Skip to Content
Technical Articles
Author's profile photo Albert Molnar

QM Open Note – #8 – Add authorization check for approval of notifications

QM Open Note

QM Open Note is a blog post series about topics, which can be useful when working with Quality Management.


Current blog post is about providing a possible authorization check using object B_NOTIF when working with function ‘Approval Requirement for Notifications’.

In detail

The notification approval is activated, as described by KBA:

2533027 – How to set a notification approval to be mandatory?

However, no authorization check is executed while approving a notification. Information about this topic can be found in KBA:

2903043 – No authority check when approving/rejecting a notification.

A check is required that only authorized users can approve the notification.

Known problem & solution

KBA 2903043 mentions customer exit QQMA0024 (EXIT_SAPLIQS0_016, INCLUDE ZXQQMU35), as a possible way to implement a check.

The code section below deactivates the functions (buttons) ‘Give Approval’ / ‘Reject Approval’, if the user has no authorization to B_NOTIF, activity 71 (Approving a notification as the approver).

*Authority check
             ID 'QMART' FIELD i_tq80-qmart
             ID 'NOTIF_ACT' FIELD '71'
             ID 'PARVW' DUMMY.

*Deactivate GNOK "Approve notification" and GNAB "Reject notification"
    IF NOT sy-subrc = 0.
      APPEND 'GNOK' TO t_ex_fcode.
      APPEND 'GNAB' TO t_ex_fcode.

The code is not part of the standard and needs to be tested, whether it fulfills the business requirements.

Feel free to share your experience/feedback in the Comment Section. Thank you.

Assigned Tags

      1 Comment
      You must be Logged on to comment or reply to a post.
      Author's profile photo B. WSM
      B. WSM

      It is also possible to control the approval/rejection of the notification with the use of User Status (B_USERST_T).

      (Tcode BS02)

      • Create a status scheme (e.g. Z_APPR_NOT) with two statuses (e.g. APPR-approve and REJE-reject) for the relevant Object Type(s).
      • Assign appropriate authorization keys to the statuses (e.g. APRN and REJN)
      • <doubleclick> each status.
        For APPR, insert business transaction QN44 "Give approval" and set to initiate.
        For REJE, insert business transaction QN45 "Refuse approval" and set to initiate.
      • When approving/rejecting the following authorization check is made: