Skip to Content

More info on CDS 'requires' statement (Cloud Application Programming Model CAPM)

In the Cloud Application Programming Model (CAPM) Help there is a tantalising glimpse of how to control access to a service by role (in Using Single-Purposed Services):

 service AdminService @(requires:'admin')

I need to control access to services by Cloud Foundry role collection. Can I do that in the same way as above? Do I just put the name of the role collection in there (in place of 'admin')? Can I put a scope in there instead?

I would be very grateful if someone could share some documentation or examples that show what is supported. There doesn't seem to be anything like that in the documentation, even under Annotations.

Thanks!

cc Christian Georgi Daniel Hutzel

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

1 Answer

  • 19 hours ago

    Hi Mike,

    Try scope name but without the $XSAPPNAME. prefix.

    For example, with these scopes (as defined in xs-security.json):

    	"scopes": [{
    		"name": "$XSAPPNAME.User",
    		"description": "User"
    	}, {
    		"name": "$XSAPPNAME.Admin",
    		"description": "Administrator"
    	}],
    

    This should work:

    service AdminService @(requires:'Admin')
    
    service CatalogService @(requires:'User')

    You'll still need to define role-templates and role collections etc. and assign the role collections to users just like in any Cloud Foundry app.

    Hope that helps.

    Philip

    Add comment
    10|10000 characters needed characters exceeded