on 09-12-2011 9:23 AM
Hi gurus,
I wonder how can I develop a method in which user can only print invoice messages allowed.
For example: I have an invoice type "Z123" which has 3 message types determined-> ZAAA, ZBBB and ZCCC.
If I'm user "A" I must be able to print any of them, but... if I'm user "B" I only must be allowed to print a certain message types.
I thought about creating an authorization object and check it for the user on the print programs. But I don't know if it's a good solution to acomplish this stuff.
Could you please help me?
Thanks in advance,
John
Hi
You wrote:
I thought about creating an authorization object and check it for the user on the print programs. But I don't know if it's a good solution to acomplish this stuff.
I think that's the best solution
I don't think there0s a standard object for that, so you can try to create one.
Then you need to insert in a profile and assign it to the users
Max
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
John,
This can be achieved using condition technique.
You can append new field user name in the field catalog and populate the codition record for this in the condition table.
Then based on the condition records maintianed correct output type will be selected when you are processing the invoice.
This is purely customization where you using condition technique to determine the output.
Functional guy would surely able to assist you,
Incase you need any more inputs please let me know
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Sumit,
Thanks for your answer.
I also thought bout that solution but... the thing is that all messages must be determined for the invoice but only some users must be able to print some of them.
If I assign the username on the access sequence then the invoice wiil not determine all the messages that other users can print. So I think I can't do it that way
Regards,
John
Hi John.
In that case i can think of two options.
First - Maintaining entries in TVARC for a combination of user name and output types and then dont process the message types which are not assigned to a user name.
Second - You can try this but security personal would suggest if this is feasible. you can create and authorization object for output types and then do not process the outputs not assigned to a user.
Please note when i say do not process you wil end that particular output in error.
at the very begining do these checks and if check fails set sy-subrc eq 9999 and update the nast records with a message saying user XXXX not authorized to execute this output type.
Hope this helps.
Thanks
Thanks Max,
I'm testing that solution. Anyway, I'll let the thread opened a pair of days more just in case someone gets a better idea.
Regards,
John
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
86 | |
10 | |
10 | |
9 | |
6 | |
6 | |
6 | |
5 | |
4 | |
3 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.