cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

how to enforce structured privileges on users in SCP CF app ...

rakshetha_jn
Associate
Associate

on ‎02-06-2019 1:10 PM

0 Kudos

the scenario is as follows :

I have a CF app on SCP .I have a technical user(_RT) for my HDI / Haas .

I have created a structured privilege (Analytical privilege ).I want to show only relevant rows of a calculation view based on the users assignment ...example a country sales manager in the US can only see US sales.

how can i implement this .... the analytical privilege is always picking up the _RT user which is common for all users and not filtering the calc view...

If I create attributes specific to users in the xs-security.json ...how can i access this in my structured privileges / Hana DB

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (2)

Answers (2)

Ivan-Mirisola
Product and Topic Expert
Product and Topic Expert
‎02-06-2019 5:33 PM

Hi Rakshetha,

Please don't mix usage of the XSC artifacts with XSA artifacts - it will only get you into more headache that what's really necessary. This goes for security artifacts, users and users as well as database runtime artifacts. O this later case, you could do cross schema database access with the XSC schema - but the consumption will always need to go thru an HDI container and CF security.

First, you will need to bind an instance of XSUAA service to both your application and the an application router. This app router is usually a NodeJS application that will "act" as your entry point for all UI (i.e.: Fiori) and all required service routes. SAP provides the full implementation of an app router that will talk with the XSUAA service instance to provide your application and services that require authentication. Once authenticated it will generate a JWT token which can then be used to check for user attributes and application scopes.

Please check my blog on this topic as well as the newest openSAP Software Development on HANA (Q1) Week 1 Unit 5/6.

Best regards,
Ivan

Show replies
Show replies
rakshetha_jn
Associate
Associate
‎02-13-2019 1:38 PM

Hi Ivan this was an interesting read , thanks a lot .

I still have a few blank spots but i hope i will read the material and get better at this soon.

best regards

Rakshetha

rakshetha_jn
Associate
Associate
‎04-12-2019 10:00 AM
0 Kudos

Hi Ivan I was able to get the structured privilege working by using the DCL concept .

The links you shared were really helpful.

points to note for anyon facing this : please refer to Access policy in this link

https://help.sap.com/viewer/09b6623836854766b682356393c6c416/2.0.02/en-US/0a2d096fa742479987a3c53a8e...

#CalculationViewsInSAC #AccessSpecifiersforViews

Show replies
Show replies
Ask a Question