Bug 19215 (T034869)

Summary: Fehlende Berechtigungsprüfungen für Aufrufe
Product: [SCX/Suite] Manufacturing Reporter: Eich, Nico <nico.eich>
Component: AnwendungAssignee: Eich, Nico <nico.eich>
Status: VERIFIED FIXED QA Contact: Ergüzel, Rüsan <Ruesan.Erguezel>
Severity: minor    
Priority: P5 CC: daniel.sanchezfernandez
Version: 25.0Keywords: Vela, Vorabkorrektur
Hardware: All   
OS: All   
Whiteboard: Code Review OK, DSA überprüft
Kundennummer: Bestellnummer:
PV Übergabe: --- Phase Roadmap: ---
Erledigt mit: Vela SAP Release: ---
Transport: FE0K915428;M59K900139;M68K901083;M68K901085 CRM-ID/Ticket: 034869

Description Eich, Nico intern 2025-08-20 16:15:06 CEST 
Nicht alle aufgerufenen Reports und Funktionen werden korrekt auf Berechtigung geprüft. Diese müssen geprüft und ggf. ergänzt werden. 


/GIB/DCP_ADM_SERVICE,  GSP Service functions, /GIB/DCP_ADMIN_SERVICE
Cockpit transaction - auth check is in place for the main admin transaction but called upon need to be reviewed, ex. Release order. All functions needs to be reviewed

/GIB/DCP_LOAD, GSP Load/correct data, /GIB/DCP_MAIN_MAINTAIN
No auth check found, needs to be review

/GIB/DCP_PLAFS, GSP Planned orders w/o scheduling, /GIB/DCP_PLAF_SCHED
Need to be reviewed, called upon transactions (MD12) etc. Also I do not see the initial auth check for the underlying transaction

/GIB/DCP_RELEASE, GSP Order Release, /GIB/DCP_AUTO_RELEASEN
No auth check found, needs to be reviewed; It calls function /GIB/DCP_PRODORDER_RELEASE. Auth check also needs at the t-code level for CO02 as an example as

/GIB/DCO, GIB Operations, /GIB/DCO_DISPOLISTE
No auth check in place when submit statement is called
Comment 1 Eich, Nico intern 2025-08-21 11:55:57 CEST 
/GIB/DCP_ADM_SERVICE,  GSP Service functions, /GIB/DCP_ADMIN_SERVICE
- Called report /GIB/DCP_LAYOUT extended with authorization check
- All submits checked for not invoking a method which has to be checked additional

/GIB/DCP_LOAD, GSP Load/correct data, /GIB/DCP_MAIN_MAINTAIN
- Added the missing authorization check

/GIB/DCP_PLAFS, GSP Planned orders w/o scheduling, /GIB/DCP_PLAF_SCHED
Need to be reviewed, called upon transactions (MD12) etc. Also I do not see the initial auth check for the underlying transaction
- Added authorization check on transaction in initalization
- Added MD12 check on initialization (all functions are called upon are for changing plafs)

/GIB/DCP_RELEASE, GSP Order Release, /GIB/DCP_AUTO_RELEASEN
- Had already an authorization check on start (START_OF_SELECTION >> lcl_main=>start())
- Added authorization check for transaction at initialization. 
- Added check for C_AFKO_AWA on Order level before release (C_AFKO_REL for S4)

/GIB/DCO_DISPOLISTE
- Added the missing authorization check