Skip to Content
author's profile photo Former Member
Former Member

Authorization object coding in ABAP report

Hi,

I am working on a report. The output of the report is details regarding vendor based on purchasing organization. When user executes the reports, they should be only able to see details if they are authorized to (create, change and display) for the purchasing org of vendor.

The authrorization object by SAP security team is 'M_LFM1_EKO' for standard access to vendors (via MK01, MK02 AND MK03).

How can I use same authorization object to do check in my program for the user in ABAP so that if user is not authroized he will not be able to see details during output for those vendor.

Regards,

Tgshah.

Add a comment
10|10000 characters needed characters exceeded

Assigned Tags

Related questions

3 Answers

  • Best Answer
    Posted on Aug 25, 2011 at 01:45 PM

    Hi ,

    Basically you need to call Authority-check using the pattern option and then pass the object name and field name .If the user has been assigned that object in his profile sy-subrc will succed otherwise fail .

    
    AUTHORITY-CHECK OBJECT 'M_LFM1_EKO'
             ID 'ACTVT' FIELD '1/2/3'
             ID 'EKORG' FIELD 'value of purchase organization'.
    IF sy-subrc eq 0 .
    WRITE :'authorization' .
    ELSE .
      WRITE 'no authorization' .
    ENDIF.
    

    The below lonk explains it more ...

    [http://help.sap.com/saphelp_40b/helpdata/fr/d4/e02c7dd435d1118b3f0060b03ca329/content.htm]

    Thank you .

    Anjaneya .

    Add a comment
    10|10000 characters needed characters exceeded

  • author's profile photo Former Member
    Former Member
    Posted on Aug 25, 2011 at 01:48 PM

    Hi,

    I don't really understand your question. You answered it yourself. Just use the authorization object, mentioned in your question 😉

    You can use for instance form like this one:

    form authority_check.
      authority-check object 'M_LFM1_EKO'
        ID 'EKORG' FIELD iv_ekorg
        ID 'ACTVT' FIELD iv_actvt   " '03'
    
      if sy-subrc <> 0.
        message 'No authorization' type 'E'.
      endif.
    endform.
    

    Add a comment
    10|10000 characters needed characters exceeded

  • author's profile photo Former Member
    Former Member
    Posted on Aug 25, 2011 at 01:42 PM

    Hi,

    You have to use the below code to get the solution.

    AUTHORITY-CHECK OBJECT 'M_LFM1_EKO'

    ID 'EKORG' FIELD LFM1-EKORG

    ID 'ACTVT' FIELD ACTVT.

    ACTVT will be your create change and display. You need to pass 01,02 and 03. If SY-SUBRC <> 0 for all of these then remove that Pur ORG.

    Generally we check 01, if user has creation authorization, then he should have others also.

    Shiva

    Add a comment
    10|10000 characters needed characters exceeded

Before answering

You should only submit an answer when you are proposing a solution to the poster's problem. If you want the poster to clarify the question or provide more information, please leave a comment instead, requesting additional details. When answering, please include specifics, such as step-by-step instructions, context for the solution, and links to useful resources. Also, please make sure that you answer complies with our Rules of Engagement.
You must be Logged in to submit an answer.

Up to 10 attachments (including images) can be used with a maximum of 1.0 MB each and 10.5 MB total.