|
Functionality
User authorizations are output in an internal table. It is possible torestrict these authorizations to specified authorization objects. Example
You want to know whether user TESTUSER has authorization to startTransaction SU01. The user requires authorization for object S_TCODEwith the value 'SU01' in field TCD to be able to do this.
data: begin of values occurs 10.
include structure usvalues.
data: end of values.
call function 'SUSR_USER_AUTH_FOR_OBJ_GET'
exporting
user_name = 'TESTUSER'
SEL_OBJECT = 'S_TCODE'
tables
values = values
exceptions
user_not_exist = 1
not_authorized = 2
internal_error = 3
others = 4.
Output: Table VALUES
OBJCT AUTH FIELD FROM TO
S_TCODE S_TCD_SAP TCD ' ' W*
S_TCODE S_TCD_SAP TCD 0 9*
S_TCODE S_TCD_SAP TCD XK Z*
Value 'SU01' is between ' ' and W*, therefore the user has theauthorization to start the transaction. Notes
Note that for the authorization check, the system usually checkscombinations of field values that must belong to the sameauthorization. Therefore you should not ignore the field VALUES-AUTH,as this shows the identity of the field values. Description
Name of the user in the user master record. Description
VALUES: List of authorizations of user USER_NAME
Fields: - OBJCT : Authorization object
- AUTH : Authorization
- FIELD : Field name
- FROM : Lower limit for field values
- TO : Upper limit for field values |