stackoom
  简体   繁体   中英

How to hide buttons of PF-Status in ALV report for specific users?

 原文  2021-12-20 15:30:00       authorization/ abap/ alv/ dynpro

Question

I have ALV report, couple of buttons performing certain actions(create, delete lines etc.) and I'd like to forbid specific users from seeing those buttons.

Where exactly in PFCG should I go after creating auth. object in SU21 in order to set it up?

Is it even possible to hide let's say just one button or do I need to create separate PF status just for the specific object with users?

Thank you

1 answers

solution1
 1  2021-12-21 11:35:50

There are no implicit permission checks for specific buttons in specific programs. So you can not make buttons disappear from a GUI-Status using permissions alone. But you can make individual buttons disappear via code using SET PF-STATUS .

When the report is your own, then you can of course just modify your own call to SET PF-STATUS. But when the gui-status is set by the SAP standard code, then you need to figure out:

  • Some place in the PBO modules after the original SET PF-STATUS where you can inject code
  • The name of the status set by the standard
  • The function codes of the buttons you want to remove

For example, when your status is named "STATUS_1" and the buttons you want to hide have the function codes "CREA" and "DELE", then you would do it like this

DATA(hidden_buttons) = VALUE syucomm_t(
   ( 'CREA' ) 
   ( 'DELE' )
).
SET PF-STATUS 'STATUS_1' EXCLUDING hidden_buttons.

But always remember that hiding the button does not disable the function code . Users who knows the function code can still enter it into the SAPGui command field and the PAI will react to it as if they had clicked the button, So when this button does something that should require a permission. then you still need to make sure that this permission gets checked before the action is executed.

If you want to construct the table of excluded buttons based on permissions, then you can check a specific permission with the AUTHORITY-CHECK statement within your code and decide based on the sy-subrc value whether or not you want to add a button to the list of excluded buttons.

But first need to decide what object to test for and what field values within that object. This depends on the permission concept of the system you are working in and the module you are dealing with. Perhaps you already have some permissions for a standard permission object which would be suitable to cover your particular use-case. Perhaps you do not, which means you might have to create a custom permission object, create roles which contain permissions for that object, and assign those roles to users.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Hide some buttons for non authorized users in jquery datatable How to secure a link to be downloaded only by specific users? how can I authorize subsystems to specific users? How to get a list of all users which pass a specific policy? In tomcat manager, how can I restrict users to be able to deploy/undeploy just a specific application? How can I limit azure app service access to specific Google users only? How to authorize specific resources based on users who created those in REST, using annotations Best approach to show/hide content based on users permission Deny access to specific files for specific users How can I restrict access to a view only to two specific users each time in MVC?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM