In ABAP programs, it is often necessary to check a user’s authorizations for special activities.
For example, in ABAP programs, SQL Statements do not trigger authorization checks in the database system. Thus, Open SQL and Native SQL statements allow unrestricted access to all database tables. However, not all users have authorization to access all data that is accessible to the SQL statements in an ABAP program.
When a program is released, it can be executed by any user with the relevant authorization. It is therefore the programmer’s responsibility to check that every user who can call the program is also authorized to access the data processed in it.