Regarding Authority check for V_VTTK_SHT  in one exit

Similar Messages

• Authority-check for a particular company code

  Hi,
     I need to check authorization for a particular company code.In my bdc call transaction program i'm fetching mass data from excel file and for every record i've to check the company code field.If the company code is not the required one then that record should not be processed.
    So before filling the bdc data i wrote like
  LOOP AT gt_inrec INTO gs_inrec.
       AUTHORITY-CHECK OBJECT 'F_BKPF_BUK'
                 ID 'ACTVT' field '02'
                 ID 'BUKRS' field '2800'.
      IF NOT sy-subrc = 0.
        MESSAGE e058(zz) WITH gs_inrec-bukrs.
        EXIT.
      ENDIF.
       PERFORM fill_bdc.
    ENDLOOP.
  but it is not exiting for different company codes and is allowing records with all company codes.
  can anybody pls tell me how to rectify this?
  thanks in advance,
  poornima

  I need to perform authority check on the field NAME1 present in the standard screen - customer master ( T.Code-XD02). Only certain users should be allowed to edit the field and others should be restricted.
  I have created a field exit FIELD_EXIT_AD_NAME1 for the ADRC-NAME1 field.
  Now inside this field exit i need to write the authority-check code.
  I have created the authorisation object Z_KNA1_NAM for the field NAME1 using the SU20 and SU21.
  For this scenario how do i write the authority-check code in my field exit?
  Below is my field exit code,is that correct?
  FUNCTION FIELD_EXIT_AD_NAME1.
  ""Local Interface:
  *" IMPORTING
  *" REFERENCE(INPUT)
  *" EXPORTING
  *" REFERENCE(OUTPUT)
  AUTHORITY-CHECK OBJECT 'Z_KNA1_NAM'
  ID 'NAME1' FIELD SY-UNAME
  ID 'ACTVT' FIELD '03'.
  IF SY-SUBRC = 0.
  MESSAGE 'Not Allowed to Edit the Name 1 Field' TYPE 'E'.
  ENDIF.
  ENDFUNCTION.
  In the above code i have given SY-UNAME in the code line 2 - ID 'NAME1' FIELD SY-UNAME ,is that correct? what should i give there?
  Please help me on this issue.
  Cheers,
  P.S.Chitra

• Authority-Check for Sales Document Type

  Hi All...
  I would like to incorporate Authority-Chack for the field Sales Document Type "TVAK-AURT"...
  Can any one give me the sample code or exact code..?
  I have written Authority-check for Sales Organization as follows...
  authority-check object 'V_VBAK_VKO'
                   id 'VKORG' field i_sales-vkorg
                   id 'VTWEG' field '00'
                   id 'SPART' field '00'
                   id 'ACTVT' field '03'.
          if sy-subrc ne 0.
          delete i_sales.
  BUT HOW TO WRITE FOR V_VBAK_AAT..??

  Please check object: <b>V_VBAK_AAT</b> for the same.
  EG:
  authority-check object 'V_VBAK_AAT'
  id 'AUART' field L_AUART
  id 'ACTVT' field '03'.
  Kind Regards
  Eswar
  Message was edited by: Eswar Rao  Boddeti

• AUTHORITY-CHECK for KUNNR

  Hi,
  I am new in core abap. For my report i have to do AUTHORITY-CHECK for kunnr. I am not finding any suitable object to use. kIndly suggest.
  Currently i am using the following code.
    UNPACK p_kunnr TO ws_werks.
    AUTHORITY-CHECK OBJECT 'M_MSEG_WWE'
             ID 'ACTVT' FIELD '01'
             ID 'WERKS' FIELD ws_werks.
  But this is giving dump in case KUNNR contains some alphabets because of type mismatch. Kindly suggest how can i achieve the same.
  Regards,
  Pankaj Aggarwal

  Don't use a WERKS authorization for KUNNR, did you foresee the problems that may will arise when you will manage the user authorisations and roles, this authorization is checked in many standard programs on WERKS fields.
  - SU20 - Create an authorization field with data element KUNNR and check table KNA1 (or use template KNDNR, look via SE16 at table AUTHX look for authorization fields using KNA1 as a control table)
  - SU21 - Create an authorization object in a Z-customer class which use this field and the ACTVT field (template W_AUFT_RMB)
  - Use the new object in your program
  - Give the object name to those who manage roles via PFCG
  Perform some search on subject like [Creating a Customer-Specific Authorization Object|http://help.sap.com/saphelp_ish471/helpdata/EN/9e/74ba3bd14a6a6ae10000000a114084/frameset.htm]
  Look also at some authorization objects like BRGRU which were intended to manage groups of customers.
  Regards,
  Raymond

• AUTHORITY-CHECK for an defined USER

  Hi,
  i write a abap (protokol) which shell be started every hour. In this report i will use
  an AUTHORITY-CHECK for an defined user, because i will send the protokol via email, but i have
  to check if this user is allowed to see the data.
  I will use this:
  AUTHORITY-CHECK OBJECT 'F_LFA1_BEK'
  ID 'BRGRU' FIELD '__________'
  ID 'ACTVT' FIELD '__________'.
  for an defined user.
  Is this possible, or how can i check this in another way?
  Thanks.
  Regards, Dieter

  Hi Eric,
  i tried it like this:
  UTHORITY-CHECK OBJECT 'F_LFA1_BEK'
           ID 'BRGRU' FIELD 'KRED'
           ID 'ACTVT' FIELD '03'.
  BREAK-POINT.
  CALL FUNCTION 'AUTHORITY_CHECK'
    EXPORTING
    NEW_BUFFERING             = 3
    USER                      = SY-UNAME
      OBJECT                    = 'F_LFA1_BEK'
      FIELD1                    = 'BRGRU'
      VALUE1                    = 'KRED'
      FIELD2                    = 'ACTVT'
      VALUE2                    = '03'
  EXCEPTIONS
     USER_DONT_EXIST           = 1
     USER_IS_AUTHORIZED        = 2
     USER_NOT_AUTHORIZED       = 3
     USER_IS_LOCKED            = 4
     OTHERS                    = 5.
  BREAK-POINT.
  at first breakt-point sy-subrc = 0 at second sy-subrc = 2. Can you tell why i get another sy-subrc?
  is my FM-Call correct?
  thanks.
  Regards, Dieter

• How to make Authority Check for ALVGrid?!

  Hey mates,
  i got the problem which is mentioned in the headline. How can i make an authority check for my ALVGrid? I mean i want to restrict special functions to the matching users ( Display, Edit, Delete mode ).
  Would be cool if someone can help
  Regards Basti

  Hello Bastian
  A simple approach would be to define three different transactions (e.g. Z_MYALV01, Z_MYALV02, Z_MYALV03) for editing/deleting, editing only and displaying only. Add the following coding to the report displaying your ALV grid:
    CASE syst-tcode.
      WHEN gc_tcode_create.    " 01
        " Allow all grid functions
      WHEN gc_tcode_change.  " 02
        " Suppress grid functions for deleting rows
      WHEN gc_tcode_display.  " 03
        " Suppress grid functions for editing/deleting
      WHEN others.
        RETURN.
     ENDCASE.
  Regards
    Uwe

• I have a box that will not go away, it says,  "To open JavaApplication, you need to install a Java SE 6 runtime.  Would you like to check for and install one?  If i push not now, it keeps popping up, if I push install, it says it's not available, help.

  I have a dialogue box that will not go away and it seems to have started when I upgraded to Mt. Lion.  the box says, "To open JavaApplication, you need to install a Java 6 SE runtime.  Would you like to check for and install one?  (smaller print)  Note: Usw of this software is subject to the Software License Agreement applicable to the software you are downloading.  A list of Apple SLAs may be found here: htp://www.apple.com/legal/sla/
  Finally there are two boxes to click.  One says not now.  If I click on that the box goes away for 2 to 3 seconds and then pops back up and WILL NOT go away.  If I click on the second box, Install, it says  The software is currently unavailable.  To install a Java SE 6 runtime later, open Java Application again.
  My confusion here is that I have no idea what the java application is, When I click "okay" on that box, the original box pops us again and WILL NOT go away. CGoing to the apple lega web site was no help.  My solution so far has been to drag the dialogue box as far to the lower right and out of the way as far as I can.  Help.

  Does this happen immediately after you log in? If so, one of your login items is probably causing it.

• Authority-check for particular comp code

  Hi All,
  when i'm using standard Authority Object F_BKPF_BUK  for a particular standard code say 'CO01'. but it is working for all company code, but i want work for only one company code say 'CO01' ONLY.i'm using in report program (zreport prog)
  I written code as
  AUTHORITY-CHECK OBJECT 'F_BKPF_BUK'
      ID 'BUKRS' FIELD 'BE10'
      ID 'ACTVT' FIELD '03'.
  Please can u advice on this .
  Many Thanks in Advance for u r Answer
  Naren

  Hi
  In general different users will be given different authorizations based on their role in the orgn.
  We create ROLES and assign the Authorization and TCODES for that role, so only that user can have access to those T Codes.
  USe SUIM and SU21 T codes for this.
  Much of the data in an R/3 system has to be protected so that unauthorized users cannot access it. Therefore the appropriate authorization is required before a user can carry out certain actions in the system. When you log on to the R/3 system, the system checks in the user master record to see which transactions you are authorized to use. An authorization check is implemented for every sensitive transaction.
  If you wish to protect a transaction that you have programmed yourself, then you must implement an authorization check.
  This means you have to allocate an authorization object in the definition of the transaction.
  For example:
  program an AUTHORITY-CHECK.
  AUTHORITY-CHECK OBJECT <authorization object>
  ID <authority field 1> FIELD <field value 1>.
  ID <authority field 2> FIELD <field value 2>.
  ID <authority-field n> FIELD <field value n>.
  The OBJECT parameter specifies the authorization object.
  The ID parameter specifies an authorization field (in the authorization object).
  The FIELD parameter specifies a value for the authorization field.
  The authorization object and its fields have to be suitable for the transaction. In most cases you will be able to use the existing authorization objects to protect your data. But new developments may require that you define new authorization objects and fields.
  http://help.sap.com/saphelp_nw04s/helpdata/en/52/67167f439b11d1896f0000e8322d00/content.htm
  To ensure that a user has the appropriate authorizations when he or she performs an action, users are subject to authorization checks.
  Authorization : An authorization enables you to perform a particular activity in the SAP System, based on a set of authorization object field values.
  You program the authorization check using the ABAP statement AUTHORITY-CHECK.
  AUTHORITY-CHECK OBJECT 'S_TRVL_BKS'
  ID 'ACTVT' FIELD '02'
  ID 'CUSTTYPE' FIELD 'B'.
  IF SY-SUBRC <> 0.
  MESSAGE E...
  ENDIF.
  'S_TRVL_BKS' is a auth. object
  ID 'ACTVT' FIELD '02' in place 2 you can put 1,2, 3 for change create or display.
  The AUTHORITY-CHECK checks whether a user has the appropriate authorization to execute a particular activity.
  This Authorization concept is somewhat linked with BASIS people.
  As a developer you may not have access to access to SU21 Transaction where you have to define, authorizations, Objects and for nthat object you assign fields and values. Another Tcode is PFCG where you can assign these authrization objects and TCodes for a  profile and that profile in turn attached to a particular user.
  Take the help of the basis Guy and create and use.
  Reward points if useful
  Regards
  Anji

• Authority Check for the User

  Hi,
       In how many ways can we set authorizations? I mean, in how many levels? My requirement is, to check the Authorization for a specific user to see if he is authorized to execute a Specific Z-Transaction (Report) for a specific Plant. How do I do that? I assume I need to code the AUTHORITY-CHECK OBJECT.... in my report. If yes, in which event? Please let me know.
  Thanks and Regards,
  Venkat.

  Hi Venkat,
  You can put in the AUTHORITY-CHECK at a number of points, after initialisation, during selection, prior to output - it depends on what the program is doing and how the rest of it is coded.
  For example, doing a big select and then only outputting based on the authority check may not efficient with large volumes of data.

• Regarding Authority check objects

  Hi All,
  I have some confusion on Authority-check and its working.
  AUTHORITY-CHECK OBJECT 'S_TABU_DIS'
    ID 'ACTVT'     FIELD '03'
    ID 'DICBERCLS' FIELD tddat-cclass.
  In the above code, 'DICBERCLS' FIELD tddat-cclass... these values will take and compare with tddat table list.
  but my question is how it will check the   ID 'ACTVT'     FIELD '03' ??How it will check for the ACTVT is '03'.
  It will take it from any table?
  Thanks in advance,
  Madhu

  Hi,
  You are coding as follows:-
  AUTHORITY-CHECK OBJECT 'S_TABU_DIS'
  ID 'ACTVT' FIELD '03'
  ID 'DICBERCLS' FIELD tddat-cclass
  This authorisation object is for Table Maintenance (via standard tools such as SM30).
  Now when the code is executed, SAP will check that whether the current user has an Authorization Group as the value in TDDAT-CLASS in the user role and the activity is 03 or display.
  If in the user role, the basis guys have given the Authorization Group(DICBERCLS) value as XYZ and the value in  tddat-cclass is also 'XYZ' and the value of ACTVT field in the user role is '03', SAP will allow the user only to display the table via SM30.
  If the authorisation group is different or if the ACTVT is different, the user will not be allowed for this authority check.
  I hope this is clear for you.
  Regards,
  Ankur Parab

• Function module for se16 with out authority check for se16

  Hi ,
  I am creating a tode YSE16 which has same functionality as SE16 but having its own authority check. I am calling a function module RS_TABLE_LIST_CREATE function module to get the functionality of SE16. But is there any way that i can get the function module which do not check for the authorization for se16 and execute my tcode.
  Regards,
  Sri.

  Hi Sri,
  If I am not wrong this is the question?
  Guys , Sri is modifying the YSE16 as per this requirement. Do u have some other solution? Thanks.
  Requirement is to create customized tcodes YSE16, YSM30 and YSE38 for se16, sm0 and se38. Lets start with YSE16.
  Client want YSE16 tcode to restrict users based on some tables within a authorization group or even * value for auth group field.
  SE16 restricted on:
  S_TABU_DIS
  Auth Group and Activity
  As per Requirement YSE16 tcode sld be restricted on :
  Y_TABU_DI2 (customized object)
  Auth Group, Activity and Table name
  We dont want to give SE16 to users in Production. So basically requirement is to restrict users on table name with YSE16 irrespective on authorization group. User sld only be able to access the table mentioned in Table name field.
  so Srilu is trying to modify the Program. Can you please suggest some other way to modify it.
  Thanks.
  Regards,
  Naveen Dalal

• Authority Check for a selection condition/Range

  I am relatively new to ABAP and still learning.
  I am trying to create an authorisation check as part of a custom badi implementation.
  i have amended the code, but i am just trying to figure out how to take the selection condition table to get the specific value to check.
  i know the parameter - p_tplnr
  this code is pulled back into the Badi..
  * Import selection result
    IMPORT sel_tab = lt_nodes selcond = t_selcond          
      FROM MEMORY ID 'DIACL_SELECTION_NEW'.
  the table is t_selcond . so i do a loop round table into structure based upon this parameter.
  it could have single or multiple objects, and i am just unsure which object needs to be auth checked....
  my code...
  *--- Defect # 96 - Add Authorisation Check to filter out all Functional Locations.
    DATA: s_selcond TYPE rsparams.
    DATA: tplnr     TYPE diacl_lbk_sel_ds-tplnr.
  *--- Read table where selection name is Functional Location
    LOOP AT t_selcond INTO s_selcond
    WHERE   selname = 'P_TPLNR'.
      IF sy-subrc = 0.
  *--- Check the authorisation object for functional location
        AUTHORITY-CHECK OBJECT 'P_TPLNR'
        ID 'TPLNR' FIELD tplnr
        ID 'ACTVT' FIELD '03'.
      ENDIF.
    ENDLOOP.
  My question is how do i Authority Check the values within s_selcond when it could have single or multiple entries and could have conditions to include/exclude and have selection options?

  Hi ,
  LOOP AT t_selcond INTO s_selcond
    WHERE   selname = 'P_TPLNR'.
  endloop.
  -----------------This code can be replaced by
  READ TABLE T_SELCOND INTO S_SELCOND WITH KEY SELNAME = 'P_TPLNR'. "binary search after sort ..
  CHECK SY-SUBRC EQ 0
  auth-check  object...
  some basic code to get an idea ...
  tables /BIC/SPLANTGRP.
  select-options: so_basin for /bic/splantgrp-/bic/plantgrp no-display.
  so_basin-low = '1'. append so_basin.
  so_basin-low = '2'. append so_basin.
  so_basin-low = '3'. append so_basin.
  so_basin-low = '4'. append so_basin.
  loop at so_basin.
    write:/ so_basin-low.
  endloop.
  read table so_basin with key low = '4'.
  if sy-subrc eq 0 .
    write:/ 'found hit', so_basin-low.
  else.
    write:/ 'found NO hit'.
  endif.
  read table so_basin with key low = '5'.
  if sy-subrc eq 0 .
    write:/ 'found hit', so_basin-low.
  else.
    write:/ 'found NO hit'.
  endif.
  vijay

• Do I need to do authority check for Logical Database?

  Hi,
  Just to check, do I need to code authority check into a Logical Database or Logical Database will do the check by itself without me coding?
  This is because I have a user which does not have rights to infotypes 2000 and above and the logical database still show the user data which belongs to the infotypes 2000 and above.
  If I have to code it, how do I go about to do the coding of authority check?
  Thanks in advance.  Will reward points for good solutions.
  Lawrence

  Let me give an example
  Tables : pernr.
  infotypes: 0000, 0001, 2001.
  Get pernr.
  Do you mean that the 'get pernr' command will not return any data for users who do not have authorisation for infotype 2001?

• Validate email -- check for more than one dot

  I'm looking to validate and email address and I found how to check for a single dot "[email protected]"  with  email_txt.text.indexOf('.') < 0  but I want to also want to check to see if the user may have entered two dots "[email protected]"
  I tried:
  email_txt.text.indexOf('.') < 0 ||  email_txt.text.indexOf('.') >2 but that makes it puke all of the time.
  I also tried:
  email_txt.text.indexOf('.') < 0 && >2 and that one threw all kinds of errors.
  I don't know if I've ever seen anyone check for that, so I might be a little over zealous, but I thought I'd give it a try.
  Thanks in advance

  function validateEmailF(inputEmail:String):Boolean {
      //check for spaces
      if (inputEmail.indexOf(" ")>0) {
          return false;
      //bust the email apart into what comes before the @ and what comes after
      var emailArray:Array = inputEmail.split("@");
      //make sure there's exactly one @ symbol
      //also make sure there's at least one character before and after the @
      if (emailArray.length != 2 || emailArray[0].length == 0 || emailArray[1].length == 0) {
          return false;
      //bust apart the stuff after the @ apart on any . characters
      var postArray:Array = emailArray[1].split(".");
      //make sure there's at least one . after the @
      if (postArray.length<2) {
          return false;
      //make sure there's at least 1 character in in each segment before, between and after each .
      for (var i:Number = 0; i<postArray.length; i++) {
          if (postArray[i].length<1) {
              return false;
      //get what is left after the last .
      var suffix = postArray[postArray.length-1];
      //make sure that the segment at the end is either 2 or 3 characters
      if (suffix.length<2 || suffix.length>3) {
          return false;
      //it passed all tests, it's a valid email
      return true;
  }

• Is there some way to instruct iTunes to not check for updates of one of my apps?

  2nd gen ipod touch running 4.2.1 (which is the highest availble for that generation).
  I have a free weather app that just came out with an update. This new version requires at least 4.3.
  Since I have the older version of the app, iTunes notifies me of the update, which is not going to work on my ipod. (Actually I downloaded it anyway just to confirm that it wouldn't work, and sure enough, it didn't even want to start).
  So now that I have deleted that version and reloaded the old one, will I be stuck with that number 1 next to the Apps icon for ever more? Is there some way I can instruct iTunes to not check for updates of that app? Or is there some other solution that isn't apparent to me?

  You get all the new iWork suite (Pages 5, Numbers 3 & Keynote 6) free with your Mac purchase. You just need to go to the App Store and sign in with your Apple I.D.
  We warn against relying on the new iWork Apps, they really are just public betas and we are getting a number of users here with unopenable files. Bad news if this is your Masters.
  iWork '09 can be purchased as a Boxed DVD set from Amazon US$27, or online.
  It is much more usable and safer (not totally).
  LibreOffice [free] does not have as polished a UI but is actively supported, and uses open file formats as well as MsOffice formats. It also has the advantage of opening/saving virtually every known format on the planet (wish it would do Pages!) and has a usable but not briliant intgrated database.
  Peter