Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Showing results for 
Search instead for 
Did you mean: 

Vendor restriction for ME51N

Former Member
0 Kudos

Hi,

We'd like to restrict ME51N at the vendor level.

I coudlnt find a suitable object in SU24..please advise..

Thank you,

Saba.

1 ACCEPTED SOLUTION

Former Member
0 Kudos

Hi,

Please look out for F_LFA1* auth objects to have a restriction on Vendor Level (Vendor Groups).

Thanks,

Deb

7 REPLIES 7

Former Member
0 Kudos

Hi,

Please look out for F_LFA1* auth objects to have a restriction on Vendor Level (Vendor Groups).

Thanks,

Deb

Former Member
0 Kudos

Hi Saba

What are you trying to prevent please? I can't see any auth checks carried out on the F_LFA1 object and couldn't find any reference to it in the code?

I can see the option to select a preferred vendor etc but not sure by what criteria you wish to restrict or why...

Cheers

David

0 Kudos

Hi David,

I need to restrict Vendors per company code (second tab) available in the F4 options in the 'fixed vendor' field in the transaction ME51N-Create Purchase requisition...so that users cannote create purchase requisitions for other company code/vendors.

Thank you,

Saba.

0 Kudos

So i believe you need you BADI to perform additional authorization check. To modify search help you can add you own custom exit for search help used in ME51N. So BAI will prevent creating document with invalid vendor and search help will provide only subset of values based on user's authorization.

Cheers

martin_voros
Active Contributor
0 Kudos

Hi,

if you don't find a standard object that can be used to achieve your goal than it should not be a problem to implement custom checks using BADI ME_PROCESS_REQ_CUST.

Cheers

0 Kudos

Hi Martin

I've been looking at SE19 and the BADI you provided (thanks for this!) which I've tried playing with in a test system but it's way out of my experience...

Would this usually be referred to the ABAP team or the functional MM team in a normal change request please?

Cheers

David

0 Kudos

Hi David,

yep, developers will need to implement this BADI. You need an account with registered development key (table DEVACCESS). You can check BADI definition in SE18 (SE19 is for maintaining a particular implementation). In this case you can try to use two methods: PROCESS_ITEM and CHECK.

The method CHECK is called just before saving PR. Here you get a reference to object that represents PR. This object has method GET_ITEMS that returns a table with references to all items. Again, every PR item is represented as an object and this object has method GET_DATA that returns item data in a structure. The structure has field FLIEF - Fixed vendor. So here you could check vendor on each item and if user does not have authorization then raise a message. Disadvantage of this method is that an error message is displayed just before saving PR.

The method PROCESS_ITEM is called right after you enter any data on item level. Here you get a reference to entered/modified item. You get exactly same reference as in method CHECK. So you can just execute same check and raise an error message if necessary. You can also clear field Fixed vendor if user does not have sufficient authorization. So using this method a user will get immediate response.

The only missing part is that search help for this field is a standard search help KRED for vendor. Hence users will get a list of all vendors in system regardless their authorization. What you can do here is that you can implement user exit for search help that will perform authorization check for each user and exclude unwanted vendors. You have to be careful here because the search help is used in multiple transactions.

Cheers