on 10-29-2014 7:41 AM
Hi All,
In BRFPLUS
For instance if I have 2 decision tables in an application, and I would like to give authorization for each one to different users?
How can I do that?
I created an application exit class by implementing the interface 'IF_FDT_APPLICATION_SETTINGS', in that
it seems I can use the method authority_check, but How can I restrict the users using that method to access the Decision table?
Another Question?
I am not able to trigger debugging for the class method from BRFPLUSS application?
It seems the code the working but not able to trigger the debugger?
Thanks in advance,
Kannan N
Hi Kannan,
you are right. You have to implement an EXIT class implementing the interface IF_FDT_APPLICATION_SETTINGS. Here you have to implement the CLASS-CONSTRUCTOR to set the attribute if_fdt_application_settings~gv_authority_check to abap_true:
Then you have to implement the method AUTHORITY_CHECK with tze coding you want. You have access to every property of the object that is imported into the method via GUID, so here is one example where I in general restrict the access to a decision table via its GUID (not straightforward implementation, just to show that you have access to the BRF+ object via the API):
You can find further details on that topic in the document
Your second question is not clear to me: What do you want to debug (the generated class of the BRF+ function?) and what do you do to trigger the execution of the BRF+ function (simulation mode in Workbench, call in the backend system ...?)
BR Christian
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Christian,
Thanks for your reply!
I need to check against the logged in user, to authorize him to change decision table entries.
User A - Should be allowed User B- Should not be allowed.
In the same code I have check sy-uname .or is there any other possibility.
Can it be achieved using FDT_OBJECT authorization object?
Regarding debugging it is fine now . I am able to debug Application Exit class code.
Thanks and regards,
Kannan N
Hi Kannan,
I do not think that the FDT_OBJECT is feasible for your task as you can only specifiy the application, the object type and the activity.
SY-UNAME is an option but from my point of view not the optimal one rom the point of view of future enhancements: If a new user shall have access to one of the decision tables you have to adopt the coding. I would prefer a new authority object for that task where you use e. g. the GUID of the decision table as parameter. This way you can assign that to the user roles which would be a more standard compliant way.
BR Christian
User | Count |
---|---|
93 | |
10 | |
10 | |
9 | |
9 | |
7 | |
6 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.