it's not possible through authorization: when you issue the physical print-out or the print-out preview, the SAP activity controlled is the same. 04 - Print, edit messages. If you have "Archive link" active, then once the output is generated and archived, you can authorize the user only to display the archived document.
With authorization object S_SPO_DEV you can restrict output devices, and so prevent the user to issue thee physichal output, but if you have defined a LOCL or PDF printer, the user will always have a work-around to print the invoice.
authorization objects V_VBRK_FKA or V_VBRK_VKO are used by the standard to control access to invoices. They check respectively Invoice type/Activity and Sales Area/Activity.
To display them, and the available values for field "Activity" you can run transaction SU21 or create a Role with PFCG and add transaction VF01, for instance. According to standard settings, each authorization object checks a list of permited activities. But this comes from the standard behaviour of the instruction AUTHORITY-CHECK: in transaction VF01, according to the action performed by the user, the system determines the related activity code, and then performs an authority-check to control if the user is authorized to perform that activity.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.