Registration

Dear SAP Community Member,
In order to fully benefit from what the SAP Community has to offer, please register at:
http://scn.sap.com
Thank you,
The SAP Community team.
Skip to end of metadata
Go to start of metadata

Hi All,

Welcome to SAP Wiki SDN.

This Wiki is about how to protect a Program or a Object which is developed by you from copying or Changing by other SAP Users of Same Environment. Generally when we develop a program which has given a big Value Add to the Client or to the Company, The Properietary of that Object is either the Programmer who developed it (Incase if he is a Freelancer kind of role) or when he is working for a Client or any Orgranisation then that particular entity/organisation Holds the Copy Right. As we all know SAP supports good Security Levels on the Authorization checks and other Business Roles with Authorization Objects developed via SU20/SU21 by SAP Security or SAP BASIS Consultants and Later the Authorization Object will be used by ABAP Consultant called in the Program for the Authorization check with Syntax AUTHORITY-CHECK OBJECT 'objectname' etc... A Authorization Object will give a Knock In or Knock Out Access as per the requirement(In our case requirement is Hold Copying or Changing the Object). Here comes the question, To achieve this, What if I dont have a Authorization Object and still want to do the restriction?. The Answer is simple, when we want to achieve the same thing, we can use the BADI "CTS_CURRENT_PROJECT" to perform this operation. So when you want to restrict the Object from copying or changing by other SAP Users of same System or Environment. You need to Implement a BADI where you can write your custom Code that stops others to Copy or Change the Program/Object. Though an ABAPer can do anything in the debugging this document tells you the Basic level of holding the Copy right.  Remember the cautious note is it will stop other persons to do any activity on the Objects.
What needs to be done to achive this. These are the steps below.

1. Goto SE18 and check the BADI "CTS_CURRENT_PROJECT". Enter this BADI Name in the "Definition Name" and Navigate to Menu Path Implementation->Create.

2. After Clicking on the Create Button On the Pop-Up enter the Below Implementation Name as shown below.

 
 
3. Give the Short Description and Package Details as shown in the below screen shot.


4. Once Saved, Now Double Click on the Interface Method "GET_CURRENT_PROJECT" and write the Code shown below.

Error rendering macro 'code': Invalid value specified for parameter 'lang'
DATA : X_OBJECTS LIKE LINE OF IT_OBJECTS,
         X_USER    TYPE SYST-UNAME VALUE 'YOURSAPUSERID'. "-->You might have thought on Length of Sy-Uname :). This should be your SAP Logon User ID.
CONSTANTS : C_SE38 TYPE SYST-TCODE VALUE 'SE38'.
READ TABLE IT_OBJECTS INTO X_OBJECTS WITH KEY OBJ_NAME = 'YOUR_REPORT_PROGRAM'.
IF SY-SUBRC = 0 AND SY-UNAME <> X_USER. "X_USER Will be YOURSAPUSERID
  MESSAGE ' Hahaha You cannot change my Object' TYPE 'S'.
  SET PARAMETER ID 'RID' FIELD X_OBJECTS-OBJ_NAME.
  CALL TRANSACTION C_SE38 AND SKIP FIRST SCREEN.
ELSEIF SY-SUBRC = 4 AND SY-UNAME <> X_USER.    "---------------------------> This Else Part is for Copying the Program.                                                                                                             "This will create
  PROBLEMS FOR OTHER TO CREATE THEIR OWN PROGRAMS ALSO.
  MESSAGE ' Hahaha You cannot copy my Object' TYPE 'E' DISPLAY LIKE 'I'.
  SET PARAMETER ID 'RID' FIELD X_OBJECTS-OBJ_NAME.
  CALL TRANSACTION C_SE38 AND SKIP FIRST SCREEN.
ELSE.
  "Do Nothing.
ENDIF.

 

  


 
5. Activate the Method and Activate the BADI and now time to do testing. Goto SE38 and enter the Program name that you have given in the BADI Interface Method. (YOUR_REPORT_PROGRAM assuming you have this program in your system). Logon with other SAP User ID(Should not be the same which you have given in the BADI Interface Method) and Try to change(F6) or Copy(Ctrl+F5) the Program from the transaction SE38 and see the result.

 Note: When you implement this BADI It will be effective for the other Users and their programs. This is because of the ElseIF Part which is highlighted in the above mentioned code. So before you implement this code, You need to check whether you want to stop everyone for copying or changing the program.If you want to allow some users to have give access to those users for copying or changing the program. For this you need to add those User IDs also and compare them with the Current User ID similarly as you did with X_USER.

Thanks & Regards,

Venkat Sesha

  • No labels

1 Comment

  1. I would never accept developers to hide their code, nor would I procure products (add-ons) from third-party vendors where the code was hidden. Why? Several reasons:

    • The code might have security and/or performance issues (yes, we check these things before signing a contract - even for 3rd party products)
    • The code might endanger existing data and/or processes by not following best practices
    • The code might contain malicious parts (intentionally compromising or divulging sensitive data)

    Transparency is non-negotiable when it comes to code, whether it is delivered by internal or external developers (freelancers) or third-party providers. True, the code procured from a third party is their intellectual property and should not be copied or tampered with, but this is already covered by legal frameworks - at least in countries where this kind of thing is respected...

    As for your proposed solution, it would not hold water if proper checks & balances are in place. First of all, as you mention, it would be easy to debug your way around it. Secondly, it would work only in a development system unless you manage to transport the BAdI implementation across to downstreams systems - someone with SE38 or SE80 in a QA or Prod system would easily see your code. And, you'd probably have a hard time explaining why you made those changes to CTS_CURRENT_PROJECT (smile)

    Regards,

    Trond