How to check which privileges user is using

Similar Messages

• How to get List of SharePoint Groups to which Current Users belongs using Javascript ?

  How to get List of SharePoint Groups to which Current Users belongs using JavaScript? Not JSOM

  Here is the code that worked for me:
  var userid= _spPageContextInfo.userId;
    var requestUri = _spPageContextInfo.webAbsoluteUrl + '/_api/web/CurrentUser/Groups?$select=Id,Title';
  alert(requestUri);
    var requestHeaders = { "accept" : "application/json;odata=verbose" };
    $.ajax({
      url : requestUri,
      contentType : "application/json;odata=verbose",
      headers : requestHeaders,
      success : onSuccess,
      error : onError
    function onSuccess(data, request){
  var s='';
   for (var i = 0; i < data.d.results.length; i++)
  s +=data.d.results[i].Title+'\n';
      alert(s);
    function onError(error) {
      alert("error");

• How to check if the user has only the display authority of a message

  hi,
  How to check if the user has only the display authority of a message but does not have the change authority for a certain message?
  Best regards,

  hi blake
  though i am an application consultant and for authorisation u need to have help of BASIS person if u r not the one but still i can guide u regarding the same,
  Basically Authorization Management 
  Use
  You can use the following authorization objects to control the authorizations for maintaining business partner data:
  •        Authorization objects for the Business Partner:
  •     &#61601;        B_BUPA_GRP
  •     &#61601;        B_BUPA_ATT
  •     &#61601;        B_BUPA_FDG
  •     &#61601;        B_BUPA_RLT•       
  Authorization objects for relationships:
  •     &#61601;        B_BUPR_BZT
  •     &#61601;        B_BUPR_FDG
  In addition, you can assign an authorization group to a business partner in the dialog. The authorization group controls which users may maintain data for this business partner.
  You can also define authorizations for fields and field groups using the Business Data Toolset (BDT). Depending on the settings you have made, the system carries out the relevant authorization checks.
  In the dialog in the SAP GUI, you can display an overview of the authorizations assigned to you by pressing the button Settings.
  For more information on authorization management, see the Implementation Guide (IMG) of the Business Partner, as well as in the Developer’s Handbook for the BDT under  Authorizations.
  IntegrationAuthorization management for the Business Partner forms part of the  SAP authorization concept.
  Prerequisites
  You have made the necessary settings in Customizing of the Business Partner under Basic Settings--> -Address Management.
  Moving over
  AS ABAP Authorization Concept 
  The ABAP authorization concept protects transactions, programs, and services in SAP systems from unauthorized access. On the basis of the authorization concept, the administrator assigns authorizations to the users that determine which actions a user can execute in the SAP system, after he or she has logged on to the system and authenticated himself or herself.
  To access business objects or execute SAP transactions, a user requires corresponding authorizations, as business objects or transactions are protected by authorization objects. The authorizations represent instances of generic authorization objects and are defined depending on the activity and responsibilities of the employee. The authorizations are combined in an authorization profile that is associated with a role. The user administrators then assign the corresponding roles using the user master record, so that the user can use the appropriate transactions for his or her tasks.
  Authorization Checks 
  To ensure that a user has the appropriate authorizations when he or she performs an action, users are subject to authorization checks.
  The following actions are subject to authorization checks that are performed before the start of a program or table maintenance and which the SAP applications cannot avoid:
  •        Starting SAP transactions (authorization object S_TCODE)
  •        Starting reports (authorization object S_PROGRAM)
  •        Calling RFC function modules (authorization object S_RFC)
  •        Table maintenance with generic tools (S_TABU_DIS)
  Checking at Program Level with AUTHORITY-CHECK
  Applications use the ABAP statement AUTHORITY-CHECK, which is inserted in the source code of the program, to check whether users have the appropriate authorization and whether these authorizations are suitably defined; that is, whether the user administrator has assigned the values required for the fields by the programmer. In this way, you can also protect transactions that are called indirectly by other programs.
  AUTHORITY-CHECK searches profiles specified in the user master record to see whether the user has authorization for the authorization object specified in the AUTHORITY-CHECK. If one of the authorizations found matches the required values, the check is successful.
  Starting SAP Transactions
  When a user starts a transaction, the system performs the following checks:
  •        The system checks in table TSTC whether the transaction code is valid and whether the system administrator has locked the transaction.
  •        The system then checks whether the user has authorization to start the transaction.
  The SAP system performs the authorization checks every time a user starts a transaction from the menu or by entering a command. Indirectly called transactions are not included in this authorization check. For more complex transactions, which call other transactions, there are additional authorization checks.
  •     &#61601;        The authorization object S_TCODE (transaction start) contains the field TCD (transaction code). The user must have an authorization with a value for the selected transaction code.
  •     &#61601;        If an additional authorization is entered using transaction SE93 for the transaction to be started, the user also requires the suitable defined authorization object (TSTA, table TSTCA).
  If you create a transaction in transaction SE93, you can assign an additional authorization to this transaction. This is useful, if you want to be able to protect a transaction with a separate authorization. If this is not the case, you should consider using other methods to protect the transaction (such as AUTHORITY-CHECK at program level).
  •        The system checks whether the transaction code is assigned an authorization object. If so, a check is made that the user has authorization for this authorization object.
  The check is not performed in the following cases:
  You have deactivated the check of the authorization objects for the transaction (with transaction SU24) using check indicators, that is, you have removed an authorization object entered using transaction SE93. You cannot deactivate the check for objects from the SAP NetWeaver and HR areas.
  This can be useful, as a large number of authorization objects are often checked when transactions are executed, since the transaction calls other work areas in the background. In order for these checks to be executed successfully, the user in question must have the appropriate authorizations. This results in some users having more authorization than they strictly need. It also leads to an increased maintenance workload. You can therefore deactivate authorization checks of this type in a targeted manner using transaction SU24.
  •     &#61601;        You have globally deactivated authorization objects for all transactions with transaction SU24 or transaction SU25.
  •     &#61601;        So that the entries that you have made with transactions SU24 and SU25 become effective, you must set the profile parameter AUTH/NO_CHECK_IN_SOME_CASES to “Y” (using transaction RZ10).
  All of the above checks must be successful so that the user can start the transaction. Otherwise, the transaction is not called and the system displays an appropriate message.
  Starting Report Classes
  You can perform additional authorization checks by assigning reports to authorization classes (using report RSCSAUTH). You can, for example, assign all PA* reports to an authorization class for PA (such as PAxxx). If a user wants to start a PA report, he or she requires the appropriate authorization to execute reports in this class.
  We do not deliver any predefined report classes. You must decide yourself which reports you want to protect in this way. You can also enter the authorization classes for reports with the maintenance functions for report trees. This method provides a hierarchical approach for assigning authorizations for reports. You can, for example, assign an authorization class to a report node, meaning that all reports at this node automatically belong to this class. This means that you have a more transparent overview of the authorization classes to which the various reports are transported.
  You must consider the following:
  •     •         After you have assigned reports to authorization classes or have changed assignments, you may have to adjust objects in your authorization concept (such as roles (activity groups), profiles, or user master records).
  •     •         There are certain system reports that you cannot assign to any authorization class. These include:
  •     •         RSRZLLG0
  •     •         STARTMEN (as of SAP R/3 4.0)
  •     •         Reports that are called using SUBMIT in a customer exit at logon (such as SUSR0001, ZXUSRU01).
  •     •         Authorization assignments for reports are overwritten during an upgrade. After an upgrade, you must therefore restore your customer-specific report authorizations.
  Calling RFC Function Modules
  When RFC function modules are called by an RFC client program or another system, an authorization check is performed for the authorization object S_RFC in the called system. This check uses the name of the function group to which the function module belongs. You can deactivate this check with parameter auth/rfc_authority_check.
  Checking Assignment of Authorization Groups to Tables
  You can also assign authorization groups to tables to avoid users accessing tables using general access tools (such as transaction SE16). A user requires not only authorization to execute the tool, but must also have authorization to be permitted to access tables with the relevant group assignments. For this case, we deliver tables with predefined assignments to authorization groups. The assignments are defined in table TDDAT; the checked authorization object is S_TABU_DIS.
  You can assign a table to authorization group Z000. (Use transaction SM30 for table TDDAT) A user that wants to access this table must have authorization object S_TABU_DIS in his or her profile with the value Z000 in the field DICBERCLS (authorization group for ABAP Dictionary objects).
  please See also:
  •        SAP Notes 7642, 20534, 23342, 33154, and 67766
  guess this info will help you,there is one graphic which actually explain the hierarchy of authorisation,i will find some time out to let u know more info about the authorisation
  but if u sit with ur BASIS guy then u can learn lot of things in PFCG
  i guess u r a basis guy,then its not a problem
  best regards
  ashish

• How to check which version of hyperic is installed , hyperic 32 bit or 64 bit version on solaris

  how to check which version of hyperic is installed , hyperic 32 bit or 64 bit version on solaris

  If you have only a single home, the quickest/easiest way is probably just to check the properties of %ORACLE_HOME%\odp.net\bin\2.x\oracle.dataacess.dll
  Or are you asking how to check it at runtime?
  If you want to see externally what is actually loaded by an app you can use process explorer
  http://technet.microsoft.com/en-us/sysinternals/bb896653.aspx
  If you want to check it in the app itself:
  http://stackoverflow.com/questions/383686/how-do-you-loop-through-currently-loaded-assemblies
  Hope it helps,
  Greg

• How can check which patch install in oracle 10g

  hi experts,
  i have use oracle 10g , i hv patch information but how can check which patch install ?

  Run following command , it will give you list of patches installed on Oracle Home
  cd ORACLE_HOME/OPatch
  opatch lsinventory
  For patchset and CPU patch , check/query DBA_REGISTRY_HISTORY
  Virag

• How to check granted privileges on role.

  Hi,
  Can any one explain how to check granted privileges on role.
  I have created one role called ALL_SYSPRIVS
  but I forgot what privileges granted to this role
  Thank you...

  Hi Vijay,
  Last week i saw the following thread:
  Finding the privileges assigned to a user
  Re: Finding the privileges  assigned to a user
  From there, you'll be able to find a few scripts that will provide you with an overview of grants assigned to user, or role....
  HTH,
  Thierry

• How to select which RFC USERS have been accessed my host ?

  Hi, guru
  how to select which RFC USERS have been accessed my host ?
  or how to record the RFC users's trace ?
  because the auditor wants to know it.
  Best regards,
  Michael

  how to select which RFC USERS have been accessed my host ?
  did you check ST03N->User profile ?
  or how to record the RFC users's trace ?
  Check ST01 for system trace.

• How to check the privileges assigned to a role

  Hi All,
  Can you please let me know how to check the privileges assigned to a role in Oracle?
  When I query the dba_tab_privs it says no rows returned.
  Please help..
  Regards,
  Dan

  user9212851 wrote:
  Can you please let me know how to check the privileges assigned to a role in Oracle?
  When I query the dba_tab_privs it says no rows returned.
  When you've checked the manuals and identified the views suggested by other posters you will find that it's still not a trivial problem since a role may be granted to another role - which means you need to do some recursion to uncover all the privileges available to a role.
  Pete Finnigan - who specialises in Oracle security - published some appropriate scipts a few years ago; they are probably still relevant. Here's a starting link: http://www.petefinnigan.com/weblog/archives/00001243.htm
  Regards
  Jonathan Lewis

• How to Check when the user is connected to different desktop.

  How to Check when the user is connected to different desktop.Sometimes the user maynot see the theme in the personalize theme list. In that case the person must be using different kind of desktop.How to check, I need a path.And how to apply the theme to that user?
  Thanks,
  Paturi

  Hi,
  you can create the new portal desktop from
  System Administration => Portal display => Desktop and Display Themes
  Select your folder from Portal Content and from its context create new Desktop.
  Add The Framework page and the theme to this desktop page.
  Go to your folder from Portal Content and from the context of the framework page select add framework page to portal desktop.
  Adding Theme to desktop
  From Portal content select Theme folder and select the theme right click it and select Add theme to Portal Desktop.
  Create rule for the Desktop.
  Navigate to System Administration => Portal Display => Desktop and Display Themes Portal Content => Portal Administrators => Super Administrators =>main_rules.
  Click Add IF Expression.
  create the expression if user = xyz then click on apply
  Select the then clause of the if and navigate to your folder where Desktop is created ,Add it and Click Apply.
  Save the Changes to the rule.
  Hope it helps you.
  (reward points if its helpful)
  Thanks,
  Gunjan

• How to check if column_ name is used by any procedure ,package ,function

  Hello
  Help Is greatly appreciated .
  Kindly please let me know for the folllwoing:
  How to check if column_ name is used by any procedure ,package ,function ,trigger or in any dataabse objects

  >
  How to check if column_ name is used by any procedure ,package ,function ,trigger or in any dataabse objects
  >
  In general you can't. Code can always exist outside the database and it is always possible that you have dynamic code and there is no way to find references like that if used by dynamic code. That dynamic code reference could be based on a query stored in a table.
  And there is no way of knowing if external code (e.g. a Java app) references that column.
  Another issue is that a column could exist in multiple schemas and in multiple objects of different types in those schemas. So a global DB search for 'MY_COLUMN' might turn up references in multiple schemas and you may only care about one schema.
  Unfortunately a reference to 'MY_COLUMN' in code could refer to many different objects or to an object in different schemas so how would you resolve those? Especially if you take synonyms into account which can ponit about anywhere.
  Why don't you tell us what it is you are really trying to do?
  Are you trying to find the references to a particular column? Why? Are you planning on removing/renaming the column? If so then the simplest way is to remove/rename the column and see what objects become invalid. Those invalid objects will have become invalid because that column is no longer available.
  As suggested you can use DBA_SOURCE for references in code that use the standard names. But for tables/views you need to use all_tab_columns. And for dynamic code or client code (e.g. a Java application) there is no way.

• How do I setup multiple users to use one source but manage playlists separately?  For example, play counts are specific to each user.

  How do I setup multiple users to use one source but manage playlists separately?  For example, play counts are specific to each user.

  Hi,
  Thank you for posting in Windows Server Forum.
  Here adding to the words of “Tim”, a forwarder is a DNS server on a network used to forward DNS queries for external DNS names to DNS servers outside of that network. You can also forward queries according to specific domain names using conditional forwarders.
  A DNS server on a network is designated as a forwarder by having the other DNS servers in the network forward the queries they cannot resolve locally to that DNS server. You can refer information regarding forwarders and how to configure from beneath link.
  Understanding forwarders
  http://technet.microsoft.com/en-us/library/cc782142(v=ws.10).aspx
  Configure a DNS Server to Use Forwarders
  http://technet.microsoft.com/en-us/library/cc754941.aspx
  Hope it helps!
  Regards.

• How to identify Which function modules are used in the planning area?

  Hi all,
  there are couple of function module derviation is used to derive the calendar year, month, fiscal period etc.
  But how to identify which function module is used in which planning area?
  I cant find out from the where used list from function modules?
  Thanks
  pooja

  Hi Pooja,
  Go to characteristic relationship tab,click on detail icon on extreme left of the derivation,there you will get the name and the details of function module used for derivation.
  Regards,
  Indu

• How to findout which Tibco adaptor is used in our system?

  Hi All,
  In our system ,which is a Java enterprise application ,Tibco adaptor is used to connect to the database.
  That adaptor is going to be upgraded. I would like ot do a technical research on that. But im new to the system.
  Could anyone help me ,how to findout which Tibco adaptor is used in our system?
  Thanks in advance.
  Ameena

  There's nothing stopping you from using the generated sequence for something else, however you can NOT override it when doing an insert (as long as you've specified ALWAYS which is the default).
  SQL> create table t
    2  (some_id number generated as identity
    3  ,name varchar2(30)
    4  );
  Table created.
  SQL> select * from user_sequences;
  SEQUENCE_NAME
  ISEQ$$_91970
  SQL> select ISEQ$$_91970.nextval from dual;
               NEXTVAL
                     1
  SQL> select ISEQ$$_91970.nextval from dual;
               NEXTVAL
                     2
  SQL> insert into t values (99,'smith');
  insert into t values (99,'smith')
  ERROR at line 1:
  ORA-32795: cannot insert into a generated always identity column

• How to check the unused users in portal.

  Hi Guru,
  We are doing auditing in Portal server.Can any tell us
  How to check the unused users in portal?.
  Regards,
  Vivek

  Use portal activity reporting  for monitoring the users. This way you can monitor the users in the portal who logged on to the portal.
  Below are things you can monitor from portal activity report iview
  1) number of users logged on during the period of time.
  2) Details of the users who logged on
  3) monitoring particular iview/page
  Check the below threads for more help
  http://help.sap.com/saphelp_nw04s/helpdata/en/47/87329cc84a199ce10000000a42189d/frameset.htm
  http://help.sap.com/saphelp_nw04s/helpdata/en/47/87346dc84a199ce10000000a42189d/frameset.htm
  Raghu

• I can't access my itunes account because my aol account is not active, how do i change my user name using gmail?

  I can't access my itunes account because my aol account is not active, how do i change my user name using gmail?
  I need to change my itunes user name to [email protected] instead of [email protected] AOL account is not active anymore.
  Thanks

  Chill out guys. Clare, I suggest that you try this link below. It might be possible taht the email you are using is not what your Apple ID should be:
  How to Recover Your Apple ID
  http://support.apple.com/kb/HE34
  Recovering a forgotten iTunes Store account name
  http://support.apple.com/kb/HT1920