Skip to Content
0

Core Data Services and access control

Jan 11, 2017 at 10:39 AM

79

avatar image

Dear SCN-Community,

I´m trying to create some access controls for a CDS view. I think everything is defined correct and the created role is attached to the user but it´s not working (user is able to fetch all data from the view).

Anybody have some suggestions?

cds-view.png (231.9 kB)
acl-view.png (73.2 kB)
role.png (170.1 kB)
10 |10000 characters needed characters left characters exceeded
* Please Login or Register to Answer, Follow or Comment.

2 Answers

Horst Keller
Jan 11, 2017 at 10:53 AM
0

How do you check that the user is able to fetch all data?

Is s/he accessing the view with Open SQL (or SADL)? Only then, the implicit WHERE conditions are taken into account.

Did you use ST05 to check the SQL statement that is sent to the DBI from Open SQL when accesing your view? You should see the implicit WHERE conditions there.

Show 1 Share
10 |10000 characters needed characters left characters exceeded

I´m executing the CDS view via the Anaylsis for Office Client. I think I see the WHERE clause in ST05.

trace.png (24.3 kB)
0
Horst Keller
Jan 11, 2017 at 01:37 PM
0

ST05 should tell the truth. If there is a restriction for the user, it must be expressed in SQL there.Now you must check, if the restriction that you intend is really expressed in the conditions of the generated SQL.

In order to isolate the problem, maybe its a good idea to use Open SQL SELECT on the view in a little report to check its functionality and ST05.

Share
10 |10000 characters needed characters left characters exceeded