如何設(shè)計(jì)和使用自定義的權(quán)限對(duì)象(自定義權(quán)限檢查函數(shù))
在sap擴(kuò)展中用戶(hù)往往都需要使用自己的權(quán)限對(duì)象，為了達(dá)到次目的，請(qǐng)按下列步驟建立和維護(hù)權(quán)限對(duì)象

1、Create an Anthorization Field（SU20）創(chuàng)建權(quán)限對(duì)象字段（存儲(chǔ)在AUTHX表中）

2、Create an Authorization Object（SU21) 創(chuàng)建權(quán)限對(duì)象
創(chuàng)建權(quán)限對(duì)象類(lèi)別（存儲(chǔ)在TOBCT表中）
點(diǎn)擊對(duì)象類(lèi)別創(chuàng)建權(quán)限對(duì)象（存儲(chǔ)在TOBJ表中），生成SAP_ALL

3、Assign an Authorization Object to an Object Class(SU02或PFCG)

4、權(quán)限賦值關(guān)系圖

??????????????????????? user? master record
??????????????????????? /? ............................../
??????????? auth. profile????????????? Composite auth. profile
????????????? /................./????????????????????? /????????????????? /
???????????? /?????????????????? /??????????????????? /??????????????????? /
? Authorization??????????????????????????????????????????? Auth. Profile
???? /?????????????????????????????????????????????????????????????? /................./??????????

5、Call "Authorith-Check" in Program? to Check Authorization.

這是我編寫(xiě)針對(duì)具體權(quán)限對(duì)象替代Authorith-Check的函數(shù)

form zcustcheckauth using? value(z_vkbur) like vbak-vkbur
???????????????????? z_return type i.
data: wa_ust12 like ust12.
data: bgetsubfile(1) type c.
data: begin of db_file occurs 10,
???????? profile like ust04-profile,
???????? typ???? like usr10-typ,
????? end of db_file.

data: begin of mid_db_file occurs 10,
???????? profile like ust04-profile,
???????? typ???? like usr10-typ,
????? end of mid_db_file.

data: begin of db_file_end occurs 10,
???????? profile like ust04-profile,
????? end of db_file_end.

data: begin of db_auth occurs 10,
???????? objct like ust10s-objct,
???????? auth like ust10s-auth,
????? end of db_auth.

?? z_return = 4.
?? select ust04~profile usr10~typ
???? into corresponding fields of table db_file
???? from ust04
?????? inner join usr10 on usr10~profn = ust04~profile
???????? and usr10~aktps = 'A'
?? where ust04~bname = sy-uname.

?? refresh mid_db_file.
?? clear mid_db_file.
?? loop at db_file.
????? if db_file-typ <> 'C'.
??????? db_file_end-profile = db_file-profile.
??????? append db_file_end to db_file_end.
????? else.
??????? bgetsubfile = 'X'.
??????? append db_file to mid_db_file.
????? endif.
?? endloop.
?? refresh db_file.
?? clear db_file.

?? while bgetsubfile = 'X'.
???? bgetsubfile = space.
???? select ust10c~subprof as profile usr10~typ
?????? into corresponding fields of table db_file
???? from ust10c
?????? inner join usr10 on usr10~profn =? ust10c~subprof
???????? and usr10~aktps = 'A'
???? for all entries in mid_db_file
???? where ust10c~profn = mid_db_file-profile.

???? refresh mid_db_file.
???? clear mid_db_file.
???? loop at db_file.
????? if db_file-typ <> 'C'.
??????? db_file_end-profile = db_file-profile.
??????? append db_file_end to db_file_end.
????? else.
??????? bgetsubfile = 'X'.
??????? append db_file to mid_db_file.
????? endif.
???? endloop.
???? refresh db_file.
???? clear db_file.
?? endwhile.

?? select objct auth into corresponding fields of table db_auth
?? from ust10s
?? for all entries in db_file_end
?? where ust10s~aktps = 'A' and ust10s~profn = db_file_end-profile.

?? select von bis into corresponding fields of wa_ust12
???? from ust12
???? for all entries in db_auth
???? where ust12~aktps = 'A' and ust12~field = 'VKBUR'
?????? and ust12~objct = db_auth-objct
?????? and ust12~auth = db_auth-auth.

???? if ( wa_ust12-bis ne space ).
??????? if ( z_vkbur ge wa_ust12-von ).
????????? if ( z_vkbur le wa_ust12-bis ).
??????????? z_return = 0.
??????????? exit.
????????? endif.
??????? endif.
???? elseif ( z_vkbur = wa_ust12-von ).
?????? z_return = 0.
?????? exit.
???? elseif ( '*' = wa_ust12-von ).
?????? z_return = 0.
?????? exit.
???? endif.
?? endselect.
endform.
調(diào)用的方法

*&---------------------------------------------------------------------*
*&????? Form? USEREXIT_CHECK_VBAK
*&---------------------------------------------------------------------*
*???????????????????????????????????????????????????????????????????? *
*?????? This Userexit can be used to add additional logic for???????? *
*?????? checking the header for completeness and consistency.???????? *
*???????????????????????????????????????????????????????????????????? *
*?????? US_DIALOG? -? Indicator, that can be used to suppress???????? *
*???????????????????? dialogs in certain routines, e.g. in a????????? *
*???????????????????? copy routine.?????????????????????????????????? *
*???????????????????????????????????????????????????????????????????? *
*?????? This form is called from form VBAK_PRUEFEN.?????????????????? *
*???????????????????????????????????????????????????????????????????? *
*---------------------------------------------------------------------*
form userexit_check_vbak using us_dialog.
*{?? INSERT???????? DEVK901354??????????????????????????????????????? 1
?data: z_s_vkbur like knvv-vkbur.
?data: z_auth_check type i value 4.
?if sy-tcode = 'VA01' or
??? sy-tcode = 'VA02'.
?? authority-check object 'V_VBKA_VKO'
???????????????? id 'VKORG' dummy
???????????????? id 'VTWEG' dummy
???????????????? id 'SPART' dummy
???????????????? id 'VKBUR' field vbak-vkbur
???????????????? id 'VKGRP' dummy
???????????????? id 'KTAAR' dummy
???????????????? id 'ACTVT' dummy.
?? if? sy-subrc ne 0.
???? message e900(zdev).
?? endif."不能創(chuàng)建非主管商家訂單
?? if sy-tcode eq 'VA01'.
???? select single vkbur into z_s_vkbur
???? from knvv
???? where knvv~kunnr =? vbak-kunnr
?????? and knvv~vkorg =? vbak-vkorg
?????? and knvv~vtweg =? vbak-vtweg
?????? and knvv~spart =? vbak-spart
?????? and knvv~vkbur =? vbak-vkbur.
???? if sy-subrc ne 0.
?????? message e001(zdev).
???? endif.
?? endif.
?else.
?? perform zcustcheckauth using vbak-vkbur z_auth_check.

?? if? z_auth_check ne 0.? "如果沒(méi)有權(quán)限,取當(dāng)前商家主管銷(xiāo)售組
???? select single vkbur into z_s_vkbur
???? from knvv
???? where knvv~kunnr =? vbak-kunnr.
???? if sy-subrc ne 0.
?????? message e001(zdev).
???? endif.??? "檢查當(dāng)前商家主管銷(xiāo)售組是否在用戶(hù)權(quán)限內(nèi)
???? z_auth_check = 4.
???? perform zcustcheckauth using z_s_vkbur z_auth_check.
???? if z_auth_check ne 0.
?????? message e900(zdev).
???? endif.
? endif.
?endif.
*}?? INSERT

總結(jié)

以上是生活随笔為你收集整理的SAP 权限对象设置及在程序中的应用的全部?jī)?nèi)容，希望文章能夠幫你解決所遇到的問(wèn)題。

如果覺(jué)得生活随笔網(wǎng)站內(nèi)容還不錯(cuò)，歡迎將生活随笔推薦給好友。