I use the result of get_auth_values() whic has structure type us335 .
This result can contain single values or pairs of low-high values. I want to use these us335 like results and do a SQL query. Combining the entries with AND
.
I see these ways to solve this:
IN seltab
with a built-in method (which I don't know up to now)I guess there are even more ways to solve this.
What is the most feasible way?
Assemble a dynamic WHERE clause. Start with the function module RH_DYNAMIC_WHERE_BUILD
. Write an own string builder if it doesn't fit.
You could also build ranges for dynamic IN clauses but this would be harder. The field types vary and as ranges are type-specific ( TYPE RANGE OF <type>
) you will end up with a lot of over-dynamic code that is no fun programming.
Pay attention to the following details when building the WHERE clause:
Field names in the authorizations may differ from the column names you select from. You may need to map them.
Authorization values may contain the placeholder *
. Make sure you translate it to the ABAP operator CP
or the SQL operator LIKE
. If the value is only an asterisk, you can ignore the condition because it will not restrict anything.
The function module accepts values up to a length of 20 characters while authorization values may be up to 40 characters. If you need the full length, the function module is insufficient.
String-like fields require enclosing the values in quotes for correct SQL syntax, while non-string values such as integers must not be enclosed to make the selection work right. Make sure you choose the right enclosing for the column's type.
I am not sure the Code Inspector recognizes that combination of function modules as secure. Dynamic WHERE clauses are a potential intrusion point for SQL injection. Code Inspector usually rejects control flows that delegate clause assembly to some other class. You may need to add escaping with the methods of class cl_abap_dyn_prg
.
As Florian said you have not many options here. If you want to query your custom structure table only dynamic where clause will help you or constructing multiple seltabs (ranges), but the latter may be non-functional if the table key is very complex.
Here is more functional than technical solution but nevertheless. If you want to query your custom table with auth data from get_auth_values()
FM, I propose to use auxiliary database table:
DATA: lt_tab TYPE TABLE OF us335.
CALL FUNCTION 'GET_AUTH_VALUES'
EXPORTING
object1 = 'B_USERSTAT'
user = sy-uname
tcode = 'SPRO'
TABLES
values = lt_tab.
SELECT agr_users~uname, agr_1251~auth, agr_users~agr_name
FROM agr_1251
JOIN agr_users
ON agr_users~agr_name = agr_1251~agr_name
INTO TABLE @DATA(lt_agr)
FOR ALL ENTRIES IN @lt_tab
WHERE object = 'B_USERSTAT'
AND auth = @lt_tab-auth
AND low = @lt_tab-lowval
AND high = @lt_tab-highval.
Here we select users by their authorizations with the help of table agr_1251
which structure fully resembles FM output structure. This gives you usernames + authorizations which you can use in your next selections.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.