来自我的同事Xu Miles

Authorization Objects are business concept, they are distinguished by business scenario.

Therefore, there might be a lot of Authorization Objects using the same Authorization Field. Such as VKORG.

In Sales Planning, there're two Authorization Objects related to Sales Area, V_VBAK_VKO and V_VBRK_VKO, they represent transaction scenario Sales Document and Billing Document repectively. If we want to extract the Sales Area master data, technically we could use any Authorization Object with Authorization Field VKORG, VTWEG, SPART.

However, considering the authorization of the business user, we need to use Authorization Object V_VBAK_VKO and V_VBRK_VKO separately when end user is planning for income sales or sales volume.

To do this, we could use additional CDS view + DCL to realize.

Example on ERG/001:

CDS: ZMX_SalesArea_DCL

DCL: ZMX_SalesArea_DCL

The logic in DCL:

@EndUserText.label: 'Auto assigned mapping role for ZMX_SalesArea_DCL'
@MappingRole: true
define role ZMX_SalesArea_DCL {
grant select on ZMX_SalesArea_DCL
where (SalesPlanPurpose = '0' and (SalesOrganization, DistributionChannel, Division) =
aspect pfcg_auth (V_VBAK_VKO,
VKORG,
VTWEG,
SPART,
actvt = '03'))
OR (SalesPlanPurpose = '1' and (SalesOrganization) =
aspect pfcg_auth (V_VBRK_VKO,
VKORG,
actvt = '03'));
}

The logic in the CDS view:

define view ZMX_SalesArea_DCL
as select from
I_SalesArea
{
key SalesOrganization,
key DistributionChannel,
key Division, '0' as SalesPlanPurpose }
union all select from I_SalesArea
{
key SalesOrganization,
key DistributionChannel,
key Division, '1' as SalesPlanPurpose
};

Authorization test on QW9/910

User: MILES01

Authorization:

Test Report:

REPORT mx_test_sa_dcl.

PARAMETERS:
p_purp TYPE C LENGTH 1. DATA:
lt_tab TYPE STANDARD TABLE OF i_salesarea_dcl. SELECT * FROM i_salesarea_dcl INTO TABLE @lt_tab
WHERE salesplanpurpose = @p_purp. LOOP AT lt_tab ASSIGNING FIELD-SYMBOL(<fs_row>).
WRITE:/ <fs_row>-salesorganization, <fs_row>-distributionchannel, <fs_row>-division, <fs_row>-salesplanpurpose.
ENDLOOP. WRITE:/ 'Finished.'.

The logic flow is that firstly we use SalesPlanUUID to get SalesPlanPurpose, then with SalesPlanPurpose we could get the Sales Area master data via the corresponding Authorization Objects.

SalesPlanPurpose: 0 (Incoming sales)

SalesPlanPurpose: 1(Sales Volume)

要获取更多Jerry的原创文章,请关注公众号"汪子熙":

SAP S/4HANA CDS View的访问控制实现:DCL介绍的更多相关文章

  1. 如何在SAP云平台ABAP编程环境里把CDS view暴露成OData服务

    Jerry 2016年在学习SAP CDS view时,曾经写过一个CDS view的自学系列,其中有一篇提到了一个很方便的注解: @OData.publish: true 加上这个注解的CDS vi ...

  2. 使用CDS view开发SAP Marketing contact的facet追溯工具

    这篇SAP社区博客里,我的一位同事介绍了SAP Marketing里contact facet数据模型的存储表: https://blogs.sap.com/2016/07/01/how-does-s ...

  3. SAP S/4HANA extensibility扩展原理介绍

    SAP产品总的extensibility扩展原理介绍: 看Jerry这篇文章. SAP Cloud for Customer Extensibility的设计与实现 我的同事Boris写的. 而本文是 ...

  4. SAP C/4HANA Sales Cloud使用OData服务和第三方系统集成的一个具体例子

    出于工作需要,Jerry写了这篇文章,给某些Partner做参考. 以前Jerry曾经介绍过SAP C/4HANA的五朵云到底包含哪些具体产品,其实在SAP官网上有更权威的中文解释: https:// ...

  5. Jerry的CDS view自学系列

    My CDS view self study tutorial - part 1 how to test odata service generated by CDS view https://blo ...

  6. cds view 创建和调用

    cds view 是一个core data service, 能够将数据库表虚拟化为一个虚拟表(double).因为各个使用sap的公司,使用的数据库数据是不同的,所以提供一个数据库的虚拟.  通过向 ...

  7. SAP S/4HANA生产订单创建时使用的工厂数据是从什么地方带出来的

    大家如果使用我github上的这段代码创建S/4HANA的生产订单时,一定会发现,我在代码里并没有硬编码来指定生产订单的ID,然而运行时会发现我在系统里配置的这个2800被自动使用了,这是怎么做到的呢 ...

  8. Create Fiori List App Report with ABAP CDS view – PART 2

    In the Part 1 blog, we have discussed below topics CDS annotations for Fiori List Report. How to cre ...

  9. Create Fiori List App Report with ABAP CDS view – PART 1

    From Create Fiori List App Report with ABAP CDS view – PART 1 In this blog, I am going to show How C ...

随机推荐

  1. springmvc的json数据交互

    准备 @RequestBody 作用: @RequestBody注解用于读取http请求的内容(字符串),通过springmvc提供的HttpMessageConverter接口将读到的内容(json ...

  2. 8.14_end

    the first interview 事件委托(ul.li) jsonp原理实现 印象最深的项目 each的实现 ajax的实现 性能优化的方法 判断Function和Boolean 印象最深的项目 ...

  3. ASP.NET Core项目中新增和删除的内容

    最新一版的.NET几经改名,最终得到了.NET Core这个高大上的名称,相应的ASP.NET MVC也跟着提供了ASP.NET Core MVC版本. 在.NET Core没有稳定名称时,叫做MVC ...

  4. 项链(burnside)

    Description 有一个长度为 \(n\) 的项链,首尾相接形成环,现在你要给每一个位置一个颜色 \([1,m]\), 求所有不同的项链个数(可以通过旋转变成一样的称为相同) Solution ...

  5. 线上服务器PHP版本编译安装升级全记录

    1.将原来的PHP重命名一下 cd /usr/local/bin/ mv php php.2.9 2.安装依赖 yum install gcc gcc-c++ libxml2 libxml2-deve ...

  6. Firebird 日期时间

    查询当前时间: 1.使用内置系统变量 select current_timestamp from rdb$database 2.使用now字符串转换 select cast('NOW' as time ...

  7. spring-boot配置log4j日志

    spring boot默认使用logback日志记录工具,修改为log4j: <dependency> <groupId>org.springframework.boot< ...

  8. IE11 F12 开发人员工具 查看 Cookie

    参考网址:Using the F12 developer tools in IE11 Step1 : IE11 => F12 打开 开发人员工具 Step2:开发人员工具 => 网络F5 ...

  9. lincode 题目记录5

    Course Schedule 安排课表   Frog Jump  最长回文字符串长度 Course Schedule 选课方案问题,题目说的很清楚了就是bfs或者dfs,然后加个字典优化,弄了好久没 ...

  10. 在C#中执行带有GO的批量sql语句

    引用 思海网络  在用C#中调用ADO执行批量SQL语句的时候,会出现无法识别GO语句的错误.这个时候,我们以GO语句为分割点,把整个批量语句分割成N块独立的SQL语句代码块(不包含GO语句),然后再 ...