Skip to Content
avatar image
Former Member

Core Data Services and access control

Dear SCN-Community,

I´m trying to create some access controls for a CDS view. I think everything is defined correct and the created role is attached to the user but it´s not working (user is able to fetch all data from the view).

Anybody have some suggestions?

cds-view.png (231.9 kB)
acl-view.png (73.2 kB)
role.png (170.1 kB)
Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

2 Answers

  • Jan 11, 2017 at 10:53 AM

    How do you check that the user is able to fetch all data?

    Is s/he accessing the view with Open SQL (or SADL)? Only then, the implicit WHERE conditions are taken into account.

    Did you use ST05 to check the SQL statement that is sent to the DBI from Open SQL when accesing your view? You should see the implicit WHERE conditions there.

    Add comment
    10|10000 characters needed characters exceeded

  • Jan 11, 2017 at 01:37 PM

    ST05 should tell the truth. If there is a restriction for the user, it must be expressed in SQL there.Now you must check, if the restriction that you intend is really expressed in the conditions of the generated SQL.

    In order to isolate the problem, maybe its a good idea to use Open SQL SELECT on the view in a little report to check its functionality and ST05.

    Add comment
    10|10000 characters needed characters exceeded