Edit mode for SE16N using ABAP Debugger Scripting

1. OVERVIEW

As it happened to me probably many of you surprised when okcode “&SAP_EDIT” was deactivated by SAP to edit content of a table via SE16N transaction, (see NOTE 1420281).

It’s true that with DEBUG authorizations you can debug SE16N, set variable GD-EDIT = ‘X’ and access in edit mode to the content of table.

But in this document I want to show you how can enter in edit mode with SE16N using ABAP Debugger Scripting.

We must know that use this functionality has risks as we can create data inconsistencies so it’s our responsibility use this capability in a proper manner.

As SAP NOTE 1420281 explains “….security breaches have been detected in the customer authorization concepts.”. SAP decided to eliminate the “&SAP_EDIT” but of course they know that still possible to “skip” in debug… What has been done is save any change done in any table using SE16N so any change you do in edit mode in SE16N is stored and can be traced. I’ll explain at the end how to find this information. See section 4.

2. TECHNICAL SPECIFICATIONS

The SAP System I’ve used to generate this document:
SAP GUI: SAP Logon 720 (7200.3.11.1074)
SAP System: SAP ECC 6.0

3. STEPS

• Create Script
  
  Execute SAS transaction and click on label

By default you should see a Script Template called: RSTPDA_SCRIPT_TEMPLATE

Place the cursor inside METHOD script. Click on then choose the option shown in following picture:

This action will introduce this code in Script Method:

*************************************************

* debugger commands (p_command):

* Step into(F5)   -> CL_TPDA_SCRIPT_DEBUGGER_CTRL=>DEBUG_STEP_INTO

* Execute(F6)     -> CL_TPDA_SCRIPT_DEBUGGER_CTRL=>DEBUG_STEP_OVER

* Return(F7)      -> CL_TPDA_SCRIPT_DEBUGGER_CTRL=>DEBUG_STEP_OUT

* Continue(F8)    -> CL_TPDA_SCRIPT_DEBUGGER_CTRL=>DEBUG_CONTINUE

*************************************************

****************************************************************

*Interface (CLASS = CL_TPDA_SCRIPT_DEBUGGER_CTRL / METHOD = DEBUG_STEP )

*Importing

*        REFERENCE( P_COMMAND ) TYPE I

****************************************************************

*TRY.

CALL METHOD DEBUGGER_CONTROLLER->DEBUG_STEP

EXPORTING

     P_COMMAND =

.

* CATCH cx_tpda_scr_rtctrl_status .

* CATCH cx_tpda_scr_rtctrl .

*ENDTRY.

I write now how to complete this code:

*************************************************

* debugger commands (p_command):

* Step into(F5)   -> CL_TPDA_SCRIPT_DEBUGGER_CTRL=>DEBUG_STEP_INTO

* Execute(F6)     -> CL_TPDA_SCRIPT_DEBUGGER_CTRL=>DEBUG_STEP_OVER

* Return(F7)      -> CL_TPDA_SCRIPT_DEBUGGER_CTRL=>DEBUG_STEP_OUT

* Continue(F8)    -> CL_TPDA_SCRIPT_DEBUGGER_CTRL=>DEBUG_CONTINUE

*************************************************

****************************************************************

*Interface (CLASS = CL_TPDA_SCRIPT_DEBUGGER_CTRL / METHOD = DEBUG_STEP )

*Importing

*        REFERENCE( P_COMMAND ) TYPE I

****************************************************************

TRY.

CALL METHOD debugger_controller->debug_step

EXPORTING

             p_command = cl_tpda_script_debugger_ctrl=>debug_step_over.

CATCH cx_tpda_scr_rtctrl_status .

CATCH cx_tpda_scr_rtctrl .

ENDTRY.

Now place the cursor in a new line after our new code and press again this time choose:

The code introduced after the action will be:

****************************************************************

*Interface (CLASS = CL_TPDA_SCRIPT_DATA_DESCR / METHOD = CHANGE_VALUE )

*Importing

*        REFERENCE( P_NEW_VALUE ) TYPE STRING

*        REFERENCE( P_OFFSET ) TYPE I

*        REFERENCE( P_LENGTH ) TYPE I

*        REFERENCE( P_VARNAME ) TYPE STRING

****************************************************************

*TRY.

CALL METHOD CL_TPDA_SCRIPT_DATA_DESCR=>CHANGE_VALUE

EXPORTING

     P_NEW_VALUE =

*    p_offset    = -1

*    p_length    = -1

     P_VARNAME   =

.

* CATCH cx_tpda_varname .

* CATCH cx_tpda_scr_auth .

*ENDTRY.

Again, I write down how the code must be completed:

****************************************************************

*Interface (CLASS = CL_TPDA_SCRIPT_DATA_DESCR / METHOD = CHANGE_VALUE )

*Importing

*        REFERENCE( P_NEW_VALUE ) TYPE STRING

*        REFERENCE( P_OFFSET ) TYPE I

*        REFERENCE( P_LENGTH ) TYPE I

*        REFERENCE( P_VARNAME ) TYPE STRING

****************************************************************

TRY.

CALL METHOD cl_tpda_script_data_descr=>change_value

EXPORTING

             p_new_value = ‘X’

*           p_offset    = -1

*           p_length    = -1

             p_varname   = ‘gd-edit’.

CATCH cx_tpda_varname .

CATCH cx_tpda_scr_auth .

ENDTRY.

You’ll have this line in METHOD script:

me->break( ).

It’s better to comment it, this way we go straight forward and code flow doesn’t stop when Break-point is reached.

After this you can and check the code . It shouldn’t be any problem.

We’ve almost finished with the Script, now we need to set the condition for the Break-point.

Change the Trigger options as shown:

Then press and create a new Break-point () using label “Srce Code”, see the condition in next picture:

Program: SAPLSE16N

Include: LSE16NO01

Row: 57

(*Click on picture for more detail)

Set the Break-point and save your Script with button

Name your Script with “Z” as first letter…

Ok, our Script ZALF_SE16N is ready to be used.

• Use Script in Transaction SE16N

In a new SAP session switch debugging on by /h command.

Then execute SE16N transaction… the debugger will come up… now click on Script label

Load our Script with button and the execute it with ,

just after this action SE16N screen will appear but you can notice that checkbox “Maintain entries” is flagged. So you can enter any table and edit the content.

4. SE16N Change Documents

As I mentioned at the beginning of this document all changes done with SE16N in any table are recorded. To see this information you can run program: RKSE16N_CD_DISPLAY.

5. References

http://scn.sap.com/community/abap/blog/2013/03/22/skip-the-authority-check-with-the-abap-debugger-script