on 10-03-2018 12:27 PM
Fiori / UI5 / OData experts,
I need a little help in understanding a concept related to authorization in Fiori. If there is an UI5 application that has a button (let's say "Edit") and I want to either display or disable this depending on the user. Is it possible to do this with the help of authorization role that we have defined in the backend system. If yes, would UI5 screen be able to read this authorization profile ? The part where I am lost is, the backend authorization roles might control the content based on authorization object and in UI5 screen, I want to control this not based on authorization object but a UI5 button depending on the user.
Do I need to write some custom logic in OData to signal the UI5 code and control this accordingly (or) is there a standard way to achieve this.
Highly appreciate your inputs.
Thanks & Best Regards,
Babu Kilari
I think you're already on the right track. You should encapsulate the authorisation check required to control the buttons in a OData Entity or Function Import. But don't forget to check the authorisation again in the backend when the function that is triggered by the button is executed. You never can trust the frontend.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
93 | |
10 | |
10 | |
9 | |
9 | |
7 | |
6 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.