Skip to Content
Author's profile photo Alfonso Rodríguez Pérez

Edit mode for SE16N using ABAP Debugger Scripting

1. OVERVIEW

As it happened to me probably many of you surprised when okcode “&SAP_EDIT” was deactivated by SAP to edit content of a table via SE16N transaction, (see NOTE 1420281).

It’s true that with DEBUG authorizations you can debug SE16N, set variable GD-EDIT = ‘X’ and access in edit mode to the content of table.

But in this document I want to show you how can enter in edit mode with SE16N using ABAP Debugger Scripting.

We must know that use this functionality has risks as we can create data inconsistencies so it’s our responsibility use this capability in a proper manner.

As SAP NOTE 1420281 explains “….security breaches have been detected in the customer authorization concepts.”. SAP decided to eliminate the “&SAP_EDIT” but of course they know that still possible to “skip” in debug… What has been done is save any change done in any table using SE16N so any change you do in edit mode in SE16N is stored and can be traced. I’ll explain at the end how to find this information. See section 4.

2. TECHNICAL SPECIFICATIONS

The SAP System I’ve used to generate this document:
SAP GUI: SAP Logon 720 (7200.3.11.1074)
SAP System: SAP ECC 6.0


3. STEPS


    • Create Script

      Execute SAS transaction and click on label Script_label.JPG

By default you should see a Script Template called: RSTPDA_SCRIPT_TEMPLATE

SAS_Default.JPG

Place the cursor inside METHOD script. Click on Script_Wizard.JPGthen choose the option shown in following picture:

Script_Debug_Step.JPG

This action will introduce this code in Script Method:

*************************************************

* debugger commands (p_command):

* Step into(F5)   -> CL_TPDA_SCRIPT_DEBUGGER_CTRL=>DEBUG_STEP_INTO

* Execute(F6)     -> CL_TPDA_SCRIPT_DEBUGGER_CTRL=>DEBUG_STEP_OVER

* Return(F7)      -> CL_TPDA_SCRIPT_DEBUGGER_CTRL=>DEBUG_STEP_OUT

* Continue(F8)    -> CL_TPDA_SCRIPT_DEBUGGER_CTRL=>DEBUG_CONTINUE

*************************************************

****************************************************************

*Interface (CLASS = CL_TPDA_SCRIPT_DEBUGGER_CTRL / METHOD = DEBUG_STEP )

*Importing

*        REFERENCE( P_COMMAND ) TYPE I

****************************************************************

*TRY.

CALL METHOD DEBUGGER_CONTROLLER->DEBUG_STEP

EXPORTING

     P_COMMAND =

.

* CATCH cx_tpda_scr_rtctrl_status .

* CATCH cx_tpda_scr_rtctrl .

*ENDTRY.

I write now how to complete this code:

*************************************************

* debugger commands (p_command):

* Step into(F5)   -> CL_TPDA_SCRIPT_DEBUGGER_CTRL=>DEBUG_STEP_INTO

* Execute(F6)     -> CL_TPDA_SCRIPT_DEBUGGER_CTRL=>DEBUG_STEP_OVER

* Return(F7)      -> CL_TPDA_SCRIPT_DEBUGGER_CTRL=>DEBUG_STEP_OUT

* Continue(F8)    -> CL_TPDA_SCRIPT_DEBUGGER_CTRL=>DEBUG_CONTINUE

*************************************************

****************************************************************

*Interface (CLASS = CL_TPDA_SCRIPT_DEBUGGER_CTRL / METHOD = DEBUG_STEP )

*Importing

*        REFERENCE( P_COMMAND ) TYPE I

****************************************************************

TRY.

CALL METHOD debugger_controller->debug_step

EXPORTING

             p_command = cl_tpda_script_debugger_ctrl=>debug_step_over.

CATCH cx_tpda_scr_rtctrl_status .

CATCH cx_tpda_scr_rtctrl .

ENDTRY.

Now place the cursor in a new line after our new code and press again Script_Wizard.JPG this time choose:

Script_variable.JPG

The code introduced after the action will be:

****************************************************************

*Interface (CLASS = CL_TPDA_SCRIPT_DATA_DESCR / METHOD = CHANGE_VALUE )

*Importing

*        REFERENCE( P_NEW_VALUE ) TYPE STRING

*        REFERENCE( P_OFFSET ) TYPE I

*        REFERENCE( P_LENGTH ) TYPE I

*        REFERENCE( P_VARNAME ) TYPE STRING

****************************************************************

*TRY.

CALL METHOD CL_TPDA_SCRIPT_DATA_DESCR=>CHANGE_VALUE

EXPORTING

     P_NEW_VALUE =

*    p_offset    = -1

*    p_length    = -1

     P_VARNAME   =

.

* CATCH cx_tpda_varname .

* CATCH cx_tpda_scr_auth .

*ENDTRY.

Again, I write down how the code must be completed:

****************************************************************

*Interface (CLASS = CL_TPDA_SCRIPT_DATA_DESCR / METHOD = CHANGE_VALUE )

*Importing

*        REFERENCE( P_NEW_VALUE ) TYPE STRING

*        REFERENCE( P_OFFSET ) TYPE I

*        REFERENCE( P_LENGTH ) TYPE I

*        REFERENCE( P_VARNAME ) TYPE STRING

****************************************************************

TRY.

CALL METHOD cl_tpda_script_data_descr=>change_value

EXPORTING

             p_new_value = ‘X’

*           p_offset    = -1

*           p_length    = -1

             p_varname   = ‘gd-edit’.

CATCH cx_tpda_varname .

CATCH cx_tpda_scr_auth .

ENDTRY.

You’ll have this line in METHOD script:

me->break( ).

It’s better to comment it, this way we go straight forward and code flow doesn’t stop when Break-point is reached.

After this you can Script_pretty.JPG and check the code Script_Verify.JPG. It shouldn’t be any problem.

We’ve almost finished with the Script, now we need to set the condition for the Break-point.

Change the Trigger options as shown:

Script_trigger.JPG

Then press Script_change.JPGand create a new Break-point (Script_New.JPG) using label “Srce Code”, see the condition in next picture:

Program: SAPLSE16N

Include: LSE16NO01

Row: 57

(*Click on picture for more detail)

Script_break.JPG

Set the Break-point and save your Script with button Script_Save_As.JPG

Name your Script with “Z” as first letter…

Script_Save_As_Name.JPG

Ok, our Script ZALF_SE16N is ready to be used.

    • Use Script in Transaction SE16N

In a new SAP session switch debugging on by /h command.

Then execute SE16N transaction… the debugger will come up… now click on Script label

Script_debug.JPG

Load our Script with button Script_load_script.JPG and the execute it with Script_Start.JPG,

just after this action SE16N screen will appear but you can notice that checkbox “Maintain entries” is flagged. So you can enter any table and edit the content.

Script_SE16N.JPG

4. SE16N Change Documents


As I mentioned at the beginning of this document all changes done with SE16N in any table are recorded. To see this information you can run program: RKSE16N_CD_DISPLAY.

5. References

http://scn.sap.com/community/abap/blog/2013/03/22/skip-the-authority-check-with-the-abap-debugger-script





Assigned Tags

      13 Comments
      You must be Logged on to comment or reply to a post.
      Author's profile photo Former Member
      Former Member

      Really great document....

      Thanks for sharing...

      Author's profile photo Krupa Janiji
      Krupa Janiji

      Superb.....very helpful

      Author's profile photo Piyush Kumar
      Piyush Kumar

      Helpful.

      Thanks.

      Author's profile photo Modadugu Hemanth Kumar
      Modadugu Hemanth Kumar

      Helpful Article...

      Author's profile photo Erwin Leitner
      Erwin Leitner

      Hello,

      SUPER!

      ..... the auditor´s nightmare.... 😯

      all the best Erwin

      Author's profile photo Former Member
      Former Member

      As per point 4 and a separate document, all changes done SE16N interface get recorded, and the records can be used for Auditing.

      Author's profile photo Erwin Leitner
      Erwin Leitner

      Hello,

      Sorry my fault!

      I have forgotten adding  😉 after my sentence, too.

      Anyway great document.

      br erwin

      Author's profile photo Former Member
      Former Member

      Thanks a lot for sharing it !!!!

      Author's profile photo Jitendra Soni
      Jitendra Soni

      Hi @Alfonso Rodríguez Pérez

      As per my understanding the purpose of this script is to set the value of gd-edit to X so it SE16N will be editable.

      I want to know what is the purpose of below debug step code here..

      CALL METHOD debugger_controller->debug_step
      EXPORTING
      p_command = cl_tpda_script_debugger_ctrl=>debug_step_over
      
      Author's profile photo Sandra Rossi
      Sandra Rossi

      STEP OVER = if the next statement is a call to a procedure it will execute it and stop right after the call, otherwise same as STEP INTO

      Author's profile photo Jitendra Soni
      Jitendra Soni

      Let me rephrase it.

      Why below code is required to set gd-edit to X ?

      CALL METHOD debugger_controller->debug_step
      EXPORTING
      p_command = cl_tpda_script_debugger_ctrl=>debug_step_over

      I think only CALL METHOD cl_tpda_script_data_descr=>change_value should work to change the value of GD-EDIT. Why code for debug step is required here?

       

      Author's profile photo Sandra Rossi
      Sandra Rossi

      The author said to stop the debugger at line 57, I don't even know what line it corresponds to (seems weird to define a given line, that may vary in ERP versions and support packages), it just executes it, and change the variable. So, obviously there's no reason to do that (the author didn't mention the reason why step over would be useful).

      Author's profile photo Jan Schlichting
      Jan Schlichting

      Hello,

      it works also if you use the function module drectly:

      SE16N_INTERFACE

      I_EDIT & I_SAPEDIT need a X.

      Worked fine for me.