Skip to Content

Archived discussions are read-only. Learn more about SAP Q&A

Using BAdI HRBAS00_STRUAUTH to override structural authorization for specific T-codes

Hi all,

For a client I'm trying to develop an exception to structural authorizations for specific T-codes.

I have figured out that using BAdI HRBAS00_STRUAUTH should be suitable for this.

There are two relevant methods that I can and should use, namely: CHECK_AUTHORITY_VIEW & CHECK_AUTHORITY_SEARCH.

This is what they look like:

method IF_EX_AUTHORITY_BADI~CHECK_AUTHORITY_VIEW.

CASE sy-tcode.

  WHEN 'IW51' OR 'CAT3' OR 'CATS_DA' OR 'PPOSE'.

      exit_flag = 'X'.

      sy-subrc = 0.

  WHEN OTHERS.

       exit_flag = ''.

ENDCASE.

endmethod.


and


method IF_EX_AUTHORITY_BADI~CHECK_AUTHORITY_SEARCH.

  CASE sy-tcode.

     WHEN 'IW51' OR 'CAT3' OR 'CATS_DA' OR 'PPOSE'.

   SKIP_STANDARD = 'X'.

  WHEN OTHERS.

    SKIP_STANDARD = ''.

  ENDCASE.

endmethod.

All other methods have been implemented albeit with no functionality.

The issue I'm facing is that this only seems to work for HR-related transactions. As you can see in the code above, for PPOSE the BAdI works in a desired way. The thing is, I don't need this override capability for PPOSE at all. The requirement is for T-codes IW51, CATS_DA and CAT3 only.

More specifically, my implementation should allow for an F4 search help to show all available persons and select them in the aforementioned transactions, not just the ones a user is authorized for by his or her structural profile.

I have also looked into BAdI HRBAS00_SEARCH, but couldn't figure out whether this is going to help me with my requirement.

I'd be grateful for anyone's take on this.

Tags:
Former Member replied

Hi Dimitri,

Figuring out this BAdI is still on my to do list but as I currently don't have a sandbox and a developer key available, how about an alternate approach:

You can implement BAdI HRBAS00_GET_PROFL and add a check on the SY-TCODE to the standard implementation code. In case the SY-TCODE is 'IW51', 'CATS_DA' or 'CAT3' you can add structural authorizations to all Persons to the users view.

This should effectively give them structural access to all Persons in these tcodes without impacting their authorizations in the other tcodes.

Hope that fits your requirement.

Brent

0 View this answer in context

Helpful Answer

by
Not what you were looking for? View more on this topic or Ask a question