Skip to Content
0
Dec 20, 2022 at 08:22 PM

How to handle custom roles and filter data by level of access in RAP or CDS Views?

513 Views Last edit Dec 20, 2022 at 08:48 PM 3 rev

As title says, I need a way to filter out the data based on a custom table that grants the user by how much they can see (NOT accessing the app or CDS).

When creating the usual 'getEntitySet', I can do this very easily. However, for CDS or Unmanged RAP is there a hack to do this?

For example:

  • A CDS is showing all orders in the company, and to which organization ID the order is assigned to.
  • The processor can only see orders based on another custom authorization table, they shouldn't see ALL orders.

screen-shot-2022-12-20-at-105641-pm.png

screen-shot-2022-12-20-at-105653-pm.png

  • employee1 should only see order id 1 because of org id they are assigned to
  • employee2 should only see order id 2 because of org id they are assigned to

As per my research

1. Custom Entity in RAP is one way to do it. and then put my code in custom class but that

@ObjectModel.query.implementedBy: 'ABAP:ZCL_CUST_CE'

This works as desired, but it is a lot of custom coding. Also, note sure how to route to a child CDS view for custom entity root.

2. CURD (READ) - Unmanaged RAP

CLASS lhc_ZI_CUST DEFINITION INHERITING FROM cl_abap_behavior_handler.
  PRIVATE SECTION.
    METHODS read FOR READ<br>      
IMPORTING keys FOR READ zi_CUST RESULT result.
.....
ENDCLASS.
CLASS lhc_ZI_CUST IMPLEMENTATION.
...
  METHOD read.
" my custom code to filter data
  ENDMETHOD.
...
ENDCLASS.

But the method read never gets triggered. all Modify methods works fine. Not sure if I'm messing something or misunderstanding the behavior of READ operation.

I want to do RAP because it'll save lot of hours. Any guidance is appreciated.

Thanks!