Authorization Checks

Authorization Check:
In the earlier post, we came to know the importance of authorization check in real time environment. We know how to check authorization for table maintenance. (Please refer earlier post).
Now we will see how to check authorization for Reports, Transactions, RFC function modules.

The following actions are subject to authorization checks that are performed before the start of a program or table maintenance and which the SAP applications cannot avoid:
 Starting SAP transactions (authorization object S_TCODE)
 starting reports (authorization object S_PROGRAM)
 Calling RFC function modules (authorization object S_RFC)
 Table maintenance with generic tools (S_TABU_DIS)

The authorization objects S_TCODE, S_PROGRAM, S_RFC, and S_TABU_DIS are standard SAP provided.
Creating a new authorization object is not in the scope of ABAP developer. It will be taken care by SAP BASIS team.

To add authorization check to your program, you need to add the following code in your report.
Imagine that you have created a transaction code for your report, then you should use the authorization object S_TCODE to check the authorization.
You can place the code in initialization event.

*Initialization
INITIALIZATION.
AUTHORITY-CHECK OBJECT 'S_TCODE'
ID 'TCD' FIELD 'ZEXAMPLE'.

IF sy-subrc <> 0. "Not Authorized
MESSAGE e003(ZZ) WITH 'TCD' 'ZEXAMPLE'.
ENDIF.

Here zexample is the transaction code created for the report.