Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Restrict the usage of RGUGBR00

Go to solution
Former Member

‎05-19-2015 8:08 PM

0 Kudos

Hello,

We would like to restrict the usage of the program RGUGBR00 which regenerates the validations, substitution, etc. One of the users executed this program with incorrect selection criteria (chose all the check boxes) and this reset all the Z SETS in production system.


All the developers and support members have access to SE80 in production to execute few programs. This opens up the restriction and any of them would be able to run RGUGBR00.

1)     Is there a way to restrict the usage of the program without making changes to the program or its screen?

2)     Is there a authorization object needed for this program?

Thanks,

Surya

1 ACCEPTED SOLUTION

Go to solution
naimesh_patel
Active Contributor

‎05-19-2015 9:32 PM

0 Kudos

You should not allow the users or consultants to run the programs / FMs in Production system. They should use the different procedures when required to run the programs. But, that is a different story.

I think there isn't any auth check object here. However, you can create an implicit implementation in the beginning of the subroutine CLIENT_INITIALIZE in program RGUGBR00. In the implementation, call your custom authorization object. If no authorization, trigger the message type 'A' (abend).

Regards,
Naimesh Patel

2 REPLIES 2

Go to solution
naimesh_patel
Active Contributor

‎05-19-2015 9:32 PM

0 Kudos

You should not allow the users or consultants to run the programs / FMs in Production system. They should use the different procedures when required to run the programs. But, that is a different story.

I think there isn't any auth check object here. However, you can create an implicit implementation in the beginning of the subroutine CLIENT_INITIALIZE in program RGUGBR00. In the implementation, call your custom authorization object. If no authorization, trigger the message type 'A' (abend).

Regards,
Naimesh Patel

Go to solution
raymond_giuseppi
Active Contributor

‎05-20-2015 7:43 AM

0 Kudos 
All the developers and support members have access to SE80 in production to execute few programs. This opens up the restriction and any of them would be able to run RGUGBR00.

If there are only "few" programs create some transactions for those and don't give access to SE80/SE38 or such transactions in a productive systems, also insure Customizing is not opened in productive system (except during small interval of time for very special actions)

Hint: At least reduce objets allowed thru S_DEVELOP authorization object, no "*" please.

Look like sequel of some "confuse speed with haste" solution....

Regards,

Raymond