Report to check authorization object used in customized programs

Similar Messages

• Display all objects used in a program

  Hi guys,
  i want to create a Zprogram to Display all objects used in a program.
  is there any class that can help me plzzz.
  CL_WB_PGEDITOR
  CL_WB_TBEDITOR.
  CL_WB_EDITOR.....
  thks

  Hi Oubaha,
  You can use SE80 to display objects used by a program.
  Regards,
  Chester

• LDB PNP authorization check authorization object

  Hi,
  I have used LDB PNP for HR reports.
  We are using the authority check also, but the problem is all the records/data for all the people is being read by the report where some of the people data should not have been read as they belong to some other personal area that the role of the executer (user).
  Hence it appears that authorization check is not working properly.
  Following is how I am using it, Please suggest corrections or alternate way to correct this issue.
      rp-provide-from-last p0002 space gwa_outlist-begda 
                                                      gwa_outlist-begda.
      IF pnp-sw-found NE '1' OR
          pnp-sw-auth-skipped-record EQ '1'.
          EXIT.
      ELSE.
          ls_tab-vorna = p0002-vorna.
          ls_tab-nachn = p0002-nachn.
      ENDIF.
  Please reply with the corrections ore alterations,
  Thanks in advance.
  Akash.

  Hi,
  (1)
  Actually, if you're wirting report with PNP LDB, you do NOT need to do this hard-coded auth checking at all. Because the LDB abap code behind PNP has already do this job for you.
  So all you need to do is to ask you HR consultant or Basis consultant to modify the authority config of certain ROLE with t-code PFCG, and then assign that ROLE to certain user with t-code SU01.
  ABAP code behind PNP will automatically verify the current user according to his ROLE setting.
  (2)
  In some case you do not work with LDB report, then you need to do the authority check by yourself. General function  AUTHORITY_CHECK is what you need.  AUTHORITY_CHECK do the authority check by means of Authority Object.Belows are authority objects used in HR module(you can also see in PFCG if technial name switched on):
  P_ORGIN    HR: Master Data
  PLOG       Personnel Planning
  P_PCLX     HR: Clusters
  P_TCODE    HR: Transaction codes
  Sample of checking personal area:
  CALL FUNCTION 'AUTHORITY_CHECK'
       EXPORTING
            FIELD1              = ' PERSA'
            OBJECT              = 'P_ORGIN'
            USER                = 'SAPSUPPORT1'
            VALUE1              = 'Z001'  
       EXCEPTIONS
            USER_DONT_EXIST     = 1
            USER_IS_AUTHORIZED  = 2
            USER_NOT_AUTHORIZED = 3
            USER_IS_LOCKED      = 4
            OTHERS              = 5.  
  IF SY-SUBRC NE 2.
  MESSAGE E001(01) RAISING AUTH_FAILED.
  ENDIF.
  Reward if helpful pls!

• Transaction to check authorization objects that failed

  I am trying to test a report, but I get an authorization error when running a standard function.
  I have already used a transaction which shows what authorization object failed if you call this transaction right after you got the error. Does anybody know the code of this transaction?
  Thanks in advance,
  Carol

  Hello,
  use /nsu53 and send the print screen to your basis team....they will modify your profile role to give you the permissions.
  Bye
  Gabriel P-

• RSSM: Checks Authorization Objects for Infoprovider are not activ

  Hello,
  we have BW 3.5 and we use RSSM Authorization Objects.
  When we create a new cube with an Infoobject that is authorization relevant, in our development-system in rssm the flags for the checks are automatically activ.
  When we transport the new cube to our production-system, the flags in RSSM for the authorization object are not activ.
  Sometimes the new infoprovider is not in the list of the infoprovider in rssm, so we have to "update check status" with the appropriate icon.
  My question:
  It is possible, that when we import the new cube in our production-system, that all authorization objects are activ??

  Hi,
  Normally system would check all the authorization relevant objects whenever a new Info cube is imported and in case if you want to transport these changes to Production system manually then follow the below listed steps:
  1) In Development system, check or un-check the authorization relevancy using the transaction RSSM on a given Info provider
  2) These changes are stored in table RSSTOBJDIR
  3) Create a manuall transport request and include these entries covering the required Authorization objects manually. 
  R3TR TABU RSSTOBJDIR
  Ex: If Info object 'A' is authorization relevant in Development system but not in Production system and you want to transport this change to Production system then include object 'A' table entries manually.
  Hope this helps.
  Cheers
  Bala Koppuravuri

• Authorization Object used in Infoset

  We have a authorization object that is working with our InfoProviders, but now we have added a Infoset to our Data Model, and the authorization object is not working with the Infoset. The Infoset was added to the Role, but the user is being allowed to see all values of the authorizatin object. The user is not being limited to the specific value which is associated with the user in that Role...
  Anyone have any ideas?
  I have tried RSSM but I am unable to add the Authorization Object to an Infoset with this transaction.

  Hi,
  InfoSets are protected by the authorization object <b>S_RS_ISET</b>. This authorization object protects the InfoSet by the InfoArea. Addtional protection includes the activity and protecting the InfoSet at definition time as well as access to the data. A reporting user will need activity 03 with access to look at the data. The following fields are in <b>S_RS_ISET</b>:
  InfoArea: InfoArea user should access
  InfoSet: InfoSet user should access.
  Activity: For a reporting user, should be display (03).
  Subobject: For a reporting user, should be 'DATA'.
  The fields for this object are similar to S_RS_ICUBE and S_RS_ODSO. They all
  access by InfoArea, activity (display), and access to the data.
  This is coming from the TBW40 course.
  regards,
  Raymond Baggen
  Uphantis bv

• Find dictionary object used in ABAP program

  Dear All,
  Pl help me find out all the dictionary objects used in report program and dialog program.
  Input will be program name(report or module pool). output will give name of the database tables used in that program.
  thanks.

  Hi,
  Use the FM RS_PROGRAM_TABLES
  pass the object type as PROG for report and the program name for object name
  Vikranth

• Selection profile field in COOIS transaction to use in custom program

  I need to use the field selection profile in the transaction COOIS in a custom report .How can we do that ?

  The program for this tcode is PPIO_ENTRY
  in that you see that the  include  program ' ppio_entry_sel_criteria.'
  contains the logic for your request.
  copy the same in your custom program.

• GOS(Generic Object Services) for Custom program ?

  Hi All,
  My requirement is to have GOS option to attach document for Custom program against each record.
  Do anybody have faced the same kind of requirement,please let me know how to do.
  Bharathi.J

  Hi Bharathi
  i to got the same requirement
  through manually im attaching the files,notes and URL's
  but how to attach through any class
  i use CL_GOS_DOCUMENT_SERVICE in that
  CREATE_ATTACHMENT method
  but it is not attaching the files to my GOS menu
  can u  help me
  Thanks
  Surendra

• How to call BOR object- method in custom program

  hi all,
  I have the following details:
  BOR object : INSTLN
  Method: createdirect
  I need to call the above method in my custom program.
  I need to call it entirely. Means if it contains fn modules I dont want to call those fn modules seperately.

  Hi Sammy,
  Phil Soady from SAP Australia provided me with this little gem a few years back. The actual documentation for this can be found somewhere in the workflow programming area, but I just looked and couldn't find it for you. Anyway, this is a sample program I built to show how to do this. In this example I call the Display method of the Sales Document BO.
  INCLUDE <cntn02>.
  INCLUDE <cntn03>.
  FUNCTION zcallbomethod.
  *"*"Local interface:
  * Data declaration
    DATA: vbak_ref TYPE swc_object.
  * Declare and initialise container
    swc_container container.
    swc_create_container container.
  * Create object reference to sales document
    swc_create_object vbak_ref 'VBAK' '0000000009'. "Sales Document Number
  * Call Display
    swc_call_method vbak_ref 'Display' container.
  * Error handling
    IF sy-subrc NE 0.
    ENDIF.
  ENDFUNCTION.
  Cheers
  Graham Robbo

• Authorizations by use of customer-exit: in  i_step = 3,   i_vnam is empty

  Hello all,
  I have checked multiple scenarios and they do not work:
  Current situation/setup:
  1. <b>Creation of several variables and adding each of them to different queries</b> :
  Variable   Type   Processing      Infoobject                     Selection  ready for input
  COB     1     6     ZCCOSTCTR__ZCCOB     S     
  CB2     1     6     ZCCOB                                     S     
  CBV     1     3     ZCCOB                                     S     
  2. <b>Adding values in a role</b> (currently 3.0 is used and we want to check the exit and if it works before upgrading to 7.0) and assign it to the user:
  Old active Object:ZCKS_COB:
  1KYFNM    *                                                                            
  9ZCCOB    $C-B2, $C-OB , $C-BV    
  added new object without 1KYFNM:                                                                               
  ZCCOB      $C-B2, $C-OB, , $C-BV             
  3. <b>Marked the used object auth. relevant</b> for the cube of the query
  4. Enhanced ZXRSRU01 via CMOD with coding and activated also the project:
    WHEN 'COB' or 'RESPNO'.
     IF I_STEP = 0.
      IF I_STEP = 1.
     IF I_STEP = 3.
        CALL FUNCTION 'Z_VARIABLE_BY_AUTH'
          EXPORTING
            I_VNAM           = I_VNAM
          TABLES
            E_T_RANGE        = E_T_RANGE
          EXCEPTIONS
            NO_AUTH          = 1
            NOT_VALID        = 2
            MISSING_OPERATOR = 3
            OTHERS           = 4.
        IF SY-SUBRC = 1.
          MESSAGE W007(EYE).
        ENDIF.
        IF SY-SUBRC = 2.
          MESSAGE W707(BRAIN).
        ENDIF.
        IF SY-SUBRC = 3.
          MESSAGE W999(BRAIN).
        ENDIF.
        IF SY-SUBRC = 4.
          MESSAGE W649(BRAIN) with I_VNAM ''.
        ENDIF.
      endif.
  The function 'Z_VARIABLE_BY_AUTH' was tested separately and fills in E_T_RANGE as expected.
  I also changed the variable names each time to all the other existing variables while debugging.
  If I use a variable of <b>type customer-exit</b> and process it with <b>i_step =1</b> the value selection and query result is OK.
  But this <b>scenario works without roles</b> and authorization values triggered by a variable $<VARIABLE> and is not the intended and documented way proposed by SAP. The documentation says to create a variable of type authorizations and to process it in I_Step = 3. But in this step I_VNAM is empty and so there is no processing ot the function module.
  Has anyone a solution? I could not find the issue during several debugging sessions. One strange thing is the protocol of rssm: the authorization buffer is not reflecting the enhanced role but only the value $C-B2 for object ZCKS_COB.
  Thanks in advance to have a look on this tricky issue.
  Bye,
  Petra

  Try this:
  IF i_s_rkb1d-compid = 'Query Name'
  Validation of data for the value entered in your Variable
      READ TABLE i_t_var_range INTO yourworkarea
                  WITH KEY vnam = yourvariable
      IF sy-subrc = 0.
        IF w_s_var_range-low(4) <>  w_s_var_range-high(4).  " Your condition or Logic
          l_msgv1     = c_qtr_com1.  " Your message
          i_handle = 9998.
          CALL FUNCTION 'RRMS_HANDLE_MESSAGE_INIT'
            EXPORTING
              i_handle         = i_handle
              i_msg_handler_id = sy-uzeit.
          CALL FUNCTION 'RRMS_MESSAGE_HANDLING'
            EXPORTING
              i_class  = 'RSBBS'
              i_type   = 'I'
              i_number = '000'
              i_msgv1  = l_msgv1
          RAISE again.
        ENDIF.
      ENDIF.
    ENDIF.

• Required a program to list out custom dependent object used in a program

  sorry already in the forums
  Edited by: Krishna Gowrneni on Jul 16, 2009 7:51 PM
  Edited by: Krishna Gowrneni on Jul 16, 2009 7:52 PM
  Edited by: Krishna Gowrneni on Jul 16, 2009 7:53 PM

  Hello
  There is no exist such table.
  But try this snippet:
  REPORT ZSEARCH.
  PARAMETERS: P_NAME LIKE D010SINF-PROG.
  DATA: PROGTXT(72) TYPE C OCCURS 0 WITH HEADER LINE.
  DATA: TMP(72) TYPE C OCCURS 0 WITH HEADER LINE.
  DATA: FUNCT TYPE RS38L_FNAM OCCURS 0 WITH HEADER LINE.
  DATA: INCL TYPE RSEUINC OCCURS 0 WITH HEADER LINE.
  CALL FUNCTION 'RS_GET_ALL_INCLUDES'
       EXPORTING PROGRAM    = P_NAME
       TABLES    INCLUDETAB = INCL.
  LOOP AT INCL.
    READ REPORT INCL-MASTER INTO TMP.
    APPEND LINES OF TMP TO PROGTXT.
    REFRESH TMP.
  ENDLOOP.
  READ REPORT P_NAME INTO TMP.
  APPEND LINES OF TMP TO PROGTXT.
  LOOP AT PROGTXT.
    IF PROGTXT CS 'CALL FUNCTION'.
      SEARCH PROGTXT FOR ''''.
      IF SY-SUBRC = 0.
        DO.
          SHIFT PROGTXT LEFT BY 1 PLACES.
          IF PROGTXT(1) = ''''.
            SHIFT PROGTXT LEFT BY 1 PLACES.
            DO.
              SHIFT PROGTXT RIGHT BY 1 PLACES.
              IF PROGTXT+71(1) = ''''.
                SHIFT PROGTXT RIGHT BY 1 PLACES.
                CONDENSE PROGTXT.
                FUNCT = PROGTXT. COLLECT FUNCT. EXIT.
              ENDIF.
            ENDDO.
            EXIT.
          ENDIF.
        ENDDO.
      ENDIF.
    ENDIF.
  ENDLOOP.
  SORT FUNCT.
  LOOP AT FUNCT.
    WRITE: FUNCT. NEW-LINE.
  ENDLOOP.

• ABAP program to list Data Dictionary objects referenced in custom program

  I want an uitlity program that will list all ( Custom and standard) data dictionary objects referenced to declare variables in custom ABAP program. Is there any standard program available in SAP to meet this requirements?
  This is required to create a separate transport requests only with data dictiornay objects.
  Thanks in advance for your help
  Regards,
  Sunil

  Hi
  You can try the FM AKB_WHERE_USED_LIST.
  ~~~Ganesh Kumar K.

• PO printing into PDF using a customized program

  Dear All,
  I understand that program RSTXPDFT4 is use to generate/print PO in PDF format using the spool no as input.
  My question is there any similar program like this that PO can be printed in PDF but the input is PO Number.?
  Thanks,
  Rgds,
  Shela

  if you want print in PDF, then  you should use PDF based forms instead of SAPscript or smart forms
  http://help.sap.com/erp2005_ehp_04/helpdata/En/5a/b9c6f89f1ede48a7d6413cc4512145/frameset.htm
  alternative check OSS Note 191470 - Purchase order as an e-mail
  if you want send the output by mail.

• Authorization object & Business operation for issue permit & reject permit

  Hi all,
  I have created a new notification type (copied from PM) and have assigned tasks to the notification. In this notification i wanted to use the icons issue permit and reject permit for certain users (but not for all). So i need to provide the business operations to the basis guy to attach it for the specified roles.
  I am not able to find these business operations.
  Any help on the above would be highly appreciated.
  Thanks and regards,
  Santosh.

  Hi,
  Pls check authorization object used to control the assign or issue a particular permit
  Object: I_SOGEN
  Sorry u can not control the authorization bcoz above object not works for notification also there is no business operation in notification to control the approval or rejection of permit.
  U have to use the user status by which u can control the approval or rejection of permit.
  Regards
  Sunil
  Edited by: sunil gupta on Jan 28, 2010 6:40 PM