WITH|WITHOUT
AUTHORITY-CHECK is specified and if no preceding authorization check
is made by calling the function module
AUTHORITY_CHECK_TCODE or the statement
AUTHORITY-CHECK .
Latest notes: The function module AUTHORITY_CHECK_TCODE is also
controlled by the content of the database table TCDCOUPLES . It
checks the associated authorization objects only if the database field
OKFLAG in TCDCOUPLES has the value "X" or is empty. If
the field has the value "N", the function module does not perform a
check. If the authorization is to be checked regardless of the table
entries, the statement AUTHORITY-CHECK needs to be used.
The association between automatic authorization checks on entries in a
database table and a hidden profile parameter is very prone to errors.
For this reason, this form of the statement CALL TRANSACTION . If
possible, one of the additions
WITH AUTHORITY-CHECK or
WITHOUT AUTHORITY-CHECK should be used.
In releases where the additions
WITH AUTHORITY-CHECK or
WITHOUT AUTHORITY-CHECK did not yet exist, the recommendation
was that the authorization check be performed before the transaction was
called using the function module
AUTHORITY_CHECK_TCODE or the statement
AUTHORITY-CHECK . Here, the function module
AUTHORITY_CHECK_TCODE also has a dependency on the database table
TCDCOUPLES (the statement AUTHORITY-CHECK does not). The
security tests in the
extended program check continue to accept preceding checks of this
nature but in new programs the additions should be used.
Documentation extract taken from SAP system, � Copyright SAP AG. All rights reserved