Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Regarding security check...

Go to solution
Former Member

‎02-03-2009 3:03 PM

0 Kudos

Hello Gurus,

I am working on security side of a custom selection report. I have created a a authorization object in SU21 so that any user who does not have authorization will not be able to execute the report by using sy-subrc for authorization-check.

There is one more kind of authorization that is required. There is a dropdown selection field called 'Department' on selection screen which has around thre values. The requirement is security check on that selection field itself, so that when use does a dropdown, he would only see the department for which he/she is authorized.

Can someone tell how do I achieve this ? I know that we can specify the values in authorization object for which user can select data but do we have to do any coding for this in ABAP ?

Regards,

Rajesh.

1 ACCEPTED SOLUTION

Go to solution
former_member156446
Active Contributor

‎02-03-2009 3:12 PM

0 Kudos

Hi Drop down is created using FM : 'VRM_SET_VALUES' where ID and values hold the content... check the authorization check and send data to the Structures only if the authority check is passed..

AT SELECTION-SCREEN. 
AUTHORITY-CHECK OBJECT 'S_CARRID' 
ID 'CARRID' FIELD carr 
ID 'ACTVT' FIELD '03'. 
 
IF sy-subrc NE  0. 
 vrkme_lstbox_values-key = 'C'.
 vrkme_lstbox_values-text = 'Display All'(015).
APPEND vrkme_lstbox_values TO vrkme_lstbox.
ENDIF.

CALL FUNCTION 'VRM_SET_VALUES'
  EXPORTING
     id              = vrkme_lstbox_name
    values          = vrkme_lstbox
  EXCEPTIONS
   id_illegal_name = 1
    OTHERS          = 2.

2 REPLIES 2

Go to solution
former_member156446
Active Contributor

‎02-03-2009 3:12 PM

0 Kudos

Hi Drop down is created using FM : 'VRM_SET_VALUES' where ID and values hold the content... check the authorization check and send data to the Structures only if the authority check is passed..

AT SELECTION-SCREEN. 
AUTHORITY-CHECK OBJECT 'S_CARRID' 
ID 'CARRID' FIELD carr 
ID 'ACTVT' FIELD '03'. 
 
IF sy-subrc NE  0. 
 vrkme_lstbox_values-key = 'C'.
 vrkme_lstbox_values-text = 'Display All'(015).
APPEND vrkme_lstbox_values TO vrkme_lstbox.
ENDIF.

CALL FUNCTION 'VRM_SET_VALUES'
  EXPORTING
     id              = vrkme_lstbox_name
    values          = vrkme_lstbox
  EXCEPTIONS
   id_illegal_name = 1
    OTHERS          = 2.

Go to solution
Former Member

‎02-03-2009 3:19 PM

0 Kudos

hi,

You need to create authrization Object for department also as like we create for plant,company code..etc.

LOOP AT tbl_plant.
*   Calling the subroutine to check each plant code.
    PERFORM plant_code_check USING tbl_plant-werks
                                   v_value
                                   v_errmess
                                   v_subrc.
*   Get out and stop checking on the first failure.
    IF sy-subrc NE 0.
      IF v_errmess EQ space.
        v_werks = tbl_plant-werks.
      ENDIF.
      EXIT.
    ENDIF.
  ENDLOOP.


*********************************************************************************************

FORM plant_code_check USING v_werks v_value v_errmess v_subrc.
* Authorization check here..
  AUTHORITY-CHECK OBJECT 'ZPLANT'
                                                 ID 'ACTVT' FIELD v_value
                                                 ID 'WERKS' FIELD v_werks.

* Checking for Return code from the authority check.
  IF sy-subrc NE 0.
*   If error message printing option is turned on, write error message.
    IF v_errmess NE space.
*   Not authorized for this company code message.
      MESSAGE e000(zm1) WITH text-010 v_werks.
    ELSE.
      v_subrc = sy-subrc.                      "Not authorized
    ENDIF.
  ENDIF.

ENDFORM.

Thanks

Parvathi