Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

hr ps report in manger desktop

Former Member

‎03-06-2006 12:11 PM

0 Kudos

hi!

i created a report combining hr ps data not using logical DB.

i am trying to execute the report via manger desktop transaction PPMDT.

the problem is that there is no authorization check done , even though the specific user has authorizations( including structural authorizations).

how can i execute it trough PPMDT and have an authorization check?

regards

yifat

3 REPLIES 3

Former Member

‎03-06-2006 1:22 PM

0 Kudos

Yifat,

If you created your own custom report without using the logical database, the only way to ensure that authorization checks occur is to write them yourself. Either that or used function modules such as HR_READ_INFOTYPE which contain authorization checks.

If you are doing direct selects from the database then there is no authorization check.

Regard,

Chris Hanshew

Former Member

‎03-06-2006 1:41 PM

0 Kudos

hi!

thanks for your answer.

how can i use HR_READ_INFOTYPE for this matter.

i am not reading an infotype, but hr and ps data.

i have a user and each user when running the report from PPMDT must see only his organizational unit.

thanks

regards

yifat

Former Member
In response to Former Member

‎03-06-2006 1:50 PM

0 Kudos

What kind of HR data are you reading? How can you read HR data without reading infotypes?

I guess the question is how do you want to keep the user to only see his organizational unit. There are two options.

1. Code all necessary authorization checks into your program since you are not using LDB.

2. The way that we have set up our MDT Reports is to be called via a custom function module with the following interface:

"----

"*"Local interface:

*" IMPORTING

*" VALUE(ACT_FCODE) LIKE MWBFCDDEF-FCODE

*" VALUE(ACT_PLVAR) LIKE OBJEC-PLVAR OPTIONAL

*" VALUE(ACT_OTYPE) LIKE OBJEC-OTYPE OPTIONAL

*" VALUE(ACT_OBJID) LIKE OBJEC-REALO OPTIONAL

*" VALUE(ACT_BEGDA) LIKE OBJEC-BEGDA DEFAULT SY-DATUM

*" VALUE(ACT_ENDDA) LIKE OBJEC-ENDDA DEFAULT SY-DATUM

*" EXPORTING

*" VALUE(ACT_PROGNAME) LIKE SY-REPID

*" VALUE(ACT_SCREEN_NO) LIKE SY-DYNNR

*" TABLES

*" ACT_OBJECTS STRUCTURE HRSOBID OPTIONAL

*" EXCEPTIONS

*" OTHERS

*"----

Once you create the function module it gets set up in MDT config. The table ACT_OBJECTS contains the objects passed in through manager's desktop. It should have all of the relevant PERNRs.

However it is not recommended to rely on this to secure data. You should still code the necessary authorization checks into your code.

Chris