Skip to Content
author's profile photo Former Member
Former Member

. zreport authorization

HI Experts, I have Developed a ZReport. In that Report i Need to give the authorization to particular User's Only.

Can any tell how to write an authorization for a zreports.

<<Moderator message - please do more research before asking >>

Locked

Message was edited by: Rob Burbank

Add a comment
10|10000 characters needed characters exceeded

Assigned Tags

Related questions

9 Answers

  • author's profile photo Former Member
    Former Member
    Posted on Jun 12, 2012 at 11:58 AM

    Hi Sankar,

    AUTHORITY-CHECK OBJECT object
    ID name1 FIELD f1
    ID name2 FIELD f2
    ...
    ID name10 FIELD f10.

    Please try F1 SAP help. you will get all the details. Thx

    Add a comment
    10|10000 characters needed characters exceeded

  • Posted on Jun 12, 2012 at 12:03 PM

    Hi Sankar,

    Please create an Authority Check object and ask authorization Team to assign different Roles to it based on User profile.

    Search SCN for authority-check object .

    Add a comment
    10|10000 characters needed characters exceeded

  • author's profile photo Former Member
    Former Member
    Posted on Jun 12, 2012 at 12:04 PM

    Hi Sankar,

    Ask Basis team to create roll for your ZREPORT program TCODE.(authorization group)

    And check the table entries in the agr_users table with roll name (AGR_NAME), user id (UNAME).

    Check the sy-subrc. If through the 0. access the tcode. Else display the error message.

    Thanks & Regards,

    Suresh M

    Add a comment
    10|10000 characters needed characters exceeded

  • Posted on Jun 12, 2012 at 12:06 PM

    If all you are trying to control is the ability to run the report or not, then the simplest way is to assign a transaction code to the report (using transaction SE93) and give access to that tcode to the users that should have it. Assuming users generally don't have access to run all ABAPs with SE38 or SA38 (they shouldn't) then this should work fine and doesn't require any changes to the report itself.

    If you need finer control, over what data the report should allow access to, then you'll need to add authority-check statements in the report using appropriate authorisation objects. Whether standard SAP objects are appropriate or you need to create new ones is a discussion you'll need to have with your functional and security teams.

    Steve.

    Add a comment
    10|10000 characters needed characters exceeded

  • author's profile photo Former Member
    Former Member
    Posted on Jun 12, 2012 at 12:10 PM

    One way is, when you will assign the transaction to the z report ask the basis person to set the authorisations of that transactio to the desired users.

    The other way is to check the desired users in your report using the system field sy-uname,.

    The first way is what we use normally.

    Add a comment
    10|10000 characters needed characters exceeded

  • author's profile photo Former Member
    Former Member
    Posted on Jun 12, 2012 at 12:13 PM

    Hi Sankar,

    Please follow the below step.

    1) create Authorization Object using Tcode SU21.

    2) call FM

    CALL FUNCTION 'AUTHORITY_CHECK' in Zreport.

    Regards,

    Ashwath.

    Add a comment
    10|10000 characters needed characters exceeded

  • author's profile photo Former Member
    Former Member
    Posted on Jun 12, 2012 at 12:13 PM

    Hi Sankar,

    Please follow the below step.

    1) create Authorization Object using Tcode SU21.

    2) call FM

    CALL FUNCTION 'AUTHORITY_CHECK' in Zreport.

    Regards,

    Ashwath.

    Add a comment
    10|10000 characters needed characters exceeded

  • author's profile photo Former Member
    Former Member
    Posted on Jun 12, 2012 at 12:19 PM

    Hi Sankar,

    Go to SU21 and search the correct authorization object.

    Use the code like this.

    AUTHORITY-CHECK OBJECT 'F_BKPF_BUK'

    ID 'BUKRS' FIELD '1000'

    ID 'ACTVT' FIELD '01'.

    you can also do looping instead of hard coding the company code values.

    Thanks!

    Add a comment
    10|10000 characters needed characters exceeded

  • Posted on Jun 12, 2012 at 12:39 PM

    In that Report i Need to give the authorization to particular User's Only.

    Suggest that you want to manage authorization in the report, not calling the report.

    - So think about kind of authorization you want to perform : only "activity" or related to some "object"

    - Look via SU20 to fields already available (eg. company, order BUKRS) and via SU21 to already existing authorization object (e.g F_BNKA_BUK bank activity per company code)

    - If not already existing, create missing fields then objects. (Speak also with Basis/Security managers)

    - In your program add statement AUTHORITY-CHECK

    (Exception: to test for transaction before a CALL TRANSACTION, use FM AUTHORITY_CHECK_TCODE)

    - Then authorization managers will create/maintain (PFCG) roles associated to user/group

    Regards,

    Raymond

    Add a comment
    10|10000 characters needed characters exceeded

Before answering

You should only submit an answer when you are proposing a solution to the poster's problem. If you want the poster to clarify the question or provide more information, please leave a comment instead, requesting additional details. When answering, please include specifics, such as step-by-step instructions, context for the solution, and links to useful resources. Also, please make sure that you answer complies with our Rules of Engagement.
You must be Logged in to submit an answer.

Up to 10 attachments (including images) can be used with a maximum of 1.0 MB each and 10.5 MB total.