Ansicht
Dokumentation
VIEW_AUTHORITY_CHECK - Authorization Check for Views/Tables (Extended Table Maintenance)
General Data in Customer Master TXBHW - Original Tax Base Amount in Local CurrencyThis documentation is copyright by SAP AG.
Functionality
The function module VIEW_AUTHORITY_CHECK checks generic access authorization to a table or view (parameter VIEW_NAME). The check algorithm depends on the access type, the table attributes, and the system configuration, and involves the authorization objects S_TABU_DIS, S_TABU_NAM, S_TABU_CLI and S_TABU_LIN.
The table access type is passed in the parameter VIEW_ACTION. The value 'S' stands for read access, 'U' for change access. The value 'T' (transport table entries) is handled like change access.
If the parameter CHECK_ACTION_ALTERNATIVE = 'X' is set, when the authority check for the selected access type fails, the other access type is checked (display/change). If this check also fails, the exception NO_AUTHORITY is raised. If this parameter is active, the allowed activity is returned in the parameter GRANTED_ACTVT. Possible return values are:
- '00' - No Authorization,
- '02' - Change Authorization,
- '03' - Display Authorization.
The parameter NO_WARNING_FOR_CLIENTINDEP suppresses the warning popup to maintain client-specific tables.
The table or view must be in the ABAP dictionary or the view or view cluster directory. Otherwise, the module ends with the exception TABLE_NOT_FOUND.
If the module is called in an RFC call stack, the object to be checked, and the planned access are logged in the security audit log.
Example
* Sample like note 1581786
DATA:
ld_auth_in TYPE c,
ld_auth_out TYPE activ_auth.
IF action = 'SHOW'.
ld_auth_in = 'S'. "check for display
ELSE.
ld_auth_in = 'U'. "check for update
ENDIF.
CALL FUNCTION 'VIEW_AUTHORITY_CHECK'
EXPORTING
view_action = ld_auth_in
view_name = 'TVARVC'
no_warning_for_clientindep = 'X'
check_action_alternative = 'X'
IMPORTING
granted_actvt
= ld_auth_out
EXCEPTIONS
invalid_action
= 1
no_authority = 2
no_clientindependent_authority = 3
table_not_found = 4
no_linedependent_authority = 5
OTHERS = 6.
IF sy-subrc <> 0.
action = 'SHOW'.
MESSAGE w107(tb) WITH 'TVARVC' . "no upd auth
ELSEIF ld_auth_in = 'U' AND ld_auth_out = '03'.
action = 'SHOW'.
MESSAGE w106(tb) WITH 'TVARVC'. "only show allowed
ENDIF.
Notes
Further information
For more information about the authorization concept for generic table access, see the FAQ note 1434284.
You can also check the authorization (without existence check) with the method TABLE_AUTHORITY_CHECK in the class CL_SAIS_TABLE_AUTH, instead of this function module.
Parameters
CHECK_ACTION_ALTERNATIVECHECK_MAINFLAG
GRANTED_ACTVT
MAINFLAG
NO_WARNING_FOR_CLIENTINDEP
ORG_CRIT_INST
VIEW_ACTION
VIEW_NAME
Exceptions
INVALID_ACTIONNO_AUTHORITY
NO_CLIENTINDEPENDENT_AUTHORITY
NO_LINEDEPENDENT_AUTHORITY
TABLE_NOT_FOUND
Function Group
SVIXPERFORM Short Reference BAL Application Log Documentation
This documentation is copyright by SAP AG.
Length: 5531 Date: 20240523 Time: 133207 sap01-206 ( 61 ms )