问题
I can connect as user "foo" with password "bar" via SAP-RFC from my machine to the SAP server. Is introspection possible via SAP-RFC?nI would like to know which methods user "foo" is allowed to execute. I am using PyRFC, but AFAIK this should not matter for this question.
According to user Suncatcher it is not available out of the box.
My SAP knowledge is limited up to now. But wouldn't it be possible to loop like this pseudo code? (This code should run (as ABAP) inside in SAP and could be exposed via RFC)
user = 'foo'
allowed_methods = [] # empty list
for func in get_all_functions_which_are_exported_via_rfc():
if not check_if_user_has_permission_to_call_rfc_function(func, user):
# not allowed
continue
# user is allowed
allowed_methods.append(func)
return allowed_methods
回答1:
I would like to know which methods user "foo" is allowed to execute.
There is no such entity as method in terms of SAP authorization concept, so you cannot list allowed methods.
You only can get list of assigned roles for your user from the table AGR_USERS (if you have permissions to read it :), and then try to determine which function modules, tcodes, programs you are allowed to call. As we a speaking about RFC, I assume you are interested in function modules.
But the detection of all available RFC-enabled FMs requires separate and not very simple development.
So the answer is NO. You cannot list them out-of-the-box.
来源:https://stackoverflow.com/questions/51739718/list-allowed-methods-while-connecting-via-rfc