Query : Authorization check for reports in report writer

Hello,
I want to secure reports created form report writer.
How can I give separate Authorization to users, so that they are restricted only to display or for changing or for creating.
Thank you in advance.

Hi Naveen,
Here is wonderful thread which can solve your issue.
Authorization in my report
Regards,
Ganesh
****Reward points if Helpful*****

Similar Messages

  • Re: Setting Authorization Check in Report Writer

    Hi,
    In ABAP Query or ABAP customized program, it is possible to set authorization object checking.
    In Report Writer, how can I do it?
    <REMOVED BY MODERATOR - REQUEST OR OFFER POINTS ARE FORBIDDEN>
    Thanks
    Edited by: Alvaro Tejada Galindo on Dec 26, 2008 10:59 AM

    Hi Colin,
    I would like to suggest,
    Creating an Authorization object & then using it in the report program is the preffered way.
    I would like to suggest a couple of references, quite similar to your issue,
    [SDN - Reference for using authorization checks at the report level|User authorisation check in ABAP-HR program;
    [SAP HELP - Standard Reference for Programming Autorization checks|http://help.sap.com/saphelp_nw04/helpdata/en/52/6712ac439b11d1896f0000e8322d00/frameset.htm]
    [SAP HELP - Standard Reference for Authorization checks|http://help.sap.com/saphelp_nw04s/helpdata/en/fc/eb3ba5358411d1829f0000e829fbfe/frameset.htm]
    Hope that's usefull.
    Good Luck & Regards.
    Harsh Dave

  • Query - Authorization Check for Material Details

    Hi Experts,
    I've got a requirement where I've to put authorization check in a number of transactions (standard as well as custom) which lead to material display some way or the other for specifc matarils (checking the authorization field). Few are for reports (may be interactive) as well. The need is to stop unauthorized people from getting access to the specifc material details such as dimensions (quantity,length, width, etc.).
    The first option would be to stop the user from viewing the material itself and showing some appropriate error message.
    The second option would be to make the above said details invisible in the screen for the specific matarials.
    The Authorization object is M_MATE_MAT.
    The Authorization field is BEGRU.
    The range of tcodes start from ME21, ME22, ME23, ME23N ...to MM01, MM02 etc. and a number of custom tcodes.
    What is the best way to achieve this? I guess I'd need to look for exits. Please suggest
    Thanks & Regards
    Pritam

    > I've got a requirement where I've to put authorization check in a number of transactions (standard as well as custom) which lead to material display some way or the other for specifc matarils (checking the authorization field). Few are for reports (may be interactive) as well. The need is to stop unauthorized people from getting access to the specifc material details such as dimensions (quantity,length, width, etc.).
    >
    > The first option would be to stop the user from viewing the material itself and showing some appropriate error message.
    >
    You can do this with authorization at transaction level.
    > The second option would be to make the above said details invisible in the screen for the specific matarials.
    >
    Invisible on the screen, you might need to consider the material screens user exit. I am not sure how your material master configured
    > The Authorization object is M_MATE_MAT.
    > The Authorization field is BEGRU.
    >
    > The range of tcodes start from ME21, ME22, ME23, ME23N ...to MM01, MM02 etc. and a number of custom tcodes.
    >
    > What is the best way to achieve this? I guess I'd need to look for exits. Please suggest
    All in all, you need user exits to have field level authorization and maintain authorizations at transaction level for the one you dont want to show anyone or to few

  • Create authorization check for a report

    Hi,
    I need to create an authorization check for a report. It means that I need to restrict the usage of the report to couple of users ( 'USER1' and 'USER2' ). How can I do that? I did read through a lot of threads regarding this piece got a bit confused and stuck while creating the authorization object.
    Say the report name is ZHR_TIMEABC.
    Can anyone explain how to create an authorization object and how are they tied to the object and call them in the abap code?
    Thanks in advance,
    VG

    Hi,
    Thanks. Here is my understanding, S_C_FUNCT calls a system generated function module to make an authority check. So, if different users say USER1 and USER2 have different authroization levels, defined in their user profile, just adding this piece code will take care of authroization check for the program OR do I need to take care of something else?
    If so, when do we need to create the authorization objects using SU20 and assign the group and follo this process? When do we use this approach ( lot of threads on authority check have mentioned this procedure)?
    Your inputs will be helpful to understand this concept.
    Thanks,
    VG

  • Constant Checking in Row Formula for Report Writer

    Dear All,
    Please advice what is the format to check a constant (string) in the row formula for Report Writer.
    Let's say if I want to check the cost center group -->
    If '&1KOSET' = 'ABC' then .... else......
    So, what is the format for ABC? Because if i put 'ABC' it will be treated as cell. But if i do not put the ' ', then i get system error.
    Thanks a million for your advice.
    Best Regards,
    CW

    Hi John Lee,
    The logic that you would want , can be implemented through a column set. That is, as per your logic written in the set, your column values differ.
    First in your set, keep your account number in the first set line. ie. 5000000.
    Then you enter the following formula in the second line of a set defined for a report column:
    IF u2018001u2019 > 5000000 THEN u2018001u2019 ELSE 0
    If the value in the first column (set line 001) is greater than 5000000, then this value displays in the second column; if the value in the first column is less than 1000, the value 0 displays in the second column.
    Revert if you need any additional help.
    Regards,
    Subin John

  • Profit center security for Report Writer reports

    We need to limit users access to profit center report writer reports.  We attempted to add values to security object K_PCA but this did not work.   I have heard there is a way to turn on objects for report writer checks but so far have been unable to figure out how this is done.

    Which release are you on and how have you defined the authorizations?
    If the st01 trace always returns 0 then chech the "reason code" (this is available since about 6 months).
    Manually you can check it in tcode auth_switch_objects if globally disabled for the client.
    Conversions to the new concept sometimes did this when they didn't want to use it.
    Retro-fitting is difficult because your hierarchies might be maintained in PROD but your roles in DEV.
    Tough call...

  • New set for Report Writer

    Hello,
    I am new to the Report Writer.  My understanding is that Report Writer makes use of pre-defined sets of financial objects.  My user wants to create new report group in Report Writer and add some new data which are currently in Z-table. Is this possible? Do we create a new set based on Z-table and then incorporate it in the new report?
    Please advise,
    Thanks
    Galina

    Hi Galina,
    No were SAP released document Z tables is support for report writer.
    moreever SAP recomonded to create reports by using report writer / painter for specific Tables only not for all standared tables.
    as i know not possible to use Z tables for report writer.
    still your business want A table data report, you can able to develop through ABAPer help.
    Refer: http://www.virtuosollc.com/PDF/Get_Reporter.pdf
    Regards,
    Viswa

  • Authorization check for select-options field - Company code.

    Hi experts,
    i have company code field on the report selection screen and i have to validate the authorization check for BUKRS.
    How to do authorization check for a select-options field?
    Any function modules used to write the authorization check for a SELECT-OPTIONS FIELD?
    Thanks.

    >
    RNB wrote:
    > Any function modules used to write the authorization check for a SELECT-OPTIONS FIELD?
    Does it hurt to type a few lines of code? Why do you need an FM for this my friend?
    Anyways can you please tell which SAP application area (viz. FI, SD etc.) do you want to run the report?
    Suhas

  • Authorization checks for PNP LDB

    question    : how to validate authorization checks for pnp logical database?
    2 nd question: hr report
    this report is basically for salary survey. in this i had so many fields can any body let me know how
    can i form the internal tables. and i have to display overall 150 fields in csv file for that
    how can i take in to the final internal table.
    what is the logic behind this:
    T71JPR09-JOBCODE
    PA0000-PERNR
    HRP1000-STEXT
    P0006-PSTLZ
    PA0008-ANSAL * 100 / PA0008-BSGRD
    PA0015-BETRG
    PA0761-LTEXT  WHERE PA0761-CPLAN = LTI PLAN PSU YEAR 1
    PA0761-GRADT  WHERE PA0761-CPLAN = LTI PLAN PSU YEAR 1
    PA0761-ZZGRANT WHERE PA0761-CPLAN = LTI PLAN PSU YEAR 1
    PA0761-LTEXT WHERE PA0761-CPLAN = LTI PLAN esu YEAR 1
    like that i had.
    please give me the steps how can i proceed.

    Hi,
    The PNP database will take care of authorization check. It will not execute if used does not have authorizations.
    Hope this helps.

  • How to turn off the authorization checks for a object in infoproviders?

    Hi - how can I turn off the authorization check for an object (ex: 0orgunit) in infoproviders?
    I have 0orgunit as an authorization-relevant object and is used in one of the cubes. When reports are run for this cube, this is causing authorization issues. The object is present in other cubes also but I have to remove or turn off the authorization check of this cube alone. How to do this? Please help.
    Thanks,
    Raj.

    Hi Raj,
    Srinivas, is right , however in BI7 the correct transaction is RSECADMIN and not RSADMIN.
    In BW3.5, use RSSM transaction to do thins.
    OR
    Go to transaction RSECAUTH ---> Choose  the authorization object that has been created for org unit(and has been assigned to the user). Go to change mode. Remove the cube from the dimension 0TCAIPROV
    If you are using old authorization concept in 3.5 or in 7.0
    Go to RSSM. In the checks for infoprovider, enter your infoprovider name. Choose change.Here you will see a checkbox to switch off the authorization.
    Hope this helps you,
    Best regards,
    Sunmit.

  • Authority Object? Authorization Check for Period

    We consolidated from R3 to SEM tax reporting. So we now are using a  different authority-check object. However, all of the parameters that were in the 'Authorization Check for Period' in R3 are not in SEM. Can you manually add parameters for to the authority-check. I am not even sure how to change or activate. Is this a Basis thing?
    To be honest I do not know what this object checks when processing. It cannot be debugged?
    I do not think my authorization level will be fully defined with the new object.
    Any suggestions?
              Thanks.
    *In old ERP we used*
    AUTHORITY-CHECK OBJECT 'E_CS_PERMO'
       ID 'PERMO' FIELD '1'   "Open period
       ID 'DIMEN' FIELD g_dimen
       ID 'RVERS' FIELD g_rvers
       ID 'BUNIT' DUMMY
       ID 'CONGR' FIELD g_congr.
    In new SEM system we now need to use:
    AUTHORITY-CHECK OBJECT 'R_UC_PERIO'
               ID 'ACTVT'     FIELD 'PA'          "open period
               ID 'CONS_AREA' FIELD g_congr.
              ID 'TASK_FLD1' FIELD '__________'
              ID 'TASK_FLD2' FIELD '__________'
              ID 'TASK_FLD3' FIELD '__________'
              ID 'TASK_FLD4' FIELD '__________'
              ID 'TASK_FLD5' FIELD '__________'
              ID 'TASK_FLD6' FIELD '__________'
              ID 'TASK_FLD7' FIELD '__________'
              ID 'TASK_FLD8' FIELD '__________'.

    Resolved issue.

  • How can I remove this extra authorization check for dynamic parameters

    Hello expert,
           I created a new dynamic hirarchical parameters as " client-->policy" in crystal report.   these parameter value are coming from a physical table.  the other part of report extract data by a oracle procedure. when I ran this report in client, it is ok for everything. but when I schedule it or run it in infoview,  I need extra authorization for access these dynamic parameter, eventhough this is not for accessing other parameters.  How can I remove this extra authorization check for dynamic parameters?

    Hi
    Open the crystal designer  Edit the parameter In the prompt window at the existing option you can find the LOV name.
    Open the Business view manager and find that prompt name in u201CRepository Exploreru201D window and select that parameter  right click that parameter  Select edit rights  provide rights for your user name in that window.
    --Naga

  • Authorization check For T code

    Hi everyone,
    Can anybody guide to set a  authorization check  for a particular Tcode.
    I have ztable where users are assigned particular numbers.
    I want the users who are assigned some numbers should be able to use this particular t code
    Thanks in advance

    hi
    chk this out
    AUTHORITY-CHECK
    Basic form
    AUTHORITY-CHECK OBJECT object
        ID name1  FIELD f1
        ID name2  FIELD f2
        ID name10 FIELD f10.
    Effect
    Explanation of IDs:
    object
    Field which contains the name of the object for which the authorization is to be checked.
    name1 ...
    Fields which contain the names of the
    name10
    authorization fields defined in the object.
    f1 ...
    Fields which contain the values for which the
    f10
    authorization is to be checked.
    AUTHORITY-CHECK checks for one object whether the user has an authorization that contains all values of f (see SAP authorization concept).
    You must specify all authorizations for an object and a also a value for each ID (or DUMMY).
    The system checks the values for the IDs by AND-ing them together, i.e. all values must be part of an authorization assigned to the user.
    If a user has several authorizations for an object, the values are OR-ed together. This means that if the CHECK finds all the specified values in one authorization, the user can proceed. Only if none of the authorizations for a user contains all the required values is the user rejected.
    If the return code value in SY-SUBRC is 0, the user has the required authorization and may continue.
    The return code value changes according to the different error scenarios. The return code values have the following meaning:
    4
    User has no authorization in the SAP System for such an action. If necessary, change the user master record.
    8
    Too many parameters (fields, values). Maximum allowed is 10.
    12
    Specified object not maintained in the user master record.
    16
    No profile entered in the user master record.
    24
    The field names of the check call do not match those of an authorization. Either the authorization or the call is incorrect.
    28
    Incorrect structure for user master record.
    32
    Incorrect structure for user master record.
    36
    Incorrect structure for user master record.
    If the return code value is 8 or 24, inform the person responsible for the program. If the return code value is 4, 12, 16 or 24, consult your system administrator if you think you should have the relevant authorization. In the case of errors 28 to 36, contact SAP because authorizations have probably been destroyed.
    Individual authorizations are assigned to users in their respective user profiles, i.e. they are grouped together in profiles which are stored in the user master record.
    Note
    Instead of ID name FIELD f, you can also write ID name DUMMY. This means that no check is performed for the field concerned.
    The check can only be performed on CHAR fields. All other field types result in 'unauthorized'.
    Example
    Check whether the user is authorized for a particular plant. In this case, the following authorization object applies:
    Table OBJ: Definition of authorization object
    M_EINF_WRK
       ACTVT
       WERKS
    Here, M_EINF_WRK is the object name, whilst ACTVT and WERKS are authorization fields. For example, a user with the authorizations
    M_EINF_WRK_BERECH1
       ACTVT 01-03
       WERKS 0001-0003 .
    can display and change plants within the Purchasing and Materials Management areas.
    Such a user would thus pass the checks
    AUTHORITY-CHECK OBJECT 'M_EINF_WRK'
        ID 'WERKS' FIELD '0002'
        ID 'ACTVT' FIELD '02'.
    AUTHORITY-CHECK OBJECT 'M_EINF_WRK'
        ID 'WERKS' DUMMY
        ID 'ACTVT' FIELD '01':
    but would fail the check
    AUTHORITY-CHECK OBJECT 'M_EINF_WRK'
        ID 'WERKS' FIELD '0005'
        ID 'ACTVT' FIELD '04'.
    To suppress unnecessary authorization checks or to carry out checks before the user has entered all the values, use DUMMY - as in this example. You can confirm the authorization later with another AUTHORITY-CHECK

  • No Authorization check for MultiProvide (S_RS_MPRO)

    Hello Every body
    We have a problem regarding the authorization check for MultiProviders. We have assigned the auth. object S_RS_MPRO to a user for one specific MultiProvider. We have also turned on the settings for "MultiProvider" and "MultiPro. (Query) in IMG.
    Unfortunately the user has access to all the MultiProviders. We have traced the user and have found out, that there is no authorization check for the MultiProviders.
    We have tried to remove the settings mentioned above and use “InfoCube (Query)” setting instead in conjunction with S_RS_ICUBE. No luck here neither.
    One thing that could be important to mention is that the Settings for "MultiProvider" and "MultiPro. (Query) in IMG has been implemented before the object has been assigned to a user.
    For that We removed the settings from all Roles, and then we assigned the object to a user, and at last we activated the settings for "MultiProvider" and "MultiPro. (Query) in IMG. No luck here neither.
    Bottom line is that the system does not check for S_RS_MPRO
    Any kind of suggestion would be appreciated
    /FZA
    SAP_BW 350
    SP 12
    BI_CONT 353
    PI_BASIS 2004_1_640

    0.820 BW-BEX-OT-OLAP-AUT 619778 No check of S_RS_ICUBE for Multiprovider 16.10.2003
    2. 0.800 BW-WHM-DST-AUT 626385 Multiprovider: Authorization in query fails 07.10.2003
    3. 0.790 BW-BEX-OT-OLAP-AUT 662617 Activity is 'Change', but only 'Display' is checked 07.01.2004
    4. 0.760 BW-WHM-DST-AUT 626574 MultiProvider authorization check during query 17.10.2003
    5. 0.760 BW-WHM-DBA-MPRO 520588 New authorization object S_RS_MPRO 05.11.2003
    6. 0.750 BW-WHM-DST-AUT 736996 Authorization check performed on S_RS_MPRO 28.06.2004
    7. 0.700 BW 693363 SAPBWNews BW SP03 NW'04 Stack 03 RIN 22.04.2005
    8. 0.690 BW 692636 SAPBWNews BW SP02 NW'04 Stack 02 RIN
    hallo
    Please have allok at the mentioned OSS note
    Mike

  • Authorization Check for Special Stock Indicator in IE02

    Dear Gurus,
    Would like to check with you if there is an authorization check for change in Special Stock Indicator in IE02-SerData Tab?
    For example, the User will only be allowed to change the Special Stock Indicator only to "E" - Sales Order.
    Would appreciate your help.
    Thanks.

    Hi,
    This cannot be done by using standard auth object. Standard SAP doesnt support control via this field.
    Take help of your ABAP team and create an customized authorization object "Z_OBJECT" with field SOBKZ and which check these field value in table EQBS. Assign this auth object to role and profile you want.
    Use the user exit IEQM0003 Additional checks before equipment update. Give a logic to check auth object when while using equipment change tcode.

Maybe you are looking for

  • SALES ORDER WISE PAYMENT DETAILS

    Hi All, I have requirement to drill down payments against sales orders. Is there any standard report available in standard SAP OR Any BAPI available to do make Z report. Regards SumaMani

  • In app purchase is not working

    I recently made an in app purchased in game Infinity Blade II but it doent seems to work so I want my money back. Item Developer Type Unit Price Infinity Blade II, Bag of 150,000 Gold Report a Problem Chair Entertainment Group In App Purchase $4.99 I

  • Disable Window keys ALT+TAB, CTRL+ALT+DEL

    Hello i am developing an application in which i need to catch the ALT+TAB and CTRLALT+DEL key events and handle it in my own way. The default action of showing the next window or the task manager should not take place. In the event handler i have giv

  • Multi data providers (oracle DB and Excel file) in one BO report

    I have to create one BO report. There is one Excel file, with Type, type_ID,(each type has many different type_ids), eg type                 type_id IHEI                  IHEI121 IHEI                  IHEI132 IHEI                  IHEI212 IHDI       

  • Help with actionscripting multiple drop-down menus

    So I have 3 different drop down menus that I want to use, and I want them to all work together so that if I have drop down menu number one open, the 2nd menu will drop down while the 1st one is still down. (I'm using Flash cs3) Here are some screen s