*&---------------------------------------------------------------------* *& Include ZXFILU01 *&---------------------------------------------------------------------* *& Purpose: User-exit implementation for SAP GUI downloads *& Author : Daniel Berlin *& Version: 1.0.0 *& License: CC BY 3.0 (https://creativecommons.org/licenses/by/3.0/) *&---------------------------------------------------------------------* DATA: lv_deny VALUE space. DATA: ls_log TYPE bal_s_log, lv_handle TYPE balloghndl, ls_msg TYPE bal_s_msg, lt_handle TYPE bal_t_logh. * --- Authority check for S_GUI has been disabled " See import parameter NO_AUTH_CHECK in function module GUI_DOWNLOAD IF no_auth_check <> space. " Re-enable check AUTHORITY-CHECK OBJECT 'S_GUI' ID 'ACTVT' FIELD '61'. IF sy-subrc <> 0. lv_deny = 'X'. ENDIF. ENDIF. * --- Special handling depending on transaction code CASE sy-tcode. WHEN 'SE16'. " Transaction SE16 " Get table by stripping prefix '/1BCDWB/DB' from display report CASE sy-cprog+10. WHEN 'PA0008'. " Table PA0008 (Infotype 0008 - Basic Pay) " Download is only allowed for users in group SUPER TABLES: usr02. SELECT SINGLE * FROM usr02 WHERE bname = sy-uname. IF usr02-class <> 'SUPER'. lv_deny = 'X'. ENDIF. WHEN '...'. " Table ... " ... ENDCASE. CONCATENATE '( table:' sy-cprog+10 ')' INTO ls_msg-msgv2 SEPARATED BY space. WHEN 'SE16N'. " Transaction SE16N " Prevent any download in SE16N lv_deny = 'X'. WHEN '...'. " Transaction ... " ... ENDCASE. * --- Create an Application Log entry " Open log and provide header data ls_log-extnumber = 'GUI Download'. "#EC NOTEXT ls_log-object = 'DX'. " You might want to change this ... ls_log-subobject = 'RUN'. " ... and this as well (see SLG0) ls_log-aldate = sy-datum. ls_log-altime = sy-uzeit. ls_log-aluser = sy-uname. ls_log-altcode = sy-tcode. ls_log-alprog = sy-cprog. ls_log-aldate_del = sy-datum + 365. " Expiry date ls_log-del_before = space. " Log may be deleted before expiry CALL FUNCTION 'BAL_LOG_CREATE' EXPORTING i_s_log = ls_log IMPORTING e_log_handle = lv_handle EXCEPTIONS log_header_inconsistent = 1 OTHERS = 2. " Create new log entry IF lv_deny = space. ls_msg-msgty = 'I'. " Information ls_msg-probclass = 4. " Additional information ls_msg-msgv1 = 'Download allowed'. "#EC NOTEXT ELSE. ls_msg-msgty = 'W'. " Warning ls_msg-probclass = 2. " Important ls_msg-msgv1 = 'Download prevented'. "#EC NOTEXT ENDIF. ls_msg-msgid = 'SGRPDL00'. ls_msg-msgno = '000'. CALL FUNCTION 'BAL_LOG_MSG_ADD' EXPORTING i_log_handle = lv_handle i_s_msg = ls_msg EXCEPTIONS log_not_found = 1 msg_inconsistent = 2 log_is_full = 3 OTHERS = 4. " Save log entry to database APPEND lv_handle TO lt_handle. CALL FUNCTION 'BAL_DB_SAVE' EXPORTING i_t_log_handle = lt_handle EXCEPTIONS log_not_found = 1 save_not_allowed = 2 numbering_error = 3 OTHERS = 4. * --- Finally prevent unauthorized downloads IF lv_deny <> space. RAISE no_authority. ENDIF. |