SXPG_DUMMY_COMMAND_CHECK: Interface for Extra-Check Function Modules
When you define an external command, you can specify that an additional function module be called to check a user’s authorization to run a command.
You can define such an additional authorization check module yourself. Your function module must have the interface defined below for SXPG_DUMMY_COMMAND_CHECK. Like this function module, it may only allow or deny permission to carry out the command.
To ensure that such a user exit function module cannot be misused, the system checks that the interface of the authorization-checking function module matches the interface of SXPG_DUMMY_COMMAND_CHECK. It is therefore essential that SXPG_DUMMY_COMMAND_CHECK never be changed.
To write your own authorization-checking module, do the following:
Do not change SXPG_DUMMY_COMMAND_CHECK or its interface. Never call this function module, either directly or by specifying it as the check module in a command definition. Copy it and then modify the new function module in order to implement an additional authorization check.
Interface Syntax:
IMPORTING
PROGRAMNAME =
Parameters
IMPORTING Parameters
Parameter name |
Use |
PROGRAMNAME |
The fully substituted pathname of the external command that is to be run. |
PARAMETERS |
Arguments for the external command as specified by the definition in the R/3 System and by the calling program or user. These arguments are checked for impermissible characters, such as the ; under UNIX. Problems are registered with the SECURITY_RISK exception. |
Exceptions
Exception name |
Meaning |
NO_PERMISSION |
Prevents a command from being run if the authorization check that you have implemented in a check module fails. NO_PERMISSION triggers the exception SECURITY_RISK in the calling function module. |