Registration

Dear SAP Community Member,
In order to fully benefit from what the SAP Community has to offer, please register at:
http://scn.sap.com
Thank you,
The SAP Community team.
Skip to end of metadata
Go to start of metadata

Authorization objects are composed of a grouping of fields. The values in these fields will be used in authorization check. There can be a maximum of 10 fields defind on an authorization object.

 Basically we use this authoirzation objects to check whether the user is having an authoirzation to run perticular transaction.  We assign authorization objects to a role with specific ACTVT type. For example a user is authorized only to view, other could be authorized to modify and so on.    IF your userid not attached to specific role than contact your basis team to resolve the problem by sending SU53 screen shot.

AUTHORITY-CHECK is the statement used in an ABAP Program to perform an authorization check against an authorization obect.  This statement will return sy-subrc is 0 if user has required authorization otherwise will return code will be other than Zero.  Each return code will have different meaning.

Example:   8 - User has to authorization.

                  12 - Too many parameters  etc.,

STEP BY STEP TO CREATE AUTHORIZATION OBJECT:

STEP1:  goto  SU21 transaction and create a new Authorization Object

Object Name:  Z.....

Text:  ...........

ClassL  SD (YOUR MODULE)

AUTHOR:  YOUR ID

STEP2:  Give authorizatin fields as

ACTION - Action of the Authorization

Activity -  Document Destribution.

STEP3:  Basis will create a role using transaction  PFCG and assign this authorization object to that role.

STEP4:  Call the AUTHORITY-CHECK Object in your code.

 AUTHORITY-CHECK OBJECT <authorization object>
ID <authority field 1> FIELD <field value 1>.
ID <authority field 2> FIELD <field value 2>.

IF sy-subrc 0.
MESSAGE e000(zzpp) WITH 'No Authorization'.
ENDIF.

  • No labels

1 Comment

  1. Hello Suresh,

    Need to change following:

    Example:   8 - User has to authorization.  --> Need to change to  Example:   8 - User has no authorization.

    Also need to change IF sy-subrc 0. --> IF sy-subrc is not initial.

     IF sy-subrc is not initial.

         MESSAGE e000(zzpp) WITH 'No Authorization'.

    ENDIF.

    Thanks,

    -Augustin.