Application Development Blog Posts
Learn and share on deeper, cross technology development topics such as integration and connectivity, automation, cloud extensibility, developing at scale, and security.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Custom authorization in SQ01 Queries

Former Member
‎11-23-2015 1:55 PM

Purpose

SQ01 Queries can be very helpful to provide the datas to the user but you can easily loose the control of the authorization.

Overview

We will see how we will adapt our Infoset in SQ02 to be able to make an authorization check based on the user input. The example is a simple query to display the material master records especially the costing information.

Let us begin

Create a selection criteria

At first we have to create a selection criteria. This will allow us to easily interact with the user Input. This has also the advantage that this input will be automatically available in all queries using this infoset.

Go to SQ02 and select your infoset.

Then go to extras

And the click on the second tab Selections

In the example we restrict the material master based on the valuation area. You can basically use all fields available in your infoset. It's important to fill the FOR field as this mention for which field the selection field will used as "Where" criteria in the SQL statement.

Implement our check

For this go to the second tab "Code". Select the Start-of-selection event

.

This first check is a global check if the user is at all authorized to display the costing view of the item. On error a blocking message is directly issued.

Then we select all possible plant based on the user selection.

¨

Once we got it we can delete the user input. Then we loop trough the result of our previous select and check the authorization. If the check succeed we add the plant in the selection criteria. The flag is only to issue a small message that the input has been restricted to fulfill the authorization.

Additional hint. It also a good idea to check at end of the loop at least on auth check succees because no authorization will result in an empty selection criteria and empty selection criteria mean select everything.

Here we go. Once this is done all queries build up on this query will restrict the result based on the authorization of the user.

Complete coding attached. .xml is to open in Word .txt is plain text.

Credit

Credit goes to jaideep.sharma from this thread Authorization check in SAP Queries.

Labels in this area
Popular Blog Posts