10-10-2007 5:47 AM
Dear Friends,
I have developed a screen using the T-code SE51.
In this screen, for some of the users (say User-A, User-B, User_F, User-S)
I want to disable some four fields for entry, but they should be able to view the data entered in these four fields by the other users.
Kindly guide me as to how to do the same.
TIA.
Regards,
Mark K
10-10-2007 5:49 AM
Hi Mark,
In the PBO,
if sy-uname = 'USERA'.
Loop at screen.
if screen-name = 'FIELD1'.
SCREEN-INPUT = 0.
MODIFY SCREEN.
ENDIF.
ENDLOOP.
ENDIF.
Best regards,
Prashant
10-10-2007 5:50 AM
In the PBO of the screen module do this
if sy-uname = 'A' or sy-uname = 'B' or sy-uname = 'C'. " use of capital letters for usernames
loop at screen.
if screen-name = 'FIELD1' or
screen-name = 'FIELD2'. " use of capital letters for field names
screen-input = 0.
modify screen.
endif.
endloop.
endif.
Regards
Gopi
10-10-2007 5:52 AM
Hi
You can create a Variant Transaction for that Dialog program and can hide the fields and accordingly you can restrict the authorization for the users for it.
see the authorization concept and the Variant transaction doc
we can create Transaction Variants Using SHD0 Transaction.
Transaction Variants and Screen Variants
Transaction variants can simplify transaction runs as they allow you to:
Preassign values to fields
Hide and change the 'ready for input' status of fields
Hide and change table control column attributes
Hide menu functions
Hide entire screens
In particular, hiding fields in connection with screen compression, and hiding screens, can result in greater clarity and simplicity.
Transaction variants are made up of a sequence of screen variants. The field values and field attributes for the individual screens found in transaction variants are stored in screen variants. Each of these variants is assigned to a specific transaction, can, however, also contain values for screens in other transactions if this is required by transaction flow. The transaction that the variant is assigned to serves as initial transaction when the variant is called.
There are both client-specific and cross-client transaction variants. All screen variants are cross-client, but may be assigned to a client-specific transaction variant.
A namespace exists for cross-client transaction variants and screen variants and both are automatically attached to the Transport Organizer. Client-specific transaction variants must be transported manually.
In principle, transaction and screen variants can be created for all dialog and reporting transactions. There are, however, certain Restrictions that apply to certain transactions, depending on their internal structure.
No transaction variants are possible with transactions already containing preset parameters (parameter transactions and variant transactions).
In general different users will be given different authorizations based on their role in the orgn.
We create ROLES and assign the Authorization and TCODES for that role, so only that user can have access to those T Codes.
USe SUIM and SU21 T codes for this.
Much of the data in an R/3 system has to be protected so that unauthorized users cannot access it. Therefore the appropriate authorization is required before a user can carry out certain actions in the system. When you log on to the R/3 system, the system checks in the user master record to see which transactions you are authorized to use. An authorization check is implemented for every sensitive transaction.
If you wish to protect a transaction that you have programmed yourself, then you must implement an authorization check.
This means you have to allocate an authorization object in the definition of the transaction.
For example:
program an AUTHORITY-CHECK.
AUTHORITY-CHECK OBJECT <authorization object>
ID <authority field 1> FIELD <field value 1>.
ID <authority field 2> FIELD <field value 2>.
...
ID <authority-field n> FIELD <field value n>.
The OBJECT parameter specifies the authorization object.
The ID parameter specifies an authorization field (in the authorization object).
The FIELD parameter specifies a value for the authorization field.
The authorization object and its fields have to be suitable for the transaction. In most cases you will be able to use the existing authorization objects to protect your data. But new developments may require that you define new authorization objects and fields.
http://help.sap.com/saphelp_nw04s/helpdata/en/52/67167f439b11d1896f0000e8322d00/content.htm
To ensure that a user has the appropriate authorizations when he or she performs an action, users are subject to authorization checks.
Authorization : An authorization enables you to perform a particular activity in the SAP System, based on a set of authorization object field values.
You program the authorization check using the ABAP statement AUTHORITY-CHECK.
AUTHORITY-CHECK OBJECT 'S_TRVL_BKS'
ID 'ACTVT' FIELD '02'
ID 'CUSTTYPE' FIELD 'B'.
IF SY-SUBRC <> 0.
MESSAGE E...
ENDIF.
'S_TRVL_BKS' is a auth. object
ID 'ACTVT' FIELD '02' in place 2 you can put 1,2, 3 for change create or display.
The AUTHORITY-CHECK checks whether a user has the appropriate authorization to execute a particular activity.
This Authorization concept is somewhat linked with BASIS people.
As a developer you may not have access to access to SU21 Transaction where you have to define, authorizations, Objects and for nthat object you assign fields and values. Another Tcode is PFCG where you can assign these authrization objects and TCodes for a profile and that profile in turn attached to a particular user.
Take the help of the basis Guy and create and use.
Regards
Anji
10-10-2007 5:52 AM
HI,
Check this code..
Create a module in PBO..
In the module have the following code..
IF SY-UNAME <> User-A AND
SY-UNAME <> User-B AND
SY-UNAME <> User_F AND
SY-UNAME <> User-S.
LOOP AT SCREEN.
" disable the fields.
SCREEN-INPUT = 0.
MODIFY SCREEN.
ENDLOOP.
ENDIF.
Thanks
Naren
10-10-2007 5:53 AM
Hi Mark,
Is the data entered by other users coming up in the same screen or in some other screen or list...if it is coming in some other list or screen you can also make the fields invisible by using loop at screen and for those fields you can user screen-invisible = 1.
Regards,
Himanshu Verma