Hi Anil,
Interesting question. Normally your solution direction would be restriction of authorization, in this case for the ALEREMOTE user who is extracting the data. However, I don't think it is going to work.
Please have a look at SAP Note 150315 - BW-Authorizations for Remote-User in BW and OLTP for a typical authorization profile for ALEREMOTE. I cannot find any authorization re. Company Codes. As far as I can remember, I have never seen any authorization checks in Function Module extractors.
I suggest as solution direction to use extraction enhancement (e.g. BAdI RSU5_SAPI_BADI) and implement a check here. This can be system-wide or restricted to only FI or CO DataSources (based on Application Area or prefix). If Company Code is found in the extract structure *), then check if only the authorized Company Codes are in the dataset.
If the check fails, then you have the option to terminate the extraction and sent appropriate messages to the monitor log or delete all records for not-authorized Company Codes.
*) ABAP-OO RTTS (Real-time Type Services) can be used to analyze the extract structure dynamically.
Please note that you will have to maintain appropriate InfoPackage selections in BW. You even might have to activate Company Code as a selection field in the DataSource (t/code RSA6 in ECC) although normally it will be activated for regular FI or CO DataSources.
Best regards,
Sander