Skip to Content
0

SAP Cloud Application Studio: Instance Based Acess Context

Oct 31, 2016 at 09:16 AM

158

avatar image

Hi Experts,

I want to implement Instance based access context for our custom BO.

I read through the below blog:

https://blogs.sap.com/2014/07/21/instance-based-access-control/

https://archive.sap.com/discussions/thread/3796858

I have configured exactly how Horst has mentioned on August 6, 2014 at 8:34 am

We need to set 1015 Employee or Territory. But the filter doesn't work. And more over, there is an exception on Save of any value at the BO level.

Please provide some inputs.

10 |10000 characters needed characters left characters exceeded
access-absl.jpg (144.4 kB)
access-bo.jpg (49.9 kB)
0
* Please Login or Register to Answer, Follow or Comment.

3 Answers

Best Answer
Pradeep Kumar N
Nov 03, 2016 at 04:21 AM
0

Hi Gayathri,

For point 1):
Check if the Account Workcentre View supports

Access context "EmployeeOrTerritory"

For point 2)
You should be setting the association in BeforeSave event, during migration also BeforeSave event should be executed which should take care of the association, if you have data with assoication not set, then you could create MDRO to set such association.

Thanks, Pradeep.

Show 1 Share
10 |10000 characters needed characters left characters exceeded

Thanks Pradeep for your response.

For Point 1) I think we have already set the access context to EmployeeOrTerritory across the application. But I will double check and update here.

For Point 2) At present, the association level and element level access context is set in during Before Save event, but the determination of the territory is based on the logged in user. So during migration, it will through ODATA service import. So I'm still not clear how to handle this. I will check about the MDRO you have mentioned. Please share if any blog or documentation links if you have any.

Thanks

Gayathri

0
Horst Schaude
Nov 02, 2016 at 08:52 AM
0

Hello Gayathri,

Did you also do all steps in the UIs like setting the "RBAM Context" and so on?

Normally you wold not need to do any ABSL coding.

Bye,
Horst

Show 2 Share
10 |10000 characters needed characters left characters exceeded

Hello Horst,

Thanks for the response. I got those issues resolved last evening. However, it will be of great support if i get your response on the below issues on the same topic.

Currently I have 2 issues .

1) I have the listing of this Custom BO (named QN) as an EC in the Account TI. Here it displays all the QN instances. Please find snapshots below.

2) There is a legacy application, for which migration will happen. For which, we will migrate QN data too. - In my case, I set the below fields in the QN object during On Save event. In case of migration, how should we handle that data. Please share info.
[AccessControlContext(EmployeeOrTerritory)] element Emp_Territory_UUID:UUID;
[AccessControlContext (EmployeeOrTerritory)] association ToTerritory to AP.PC.SalesTerritoryMgmt.Global:SalesTerritory using UUID ;

Please find the snapshots for List not working as per Access Context in an EC within a standard BO

On the QN_OWL screen - works fine

On the Account TI screen - I have two problems here.

a) Lists all the QN regardless of territory

b) Earlier, I have passed the Customer ID to the EC, so it lists only the QN instances for that customer ID. But now, after the custom query implementation, I'm unable to pass the CustomerID. If I do so I get error all through the application where ever QN is listed.

jebko.png (99.0 kB)
kvrzn.png (168.3 kB)
0
Gayathri Ramachandran

Hello Gayathri,

Are you using the same query in QN-OWL as in TI-EC?

Why is there an issue with the CustomerID? Isn't it a query defined on the QN BO by yourself?

Bye,
Horst

0
Pradeep Kumar N
Nov 03, 2016 at 09:12 AM
0

Hi,

If you are using ODATA for data migration, this should also trigger the BeforeSave event, because the ODATA service is built on BO.
MDRO reference:

https://blogs.sap.com/2014/04/03/how-to-create-an-hourly-mass-data-run-in-c4c/

Thanks, Pradeep.
Show 1 Share
10 |10000 characters needed characters left characters exceeded

Thanks Pradeep,

Point 1) I checked Account has not got any access context set. So that's the problem. But now I have to programmatically check the territory as list i think so.

Point 2) I moved the piece of code that determines the UUID to the Before Save event and tried to import data. It works fine

Thanks

Gayathri

0