Skip to Content

Table Authorization control

Through table event

Introduction

Table Maintenance events allow us to change the generated table maintenance dialog at predefined positions or event mentioned. The user routines written for that particular event are called dynamically. For this reason, the routines must be in a user including in the table/view maintenance dialog function group. Using Table maintenance event we can restrict a person from accessing the table or changing deleting etc the records. The biggest plus point of this is that we don’t need to create new report to restrict user.

Steps

To explain functionality of Table event in better way let’s take an example.

Suppose customer came up with a requirement to make a table and provide authorization to particular user to access the table or to display specific data based on value entered on particular field, this can be taken care using table event. Steps are mention below

  • Create a Z table suppose we created a Z table with below mention field

Field Name

Data element

Data type

length

Primary key

Description

MANDT

MANDT

CLNT

3

X

Client

KTOPL

KTOPL

CHAR

4

X

Chart of Accounts

SCOA5

CHAR

5

X

Account number on SCOA level 3

BLART

BLART

CHAR

2

X

Document Type

SHKZG

SHKZG

CHAR

1

X

Debit/Credit Indicator

BEWAR

BEWAR

CHAR

3

Transaction Type

     untitled.JPG

     Now we create a maintenance view for the same table.

     We are doing it because in maintenance view we have a column P who’s value when made S a pop up screen appear before maintenance done from SM30

  • Create a maintenance view on the our table which we have created above 
  • Then in view field tab , For field KTOPL make the column P value equal to S

untitled.JPG

  • After this go for TMG of the view similar to given below screen shot.

  Generate a two step TMG or 1 Step TMG depending upon your requirement.

untitled.JPG

          Note: The authorization group used here &NC& is just for Demonstration only .. please use other authorization group for authorization purpose.

  •   Then in table maintenance generator , Environment menu -> modification  -> Events

untitled.JPG 

Here make a new entry with event 19 and write the code mention in text file a for authorization check (We have taken event 19 because event 19 is called when initialization of global variable take place).

Either you create a T-code for view or you maintain through SM30.

Execution Step.

  •   SM30 T-code, Enter view name.
  •   Click on Maintain, a pop up will appear.

untitled.JPG

untitled.JPG

  •   Enter the chart of account, if authorized then will make you see entry for that specific chart of account else it will through error.
        •   Negative scenario

untitled.JPG

untitled.JPG

        •   Positive scenario

untitled.JPG

untitled.JPG

Even if you click on new entries button, you can only create entry for ES00.

untitled.JPG

In this way we can use Table event for our purpose. There are lots of other events which you can use as per your requirement. Mention below is snap shot of event present in table event.

Mention below are event that can also be used to auto fill the table fields contents etc.

untitled.JPG

untitled.JPGThe

To report this post you need to login first.

16 Comments

You must be Logged on to comment or reply to a post.

  1. Jelena Perfiljeva

    Interesting feature, thanks for a detailed blog! I’d tag it with security / authorization, so that it’s also visible in the Security space (since it’s somewhat related).

    (0) 
  2. Sam Peter

    This article is already available in the net.. Would have been better if added more complex scenario.. Like – using event AA for substituting the standard read routine, deleting some entries from display, something like that..

    No hard feelings, just my opinion .. 🙂

    Thanks,

    Sam Peter

    (0) 
    1. Deepak Jain Post author

      Hi Sam,

      No hard feeling at all sir 🙂

      But this was something which i didnt find on net … ya find out about table authorization for sure but not like creating view then all the other stuff.

      At end … we all search net and learn frm it and bend it according to requirement thats what i did and presented it here.

      Thanks for response 🙂

      regards,

      Deepak

      (0) 
  3. Nick Young

    I’m not too concermed about this topic being covered elsewhere, if the example is clear and accurate someone will find benefit from it.

    However, I would point out the following.

    As the topic is about controlling authorisation to tables I would expect the TMG settings not to use Authorisation Group &NC&.  If you’re not going to address the topic I would redact that field too.

    You say “write the code mention in text file a for authorization check”, but I can’t find any text file.  Finding the right event is only half the story, the specifics of the code is where the real work gets done.

    Regards,

    Nick

    (0) 
    1. Deepak Jain Post author

      Hi Nick,

      I agree with you on &NC& but i just used it for explaining nothing else and I will change in my post mentioning it was for explaination

      Regarding Text file I attached it but I dont knw why it was not show … Thanks to you that you pointed it … Will upload it as soon as I get time.

      Thanks for response and you valuable comments 🙂

      Regards,

      Deepak

      (0) 
  4. Eric Peterson

    Talk about timing! I am working on a table maintenance dialog as I read this.  I think it would be helpful if you provided a few links at the beginning of your blog for those who might need a more detailed into to the topic.

    Create a maintenance dialog:

    http://help.sap.com/saphelp_nw04s/helpdata/en/a1/e4521aa2f511d1a5630000e82deaaa/content.htm

    Add customizations to dialog (screen, event handling):

    http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/2082425f-416b-2d10-25a3-85b8b6c5302c?overridelayout=true

    This way you can assume everyone is on the same page, and jump right in to your specific topic, adding authorization.

    Which leads me to my question – what is the advantage of using custom events to check authorization?  Can’t you just add an authorization group to the table maintenance dialog and use that for authorization?

    (0) 
    1. Deepak Jain Post author

      Hi Eric,

      Apolozies for delayed response was bit tied up.

      I agree that i should have provided link.. As this been my first document hence made some silly mistake. Will surely take care of it when I post next time.

      Now regarding your question.

      Well from authorization group you can restrict entry of a person thats true but the person who has authorization can view all the details of other countries also which should not be allowed and can also edit. So for that we can have two step when you create a view and make any primary field as column value as S then only that value is seen now … after going inside you can also put a check if he try to change from one country to another using event.

      Hopefully I answered your query.

      Thanks for you response 🙂

      Regards,

      Deepak Jain.

      So if you

      (0) 

Leave a Reply