Skip to Content
1
May 15, 2020 at 08:02 AM

XSA Fiori launchpad not displaying application tile - xsuaa issue

270 Views Last edit May 15, 2020 at 08:34 AM 2 rev

Hi Experts,

I am having trouble to expose my application tile to the XSA Fiori launchpad in XSA. The fiori launchpad and the application is both separate application MTA's.

The application already has site-content.json configured so the Fiori can display the said application in a tile format. This all works when the role provided in the application is 'Everyone'. However when changed to a specific role, the tile goes missing and I suspect its that the role access is not correctly passed from the user access to the application. I have tried various trial and error methods generate and redeploy and I am still stuck.

Hope anybody can help. Following are the details and can provide further information.

System: HANA XSA On Premise SP04

1. The following is the xs-security.json that is used in the template

{
	"xsappname": "dcmhub_td1",
	"scopes": [{
		"name": "$XSAPPNAME.Display",
		"description": "display"
	}, {
		"name": "$XSAPPNAME.Create",
		"description": "create"
	}, {
		"name": "$XSAPPNAME.Edit",
		"description": "edit"
	}, {
		"name": "$XSAPPNAME.Delete",
		"description": "delete"
	}, {
		"name": "$XSAPPNAME.DataGenerator",
		"description": "data generator"
	}, {
		"name": "xs_authorization.read",
		"description": "Read authorization information from UAA"
	}, {
		"name": "xs_authorization.write",
		"description": "Write authorization information to UAA"
	}, {
		"name": "$XSAPPNAME.ODATASERVICEUSER",
		"description": "Enter"
	}, {
		"name": "$XSAPPNAME.ODATASERVICEADMIN",
		"description": "Enter"
	}],
	"role-templates": [{
		"name": "DecHubViewer",
		"description": "View Decommissioning Hub data",
		"scope-references": [
			"$XSAPPNAME.Display",
			"$XSAPPNAME.Create",
			"$XSAPPNAME.Edit",
			"$XSAPPNAME.Delete",
			"$XSAPPNAME.DataGenerator",
			"xs_authorization.read",
			"xs_authorization.write",
			"$XSAPPNAME.ODATASERVICEUSER",
			"$XSAPPNAME.ODATASERVICEADMIN"]
	}]
}

2.Following is the site-content.json. I put in the two significant points of changes. The role and the authorization scope.

	"roles": {
		"DecHubViewer": {
			"_version": "1.0",
			"identification": {
				"id": "DecHubViewer",
				"namespace": "",
				"entityType": "role"
			},
			"payload": {
				"catalogs": [],
				"groups": [{
					"id": "tool_GroupId"
				}]
			}
		}
........

			},
			"sap.platform.runtime": {
				"componentProperties": {
					"url": "/",
					 "oAuthScopes": ["$XSAPPNAME.Display"]
				}
			}
		}

3. The xs-app.json. I have tried to add and remove the authorization scope at the route as well.

{
	"welcomeFile": "index.html",
	"authenticationMethod": "route",
	"routes": [{
		"source": "(.*)(.xsjs)",
		"destination": "xsjs_api",
		"csrfProtection": false,
		"authenticationType": "xsuaa"


	}, {
		"source": "(.*)(.xsodata)",
		"destination": "xsjs_api",
		"authenticationType": "xsuaa"
	},{
		"source": "^/(.*)$",
		"localDir": "resources/tool"


	}]
}

4.mtayaml.txt - Attached is the mta.yaml

5. Following is the authrorization scope added to the manifest.

	},
  "sap.platform.cf": {
      "uri": "/resources/tool",
      "oAuthScopes": ["$XSAPPNAME.Display"]	
		}	
}

6. All the above are the ones done on the applications. I have deployed this many times with various changes. Manually creating the uaa service causes the deployment fail. I delete the uaa instance and redeploy and its usually successful.

7. After deployment, the roles are assigned, following are the roles setup. The role collection already have the relevant roles created from the template.

8. The role collection already applied to my user ID.

9. When I launch the fiori launchpad, I am unable to see the application tile.

Hope anybody can help or give some hints on how i may troubleshoot further where could be the cause of the problem.

Thanks.

Anand Muthu

Attachments

rolecoll.png (19.7 kB)
mtayaml.txt (3.1 kB)