Creating Authorization Fields
In authorization objects, authorization fields represent the values to be tested in authorization checks.
Prerequisite: Define Structure ZAUTHCUST
Before you define a field, check that you have defined the ABAP Dictionary structure ZAUTHCUST. This structure is required for customer-specific authorization fields. If you have upgraded to Release 3.0 from an earlier release, then you should have already defined this structure in accordance with the release note New ZAUTHCUST Table for Customer Authorization Fields for Release 2.1.
If you have not defined ZAUTHCUST, proceed as follows:
Be sure to use the name ZAUTHCUST. Otherwise, the Customer function for defining fields will not work.
You do not need to define any fields for the structure.
Be sure to assign the structure to one of your own development classes (class name starting with Y or Z).
You do not need to activate the structure.
To create authorization fields, choose Tools ® ABAP Workbench, Development ® Other tools ® Authorization objects ® Objects.
Enter the name of the field and assign it to an ABAP Dictionary data element. Field names must be unique and must begin with the letter Y or Z , in accordance with the naming convention for customer-specific objects.
You can define a foreign key for an authorization field. To do so, position the cursor on a field and choose Goto ® Foreign keys. You can also define a value range by way of the area with which a field is associated. Users can display both types of value ranges when they maintain authorizations.
So that your fields are not deleted when you install a new release, you should define your fields only with the Customer function in the field maintenance. The Customer function automatically saves your fields in the ZAUTHCUST structure.
For more information, choose F1 to display the online information available, or see the ABAP documentation for the AUTHORITY-CHECK statement.
You can often use the fields defined by SAP in your own authorization objects. If you create a new authorization object, you do not need to define your own fields. For example, you can use the SAP field ACTVT in your own authorization objects to represent a wide variety of actions in the system.