04-28-2008 3:49 PM
I am trying to added a new authorization check for transaction TK11. I want to be able to limit it by transporation planning point. I am trying to have it check object V_VTTK_TDS. I have it so it is listed in SU24 and USOBT_C but when I processed this and ran a trace (ST01), it is not checked. Is there somewhere else that I need to add this check?
04-28-2008 3:58 PM
Hi Brian,
Authority checks are coded in programs for the underlying transaction. If this object is not getting checked, then it is immaterial to add it in SU24, as it will never get checked. If its not getting checked, then you will not be able to restrict it too.
Why are you adding this object to this tcode? per the trace too, it is not required.
Thank you
Abhishek
04-28-2008 4:01 PM
We want to add the check because we want to limit the users to only being able to process this for thier own transportation planning point. The way it is configured now, a user can do this for any location. The only check in place is to check that they have the proper authorization for the condition type that they are processing.
04-28-2008 4:09 PM
Hi Brian,
Per the trace, is TK11 is the only transaction that is being executed that is giving them this access? There could be a case where TK11 is calling another transaction that is giving them this access. Transportation planning point is a ORG level, so you will have to restrict accordingly, perhaps create derived roles.
Let us know how the trace looks like.
Thank you
Abhishek