Allows a user to assume the exact roles and system privileges (impersonate) of another user. Impersonation remains in effect until it is stopped or until the current session ends.
At-least criteria is validated when the SETUSER command is executed, not when the SET USER system privilege is granted. When the SETUSER command is executed, if the impersonating user fails to meet all at-least criteria, a permission denied message appears, and impersonation does not begin. However, if all at-least criteria is met on a subsequent SETUSER execution, impersonation begins.
Once you issue the SETUSER statement, and impersonation begins, it remains in effect until you manually terminated the impersonation, begin impersonating another user, or the current session ends. While a user is impersonating another user, roles and privileges and their related administrative rights can be granted to or revoked from the impersonator or impersonatee as long as doing so does not violate the at-least criteria behind the impersonation. If the grant or revoke violates the criteria, an error message appears, and the statement fails. SAP recommends that impersonation be terminated as soon as the required tasks are complete.
SETUSER userID