Bespoke ABAP program to get and Display SAP user roles for username or pernr

Uses function module BAPI_USER_GET_DETAIL to retrieve SAP user roles based employee number (pernr), SAP Username(sy-uname) or oganisation number (hrp1001-orgeh). Data is then displayed in an ALV report.

*...............................................................
*: Report:  ZGET_USER_ROLES                                    :
*:                                                             :
*: Author:  www.SAP Development                                   :
*:                                                             :
*: Date  :  2014                                               :
*:                                                             :
*: Description: ALV report to diaplsy all SAP roles as user    :
*:              has assigned to them in the current system     :
*:                                                             :
*: Use:         Check users/employees have been assigned the   :
*:              appropriate SAP roles to do their job          :
*:.............................................................:
REPORT  zget_user_roles.
TABLES: pernr.
DATA: it_pa0105 TYPE STANDARD TABLE OF pa0105,
      wa_pa0105  LIKE LINE OF it_pa0105,
      it_ag TYPE STANDARD TABLE OF bapiagr,
      wa_ag LIKE LINE OF it_ag,
      it_return TYPE STANDARD TABLE OF bapiret2,
      wa_return LIKE LINE OF it_return,
      ld_pernr TYPE pernr-pernr.
TYPES: BEGIN OF t_report,
  pernr TYPE pernr-pernr,
  uname TYPE sy-uname,
  ename TYPE emnam,
  agr_name TYPE agr_name,
  agr_text TYPE agr_title,
*  ORG_FLAG type AGR_ORGCOL,
  direct(3) TYPE c,
 END OF t_report.
DATA: it_report TYPE STANDARD TABLE OF t_report,
      wa_report LIKE LINE OF it_report.
*ALV data declarations
DATA: fieldcatalog TYPE slis_t_fieldcat_alv WITH HEADER LINE,
      gd_tab_group TYPE slis_t_sp_group_alv,
      gd_layout    TYPE slis_layout_alv,
      gd_repid     LIKE sy-repid.
DATA: it_sortcat   TYPE slis_sortinfo_alv OCCURS 1,
        wa_sort LIKE LINE OF it_sortcat.
DATA: it_objectab TYPE STANDARD TABLE OF objec,
      wa_objectab LIKE LINE OF it_objectab.
TYPES: BEGIN OF t_employees,
         pernr TYPE pernr-pernr,
       END OF t_employees.
DATA: it_employees TYPE STANDARD TABLE OF t_employees,
      wa_employees LIKE LINE OF it_employees.
DATA: gd_percent TYPE i.
DATA:   it_message TYPE STANDARD TABLE OF solisti1 INITIAL SIZE 0
                WITH HEADER LINE.
DATA:   it_attach TYPE STANDARD TABLE OF solisti1 INITIAL SIZE 0
                WITH HEADER LINE.
SELECTION-SCREEN BEGIN OF BLOCK data WITH FRAME TITLE text-s01.
SELECTION-SCREEN SKIP.
PARAMETERS: p_ounit TYPE c RADIOBUTTON GROUP sel USER-COMMAND upd.  "org unit
PARAMETERS: p_pernr TYPE c RADIOBUTTON GROUP sel.  "pernr
PARAMETERS: p_user TYPE c RADIOBUTTON GROUP sel.  "pernr
PARAMETERS: p_org TYPE p0001-orgeh.
SELECT-OPTIONS: so_pernr FOR pernr-pernr.
PARAMETERS: p_uname like sy-uname.
SELECTION-SCREEN END OF BLOCK data.
****************************************************************
*AT SELECTION-SCREEN OUTPUT.
AT SELECTION-SCREEN OUTPUT.
* The OUTPUT event is also trigged to re-draw ABAP report screen allowing it to
* be used to hide, display or deactivate fields. Please note if using sy-ucomm field
* it has been refreshed so you need to use value captured above in 'AT SELECTION-SCREEN'.
  CASE 'X'.
    WHEN p_ounit. "hide field if second radio button selected
      PERFORM display_org.
    WHEN p_pernr.
      PERFORM display_pernr.
    WHEN p_user.
      PERFORM display_uname.
    WHEN OTHERS. "default
      PERFORM display_org.
  ENDCASE.
****************************************************************
*START-OF-SELECTION.
START-OF-SELECTION.
  PERFORM progress_indicator USING 'Retrieving Personnel Details...'.
  CASE 'X'.
    WHEN  p_ounit.
      PERFORM get_orgunit_pernrs.
      PERFORM progress_indicator USING 'Getting Role Details...'.
      PERFORM data_retrieval.
    WHEN p_pernr.
      PERFORM get_pernrs.
      PERFORM progress_indicator USING 'Getting Role Details...'.
      PERFORM data_retrieval.
    WHEN p_user.
      PERFORM progress_indicator USING 'Getting Role Details...'.
      PERFORM data_retrieval_user.
  ENDCASE.
  PERFORM build_fieldcatalog.
  PERFORM build_layout.
  PERFORM build_sortcat.
****************************************************************
*END-OF-SELECTION.
END-OF-SELECTION.
  PERFORM display_alv_report.
*&----------------------------------------------------------*
*&      Form  build_sortcat
*&----------------------------------------------------------*
*       Build Sort catalog
*-----------------------------------------------------------*
FORM build_sortcat .
  wa_sort-spos      = 1.
  wa_sort-fieldname = 'PERNR'.
  wa_sort-subtot    = ' '. "subtotals any totals column by this field
*  gd_sortcat-tabname
  APPEND wa_sort TO it_sortcat.
  wa_sort-spos      = 2.
  wa_sort-fieldname = 'UNAME'.
*  gd_sortcat-tabname
  APPEND wa_sort TO it_sortcat.
  wa_sort-spos      = 3.
  wa_sort-fieldname = 'ENAME'.
*  gd_sortcat-tabname
  APPEND wa_sort TO it_sortcat.
ENDFORM.                    " build_sortcat
*&---------------------------------------------------------------------*
*&      Form  BUILD_FIELDCATALOG
*&---------------------------------------------------------------------*
*       Build Fieldcatalog for ALV Report
*----------------------------------------------------------------------*
FORM build_fieldcatalog.
  fieldcatalog-fieldname   = 'PERNR'.
  fieldcatalog-seltext_m   = 'Personnel No.'.
  fieldcatalog-col_pos     = 0.
  fieldcatalog-outputlen   = 10.
  fieldcatalog-emphasize   = 'X'.
  fieldcatalog-key         = 'X'.
*  fieldcatalog-do_sum      = 'X'.
*  fieldcatalog-no_zero     = 'X'.
  APPEND fieldcatalog TO fieldcatalog.
  CLEAR  fieldcatalog.
  fieldcatalog-fieldname   = 'UNAME'.
  fieldcatalog-seltext_m   = 'User Name'.
  fieldcatalog-col_pos     = 1.
  APPEND fieldcatalog TO fieldcatalog.
  CLEAR  fieldcatalog.
  fieldcatalog-fieldname   = 'ENAME'.
  fieldcatalog-seltext_m   = 'Name'.
  fieldcatalog-col_pos     = 2.
  APPEND fieldcatalog TO fieldcatalog.
  CLEAR  fieldcatalog.
  fieldcatalog-fieldname   = 'AGR_NAME'.
  fieldcatalog-seltext_m   = 'Role'.
  fieldcatalog-col_pos     = 3.
  APPEND fieldcatalog TO fieldcatalog.
  CLEAR  fieldcatalog.
  fieldcatalog-fieldname   = 'AGR_TEXT'.
  fieldcatalog-seltext_m   = 'Role  Desc'.
  fieldcatalog-col_pos     = 4.
  APPEND fieldcatalog TO fieldcatalog.
  CLEAR  fieldcatalog.
  fieldcatalog-fieldname   = 'DIRECT'.
  fieldcatalog-seltext_m   = 'Direct Assignment'.
  fieldcatalog-col_pos     = 5.
  APPEND fieldcatalog TO fieldcatalog.
  CLEAR  fieldcatalog.
ENDFORM.                    " BUILD_FIELDCATALOG
*&---------------------------------------------------------------------*
*&      Form  BUILD_LAYOUT
*&---------------------------------------------------------------------*
*       Build layout for ALV grid report
*----------------------------------------------------------------------*
FORM build_layout.
  gd_layout-no_input          = 'X'.
  gd_layout-colwidth_optimize = 'X'.
  gd_layout-totals_text       = 'Totals'(201).
  gd_layout-zebra             = 'X'.
ENDFORM.                    " BUILD_LAYOUT
*&---------------------------------------------------------------------*
*&      Form  DISPLAY_ALV_REPORT
*&---------------------------------------------------------------------*
*       Display report using ALV grid
*----------------------------------------------------------------------*
FORM display_alv_report.
  gd_repid = sy-repid.
  CALL FUNCTION 'REUSE_ALV_GRID_DISPLAY'
    EXPORTING
      i_callback_program      = gd_repid
*     i_callback_top_of_page  = 'TOP-OF-PAGE' "see FORM
*     i_callback_user_command = 'USER_COMMAND'
*     i_grid_title            = outtext
      is_layout               = gd_layout
      it_fieldcat             = fieldcatalog[]
      it_sort                 = it_sortcat
*     it_special_groups       = gd_tabgroup
*     IT_EVENTS               = GT_XEVENTS
      i_save                  = 'X'
*     is_variant              = z_template
    TABLES
      t_outtab                = it_report
    EXCEPTIONS
      program_error           = 1
      OTHERS                  = 2.
  IF sy-subrc <> 0.
* MESSAGE ID SY-MSGID TYPE SY-MSGTY NUMBER SY-MSGNO
*         WITH SY-MSGV1 SY-MSGV2 SY-MSGV3 SY-MSGV4.
  ENDIF.
ENDFORM.                    " DISPLAY_ALV_REPORT
*&---------------------------------------------------------------------*
*&      Form  DATA_RETRIEVAL
*&---------------------------------------------------------------------*
*       Retrieve data form EKPO table and populate itab it_ekko
*----------------------------------------------------------------------*
FORM data_retrieval.
  LOOP AT it_pa0105 INTO wa_pa0105.
    wa_report-pernr =  wa_pa0105-pernr.
    wa_report-uname =  wa_pa0105-usrid.
    SELECT SINGLE ename FROM pa0001
      INTO wa_report-ename
     WHERE pernr = wa_pa0105-pernr
       AND begda LE sy-datum
       AND endda GE sy-datum.
    CALL FUNCTION 'BAPI_USER_GET_DETAIL'
      EXPORTING
        username       = wa_report-uname
      TABLES
        activitygroups = it_ag
        return         = it_return.
    LOOP AT it_ag INTO wa_ag.
      MOVE-CORRESPONDING wa_ag TO wa_report.
      CASE wa_ag-org_flag.
        WHEN 'C'.
          wa_report-direct = 'No'.
        WHEN OTHERS.
          wa_report-direct = 'Yes'.
      ENDCASE.
      APPEND wa_report TO it_report.
    ENDLOOP.
  ENDLOOP.
ENDFORM.                    " DATA_RETRIEVAL
*&---------------------------------------------------------------------*
*&      Form  DATA_RETRIEVAL
*&---------------------------------------------------------------------*
*       Retrieve data form EKPO table and populate itab it_ekko
*----------------------------------------------------------------------*
FORM data_retrieval_user.
    wa_report-uname =  p_uname.
    CALL FUNCTION 'BAPI_USER_GET_DETAIL'
      EXPORTING
        username       = wa_report-uname
      TABLES
        activitygroups = it_ag
        return         = it_return.
    LOOP AT it_ag INTO wa_ag.
      MOVE-CORRESPONDING wa_ag TO wa_report.
      CASE wa_ag-org_flag.
        WHEN 'C'.
          wa_report-direct = 'No'.
        WHEN OTHERS.
          wa_report-direct = 'Yes'.
      ENDCASE.
      APPEND wa_report TO it_report.
    ENDLOOP.
ENDFORM.                    " DATA_RETRIEVAL_USER
*&---------------------------------------------------------------------*
*&      Form  GET_ORGUNIT_PERNRS
*&---------------------------------------------------------------------*
*       Get employees within an org structure
*----------------------------------------------------------------------*
FORM get_orgunit_pernrs .
  DATA: ld_orgunit   TYPE p0001-orgeh.
  DATA: t_org_tab LIKE rhldapp OCCURS 0 WITH HEADER LINE.
  ld_orgunit = p_org.
  CALL FUNCTION 'RH_PM_GET_STRUCTURE'
    EXPORTING
      plvar           = '01'   "p0000-plvar
      otype           = 'O'  "0001-otype
      objid           = ld_orgunit
      begda           = sy-datum
      endda           = sy-datum
      status          = '1'
      wegid           = 'SBESX'   "ORGEH
      77aw_int        = ' '
    TABLES
      objec_tab       = it_objectab
    EXCEPTIONS
      not_found       = 1
      ppway_not_found = 2
      OTHERS          = 3.
  DELETE it_objectab WHERE otype NE 'P'.
  LOOP AT it_objectab INTO wa_objectab.
    wa_employees-pernr = wa_objectab-realo.
    APPEND wa_employees TO it_employees.
  ENDLOOP.
  SELECT  pernr usrid
    FROM pa0105
    INTO CORRESPONDING FIELDS OF TABLE it_pa0105
    FOR ALL ENTRIES IN it_employees
   WHERE pernr EQ it_employees-pernr
     AND usrty = '0001'                               "'9001'
     AND begda LE sy-datum
     AND endda GE sy-datum.
ENDFORM.                    " GET_ORGUNIT_PERNRS
*&---------------------------------------------------------------------*
*&      Form  GET_PERNRS
*&---------------------------------------------------------------------*
*       Get pernrs based on pernr selection
*----------------------------------------------------------------------*
FORM get_pernrs .
  SELECT  pernr usrid
    FROM pa0105
    INTO CORRESPONDING FIELDS OF TABLE it_pa0105
   WHERE pernr IN so_pernr
     AND usrty = '0001'                               "'9001'
     AND begda LE sy-datum
     AND endda GE sy-datum.
ENDFORM.                    " GET_PERNRS
*&---------------------------------------------------------------------*
*&      Form  DISPLAY_ORG
*&---------------------------------------------------------------------*
*       display org selection
*----------------------------------------------------------------------*
FORM display_org .
  LOOP AT SCREEN.
*   Use cs as this then captures all elements of the field inc text
    IF screen-name CS 'SO_PERNR'.
      screen-active = 0. "remove pernr selection field
      MODIFY SCREEN.
    ENDIF.
    IF screen-name CS 'P_UNAME'.
      screen-active = 0. "remove pernr selection field
      MODIFY SCREEN.
    ENDIF.
    IF screen-name CS 'P_ORG'.
      screen-active = 1. "display org selection field
      MODIFY SCREEN.
    ENDIF.
  ENDLOOP.
ENDFORM.                    " DISPLAY_ORG
*&---------------------------------------------------------------------*
*&      Form  DISPLAY_PERNR
*&---------------------------------------------------------------------*
*       Display pernr slection
*----------------------------------------------------------------------*
FORM display_pernr .
  LOOP AT SCREEN.
*   Use cs as this then captures all elements of the field inc text
    IF screen-name CS 'P_ORG'.
      screen-active = 0. "display org selection field
      MODIFY SCREEN.
    ENDIF.
    IF screen-name CS 'P_UNAME'.
      screen-active = 0. "display org selection field
      MODIFY SCREEN.
    ENDIF.
    IF screen-name CS 'SO_PERNR'.
      screen-active = 1. "display pernr selection screen field
      MODIFY SCREEN.
    ENDIF.
  ENDLOOP.
ENDFORM.                    " DISPLAY_PERNR
*&---------------------------------------------------------------------*
*&      Form  DISPLAY_UNAME
*&---------------------------------------------------------------------*
*       Display uname slection
*----------------------------------------------------------------------*
FORM display_uname .
  LOOP AT SCREEN.
*   Use cs as this then captures all elements of the field inc text
    IF screen-name CS 'P_ORG'.
      screen-active = 0. "display org selection field
      MODIFY SCREEN.
    ENDIF.
    IF screen-name CS 'P_UNAME'.
      screen-active = 1. "display org selection field
      MODIFY SCREEN.
    ENDIF.
    IF screen-name CS 'SO_PERNR'.
      screen-active = 0. "display pernr selection screen field
      MODIFY SCREEN.
    ENDIF.
  ENDLOOP.
ENDFORM.
*&---------------------------------------------------------------------*
*&      Form  PROGRESS_INDICATOR
*&---------------------------------------------------------------------*
*       Displays progress indicator on SAP screen
*----------------------------------------------------------------------*
FORM progress_indicator USING p_text.
  CALL FUNCTION 'SAPGUI_PROGRESS_INDICATOR'
    EXPORTING
*     PERCENTAGE = 0
      text       = p_text.
ENDFORM.                    " PROGRESS_INDICATOR

Return to Authorisations Home

Related Articles

Add role to SAP user account - BAPI_USER_GET_DETAIL
SAP/ABAP Authority checks - Information on SAP authority checking functionality
Authorisation trace analysis
Transaction code authority check
ABAP code to Copy a SAP user account using BDC and email new password