11-20-2008 12:45 PM
Hi All,
we are working on 4.7 and we have to restrict all user for the program SAPF020.
I am not able to restrict the access to the program.
Please help me to restrict the acess to the program.
I searched in the portal but i didn't get correct info,
Thanks,
Pravin
11-20-2008 1:01 PM
The answer is not in "the portal" but rather both in and before the program itself.
- In the program => it checks F_BKPF_BUK actvt '06' (which is delete...).
- Before the program => it is assigned to program group F_002 (archive / delete company codes) so restrict S_PROGRAM.
Also, you should ensure that your productive companies are defined as productive. That way, the program will not let anyone delete the data.
How it works:
IF t001-xprod NE space.
SET CURSOR FIELD 'X_TESTL'.
IF x_testl EQ space.
MESSAGE e105 WITH bukrs. <= not possible!
ELSE.
MESSAGE i104 WITH bukrs.
ENDIF.
ENDIF.
CHECK x_testl EQ space.
AUTHORITY-CHECK OBJECT 'F_BKPF_BUK'
ID 'BUKRS' FIELD bukrs
ID 'ACTVT' FIELD '06'.
IF sy-subrc NE 0.
SET CURSOR FIELD 'X_TESTL'.
*
* Keine Berechtigung zum Löschen von Buchungskreisen <= not authorized!
*
MESSAGE e106 WITH bukrs.
ENDIF.
Cheers,
Julius
Edited by: Julius Bussche on Nov 20, 2008 2:02 PM
11-20-2008 12:51 PM
Using Program RSCSAUTH you can assign an authorization group to the program which is not assigned to the any of the roles in the object S_PROGRAM. Thereby you can limit the access to the program from the users,
11-20-2008 1:01 PM
The answer is not in "the portal" but rather both in and before the program itself.
- In the program => it checks F_BKPF_BUK actvt '06' (which is delete...).
- Before the program => it is assigned to program group F_002 (archive / delete company codes) so restrict S_PROGRAM.
Also, you should ensure that your productive companies are defined as productive. That way, the program will not let anyone delete the data.
How it works:
IF t001-xprod NE space.
SET CURSOR FIELD 'X_TESTL'.
IF x_testl EQ space.
MESSAGE e105 WITH bukrs. <= not possible!
ELSE.
MESSAGE i104 WITH bukrs.
ENDIF.
ENDIF.
CHECK x_testl EQ space.
AUTHORITY-CHECK OBJECT 'F_BKPF_BUK'
ID 'BUKRS' FIELD bukrs
ID 'ACTVT' FIELD '06'.
IF sy-subrc NE 0.
SET CURSOR FIELD 'X_TESTL'.
*
* Keine Berechtigung zum Löschen von Buchungskreisen <= not authorized!
*
MESSAGE e106 WITH bukrs.
ENDIF.
Cheers,
Julius
Edited by: Julius Bussche on Nov 20, 2008 2:02 PM