Skip to Content
0

Access Control List (ACL) in SAPUI5 application

Feb 03, 2017 at 12:01 PM

78

avatar image

I am currently working on an application based on SAPUI5 and I am facing a task of creating some kind of ACL.

The authentication is made beyond the application (the user is already authenticated, with some profile/user data which can be accessed globally). The idea is to create an additional data attribute indicating the user role: let's say - "user" and "superuser".

Based on the role, the user would have access to certain views/routes and/or methods on certain controllers (responsible for CRUD operations).

One idea would be creating a globally accessed model attached to:

sap.ui.getCore().setModel(oModel,"myACL");

and then accessed by:

sap.ui.getCore().getModel("myACL").getData();

What's the best approach of creating a well working ACL in SAPUI5? Is there some kind of built-in mechanism responsible for creating a controller/route/view/method-wise ACL? What would be the best practices in creating such an ACL? The application has only three controllers at the moment, full refactor is also an option, so any hints would be very appreciated.

10 |10000 characters needed characters left characters exceeded
* Please Login or Register to Answer, Follow or Comment.

1 Answer

Jun Wu Feb 03, 2017 at 01:16 PM
0

nothing from ui5. usually it is backend job.

if you are in abap, you can use authorization object.

Share
10 |10000 characters needed characters left characters exceeded