Skip to Content

The post would share some enhancement solutions for authorization check of BOPF framework. I’m simply opening the subject for experience sharing.

Solution 1.Create the custom authorization check class

The table “/SCMTMS/I_OBM_BO” maintained the authorization check class.

/wp-content/uploads/2014/03/1_418636.png

Create a class inherited the super class “/SCMTMS/CL_AC_SUPER”. Maintain the custom class in the table.

Extend the grobal varient “MT_AC_ADM” in method “CONSTRUCTOR” can achieve the enhancement.

Solution 2.Implement the method “EXTEND_AC_ADM”of BAdI “/SCMTMS/AC_BADI”.

/wp-content/uploads/2014/03/2_418684.png

Solution 3.Assign the authorization object to the BOPF node.(The solution is available in SAP Business Suite Foundation 7.47 SP03)

Launch transaction BOBX and mark the check box “Business Object has Authorization checks”.

/wp-content/uploads/2014/03/3_418697.png

Select the root node and mark the check box “Node has own checks”. The system proposes the library class /BOBF/CL_LIB_AUTHORITY_CHECK.

/wp-content/uploads/2014/03/4_418702.png

Assing the authorization object for BO.

/wp-content/uploads/2014/03/5_418706.png

The solutions can control the node/subnode authorization base on the fields of node/subnode.

Eg: Manage the display/edit authorization of charge base on the forwarding order type.

To report this post you need to login first.

5 Comments

You must be Logged on to comment or reply to a post.

    1. Clark Huang Post author

      Hi Srinivas,

      The BOBX is only available in SAP Business Suite Foundation 7.47 SP03.

      You can use solution 1 or 2.

      Regards

      Clark Huang

      (0) 
  1. Srinivasa Kondasani

    Hi Clark Huang,

    I have created Business Object with CD’s as draft enabled. I am not Authorization folder in my root note after maintaining the check class /BOBF/CL_LIB_AUTHORITY_CHECK or /BOBF/CL_LIB_AUTHCHECK_W_QUERY. Please find below screenshot.As you mentioned in solution 3 above I am not getting Authorization folder. Please do let me know without Authorization folder also can we check for Authorization in Determination class.

    Thanks,

    Srinivas.

    (0) 
    1. Clark Huang Post author

      Hi Srinivas,

      The configuration of autoriazation object and mapping is the mandatory for solution 3.

      You can try the soluiton 1 for your own BO.

      Best Regards

      Clark Huang

      (0) 
  2. Lulu Mo

    Hi Clark,

    I have one issue about the DISPLAY authorization for the node entity.

    My story is that my user has DISPLAY_OWN authorization, so it can pass the static check for DISPLAY check. But if the entity’s creator is not the login user, he cannot display this entity.

    In my side, yes, it pass the DISPLAY check in STATIC check method, and failed in the INSTANCE check. My expectation is this entity cannot show up. But it shows, I just cannot do any action for it.

    My question is: This is by design or a bug or I missed some implementation?

    Best Regards,

    Lulu

    (0) 

Leave a Reply