What are Authorization Objects

Authorization objects are composed of a grouping of fields. The values in these

fields will be used in authorization check. There can be a maximum of 10 fields
defind on an authorization object.
Basically we use this authoirzation objects to check whether the user is having an
authoirzation to run particular transaction. We assign authorization objects to a role
with specific ACTVT type. For example a user is authorized only to view, other could
be authorized to modify and so on. IF your userid not attached to specific role than
contact your basis team to resolve the problem by sending SU53 screen shot.
AUTHORITY-CHECK is the statement used in an ABAP Program to perform an
authorization check against an authorization obect. This statement will return sysubrc is 0 if user has required authorization otherwise will return code will be other
than Zero. Each return code will have different meaning.
Example: 8 - User has to authorization.
12 - Too many parameters etc.
STEP BY STEP TO CREATE AUTHORIZATION OBJECT:
STEP1: goto SU21 transaction and create a new Authorization Object
Object Name: Z.....
Text: ...........
ClassL SD (YOUR MODULE)
AUTHOR: YOUR ID
STEP2: Give authorizatin fields as
ACTION - Action of the Authorization
Activity - Document Destribution.
STEP3: Basis will create a role using transaction PFCG and assign this
authorization object to that role
STEP4: Call the AUTHORITY-CHECK Object in your code
AUTHORITY-CHECK OBJECT <authorization object>
ID <authority field 1> FIELD <field value 1>.
ID <authority field 2> FIELD <field value 2>.
IF sy-subrc 0.
MESSAGE e000(zzpp) WITH 'No Authorization'.
ENDIF.