Skip to Content
avatar image
Former Member

Access Control List (ACL) in SAPUI5 application

I am currently working on an application based on SAPUI5 and I am facing a task of creating some kind of ACL.

The authentication is made beyond the application (the user is already authenticated, with some profile/user data which can be accessed globally). The idea is to create an additional data attribute indicating the user role: let's say - "user" and "superuser".

Based on the role, the user would have access to certain views/routes and/or methods on certain controllers (responsible for CRUD operations).

One idea would be creating a globally accessed model attached to:


and then accessed by:


What's the best approach of creating a well working ACL in SAPUI5? Is there some kind of built-in mechanism responsible for creating a controller/route/view/method-wise ACL? What would be the best practices in creating such an ACL? The application has only three controllers at the moment, full refactor is also an option, so any hints would be very appreciated.

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

1 Answer

  • Feb 03, 2017 at 01:16 PM

    nothing from ui5. usually it is backend job.

    if you are in abap, you can use authorization object.

    Add comment
    10|10000 characters needed characters exceeded