BAL_S_LOG - Application Log: Log header data   Fill RESBD Structure from EBP Component Structure  
This documentation is copyright by SAP AG.
SAP E-Book



1. GET PERMISSIONS $[PRIVILEGED$] $[ only_clause$]
      ENTITY bdef $[FROM keys$] REQUEST request RESULT result_tab $[response_param$].


2. GET PERMISSIONS $[PRIVILEGED$] $[ only_clause$] OF bdef
     ENTITY bdef1 $[FROM keys$] REQUEST request RESULT result_tab
    $[ENTITY bdef2 $[FROM keys$] REQUEST request RESULT result_tab$]


3. GET PERMISSIONS $[PRIVILEGED$] $[ only_clause$] OPERATIONS perm_tab $[response_param$].


Retrieves information about permissions of RAP BOs. Permissions are defined on operation and field level, for example, operations can be disabled and fields can be set to read-only. Permissions are checked when EML requests are processed by the RAP runtime but they can also be requested upfront by RAP BO consumer via a GET PERMISSIONS statement. The permissions cover multiple aspects:

  • Global authorization: Checks whether the current user is allowed to execute an operation in general, i. e. independent of the data to be processed, for example, a user must not change data.

  • Instance authorization: Authorization checks that can be defined based on a concrete value of an instance's field.

  • Global feature control: Feature controls that depend on external factors like specific user settings or the business scope.

  • Static feature control: Specifies individual fields of an entity that have certain access restrictions, for example, fields that are marked as readonly in the BDEF.

For all characteristics, the permission retrieval must be self-implemented in RAP BO provider implementations except for static feature controls. In latter case, the access restriction is directly defined in the BDEF. One example is when a field is marked as readonly.

The handling and consolidation of the permission result as well as general best practices are outlined in the topic GET PERMISSIONS, Guidelines. One example is when the permission result contains merged information. Among others, static feature controls are merged with global feature controls.

Permissions can be retrieved for the following:

  • Create, update and delete operations
  • Fields
  • Actions

Permissions cannot be retrieved for internal elements like internal associations and internal actions. For virtual elements in projections, there are only static features available.

The following variants of the GET PERMISSIONS statement can be used:

Used to retrieve information on permissions for instances of a single entity.
Used for collecting multiple queries on multiple entities of a RAP BO.
Collects permission queries of multiple RAP BO entities in one GET PERMISSIONS statement.

  • The example - RAP Calculator (Unmanaged) uses a GET PERMISSIONS statement with a simple unmanaged RAP BO. In this case, permissions are requested if a calculation based on entries provided is possible or not. For example, it is disallowed if a division by 0 should be executed.

BAL_S_LOG - Application Log: Log header data   BAL_S_LOG - Application Log: Log header data  
This documentation is copyright by SAP AG.

Length: 7320 Date: 20240616 Time: 114951     sap01-206 ( 98 ms )