A programmer wants to make an authorization check before bookings for business customers can be changed.
To do this, the programmer should
create an authorization fields ( ACTVT and CUSTTYPE ) and assign for each field defined the value to be checked ( 02, B ). Authorization fields are created under Tools ® ABAP Workbench ® Development ® Other tools ® Authorization objects ® Fields (transaction SU20).Programmers should also
create an authorization object (here S_TRVL_BKS ) and assign the authorization object to an object class.Authorization fields are created under Tools ® ABAP Workbench ® Development
® Other tools ® Authorization objects ® Objects (transaction SU21). Authorization objects can also be created in the Object Navigator (transaction SE80).You program the authorization check using the ABAP statement
AUTHORITY-CHECK .AUTHORITY-CHECK OBJECT 'S_TRVL_BKS'
ID 'ACTVT' FIELD '02'
ID 'CUSTTYPE' FIELD 'B'.
The
AUTHORITY-CHECK checks whether a user has the appropriate authorization to execute a particular activity.When this happens, the system checks the authorization profiles in the user’s master record for the appropriate authorization object (
S_TRVL_BKS ). If the authorization is found and it contains the correct values, the check is successful.The system administrator has defined the following authorizations for the authorization object
S_TRVL_BKS :* for customer type (
02 for activity (field:
ACTVT ).Users with this authorization may change bookings for all customers.
B for customer type (
03 for activity (
ACTVT ).Users with this authorization may display all business customer bookings.
When assigning profiles, the system administrator gave different authorizations to different users.
User Miller has been assigned a profile containing both of these authorizations (
S_TRVL_CUS1 and S_TRVL_CUS2 ). Miller can therefore change bookings for business customers.User Meyers on the other hand, is only authorized to display the records (
S_TRVL_CUS2 ) and therefore cannot change bookings.