When using transaction RSUDO ("Execute as Other User"), the user is not converted in sy-uname throughout the system. The user is changed locally in the context of the analysis authorizations.
Note that a selection on the database using the user name with sy-uname for the selection will return an incorrect result if a function is executed with analysis authorizations "as other user".
System parameter sy-uname is filled with the user name of the executing user and not the name of the other restricted user who needs to be tested.
The results of the test are therefore not the same as the results that the user would receive if s/he was actually logged on.
As a solution to this problem, SAP provides the following functionality: (with SPS16/BI SP18)
Use the released function module RSEC_GET_USERNAME to read the name of the restricted user. This module can always be used in customer exits. It normally returns the name that is also in sy-uname. When running RSUDO, it (correctly) returns the name of the restricted user to use in selections for user names in customer coding.
Example: You select a set of values to fill a customer exit variable $MY_VAR1. You can use the following select statement to do this:
DATA:
l_uname TYPE xubname,
l_s_custtab_on_db TYPE CUSTTAB_ON_DB.
* Get the username "for execute as" function:
CALL FUNCTION 'RSEC_GET_USERNAME'
IMPORTING
E_USERNAME = l_uname.
* l_uname now contains the username of the restricted (other) user
SELECT * FROM CUSTTAB_ON_DB INTO l_s_custtab_on_db
WHERE uname = l_uname. "donnot use sy-uname
IF sy-subrc = 0.
* do something here and fill $MY_VAR1
...
ENDIF.
It will then be possible to execute customer exits with transaction RSUDO.
This is also useful for analysises in the authorization log withour logging on to the system as poweruser.
