Skip to Content

Purpose

SQ01 Queries can be very helpful to provide the datas to the user but you can easily loose the control of the authorization.

Overview

We will see how we will adapt our Infoset in SQ02 to be able to make an authorization check based on the user input. The example is a simple query to display the material master records especially the costing information.

Let us begin

Create a selection criteria

At first we have to create a selection criteria. This will allow us to easily interact with the user Input. This has also the advantage that this input will be automatically available in all queries using this infoset.

Go to SQ02 and select your infoset.

Then go to extras

23-11-2015 15-33-41.jpg

And the click on the second tab Selections

23-11-2015 15-37-28.jpg

In the example we restrict the material master based on the valuation area. You can basically use all fields available in your infoset. It’s important to fill the FOR field as this mention for which field the selection field will used as “Where” criteria in the SQL statement.

Implement our check

For this go to the second tab “Code”. Select the Start-of-selection event

.

This first check is a global check if the user is at all authorized to display the costing view of the item. On error a blocking message is directly issued.

23-11-2015 15-58-00.jpg

Then we select all possible plant based on the user selection.

23-11-2015 16-00-59.jpg¨

Once we got it we can delete the user input. Then we loop trough the result of our previous select and check the authorization. If the check succeed we add the plant in the selection criteria. The flag is only to issue a small message that the input has been restricted to fulfill the authorization.

23-11-2015 16-03-10.jpg

Additional hint. It also a good idea to check at end of the loop at least on auth check succees because no authorization will result in an empty selection criteria and empty selection criteria mean select everything.

23-11-2015 16-09-23.jpg

Here we go. Once this is done all queries build up on this query will restrict the result based on the authorization of the user.

Complete coding attached. .xml is to open in Word .txt is plain text.

Credit

Credit goes to Jaideep Sharma from this thread Authorization check in SAP Queries.

To report this post you need to login first.

Be the first to leave a comment

You must be Logged on to comment or reply to a post.

Leave a Reply