Authorization objects to function module

Similar Messages

• ABAP Object or function module?

  Hello all!
  I have to create a reusable routine. This routine should be select data from Z table for to get data with a parameter ID. I will pass a ID and expect result a internal table with some parameter values.
  So, my question is: What i use for to do that? ABAP Object or function module?
  I think that so easy to use function module. Why i should to use ABAP objects? What is positive points in use object and not function module?
  For me, both do the same thing... i don't see any difference. Just object is more complicated.
  Please, tell me why should i use object??
  Edited by: Rodrigo Kenji Matsunaga on Dec 10, 2009 5:51 PM

  I would go with Class.
  Read through this discussion:
  Needing Evidence on the Advantages of ABAP OO
  Class would provide you a flexibility of inheritance. E.g. if you want to use the same data selection with little modification in your other applications, you can inherit some other class form this class. Redefine the method, call the Super's method and change the output before sending back to the caller.
  Regards,
  Naimesh Patel

• Authorization check on Function module return values

  Hi,
  I have a tricky situation. In our BW implementation, many of the FI infoobjects are authorization relevent. One of the objects is 0COSTCENTER.  A user has been assigned with authorization profile, in which the user is authorised for COST CENTER = A* and #.  All planning templates were working nice.
  We were on SP 12 earlier, now we upgraded to SP 20. Now came a issue, the user gets error that user is not authroised for the data. After our analysis, we found nothing wrong as such, so contacted SAP. They came back with a root cause
  In my planning function, an ABAP function module is used. The function module returns a COSTCENTER value. This return value is then assigned to a variable, this variable is of type 0COSTCENTER.
  SAP said there was a bug in their own design. The bug was, if the cost center value is directly used in planning function for other calculations, it will throw an authorization error.  But, if the COST CENTEr value is given to a variable and that variable is used for other calculations,  it works fine. Thats why it worked for us earlier.
  Now, they have removed that bug, so variables are also checked against authorizations and they said we need to either change the code or give * for the COST CENTER authorization.
  So we have a problem. It is not straight forward to give * for COSTCENTER in FI BW implementation. SAP theory is that they cannot say which value the functional module will return. So they will check against ALL the values for COSTCENTER but not the authorised values.
  Has anyone seen this issue before? is it only specific to planning function or its just ABAP concept? Any suggesations to come out this problem?

  Bindu, thanks,
  The error is coming at the program compile level itself i.e. before executing the planning group itself. As per the F1 help on forumla editor and from their support, the system reads all the reference data,  So when it sees the function module and its export parameter, it captures all the data for COST CENTER as reference data.
  Thus even I am sure that the return value will be always authorized, the reference data is checked for the full authorization. Thus its failing

• Authorization to run function module

  I am facing a peculiar problem, We have 2 kinds of users in the system, one with debug display rights and other rights that a developer has, the second user has got authorization for TCODES and is a end user, i.e. Order-Delivery-Billing Rights.
  Now in the billing exit we have put a Function Module, which will do the some back end movement for the user. Now the dilemma is, the user with debug rights is able to do the transaction and the function module runs at the back end without the knowledge of the user, but when the end user runs the same T Code, the function module doesnu2019t run at the back end.
  How do I give authorization to the end user, so that function module runs in his ID even though he does not have debug rights, or what object has to be attached to the user??

  Execute the transaction SU53 just after run the program with the invalid user.
  This transaction shows yous what is the authoritation that is failed.
  Regards,

• ALV object in function module shows old data

  Hello,
  I create a function module with import parameter matnr.
  This function module calls a screen that displays an ALV with the whole info of matnr out of table mara.
  I include this in a program where a material can be selected. This is then input for the function module. Everything looks good for the first material. However when the function module is called for a second material I still see the ALV with the data of the previous material.
  When I debug the code I see that new data is selected and put on the alv (with method set_table_for_first_display)  but still I see the old ALV (which I free by the way in the exit of my function module...). It drives me crazy, what's the problem?
  <b>My function module:
  </b>
  FUNCTION ZJVB_TEST.
  *"*"Lokale interface:
  *"  IMPORTING
  *"     REFERENCE(I_MATNR) TYPE  MATNR
  g_matnr = i_matnr.
  call SCREEN 1979.
  ENDFUNCTION.
  <b>TOP include:</b>
  FUNCTION-POOL ZJVB_TEST.                    "MESSAGE-ID ..
  data: ok_code type sy-ucomm,
        container type ref to cl_gui_custom_container,
        alv type ref to cl_gui_alv_grid,
        g_matnr type matnr.
  *&      Module  STATUS_1979  OUTPUT
  *       text
  MODULE STATUS_1979 OUTPUT.
    SET PF-STATUS 'FMAIN'.
  *  SET TITLEBAR 'xxx'.
    if container is INITIAL.
      CREATE OBJECT CONTAINER
        EXPORTING
          CONTAINER_NAME              = 'CONTAINER'    .
      CREATE OBJECT ALV
        EXPORTING
          I_PARENT          = container.
      data: itab type TABLE OF mara.
      select *
        from mara
        into TABLE itab
        where matnr = g_matnr.
      CALL METHOD ALV->SET_TABLE_FOR_FIRST_DISPLAY
        EXPORTING
           I_STRUCTURE_NAME              = 'MARA'
        CHANGING
          IT_OUTTAB                     = itab.
    endif.
  ENDMODULE.                 " STATUS_1979  OUTPUT
  *&      Module  USER_COMMAND_1979  INPUT
  *       text
  MODULE USER_COMMAND_1979 INPUT.
    case ok_code.
      when 'BACK'.
        free container.
        free alv.
        LEAVE to SCREEN 0.
    ENDCASE.
  ENDMODULE.                 " USER_COMMAND_1979  INPUT
  <b>My program:</b>
  *& Report  ZJEROEN_ALV_FM
  REPORT  ZJEROEN_ALV_FM.
  data: ok_code type sy-ucomm,
        l_matnr type matnr.
  call SCREEN 1979.
  *&      Module  STATUS_1979  OUTPUT
  *       text
  MODULE STATUS_1979 OUTPUT.
    SET PF-STATUS 'MAIN'.
  *  SET TITLEBAR 'xxx'.
  ENDMODULE.                 " STATUS_1979  OUTPUT
  *&      Module  USER_COMMAND_1979  INPUT
  *       text
  MODULE USER_COMMAND_1979 INPUT.
  case ok_code.
    when 'BACK'.
      leave to screen 0.
    when 'CALL'.
        CALL FUNCTION 'ZJVB_TEST'
        EXPORTING
                  i_matnr = l_matnr.
  endcase.
  ENDMODULE.                 " USER_COMMAND_1979  INPUT
  Thx for helping,
  jeroen

  Hello,
  I found out that the container lifetime was the problem... When you create a container to put the ALV in the lifetime is set to default. Normally you never change this, I didn't mention it before I had the problem. But you have to change the lifetime to <your_instance_name>->lifetime_dynpro for instance my_container->lifetime_dynpro.
  Also check this helplink: http://help.sap.com/saphelp_nw04/helpdata/en/9b/d080b79fc111d2bd68080009b4534c/frameset.htm

• Authorization objects for MM module.

  Hi,
  I would like to download all the authorization objects realted to MM module.
  Please suggest work around if it not possible to do directly.
  Thanks,
  Rahul

  hi
  Go to T code SE81,select Material management and press information system,in the new screen select other objects (from the left side menu),in that double click on Authorization objects and execute
  regards
  thyagarajan

• Adding authorization object for "Function Group"s ?

  Is it possible to add any authorization object for any function group ?
  We have an issue i.e. whenever user "XYZ" is getting some Windows Excel related error whenever trying call an excel report from BW server. System log related to "XYZ" user shows that -> User "XYZ" has no RFC authorization for the function group "ABCD". The RFC authorization object is S_RFC.
  Function Group you can check through SE37->GoTO->Display Function Group
  Now is it possible to add authorization for any "Function Group" ?

  You give authorisation for all function groups by giving auth object S_RFC a * value in field RFC_NAME
  However I do not recommend this as giving wide access to RFC's can bypass a lot of the security you have implemented for the users.
  In this case, add only the function group that the user requires in this instance into S_RFC

• Is there any table for see  Authorization object for Function code?

  Hi,
  I am facing problem in finding autho. object for function code.
  My problem is, in tcode cor2 there is function Approval (in Menubar->process order->function->approval), I want to restrict this to some users.
  So is there any way or table to see function code's authorization object..
  Thanks...

  Hi ,
  I such scenario the best way is to run trace (ST01) and analyse to find used/missing authorization objects.
  Regards,

• Create a infocube object with function module

  Hi,
  Is it possible to create one infocube object via rfc call? If yes, could you pls give me an example how to do it? Many thanks.
  regards,
  Hai

  Hi Julian,
  I couldn't work out how to do this either, so I did it using the oracle.express.spl.SPLExecutor class and sending Express commands to create a program.
  Let me know if you want to see some sample code.
  Cheers,
  Mark...

• Link users - positions - roles - authorization objects

  Hi guys,
  I want to write a report that would link USERS to POSITIONS to ROLES and finally to AUTHORIZATION OBJECTS. The user would enter the SAP username in the selection screen and the report should extract all the information listed above.
  I am able to link the following:
  + Users to positions via function module RH_BRANCH_GET
  + Users to roles via table AGR_USERS
  + Roles to authorization objects via function module PRGN_1251_READ_FIELD_VALUES
  Unfortunately, I dont know how to link positions to roles
  Does anyone know how to do that?
  Also, is there a more efficient way, than the approach highlighted above, to complete this requirement
  Thanks for your time
  -TR

  Hi,
  you can find a link between role and HR object in table HRP1001. The field SOBID contains name of the role. You need to find way how to convert object ID into position role. Be careful about additional fields from that table.
  Cheers

• QM Authorization object

  Dear Friends,
  may i know what are the key  Authorization object in QM module
  like  plant,company code,inspection type ,status profile
  Thanks & Regards
  Rah

  Hi Raj,
  Table maintenance authorization       S_TABU_DIS
  Transaction authorization     Q_TCODE
  Material authorization     Q_MATERIAL
  Authorization objects for maintaining the master data:
  Catalog maintenance
  - code groups     
  Q_CAT_GRP
  - selected sets Q_CAT_SSET
  Insp. method based on status     Q_STA_QMTB
  Insp. charac. based on status     Q_STA_QPMK
  Inspection plan maintenance     Q_ROUT
  Plan characteristics according to
  plan type     Q_PLN_FEAT
  Authorizations for inspection processing:
  nsp. type for insp. lot      Q_INSPTYPE
  Usage of codes from catalogs
  - group codes     
  Q_GP_CODE
  - usage decision code Q_UD_CODE
  Inventory postings     Q_STCK_CHG
  Inspection completion     Q_INSP_FIN
  Change control charts     Q_SPC
  For Plant and Company code there are different authorization obj. are used for different purposes.
  e.g.
  M_MATE_WRK will be used for material master access at plant level.
  along with the Authorization Field as 'WERKS'
  M_MATE_BUK will be used for material master access at company code level
  along with the Authorizarion Field as 'BUKRS'
  While for Inspection type the Authorization obj. is Q_INSPTYPE
  Regards,
  Shyamal

• Where I Find the names of the functions modules?

  Hi,
  Someone help me? I need to know what table has the information about the functions modules,  functions group,description, etc.
  Thanks for your help.
  Maria C

  hi
  chk the table tadir.
  and check OBJECT = func ( function modules)
                                  fugt ( fn grp text)
                                  fugr  ( fun gr)
  table TFDIR for FMs.
  regards,
  madhu

• Authorization Object for Update Function Module

  Hi
  I have a Update Function Module and that FM should be executed based on the Authorization Object .
  I had created a Auth Object with Proper roled assigned to user and i also  did the following
  AUTHORITY-CHECK OBJECT <Obj Name>
             ID 'ACTVT' FIELD '38'.
  If Sy-subrc EQ 0.
  <Process the following>
  End IF.
  But the Auth Object is not working correctly like in the ebugging eventhough my role is not assigned to this Auth Object
  it is giving me sy-subrc as 0 (but in my case it must be not be zero.)
  Is it anything like Auth Object wont work on Update function Module or else is there any different approach we need to follow
  to acheive the functionality .
  Kindly share the inputs
  K.Nadesh Kumar

  Hi
  The issue is resolved
  K.Nadesh Kumar

• Function module to find users for given authorization object

  Hi Experts,
  I have to develop new report which display all the users who has authorization object  which is given by us. i need some function modules to make my program simple.
  Please help me on this..
  Thanks and regards,
  Raja

  Hi
  check the fun modules
  SUSR_BAPI_USER_PROFS_GET
  or check the tables
  AGR_USERS
  AGR_1252
  UST12
  AGR_PROF
  AGR_TCODES
  check the transactions PFCG and SSUIm and SU53 etc
  Regards
  Anji

• NO Authorization error when accessing Functional module RH_CUT_OBJECT

  Hi,
  I am getting NO AUTHORIZATIOn error when I am executing SE37-->FUNCTIONAL OBJECT-RH_CUT_OBJECT.
  I also checked SU53 screenshot which says AUTHORIZATION CHECK SUCCESSFUL and there are no errors or missing authorizations highlighted in SU53.
  I switched on the TRACE-ST01 then also the error is not captured.
  I would like to know WHY am I getting NO AUTHORIZATION error.
  I am already having access to T-CODE SE37, SE11, SE80, SMARTFORMS and authorization object S_DEVELOP.
  I need to know this ASAP on why I am getting NO AUTHORIZATION error when I am trying to access the FUNCTIONAL MODULE RH_CUT_OBJECT whereas I am having all the required authorization required for ABAP Developer including SE37.
  Is it something I need change at ABAP code level.
  Please advise ASAP.

  The reason is ..You do not have acess to see/acess the data this FM is trying to acess ...Debug the function module keep a breakpoint at The Raise statement see which authorization you do not have ....BTW this is my guess you are trying to demilit certain objects /infotypes using this FM and delimit basically makes that object non-usable in that system  .So it is quite evident that every one will not have authorization for that .Please post in detail that what is it that you are trying to achieve using this function module .....
  Also you can check with debugging  which authority object is being checked before raising the message and can ask security team to get that added to your profile ....
  Thanks,
  Anjaneya