Check for S_DEVELOP when executing function modules
[builder] [environment] [error executing] [executing] [Function] [function check] [function checkform] [test]
Symptom
The authorization check for executing a function module (object S_DEVELOP with ACTVT = 16, OBJTYPE = FUGR) in transaction SE37 takes account only of values for the name of function modules (OBJNAME), but not for their packages (DEVCLASS). As a result, you cannot restrict the execution authorization to modules of certain packages.
Other terms
Function Builder, test environment
Reason and Prerequisites
The relevant function is missing.
Solution
Implement the correction instructions if you require a stricter check for the execution authorization. After you implement the correction, the system also includes the values in the field DEVCLASS in the check; there are no changes for any other fields in S_DEVELOP.
Important:
Remember to check all of the roles and manual profiles that contain the authorizations for the object S_DEVELOP after you implement the correction. Add suitable values to the field DEVCLASS if this is required. You can use the User Information System (transaction SUIM) to determine the roles and profiles that contain authorizations for S_DEVELOP.
Note:
The implementation of this solution is voluntary. This solution will not be delivered as part of a Support Package for releases that are already being maintained. Otherwise, all customers would have to revise their authorizations for S_DEVELOP to prevent authorization problems from occurring. Only future releases (as of BASIS Release 800) will include the stricter authorization check as the default behavior.
![[del.icio.us]](http://images.del.icio.us/static/img/delicious.small.gif){kind=small}