• WFM for Studio 11
• WFM 11 Release Notes
• WFM Compatibility Matrix
• SAP R/3 470
  • SAP R/3 470 readme
  • Install Winshuttle add-on version 11 on SAP R/3 470
  • Delete the function module for previous versions of Transaction
  • Import the transport files for new SAP R/3 470 installations
  • Upgrade WFM on SAP R/3 470
• ECC6 70x, 731, 740
  • ECC6 70x, 731, 740 readme
  • Install Winshuttle add-on version 11 on ECC6 70x, 731, 740
  • Delete the function module for previous versions of Transaction
  • Import the transport files for new ECC6 70x, 731, 740 installations
  • Upgrade WFM on ECC6 70x, 731, 740
• ECC6 710, 711, 71x
  • ECC6 710, 711, 71x readme
  • Install Winshuttle add-on version 11 on ECC6 710, 711, 71x
  • Import the transport files for new ECC6 710, 711, 71x installations
  • Upgrade WFM on ECC6 710, 711, 71x
• ECC6 730
  • ECC6 730 readme
  • Install Winshuttle add-on version 11 on ECC6 730
  • Import the transport files for new ECC6 730 installations
  • Upgrade WFM on ECC6 730
• ECC5
  • ECC5 readme
  • Install Winshuttle add-on version 11 on ECC5
  • Delete the function module for previous versions of Transaction
  • Import the transport files for new ECC5 installations
  • Upgrade WFM on ECC5
• WFM Admin Guide
  • FAQ
  • Custom Winshuttle roles for the SAP server
  • Query and Transaction parameters
    • Maintain Timeout and other settings centrally
    • Modify values
    • New Entries (Addition)
  • Transaction
    • SAP attachments
    • Advanced maintenance of the table
    • GL account document posting with multiple currencies
  • Query
    • Description of security and maintaining the security table
    • Change, insert or delete items in the Query custom security table
    • Custom authorization check program (optional feature)

Query: Custom authorization check program (optional feature)

This functionality allows a Winshuttle Query user to build custom authorization check logic. The custom logic decides whether access to a table is allowed or not for the logged-on SAP user.

The custom authorization check will work in addition to the security table entries that are defined.

Note: This feature is optional. You are not required to create this in your SAP system.

Steps to create a custom authorization check program

First create the custom function group, create the function module for the custom check, and then activate the custom check.

Create the custom function group Z_WINSHUTTLE_CHK_ACSS_FUGR

1. Enter the transaction code SE80.
2. In the drop-down list, click Function Group.
3. Type Z_WINSHUTTLE_CHK_ACSS_FUGR, and then click the Display button.

   

4. When you are prompted to create the object, click Yes.
5. Type Winshuttle Query Cust Auth chk func grp in the Short text box.

   

6. In the Package box, select the package for Z developments.

   

7. Create or select a transport request.

   

Create the function module for the custom check

1. Select the new function group and right-click it, and then click Create > Function Module.

   

2. In the Function Module box, type Z_WINSHUTTLE_CHECK_ACCESS.
3. In the Short text box, type Z Winshuttle Query Custom Auth Object.

   

   Important: The name and parameters must be exactly the same as in the screenshot above.

4. Click Save.
5. Click the Import tab, and enter the values that are shown below:

   

6. Click the Export tab, and enter the values that are shown below:

   

7. Click the Exceptions tab, and enter the values that are shown below:

   

8. Save, check, and activate the FM.

Maintain the flag to activate the custom authorization check

1. Enter transaction code SM30.
2. In the Table/View box, type /WINSHTLQ/QREPRM, and then click Maintain.

   

3. Click New, and enter the values that are shown below:

   

4. Click Save, and then click Exit.

Code example

This code blocks access to the table MACKV for all Winshuttle Query users.

FUNCTION Z_WINSHUTTLE_CHECK_ACCESS.

*"----------------------------------------------------------------------

*"*"Local Interface:

*"  IMPORTING

*"     VALUE(TABLE) TYPE  DD02L-TABNAME

*"  EXPORTING

*"     VALUE(ALLOWED) TYPE  BOOLEAN

*"  EXCEPTIONS

*"      ERROR

*"----------------------------------------------------------------------

*Return access allowed ('X'=True or '-'=False) for current user

  ALLOWED = ''. "Initialize

  IF TABLE = 'MACKV'. "For any user

    ALLOWED = '-'.

  ELSE.

    ALLOWED = 'X'.

  ENDIF.

ENDFUNCTION.

*"----------------------------------------------------------------------

You can also add authority-check calls for your own authorization objects in the conditions for the current user (system field SY-UNAME).