For accessing tables, our company does not want to give users access to T-code SE16 . They want me to create a custom program ( T-code = ZSE16 ) to access SAP tables.
Our security team wants to utilize a custom table where they can enter name of table and Auth Object. So anyone who has that Auth Object assigned to their role can have access to that table.
I will expand this with an example:
John Doe works in warehouse. He needs access to tables MARA, MKPF and MSEG. Security team will enter these 3 table names in a custom table along with an Auth Object.
John Doe executes ZSE16 . Custom program ( T-code = ZSE16 ) reads this custom table and determines John Doe has acess to these 3 tables only. So he can display data from these 3 tables only. If he enters MARD on the screen , he will be refused acess.
I understand many companies do not provide users access to SE16. Do you experts have any experience on developing an application similar to this requirement ?
Advantage of the above requirement is, security team can provide access to roles instantly in production by just entering the table name in custom table.
( At this time we do not want to create custom transaction code for each table. )
I tried a few things, but I found that in background SAP calls function "AUTHORITY_CHECK_TCODE" which by default checks if user has access to SE16, and then gives error message.
Any help will be greatly appreciated !!
Thanks for your help !!