Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Authorization check on Z report

Former Member

‎04-21-2015 4:11 PM

0 Kudos

Hello Experts,

We had a requirement to develop a report which would combine the features of V.14 and V23 with some additional features like removing delivery blocks and billing blocks.

We want to add some authorization checks so that some people are restricted to view information of only some sales organizations and some people like management will have a broader authorization to view details of multiple sales organizations.  How can we acheive this?

For example in SU23 when we run our custom T code we do not see the authorization object which is used in the program. We are currently using VBAK_VKO in our program.

Thanks and regards.

ES.

4 REPLIES 4

Lakshmipathi
Active Contributor

‎04-21-2015 4:23 PM

0 Kudos

Moved from SAP ERP Sales and Distribution (SAP SD) to Security

Former Member

‎04-21-2015 5:17 PM

0 Kudos

Hi,

Add the auth checks at appropriate places in the code, with appropriate logic & they will be performed.  Once you are happy they are working correctly, update the SU24 records for your ztx and add it into your roles.

former_member230681
Participant

‎04-21-2015 6:36 PM

0 Kudos

Hi ,

I understand that you have maintained authority check for V_VBAK_VKO in your program.After this below can solve your issue:

  • Maintain SU24 for your custom tcode with proposal as "yes".
  • Add your tcode to roles and generate the roles.Considering that "Sales Organization" is org level in your system,you can maintain in role the value of sales org data for which the user is supposed to see.Your security team should be able to do that.

This way you can segregate authorization with roles.Hope this helps.

niteshgupta87
Active Participant

‎04-22-2015 1:49 PM

0 Kudos

Hi,

Adding to above replies, are you calling V.14 and V23 in your custom program or you created your own login in Z program? If standard tcodes are being called, make sure that appropriate restrictions are placed in SE97 tcode for the Z tcode.

In SU24, you will have to add the object to the Z tcode. You will not see it automatically. But make sure that the authority check is there in program (can verify by a ST01 trace).

As Anika said, you can create separate roles for each required sales organization.

Thanks