cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Fiori / UI5 Authorization using backend role

Go to solution
babu_kilari4
Active Contributor

on ‎10-03-2018 12:27 PM

0 Kudos

Fiori / UI5 / OData experts,

I need a little help in understanding a concept related to authorization in Fiori. If there is an UI5 application that has a button (let's say "Edit") and I want to either display or disable this depending on the user. Is it possible to do this with the help of authorization role that we have defined in the backend system. If yes, would UI5 screen be able to read this authorization profile ? The part where I am lost is, the backend authorization roles might control the content based on authorization object and in UI5 screen, I want to control this not based on authorization object but a UI5 button depending on the user.

Do I need to write some custom logic in OData to signal the UI5 code and control this accordingly (or) is there a standard way to achieve this.

Highly appreciate your inputs.

Thanks & Best Regards,

Babu Kilari

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

gregorw
Active Contributor
‎10-03-2018 9:56 PM

I think you're already on the right track. You should encapsulate the authorisation check required to control the buttons in a OData Entity or Function Import. But don't forget to check the authorisation again in the backend when the function that is triggered by the button is executed. You never can trust the frontend.

Show replies
Show replies

Answers (0)

Ask a Question