The Authorization Object mechanism is used to inspect the current user’s privileges for specific data selection and activities from within a program.
An Object Class contains one or more Authorization Objects.
The Authorization Object is where Permitted Activity configurations are performed against specific fields. E.g. Change (being the activity) the material’s text – MAKTX (being the specific field), or Read (being the activity) a certain Customer (using Customer Number – KUNNR, as the specific field).
Before a User can be granted permission by the Authorization Object, the User’s Master Record is assigned a Role, which includes a Profile.
The Profile contains what is simply called the Authorization and is where the specific data for the Authorization Object’s field is assigned to the configured Permitted Activity. E.g. Allow changes to any Material Text, or read Customers between the ranges "AA100" & "BB999".
Finally the calling of the Authorization Object can be performed in code.
No comments:
Post a Comment