Ansicht
Dokumentation
ABENCDS_F1_DEFINE_ROLE - CDS F1 DEFINE ROLE
rdisp/max_wprun_time - Maximum work process run time SUBST_MERGE_LIST - merge external lists to one complete list with #if... logic for R3upThis documentation is copyright by SAP AG.
- DEFINE ROLE
@MappingRole: true
$[@role_annot1$]
$[@role_annot2$]
...
$[DEFINE$] ROLE role_name { access_rules }
Effect
Defines a CDS role called role_name in the CDS DCL. A CDS role consists of one or more access rules access_rules specified within the curly brackets. Each access rule defines access to a CDS entity. A CDS role can contain access rules for different CDS entities. An access rule either defines an access condition for the CDS entity or grants full access. When a CDS entity of this type is accessed using , an access condition is evaluated as an additional selection condition.
Before the role is defined using DEFINE ROLE, the annotation @MappingRole must be specified with the value true. The annotation @MappingRole is used to assign the CDS role to every user regardless of the client. Further optional annotations role_annot1, role_annot2, ... can also be specified.
Notes
- Every CDS role defined using DEFINE ROLE is assigned to every user implicitly, which means that the associated access control is applied to every user. User-specific checks are applied using PFCG conditions and user conditions.
- By default, when is used for reads for a non-SQL CDS entity, access control is applied if a CDS role exists for the entity. The associated annotation @AccessControl.authorizationCheck has the default value #CHECK. In this case, CDS entities without assigned roles produce a syntax check warning in the DDL editor. This can be disabled using the annotation value #NOT_REQUIRED. The value #NOT_REQUIRED does not, however, disable implicit access control.
- A CDS role can be defined for a CDS entity in every package and in every system and specifies that implicit access control applies.
- Access control can be disabled for a CDS entity as follows:
- Specify the annotation @AccessControl.authorizationCheck with the value #NOT_ALLOWED in the definition of the entity. In this case, the definition of a role for the CDS entity produces a syntax check warning in the DCL editor.
- Use the addition WITH PRIVILEGED ACCESS in the FROM clause of an query when the entity is accessed.
- Separate DCL source code must be created for each CDS role. The DCL source code of a CDS role is edited in a different editor from the DDL source code of a CDS entity (a CDS view or CDS table function) or a CDS metadata extension. The ADT documentation describes how the different types of source code are created. CDS source code can also be displayed in Repository Browser in ABAP Workbench.
TXBHW - Original Tax Base Amount in Local Currency Addresses (Business Address Services)
This documentation is copyright by SAP AG.
Length: 6356 Date: 20240424 Time: 231004 sap01-206 ( 72 ms )