Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Field Level Authorization

Former Member

‎07-12-2010 7:30 AM

0 Kudos

Hi experts,

I have a query regarding the authorization concept.

I have a report where in I display some fields.Now in this report I need to implement field level authorizations.

I need to display the report, such that some users are able to change and read some fields and some users can only read those fields.To summarize, the fields are to be diaplyed based on the user authorization to read/ change fields in report.

The authorization-object is the concept at TCODE level.How do I achieve this at field level in the output report.

Any pointers on this are highly appreciated.

3 REPLIES 3

SuhaSaha
Advisor
Advisor

‎07-12-2010 7:36 AM

0 Kudos

> 

> The authorization-object is the concept at TCODE level.

Incorrect statement.

If your's is a report program with editable fields, i am assuming it to be an editable ALV.

You can check the user's authorisation to change the values of the particular field before enabling the field for input. You can do this using AUTHOTRITY-OBJECT. I don't think there is any problem in doing this.

BR,

Suhas

Former Member
In response to SuhaSaha

‎07-12-2010 7:49 AM

0 Kudos

Hi Suhas,

Thanks for your reply.

My requirement is as below:

The user needs to be checked for authorization to report fileds.The user should be given authorization to some fields of report and should not be given to some others.If there are 15 fields some users can edit 7 fileds.How do I determine his authorization to a particular FIELD.Can we maintain these fields in the authorization object or so? Please provide your inputs.I am not well versed with Authority object concept.

Former Member

‎07-12-2010 8:05 AM

0 Kudos

Hi,

Please read these points:

1. Authorization objects enable complex checks of an authorization, which allows a user to carry out an action. An authorization object can group up to 10 authorization fields that are checked in an AND relationship.

2. For an authorization check to be successful, all field values of the authorization object must be maintained accordingly. The fields in an object should not be seen as input fields on a screen. Instead, fields should be regarded as system elements, such as infotypes, which are to be protected.

3. You can define as many system access authorizations as you wish for an object by creating a number of allowed values for the fields in an object. These value sets are called authorizations. The system checks these authorizations in OR relationships.

For your reference:

1. http://www.citehr.com/138199-sap-authorization.html

2. http://help.sap.com/saphelp_crm60/helpdata/en/47/4cd32fe7c56d18e10000000a421138/content.htm

May it helps you.

Regards.

DS