Calling RFC function modules
Implementing the authorization concept in the FIORI interface
You probably know this. You find a specific customising table and you don't find it. Include the tables in the guide and they are easy to find. Customising is used by almost every SAP customer. Custom customising tables are created and standard programmes are extended. A custom programme that uses customising is written quickly. Project printing often lacks the time for sufficient documentation, for example in the SAP Solution Manager. The easiest way is to find customising tables where they are in the SAP standard: in the SAP Introductory Guide (IMG).
At www.sap-corner.de you will also find a lot of useful information on the subject of SAP authorizations.
So much information... how can you keep it so that you can find it again when you need it? That's what Scribble Papers is great for.
Note that the S_TCODE authorization object is always filled with the current transactions from the roles menu. If organisational levels are also included that are no longer required, they will be automatically deleted. If, however, organisational levels are added depending on the transaction, they should be maintained first in the eligibility maintenance.
Dissatisfaction and unclear needs in the process
In particular, you can derive valuable information about customer transactions, since experience has shown that not all transactions are used. In this context, it is important to mention that you should only use the usage data logged and extracted from the SAP system for the optimisation of SAP role concepts. This information may only be used with the involvement of a co-determination body of your organisation, since this information can of course also be derived from individual users for performance control purposes. However, experience has shown that the use of these data with an early involvement of the institutions of codetermination and the definition of earmarks is uncritical.
In the only method of the BAdIs, CHANGE_ITEMS, programme the necessary checks, such as on specific data constellations or permissions. These can refer to all fields in the FAGLPOSX structure. You do this by specifying that all lines for which the test was not successful will be deleted during the execution of the method. This implementation of the BAdIs complements the Business Transaction Event 1650 described in the second example. You can also use the FB03 transaction to display receipts in the same way that you implement the FB03 filter. In this case, implement the required checks in the BAdI FI_AUTHORITY_ITEM.
Secure your go-live additionally with "Shortcut for SAP systems". You can assign necessary SAP authorizations quickly and easily directly in the system.
For example, the combination of displaying all posting circuits and changing a single posting circle within a role cannot be implemented.
Evaluation paths define a chain of relationships between objects within a hierarchy.