Hi Bernd,
you can use a Z-table and define your pattern. Then you use a authorization exit variable which reads from master data and fills the expanded strings of the pattern. This list is dynamically and will be executed each time a new query is executed, because you use an auth exit variable.
Mybe I just see part of the story, but I think it can be solved with the new AA auths also, maybe a bit different in appraoch and solution, but should be solvable.
Regards,
Jürgen