Access Control (CDS)
April 9, 2019

  1. Design / Prototype
  2. Create Dictionary Objects
  3. Create Interface View (CDS)
  4. Business Object Generation (CDS – Object Model Annotations )
  5. Generated Business Object
  6. BOPF – Development
  7. Test BOPF Object using BOBT
  8. Access Control (CDS)
  9. Consumption View (CDS)
  10. OData Service Generation and Registration
  11. Test OData Service using SAP Gateway Client
  12. UI development

DCL Source

With the help of Core Data Services, we can also define and generate DCL (Data Control Language) Source. It is used to restrict access to data.

Create an Access Control object ‘Z2812_I_PB_HEAD‘ (I practice to create the access control with the same name as the DDL Source. It helps to easily identify the CDS View used inside the access control).

@EndUserText.label: 'Mapping Role - Z2812_I_PB_HEAD'
@MappingRole: true
define role Z2812_I_Pb_Head {
  grant
    select
      on
        -- CDS View
        Z2812_I_PB_HEAD 
          where
                                    -- Authorization Object
            ( ) = aspect pfcg_auth( Z2812_AUTH,
                                    ACTVT = '03' );
            
}

No CDS element is specified in the above example. CDS access control prevents data from being read in full if the current user does not have at least an authorization for the authorization object with the activity “03”. You can also restrict data with control over specific fields, refer below link for more details.
Read More about PFCG_AUTH

The below control statement used in CDS View triggers the check using using access control.

@AccessControl.authorizationCheck: #CHECK

Similarly, create access control for all the required views with the required authorization.

<< Top