on 08-02-2010 11:00 AM
I have created a 'Z' application which consists of create, change and display User interface.Whenever the user selects craete all fields go editable, change will have some fields editable and display all uneditable.I used only one view and i handled all three modes using invisible and enable property.
Now i want to allow only certain users to access create and change but display for all users.How to give this kind of autorization in webdynpro????
Please explain me about authorization in webdynpro taking my scenario?
Hello,
I hope you are aware of authority checks in ABAP in general. In your scenario, what you can do is: create one context attribute IS_AUTHORIZED of type WDY_BOOLEAN.
And in WDDOINIT of the component controller or view controller,
do the authorization check using AUTHORITY-CHECK stmt and if the check fails i.e. sy-subrc is not equals to 0, then
set the attribute IS_AUTHORIZED to false. Otherwise set it to true.
And you have to bind the enabled property of the buttons to this context attribute IS_AUTHORIZED.
Please refer to the following code sample:
DATA lo_nd_selection_type TYPE REF TO if_wd_context_node.
DATA lo_el_selection_type TYPE REF TO if_wd_context_element.
lo_nd_selection_type = wd_context->get_child_node( name = wd_this->wdctx_flex_config ).
lo_el_selection_type = lo_nd_selection_type->get_element( ).
AUTHORITY-CHECK OBJECT <objectName>
ID <name1> FIELD <f1>
ID <name2> FIELD <f2>.
IF sy-subrc <> 0.
* Prohibhit the user from modifying config
lo_el_selection_type->set_attribute(
name = `IS_AUTHORIZED`
value = abap_false ).
ELSE.
lo_el_selection_type->set_attribute(
name = `IS_AUTHORIZED`
value = abap_true ).
ENDIF.
Hope this helps!
Regards,
Srilatha
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Srilatha,
Thanks for your answer!!...i have to restrict the user based on , click of a button (ie, an event)...say for ex:If the user group other than HR clicks 'create' or 'change' button it should throw a msg that 'User is restricted'.And all user should be allowed for 'display' mode.
What do you think i should do in this case?
Hi Naveen,
In that case, you can do the authority check inside the event handler of the button clicked. if the check fails i.e. sy-subrc is not equal to 0, then raise a message saying that he is not authorized to do so.
But the best way would be to disable the Create/Change buttons if the user who is accessing your application doesnt have authorization to create/change data instead of displaying a message after clicking those buttons. Anyway, it will be based on your design how you want to do.
Regards,
Srilatha
Edited by: Srilatha M on Aug 2, 2010 1:02 PM
Hi Naveen,
You can create a table with all the authorization value. Either you can store the values of those employees who want to be restricted or whom can be allowed.
Suppose if you store the employees who can have access. The on the click of the button, check if the value is present in the table and then allow.
Else throw the error message.
User | Count |
---|---|
101 | |
13 | |
13 | |
11 | |
11 | |
7 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.