Kontakt

Ansicht
Dokumentation

VIEW_AUTHORITY_CHECK - Authorization Check for Views/Tables (Extended Table Maintenance)

VIEW_AUTHORITY_CHECK - Authorization Check for Views/Tables (Extended Table Maintenance)

General Data in Customer Master   TXBHW - Original Tax Base Amount in Local Currency  
This documentation is copyright by SAP AG.
SAP E-Book

Functionality

The function module VIEW_AUTHORITY_CHECK checks generic access authorization to a table or view (parameter VIEW_NAME). The check algorithm depends on the access type, the table attributes, and the system configuration, and involves the authorization objects S_TABU_DIS, S_TABU_NAM, S_TABU_CLI and S_TABU_LIN.

The table access type is passed in the parameter VIEW_ACTION. The value 'S' stands for read access, 'U' for change access. The value 'T' (transport table entries) is handled like change access.

If the parameter CHECK_ACTION_ALTERNATIVE = 'X' is set, when the authority check for the selected access type fails, the other access type is checked (display/change). If this check also fails, the exception NO_AUTHORITY is raised. If this parameter is active, the allowed activity is returned in the parameter GRANTED_ACTVT. Possible return values are:

  • '00' - No Authorization,

  • '02' - Change Authorization,

  • '03' - Display Authorization.

The parameter NO_WARNING_FOR_CLIENTINDEP suppresses the warning popup to maintain client-specific tables.

The table or view must be in the ABAP dictionary or the view or view cluster directory. Otherwise, the module ends with the exception TABLE_NOT_FOUND.

If the module is called in an RFC call stack, the object to be checked, and the planned access are logged in the security audit log.

Example

* Sample like note 1581786

DATA:
    ld_auth_in  TYPE c,
    ld_auth_out TYPE activ_auth.

  IF action = 'SHOW'.
    ld_auth_in = 'S'.  "check for display
  ELSE.
    ld_auth_in = 'U'.  "check for update
  ENDIF.

  CALL FUNCTION 'VIEW_AUTHORITY_CHECK'
    EXPORTING
      view_action                    = ld_auth_in
      view_name                      = 'TVARVC'
      no_warning_for_clientindep     = 'X'
      check_action_alternative       = 'X'
    IMPORTING
      granted_actvt                  = ld_auth_out
    EXCEPTIONS
      invalid_action                 = 1
     no_authority                   = 2
      no_clientindependent_authority = 3
      table_not_found                = 4
      no_linedependent_authority     = 5
     OTHERS                         = 6.

  IF sy-subrc <> 0.
    action = 'SHOW'.
    MESSAGE w107(tb) WITH 'TVARVC' .    "no upd auth
  ELSEIF ld_auth_in = 'U' AND ld_auth_out = '03'.
    action = 'SHOW'.
    MESSAGE w106(tb) WITH 'TVARVC'.     "only show allowed
  ENDIF.

Notes

Further information

For more information about the authorization concept for generic table access, see the FAQ note 1434284.

You can also check the authorization (without existence check) with the method TABLE_AUTHORITY_CHECK in the class CL_SAIS_TABLE_AUTH, instead of this function module.





Parameters

CHECK_ACTION_ALTERNATIVE
CHECK_MAINFLAG
GRANTED_ACTVT
MAINFLAG
NO_WARNING_FOR_CLIENTINDEP
ORG_CRIT_INST
VIEW_ACTION
VIEW_NAME

Exceptions

INVALID_ACTION
NO_AUTHORITY
NO_CLIENTINDEPENDENT_AUTHORITY
NO_LINEDEPENDENT_AUTHORITY
TABLE_NOT_FOUND

Function Group

SVIX

PERFORM Short Reference   BAL Application Log Documentation  
This documentation is copyright by SAP AG.

Length: 5531 Date: 20240523 Time: 133207     sap01-206 ( 61 ms )