For example, I would like to check whether my user has enough authorization defined by authorization object s_carrid with value actvt = 03.
In tcode SU01, I can only see PFCG roles assigned to my user. Note that authorization object is not directly assigned to user but to PFCG roles. So, PFCG roles act as an intermediate layer:
User <- PFCG role <- Authorization Object
This table stores for a given user, what PFCG roles are assigned to it.
Now I need to figure out, which PFCG role has been assigned with authorization object S_CARRID?
Tcode SUIM:
The following PFCF roles have authorization object S_CARRID assigned:
Double click one of them, for example SAP_QAP_DEVELOPER:
The above pictures mean: If a given user is assigned with PFCG role SAP_QAP_DEVELOPER, the user wil automatically have enough authorizations ( ACTVT 01, 02 and 03 all allowed ) defined by authorization object S_CARRID.
本文來自雲栖社群合作夥伴“汪子熙”,了解相關資訊可以關注微信公衆号"汪子熙"。
![如何檢查某使用者是否配置設定了某ABAP權限對象[圖]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)