You will still need to add this check on a field in a custom object to the code though.
If you debug the navigation to the tab and where the field is coming from than you will see the checks and customizing and enhancement/BADI options -> that is also solution skill sets for a security consultant or have a developer you can work with.
Honestly, if your business has a requirement and you need a solution then parking it on SCN and waiting is not a good horse to bet on if you have not tried yourself to work out what your options are in the code.
A little example: users with access to MM03 should be able to display planning, others not. Users who only create material master should do so without knowing what the planning is, unless they have access to planning anyway?
Also: You should mention your release / SP level / whether it should excluded in MM* tcodes or dependent on other authorizations and therefore user specific system behaviour in the same transaction.
Cheers,
Julius