on 04-17-2012 9:49 PM
Hi
We have a situation where a business user who has access to the sales order entry screen goes in and sometimes changes the batch determined using batch determination. so basically hardpeg a batch on an order overriding the selection which came from batch determination.
Is there a way we can limit this, so that batches proposed by the batch determination can only be overridden by a manager or above? some kind of authorization check or an exit or something?
We ran a security trace on the sales order entry screen and could not see any object of relevance which could be used to control it?
Was wondering if it was even possible?
Thanks
sap ques.
You can try with user exit USEREXIT_CHECK_VBAP in program MV45AFZB.
Regards,
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I checked if there were any relevant authorisation checks in VA02 but like you, could not find any. I guess the SAP argument for this is that they are empowering the user rather than inhibiting them.
An alternative approach [to Shiva's suggestion] you could take is to use USEREXIT_FIELD_MODIFICATION. Within this subroutine, you can maintain your own logic deciding whether the batch field will be changeable. For example, you could have a logic akin to this:
IF SCREEN-NAME = 'VBAP-CHARG'
<Insert authorisation object coding logic>
IF SY-SUBRC = 0
SCREEN-INPUT = '1'
ELSE
SCREEN-INPUT = 0.
ENDIF.
By saying that SCREEN-INPUT = 0, it will make the field display only, rather than changeable. Obviously, you will need to discuss with your ABAP team that exact details of the code yuo would need to maintain. It may be possible to use a standard authorisation object and insert into the code here (One that perhaps your managers are authorised for and general users are not). Or iy may be possible to avoid the use of authorisation objects completely by using an IF on SY-UNAME [depending in how many managers or users you wish to limit].
Note 208245 may provide some useful information on the logic behind SCREEN-INPUT & SCREEN-NAme.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Neol,
I will try this logic and discuss this with my ABAPer...
Sound like it may be doable...I think going with an authirization object is probably the right approach as I can control that with a role. If I do SY-UNAME, we will have to hardcode the name and then if the user leaves I gotta to another transport to fix that....
Thanks
sap ques
User | Count |
---|---|
95 | |
11 | |
11 | |
6 | |
6 | |
4 | |
3 | |
3 | |
3 | |
3 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.