Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Showing results for 
Search instead for 
Did you mean: 

S_TABU_DIS in CHange only mode ( no craete / delete)?

Former Member
0 Kudos

Hello Experts ,

I have a requirement in one my security roles that the user should be restricted only to Change the existin gentries in a Z table . But when I add ACTVT 02 with object S_TABU_DIS this gives access to Create, Change & Delete the entries in that table.

How can I restrict the access only to change & do not allow user to Create / Delete an entry to this table ?

Thanks !

Shailesh

6 REPLIES 6

Former Member
0 Kudos

have you given the entries name or (*) full authorization?

0 Kudos

>

> have you given the entries name or (*) full authorization?

What do you mean by "the entries name"? S_TABU_DIS has two fields, ACTVT and DICBERCLS. OP's problem lies in the ACTVT restriction which isn't working in the desired way.

Former Member
0 Kudos

Sounds like you are refering to SE16.

Please take note that SE16 cannot edit all tables, but in those cases the ability to change an existing entry to something completely different or non-sensical is the same as creating or deleting the existing entry.

Cheers,

Julius

Former Member
0 Kudos

S_TABU_DIS only 3 values for field ACTVT:

02 = create, change or delete entries

03 = view entries only

BD = overrule the locking of changes coming from ALE

so, ACTVT 02 allows exactly what you are describing. this object will not help you to achieve what you want. you will have to create your own object and adapt the coding (of the maintenance view ... or whatever).

0 Kudos

Thanks Guys,

I guess I have to go ahead with a Z object for this one

Shailesh

0 Kudos

Hi,

I would like to remind you on one thing,

PLease check if the role has multiple number of instances for S_TABU_DIS . i.e multiple authorizations , where in one authorization as you said you have maintained the authorization group with only Activity 02 .

But please make sure that there are no other instances for S_TABU_DIS where the same Authorization group is maitained with other activities like 02, BD, which will allow to give access for all those activities.

Thank you

Jagadish