Here we will select the specific activities that we want to be available for our authorization object.

6. As an example, we will select 01(Create), 02(Change), and 03(Display).

7. Save and Exit.

Now weu2019re done creating our own authorization object, let us now use and assign it to a user.

Steps to create a role(see figure 2)

1. Go to transaction code PFCG.

2. Enter u201CZAUTHTESTu201D on Role field and click the u201CSingle Roleu201D button.

3. Now give it a description, click the save button and click the Authorization tab.

4. Click the u201CChange Authorization Datau201D button inside the authorization tab.

5. Then click the u201CManuallyu201D button on the application toolbar and type in the name of the authorization object that weu2019ve created earlier(u201DZ_TCODEu201D) and press enter.

6. Expand all the nodes, double click on the input field of the Activity and select activity 01 and 02.

7. Enter the tcode of our own abap program in ZTCODE field, in our example I used u201CZCOMMu201D .

8. And also donu2019t forget to add the S_TCODE authorization object and enter ZCOMM on itu2019s field.

9. Now Click on the Generate button in the application toolbar and press enter on the pop-up screen.

10. press the back button and assign a specific user on the user tab and click User Comparison button.

11. Now create another role by repeating steps 1 to 9 but this time select activity 03 on step 6.

12. Then assign this 2nd role to another user.

former_member486972
Discoverer

‎07-30-2009 7:00 AM

0 Kudos

Go to Su21 create authorization object as per your requirement(or use any existing object meeting your requirement).

In your report in At selection screen

call this object

Authotity-check object 'xxx' (maintained in su21)

id 'BUKRS' filed selection screen field

id 'ACTVT' field 'xx' (activity you need display,write etc)

if sy-subrc ne 0

message

return.

endif.

then assign transaction of report to authorization object in su24.