05-08-2014 9:02 AM
Hi,
My requirement is to authorize users to chance filed Malfunct. start (AUSVN) while using transaction IW22. Is it possible to create a custom Authorization Object and assign it custom roles. At the time of document saving user exit QQMA0014 will be called here can we do
AUTHORITY-CHECK OBJECT 'ZI*****'
ID 'ACTVT' FIELD '02'
ID 'AUSVN' FIELD i_viqmel-ausvn.
Please suggest.
Best Regards,
Nilesh
05-08-2014 9:29 AM
i hope you have some idea about authorizations .. i mean PFCG and SUIM etc.
you can create authorization profiles there and maintain the fields there.
go to pfcg and create a single role.. "ZROLE_XXXX"
in the authorizations tab create a profile.
the go to authorization data.
Here you can create the authorization objects and add activities etc. Once done activate and generate user profile. say the authorization object is Zi***** (as you want it)
You can then go back to user tab and add the respective users you want to use the authorization profiles.
Now if the user is authrized for ZROLE with activity field 02 etc then it will return subrc = 0.
Alternatively you may create the Zi**** authorization object in an already existing profile if available for customization...
also see
05-08-2014 9:38 AM
Hello Gaurav,
I have followed below steps:
1. Creation of Authorization field in SU20
2. Created Authorization Object with ACTVT and AUSVN using SU21. Under Permitted Activities I have not checked any value.
3. Assign Auth Object to Role using PFCG
Now I have used same Authorization Object in User Exit QQMA0014 with below code.
AUTHORITY-CHECK OBJECT 'ZI*****'
ID 'ACTVT' FIELD '02'
ID 'AUSVN' FIELD i_viqmel-ausvn.
If sy-subrc <> 0.
"" Error message.
Endif.
Still I am getting sy-subrc value as 0. Tried with different users.
Best Regards,
Nilesh
05-08-2014 9:52 AM
double click the auth object.. see if everything is generated correctly.
check this
05-08-2014 10:45 AM
Everything is correct and roles and profiles generated correctly. Is am I following the correct path to fulfill above requirement?
Is there any other way I can test/check it?
BR,
Nilesh