SAP R/3 форум ABAP консультантов
Russian ABAP Developer's Club

Home - FAQ - Search - Memberlist - Usergroups - Profile - Log in to check your private messages - Register - Log in - English
Blogs - Weblogs News

Display redundant authorizations for the current user



 
Post new topic   Reply to topic    Russian ABAP Developer's Club Forum Index -> Security and Monitoring
View previous topic :: View next topic  
Author Message
admin
Администратор
Администратор



Joined: 01 Sep 2007
Posts: 1640

PostPosted: Sat Nov 17, 2007 7:33 pm    Post subject: Display redundant authorizations for the current user Reply with quote

Code:
 
*
* This program displays the redundant authorizations of the user who runs it.
* It reads the data from the user buffer, locates the redundant authorizations
* (more then one authorization for an object) and displays them with the fields
* names and field values.
*
REPORT ZREDUNDA.

TABLES: TOBJT.
DATA:   OBJECT1 LIKE USR12-OBJCT,
        OBJECT2 LIKE USR12-OBJCT,
        OBJECT3 LIKE USR12-OBJCT,
        AUTH1 LIKE USR12-AUTH,
        AUTH2 LIKE USR12-AUTH,
        AUTH3 LIKE USR12-AUTH,
        IND LIKE SY-INDEX,
        FLAG TYPE I.
DATA:   BEGIN OF INTTAB OCCURS 30,
          OBJECT    LIKE USR12-OBJCT,
          AUTH      LIKE USR12-AUTH,
        END OF INTTAB.
DATA:   BEGIN OF INTTAB2 OCCURS 30,
          OBJECT    LIKE USR12-OBJCT,
          AUTH      LIKE USR12-AUTH,
          EXPL      LIKE TOBJT-TTEXT,
        END OF INTTAB2.
DATA:   BEGIN OF TABSET OCCURS 30,
          SFIELD LIKE TOBJ-FIEL1,
          VON(18),
          BIS(18),
        END OF TABSET.
*read up the authorizations from the user buffer
CALL 'ANALYSE_USERBUFFER'
     ID 'AUTHS' FIELD INTTAB-*SYS*.
*filter out the multipy authorizatios of the same object
SORT INTTAB BY OBJECT.
DO.
  IF SY-INDEX = 1.
    OBJECT1 = ''. AUTH1 = ''.
    READ TABLE INTTAB INDEX 1.
    OBJECT2 = INTTAB-OBJECT .AUTH2 = INTTAB-AUTH.
    READ TABLE INTTAB INDEX 2.
    OBJECT3 = INTTAB-OBJECT.AUTH3 = INTTAB-AUTH.
  ELSE.
    OBJECT1 = OBJECT2. AUTH1 = AUTH2.
    READ TABLE INTTAB INDEX SY-INDEX.
    OBJECT2 = INTTAB-OBJECT .AUTH2 = INTTAB-AUTH.
    IND = SY-INDEX + 1.
    READ TABLE INTTAB INDEX IND.
    IF SY-SUBRC = 0.
      OBJECT3 = INTTAB-OBJECT.AUTH3 = INTTAB-AUTH.
    ELSE.
      OBJECT3 = ''. AUTH3 = ''.
      IF OBJECT2 = OBJECT1 OR OBJECT2 = OBJECT3.
        INTTAB2-OBJECT = OBJECT2.
        INTTAB2-AUTH = AUTH2.
        SELECT SINGLE * FROM TOBJT
               WHERE LANGU = SY-LANGU
               AND   OBJECT = OBJECT2.
        INTTAB2-EXPL = TOBJT-TTEXT.
      ENDIF.
      EXIT.
    ENDIF.
  ENDIF.
  IF OBJECT2 = OBJECT1 OR OBJECT2 = OBJECT3.
    INTTAB2-OBJECT = OBJECT2.
    INTTAB2-AUTH = AUTH2.
    SELECT SINGLE * FROM TOBJT
           WHERE LANGU = SY-LANGU
           AND   OBJECT = OBJECT2.
    INTTAB2-EXPL = TOBJT-TTEXT.
    APPEND INTTAB2.
  ENDIF.
ENDDO.
SORT INTTAB2 BY OBJECT AUTH.
*display the authorization and description, the objects, fields and
*field values
FLAG = 0. OBJECT1 = ''.
LOOP AT INTTAB2.
  IF OBJECT1 = INTTAB2-OBJECT.
    WRITE: / INTTAB2-AUTH COLOR 2.
    PERFORM FIELD_VALUES.
    LOOP AT TABSET.
      WRITE:   / TABSET-SFIELD, TABSET-VON,  TABSET-BIS.
    ENDLOOP.
  ELSE.
    SKIP.
    WRITE: / INTTAB2-OBJECT COLOR 3, INTTAB2-EXPL COLOR 3.
    PERFORM FIELD_VALUES.
    WRITE: / INTTAB2-AUTH COLOR 2.
    LOOP AT TABSET.
      WRITE:   / TABSET-SFIELD, TABSET-VON,  TABSET-BIS.
    ENDLOOP.
  ENDIF.
  OBJECT1 = INTTAB2-OBJECT.
ENDLOOP.

*---------------------------------------------------------------------*
*       FORM FIELD_VALUES                                             *
*---------------------------------------------------------------------*
*       retrieve the field values of an authorization                  *
*---------------------------------------------------------------------*
FORM FIELD_VALUES.
  TABLES: USR12.
  FIELD-SYMBOLS .
  DATA: INTFLAG TYPE I VALUE 0, OFF TYPE I, VTYP, LNG TYPE I,
          CLNG(2), GLNG(2), FLDLNG TYPE I VALUE 10, SETFILL.

  SELECT SINGLE * FROM USR12
         WHERE AUTH  = INTTAB2-AUTH
         AND   OBJCT  = INTTAB2-OBJECT
         AND   AKTPS  = 'A'.
  SETFILL = 0.
  REFRESH TABSET.
  CLEAR TABSET.
  OFF = 2.
  ASSIGN USR12-VALS+OFF(1) TO .
  WRITE  TO VTYP.
  WHILE VTYP <> '  ' AND OFF < USR12-LNG.
    OFF = OFF + 1.
    CASE VTYP.
      WHEN 'F'.
        OFF = OFF + 5.
        ASSIGN USR12-VALS+OFF(2) TO .
        WRITE  TO CLNG.
        LNG = CLNG.
        IF LNG <= 0.
          EXIT.
        ENDIF.
        OFF = OFF + 2.
        ASSIGN USR12-VALS+OFF(FLDLNG) TO .
        WRITE  TO TABSET-SFIELD.
        OFF = OFF + FLDLNG.
      WHEN 'E'.
        ASSIGN USR12-VALS+OFF(LNG) TO .
        WRITE  TO TABSET-VON.
        IF TABSET-VON = SPACE.
          TABSET-VON = ''' '''.
        ENDIF.
        APPEND TABSET.
        SETFILL = SETFILL + 1.
        TABSET-VON = SPACE.
        TABSET-BIS = SPACE.
        OFF = OFF + LNG.
      WHEN 'G'.
        ASSIGN USR12-VALS+OFF(2) TO .
        WRITE  TO CLNG.
        GLNG = CLNG.
        OFF = OFF + 2.
        ASSIGN USR12-VALS+OFF(LNG) TO .
        IF INTFLAG = 0.
          WRITE  TO TABSET-VON.
          WRITE '*' TO TABSET-VON+GLNG.
        ELSE.
          WRITE  TO TABSET-BIS.
          WRITE '*' TO TABSET-BIS+GLNG.
          INTFLAG = 0.
        ENDIF.
        APPEND TABSET.
        SETFILL = SETFILL + 1.
        TABSET-VON = SPACE.
        TABSET-BIS = SPACE.
        OFF = OFF + LNG.
      WHEN 'V'.
        INTFLAG = 1.
        ASSIGN USR12-VALS+OFF(LNG) TO .
        WRITE  TO TABSET-VON.
        IF TABSET-VON = SPACE.
          TABSET-VON = ''' '''.
        ENDIF.
        OFF = OFF + LNG.
      WHEN 'B'.
        INTFLAG = 0.
        ASSIGN USR12-VALS+OFF(LNG) TO .
        WRITE  TO TABSET-BIS.
        IF TABSET-BIS = SPACE.
          TABSET-BIS = ''' '''.
        ENDIF.
        APPEND TABSET.
        SETFILL = SETFILL + 1.
        TABSET-VON = SPACE.
        TABSET-BIS = SPACE.
        OFF = OFF + LNG.
    ENDCASE.
    ASSIGN USR12-VALS+OFF(1) TO .
    WRITE  TO VTYP.
  ENDWHILE.
ENDFORM.
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Russian ABAP Developer's Club Forum Index -> Security and Monitoring All times are GMT + 4 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


All product names are trademarks of their respective companies. SAPNET.RU websites are in no way affiliated with SAP AG.
SAP, SAP R/3, R/3 software, mySAP, ABAP, BAPI, xApps, SAP NetWeaver and any other are registered trademarks of SAP AG.
Every effort is made to ensure content integrity. Use information on this site at your own risk.