03-14-2007 8:47 AM
Hi all,
To execute pa30 tcode the auth object p_orgin is required.
The auth object p_orgin contains the following fields:
AUTHC Authorization level
INFTY Infotype
PERSA Personnel Area
PERSG Employee Group
PERSK Employee Subgroup
SUBTY Subtype
VDSK1 Organizational Key
Our requirement is to add another field to the above object ie P_ORGIN
BTRTL Personnel Subarea, so that the restriction can be imposed on sub area basis without writing an additional z report or adding a z table.
I have added the same to P_ORGIN via su24 but the it is not working.
Pl guide if it is possible to do so and how.
Thanks in advance.
Regards
03-14-2007 10:32 AM
Hi Manas,
I dont think the check wont work unless you change the code. Without applying logic through code how do you expect this to work ?You need to change the authority check for P_ORIGIN and introduce the check for the new field.
Regards.
Ruchit.
03-14-2007 10:32 AM
Hi Manas,
I dont think the check wont work unless you change the code. Without applying logic through code how do you expect this to work ?You need to change the authority check for P_ORIGIN and introduce the check for the new field.
Regards.
Ruchit.
03-15-2007 7:07 AM
Hi Ruchit,
Actually i was apprehending the same but wanted clarification for a possible soln.
Can it not be possible that the related report gets updated on such modification on execution of some report/process etc?
Thanks for your response.
03-15-2007 7:55 AM
Hi Manas,
Not possible as of now though it is an intutive idea from your side )
This is because when introducing authority check using function modules Authority_Check a lot of times you would also give the value that should be present in user profile in order to validate the check .Now I dont think even with present levels of AI it is possible to do that because no system will be able to dynamically guage what exactly is in the mind of the user.
And additionally P_ORIGIN will be actually used in several reports where requirements will be different!!
Regards.
Ruchit.
03-15-2007 1:49 PM
You could create a new authorization object with your required fields and add the object to the tcode (pa30) through se93.
03-16-2007 10:38 AM
03-20-2007 2:57 PM
You created new authorization object in su21 with your required fields and assigned that new object to PA30 in SE93 under the authorization object field? That should of forced the user to have s_tcode as well as your new authorization object.