Edit mode for SE16N using ABAP Debugger Scripting
1. OVERVIEW
As it happened to me probably many of you surprised when okcode “&SAP_EDIT” was deactivated by SAP to edit content of a table via SE16N transaction, (see NOTE 1420281).
It’s true that with DEBUG authorizations you can debug SE16N, set variable GD-EDIT = ‘X’ and access in edit mode to the content of table.
But in this document I want to show you how can enter in edit mode with SE16N using ABAP Debugger Scripting.
We must know that use this functionality has risks as we can create data inconsistencies so it’s our responsibility use this capability in a proper manner.
As SAP NOTE 1420281 explains “….security breaches have been detected in the customer authorization concepts.”. SAP decided to eliminate the “&SAP_EDIT” but of course they know that still possible to “skip” in debug… What has been done is save any change done in any table using SE16N so any change you do in edit mode in SE16N is stored and can be traced. I’ll explain at the end how to find this information. See section 4.
2. TECHNICAL SPECIFICATIONS
The SAP System I’ve used to generate this document:
SAP GUI: SAP Logon 720 (7200.3.11.1074)
SAP System: SAP ECC 6.0
3. STEPS
By default you should see a Script Template called: RSTPDA_SCRIPT_TEMPLATE
Place the cursor inside METHOD script. Click on then choose the option shown in following picture:
This action will introduce this code in Script Method:
*************************************************
* debugger commands (p_command):
* Step into(F5) -> CL_TPDA_SCRIPT_DEBUGGER_CTRL=>DEBUG_STEP_INTO
* Execute(F6) -> CL_TPDA_SCRIPT_DEBUGGER_CTRL=>DEBUG_STEP_OVER
* Return(F7) -> CL_TPDA_SCRIPT_DEBUGGER_CTRL=>DEBUG_STEP_OUT
* Continue(F8) -> CL_TPDA_SCRIPT_DEBUGGER_CTRL=>DEBUG_CONTINUE
*************************************************
****************************************************************
*Interface (CLASS = CL_TPDA_SCRIPT_DEBUGGER_CTRL / METHOD = DEBUG_STEP )
*Importing
* REFERENCE( P_COMMAND ) TYPE I
****************************************************************
*TRY.
CALL METHOD DEBUGGER_CONTROLLER->DEBUG_STEP
EXPORTING
P_COMMAND =
.
* CATCH cx_tpda_scr_rtctrl_status .
* CATCH cx_tpda_scr_rtctrl .
*ENDTRY.
I write now how to complete this code:
*************************************************
* debugger commands (p_command):
* Step into(F5) -> CL_TPDA_SCRIPT_DEBUGGER_CTRL=>DEBUG_STEP_INTO
* Execute(F6) -> CL_TPDA_SCRIPT_DEBUGGER_CTRL=>DEBUG_STEP_OVER
* Return(F7) -> CL_TPDA_SCRIPT_DEBUGGER_CTRL=>DEBUG_STEP_OUT
* Continue(F8) -> CL_TPDA_SCRIPT_DEBUGGER_CTRL=>DEBUG_CONTINUE
*************************************************
****************************************************************
*Interface (CLASS = CL_TPDA_SCRIPT_DEBUGGER_CTRL / METHOD = DEBUG_STEP )
*Importing
* REFERENCE( P_COMMAND ) TYPE I
****************************************************************
TRY.
CALL METHOD debugger_controller->debug_step
EXPORTING
p_command = cl_tpda_script_debugger_ctrl=>debug_step_over.
CATCH cx_tpda_scr_rtctrl_status .
CATCH cx_tpda_scr_rtctrl .
ENDTRY.
Now place the cursor in a new line after our new code and press again this time choose:
The code introduced after the action will be:
****************************************************************
*Interface (CLASS = CL_TPDA_SCRIPT_DATA_DESCR / METHOD = CHANGE_VALUE )
*Importing
* REFERENCE( P_NEW_VALUE ) TYPE STRING
* REFERENCE( P_OFFSET ) TYPE I
* REFERENCE( P_LENGTH ) TYPE I
* REFERENCE( P_VARNAME ) TYPE STRING
****************************************************************
*TRY.
CALL METHOD CL_TPDA_SCRIPT_DATA_DESCR=>CHANGE_VALUE
EXPORTING
P_NEW_VALUE =
* p_offset = -1
* p_length = -1
P_VARNAME =
.
* CATCH cx_tpda_varname .
* CATCH cx_tpda_scr_auth .
*ENDTRY.
Again, I write down how the code must be completed:
****************************************************************
*Interface (CLASS = CL_TPDA_SCRIPT_DATA_DESCR / METHOD = CHANGE_VALUE )
*Importing
* REFERENCE( P_NEW_VALUE ) TYPE STRING
* REFERENCE( P_OFFSET ) TYPE I
* REFERENCE( P_LENGTH ) TYPE I
* REFERENCE( P_VARNAME ) TYPE STRING
****************************************************************
TRY.
CALL METHOD cl_tpda_script_data_descr=>change_value
EXPORTING
p_new_value = ‘X’
* p_offset = -1
* p_length = -1
p_varname = ‘gd-edit’.
CATCH cx_tpda_varname .
CATCH cx_tpda_scr_auth .
ENDTRY.
You’ll have this line in METHOD script:
me->break( ).
It’s better to comment it, this way we go straight forward and code flow doesn’t stop when Break-point is reached.
After this you can and check the code
. It shouldn’t be any problem.
We’ve almost finished with the Script, now we need to set the condition for the Break-point.
Change the Trigger options as shown:
Then press and create a new Break-point (
) using label “Srce Code”, see the condition in next picture:
Program: SAPLSE16N
Include: LSE16NO01
Row: 57
(*Click on picture for more detail)
Set the Break-point and save your Script with button
Name your Script with “Z” as first letter…
Ok, our Script ZALF_SE16N is ready to be used.
- Use Script in Transaction SE16N
In a new SAP session switch debugging on by /h command.
Then execute SE16N transaction… the debugger will come up… now click on Script label
Load our Script with button and the execute it with
,
just after this action SE16N screen will appear but you can notice that checkbox “Maintain entries” is flagged. So you can enter any table and edit the content.
4. SE16N Change Documents
As I mentioned at the beginning of this document all changes done with SE16N in any table are recorded. To see this information you can run program: RKSE16N_CD_DISPLAY.
5. References
Really great document....
Thanks for sharing...
Superb.....very helpful
Helpful.
Thanks.
Helpful Article...
Hello,
SUPER!
..... the auditor´s nightmare.... 😯
all the best Erwin
As per point 4 and a separate document, all changes done SE16N interface get recorded, and the records can be used for Auditing.
Hello,
Sorry my fault!
I have forgotten adding 😉 after my sentence, too.
Anyway great document.
br erwin
Thanks a lot for sharing it !!!!
Hi @Alfonso Rodríguez Pérez
As per my understanding the purpose of this script is to set the value of gd-edit to X so it SE16N will be editable.
I want to know what is the purpose of below debug step code here..
STEP OVER = if the next statement is a call to a procedure it will execute it and stop right after the call, otherwise same as STEP INTO
Let me rephrase it.
Why below code is required to set gd-edit to X ?
I think only CALL METHOD cl_tpda_script_data_descr=>change_value should work to change the value of GD-EDIT. Why code for debug step is required here?
The author said to stop the debugger at line 57, I don't even know what line it corresponds to (seems weird to define a given line, that may vary in ERP versions and support packages), it just executes it, and change the variable. So, obviously there's no reason to do that (the author didn't mention the reason why step over would be useful).
Hello,
it works also if you use the function module drectly:
SE16N_INTERFACE
I_EDIT & I_SAPEDIT need a X.
Worked fine for me.