Enterprise Resource Planning Blogs by Members
Gain new perspectives and knowledge about enterprise resource planning in blog posts from community members. Share your own comments and ERP insights today!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Authorization according to Project Profile

sunil_yadav2
Active Contributor
‎06-25-2015 12:55 PM

Business Case:

When Business wants to give access for projects according to any specific object which is not given by SAP Standard than we have to create Custom Authorization Object to suffice this requirement.

I have encountered a situation where Business wants to restrict users on basis of Project Profile for Example: If User has Authorization for Profile1 than only user will able to Access/Open that Project having project Profile "Profile1".

Solution:

For above requirement below are the steps:

1: Create Authorization Field

The Authorization Object is used to check the user’s privileges for specific data selection. An Object Class contains one or more Authorization Objects.

Authorization is controlled by Authorization Object which is assigned/maintained in Profile/Roles and then this Role will be assigned to User Master Record.

Create Authorization Field using TCODE-SU20

2: Create Authorization Class (Object Class)

Transaction – SU21 Create a new Authorization Class (Object Class) by clicking on the Create button’s drop down icon, then select “Object Class”.

Enter Object Class Name and Description.

3: Create Authorization Object

Maintain Object name, Text, Class and Authorization Field.

4: Assign Authorization Object to Roles

TCODE-PFCG

5: Code to Check this Object in User Master Record.

for this ABAP Consultant has created as below

Code Behind report source "LCJWBF0Z" is:

*----------------------------------------------------------------------*

*       FORM Profil

*----------------------------------------------------------------------*

*       Profil lesen und in PROJ ablegen

*       Sonstige Standardwerte bei Anlegen in PROJ fuellen

*----------------------------------------------------------------------*

*  -->  Profid    Id

*----------------------------------------------------------------------*

form profil using value(pro_id) like tcj41-profidproj.

ENHANCEMENT ZPSPROFILE.  

     AUTHORITY-CHECK OBJECT 'ZPSPROFILE'

            ID 'PROFL' FIELD '*' .

         if sy-subrc = 0 .

           else.

          if pro_id = 'ZLGLPRO' .

             AUTHORITY-CHECK OBJECT 'ZPSPROFILE'

              ID 'PROFL' FIELD pro_id." '__________'.

                if sy-subrc <>  0 .

              MESSAGE 'No Authorization for ZLGLPRO' type 'E' .

              endif.

         else.

           AUTHORITY-CHECK OBJECT 'ZPSPROFILE'

              ID 'PROFL' FIELD pro_id." '__________'.

              if sy-subrc <> 0 .

              MESSAGE 'NOT Authorized ' type 'E' .

             endif.

          endif.

      endif.

   

ENDENHANCEMENT.

Testing for above Code:

Check Authorization:

If we create/change Project where Project Profile as ZCAPEX than system will allow to User to create/change

System will allow to create/change

Now check with Other project Profile:

Now system generate Error Message for Authorization.

Hope, this will Help a lot.

Enjoy SAP..

5 Comments
Labels in this area
Popular Blog Posts