Студопедия
Случайная страница | ТОМ-1 | ТОМ-2 | ТОМ-3
АрхитектураБиологияГеографияДругоеИностранные языки
ИнформатикаИсторияКультураЛитератураМатематика
МедицинаМеханикаОбразованиеОхрана трудаПедагогика
ПолитикаПравоПрограммированиеПсихологияРелигия
СоциологияСпортСтроительствоФизикаФилософия
ФинансыХимияЭкологияЭкономикаЭлектроника

Insert wa_flight into table it_flight.

Pa_int1 TYPE i, pa_op(1) TYPE c, pa_int2 TYPE i. | DATA result TYPE p DECIMALS 2. | ENDLOOP. ENDIF. | WRITE: / ’Authority-Check Error’(001). ENDCASE. | Wa-percentage, ’%’. | Wa_sbook-loccurkey. | SELECT-OPTIONSname FORdata_object. | MESSAGE e045(bc400) WITH pa_car. ENDIF. | CALL SCREEN 100. | CLEAR wa_sbook. |


Читайте также:
  1. A countable noun has a singular and a plural form.
  2. A) Look at the table below and match the problem with its effect.
  3. A) Pronunciation drill. Pronounce the words, then look at the given map and fill in the table below.
  4. A) Summarize the information about the experiment in the table below.
  5. A. Read the semi-formal sentences below and match them to the informal ones in the table, as in the example.
  6. A. Translate the terms in the table below paying attention to their contextual meaning.
  7. A. Underline the most suitable word

 

 

* If you are using standard tables, "APPEND wa_flight TO it_flight."

* would be the same as the above INSERT-statement. ENDSELECT.

 

IF sy-subrc = 0.

 

 

* Sort internal table

SORT it_flight BY percentage.

 

 

* Create list

LOOP AT it_flight INTO wa_flight.

WRITE: / wa_flight-carrid, wa_flight-connid, wa_flight-fldate, wa_flight-seatsocc, wa_flight-seatsmax,

Wa_flight-percentage, ’%’.

ENDLOOP.

 

 

ELSE.

 

 

WRITE: ’No ’, pa_car, ’flights found!’. ENDIF.


 

LessonSummary

You should now be able to:

• List different methods for searching relevant database tables

• Program read access to specific columns and rows within a particular database table

• List different methods for read accesses to several database tables


 


Lesson:

157


Authorization Check

 

Lesson Duration: 60 Minutes

 

 

Lesson Overview

 

In this lesson, you will learn why an authorization check is useful and how to include it in your programs.


 

 
Lesson Objectives

 

After completing this lesson, you will be able to:

 

• Explain the SAP authorization concept

• Implement authorization checks

 

 

 
For purposes of teaching the course, this topic has been placed in the context of data retrieval. It is very important that the participants understand the authorization concept and authorization check and can use them in their programs.

 

You should also point out that implementing an authorization check using the corresponding program attribute is too inflexible and should only be used in simple cases.

 

As a demo, create an authorization object from which you check the authorization in your program. Use thePATTERN button in the ABAP Editor.

 

Double-click on the authorization object in the AUTHORITY CHECK statement to show how to find out the permissible activities for an object.

 

Finally, show how to search for authorization objects in the Repository Information

System.

 

Business Example

 

Authorization checks are necessary in your programs to protect the data from unauthorized access.

 

 

Authorization Checks

 

Critical data and parts of the functional scope of the SAP System must be protected from unauthorized access. You have to implement authorization checks in your program so that the user may only access areas for which he or she is authorized. The following graphic illustrates the SAP authorization concept.


 

 

 

 
Figure 101: The SAP Authorization Concept

 

 

 

 

 

Figure 102: Authorization Objects and Authorizations (Example)


 

Authorization objects can be defined within object classes. When you define an authorization object, you have to specify appropriate fields (without values). You create an actual authorization by subsequently assigning values to these fields. This authorization can be integrated into the required user master records by means of an authorization profile.

 

Several different authorizations (for the integration into different user master records) can be created for an authorization object.

 

 

 

 

 

Figure 103: Authorization Check (Principle)

 

At runtime, you can use the AUTHORITY-CHECK statement to check whether the actual user has the authorization required for executing the function in his or her user master record. Depending on the check result (sy-subrc), you can continue your program accordingly:

 

sy-subrc = 0: User has required authorization -> Execute functionality

(e.g. SELECT).

Else: Authorization not available -> Appropriate note to user.

 

Hint: In addition to the previously described option, programs and transactions can also be protected by means of authorization checks. However, such checks should only be considered as additions to, and not substitutions for, the above-described.

 

Usually, the definition of an authorization object and the implementation of the authorization check are the responsibility of the developer, whereas subsequent steps such as the authorization and profile definition as well as the design of the user master records are the responsibility of the administrator.


 

You will learn about the two steps required by the developer in the following section.

 

 

 

 

Figure 104: Creating Authorization Objects

 

Before you can implement the required authorization check in your program, you must first define the structure (the fields) of the respective authorization concept. An object usually consists of the ACTVT (activity) field and one other field, which specifies the data type to be protected (i.e., material number, airline and so on.) The values of these authorization fields specify what the user is authorized to do.

 

You can now use transaction SU20 to create the fields. ACTVT is already in the system.

 

You then use transaction SU21 to first create an object class and then create the authorization object specifying the appropriate fields. If your object contains the ACTVT field, then you must also maintain permitted activities with reference to the object. In doing so, you choose the activities that make sense for your object from all possible activities.

 

Finally, all that remains to be done is to implement the authorization check in your program. The following graphic illustrates the authorization check.


 

 

 
Figure 105: Authorization Check (Syntax Example)

 

For the authorization check in the program, you specify the authorization that is to be checked in the master record of the current user. The authorization is specified by specifying the authorization object, its fields, as well as the appropriate field values. Refer to the syntax in the above graphic.

 

In our example, it is checked whether the user has an authorization for the S_CARRID object, in which the field CARRID (airline) contains the airline entered by the user, and the field ACTVT (activity) contains the value '03' (display).

 

Table TACT contains all possible activity codes including their descriptions. Table TACTZ in contrast contains the activity codes that are permitted for specific objects.


 

After the AUTHORITY-CHECK statement you should check the return code sy-subrc and control the further processing of your program accordingly.

 

Hint: If you do not want to carry out a check for a field, either do not enter it in the AUTHORITY-CHECK statement or enter DUMMY as the field value. DUMMY is a predefined description entered without quotation marks.

 

An example of a suppressed field check: When a change transaction is called, the system is to always check immediately whether the user has any change authorization for any airline. If the check fails, an appropriate message is to be output to the user immediately. Such a check can be implemented with the following syntax:

 


Дата добавления: 2015-11-16; просмотров: 82 | Нарушение авторских прав


<== предыдущая страница | следующая страница ==>
Wa_flight-seatsocc / wa_flight-seatsmax.| ID ’ACTVT’ FIELD ’02’.

mybiblioteka.su - 2015-2024 год. (0.01 сек.)