SAP Authorizations Activity level - SAP Stuff

Direkt zum Seiteninhalt
Activity level
Authorization concept - recertification process
Now, if you want to use the debugger, you can set a Session Breakpoint directly from the source code via the button. Once you call the application and reach the relevant point in your code, the debugger starts and you can move through the programme step by step. Make sure to set external breakpoints via the button if you are calling your application via the browser rather than via SAP GUI.

In principle, a technical 4-eyes principle must be implemented within the complete development or customizing and transport process. Without additional tools, this can only be achieved in the SAP standard by assigning appropriate authorizations within the transport landscape. Depending on the strategies used, only certain transport steps within the development system should be assigned to users. When using the SAP Solution Manager ("ChaRM") for transport control, for example, only the authorizations for releasing transport tasks should normally be assigned here. The complete processing of a transport in the development system consists of four steps: Creating and releasing a transport request (the actual transport container), creating and releasing a transport task (the authorization for individual users to attach objects to the respective transport request).
Read the old state and match with the new data
In the only method of the BAdIs, CHANGE_ITEMS, programme the necessary checks, such as on specific data constellations or permissions. These can refer to all fields in the FAGLPOSX structure. You do this by specifying that all lines for which the test was not successful will be deleted during the execution of the method. This implementation of the BAdIs complements the Business Transaction Event 1650 described in the second example. You can also use the FB03 transaction to display receipts in the same way that you implement the FB03 filter. In this case, implement the required checks in the BAdI FI_AUTHORITY_ITEM.

If you get into the situation that authorizations are required that were not considered in the role concept, "Shortcut for SAP systems" allows you to assign the complete authorization for the respective authorization object.

If you want to know more about SAP authorizations, visit the website "www.sap-corner.de".

TMSADM only has the permissions to access the common transport directory, view in the change and transport management system, and the necessary RFC permissions.

SAP Stuff
Zurück zum Seiteninhalt