首页
学习
活动
专区
工具
TVP
发布
社区首页 >专栏 >SAP C4C基于自定义BO开发的OWL UI,如何实现动态访问控制

SAP C4C基于自定义BO开发的OWL UI,如何实现动态访问控制

作者头像
Jerry Wang
发布2020-08-31 10:37:35
5700
发布2020-08-31 10:37:35
举报

My series of Cloud Application Studio Blogs

  • How to detect EditMode in an Embedded Component
  • Step by step to enable your custom BO with attachment upload functionality
  • Step by step to create an Adobe Print form in Cloud application Studio
  • How to render PDF which displays picture from the image attachment of your custom BO
  • How to get current logged on business user’s employee information and assigned organization unit via ABSL
  • How to implement dynamic access control based on custom BO using OWL
  • How to make Code List Restriction work when control field and restricted field are not on the same BO
  • How to implement custom number range using custom business object
  • Two approaches to create Code List in Cloud Studio
  • Create Dynamic Code List via Custom Business Object Association
  • Step by step to develop Thing Type based navigation and BO Object based navigation
  • Put Extension field into embedded component and make it visible in Standard UI
  • One possible cause that embedded component fails to display in UI
  • Step by step to create HTML Mashup and make it visible in UI
  • Step by step to enable Text Collection for your custom BO
  • Automatically send an Email notification to line manager via Workflow in Account application
  • Step by step to create Object Value Selector in Cloud Application Studio
  • Two approaches to fill an UI field with dedicated logic implemented in Cloud Application Studio
  • How to execute BO action on multiple selected BO instances in AdvancedListPane
  • How to add custom validation logic on mobile phone field in Contact TI

Suppose I have a testBO with the following fields:

import AP.Common.GDT as apCommonGDT;
import AP.FO.BusinessPartner.Global;

businessobject TestBO {
[Label("Agreement ID")] [AlternativeKey] element AgreementID:ID;
		[Label("Start Date")] element StartDate:Date;
		[Label("Close Date")] element CloseDate:Date;
		[Label("Duration")] element Duration:NumberValue;
		[Label("IsOverDue")] element IsOverDue:Indicator;
		[Label("Quantity")] element Quantity: Quantity;
		[Label("ProductName")] element ProductName: LANGUAGEINDEPENDENT_EXTENDED_Text;
		[Label("DepartmentName")] [Transient] element DepartmentName:LANGUAGEINDEPENDENT_EXTENDED_Text;
		[DependentObject(AttachmentFolder)] node Attachment;
}

And here is some test data displayed in OWL:

Now I would like to achieve the dynamic access control below: Suppose the currently logged on user has been assigned to an organization unit which is only allowed to sell product with name “Laptop”, then this business user SHOULD ONLY see those entries whose value in ProductName equals to Laptop as well. That is to say, the last two entries in above picture with ProductName Monitor should be filtered out.

How the restriction that only Laptop is allowed to sell for employees within a given Organization Unit

For demonstration purpose I just reuse the standard field “Department Name” to store the name of sellable product.

And I assign myself to this organization unit, which means Employee Jerry Wang is only allowed to sell Laptop.

Now I implement this dynamic access control into a new OWL named TestBORestricted_OWL.

Below is the achievement: I have put this new OWL into a new tab in Thing Inspector and once launched, only entries whose ProductName equal to Laptop are displayed. Other entries are filtered out due to the fact that this employee is not allowed to sell them.

Implementation Detail

Here below is step by step implementation detail: (1) Create an AfterLoading event in TestBO with mass enabled checkbox unselected,

And implement the following ABSL code to fill the transient field with product name which is allowed to sell for current logged on user.

import ABSL;
import AP.PC.IdentityManagement.Global;
import AP.FO.BusinessPartner.Global;

var queryByIdentityUUID = Identity.QueryByElements;
var queryByIdentityUUIDParameter = queryByIdentityUUID.CreateSelectionParams();
var queryByEmployeeBPUUID = Employee.QueryByIdentification;
var queryByEmployeeBPUUIDParameter = queryByEmployeeBPUUID.CreateSelectionParams();


if ( this.DepartmentName.IsInitial()){

	var id = Context.GetCurrentIdentityUUID().content;
	queryByIdentityUUIDParameter.Add( queryByIdentityUUID.UUID.content, "I", "EQ", id.ToString() );
	var result = queryByIdentityUUID.Execute(queryByIdentityUUIDParameter);
	var first = result.GetFirst(); // points to identity instance
	var person = first.Person;
	var bpUUId = person.UUID.content;
	queryByEmployeeBPUUIDParameter.Add( queryByEmployeeBPUUID.UUID.content, "I", "EQ", bpUUId.ToString());
	var employeeQueryResult = queryByEmployeeBPUUID.Execute(queryByEmployeeBPUUIDParameter);
	var EmployeeQueryResultCurrent = employeeQueryResult.GetFirst();
	if( EmployeeQueryResultCurrent.OrganisationalUnitAssignment.Count() > 0 ){
		var assignedOrg = EmployeeQueryResultCurrent.OrganisationalUnitAssignment.GetFirst();
		var org = assignedOrg.ToRoot;
	    // readOnly in AfterLoading event
	   this.DepartmentName  = org.NameAndAddress.AddressSnapshot.NameSuitableForLogonLanguage.GetFirst().Name.SecondLineName;
	}
}

(2) In new TestBORestricted_OWL, create a new field ProductName under search structure SearchParameters.

Bind the query to QueryByElements modelled in TestBO and bind the query parameter ProductName to the field ProductName under SearchParameters.

Create a new inport and bind the parameter to the field mentioned above as well.

(3) Create a new outport in Thing Inspector, bind the parameter productName with the transient field DepartmentName filled in step 1.

Create a new tab in Thing Inspector and drag the new OWL into it. Click Bind button:

Bind the parameter of outport defined in TI with the one in inport of new OWL.

With all the steps above done, the sellable product name calculated by ABSL is passed from TI to new OWL via parameter passing during navigation, and could be considered during the query of new OWL is executed. As a result the restriction takes effect due to this ProductName search parameter.

本文参与 腾讯云自媒体分享计划,分享自作者个人站点/博客。
原始发表:2020-08-29 ,如有侵权请联系 cloudcommunity@tencent.com 删除

本文分享自 作者个人站点/博客 前往查看

如有侵权,请联系 cloudcommunity@tencent.com 删除。

本文参与 腾讯云自媒体分享计划  ,欢迎热爱写作的你一起参与!

评论
登录后参与评论
0 条评论
热度
最新
推荐阅读
目录
  • My series of Cloud Application Studio Blogs
  • How the restriction that only Laptop is allowed to sell for employees within a given Organization Unit
  • Implementation Detail
相关产品与服务
Cloud Studio(云端 IDE)
Cloud Studio(云端 IDE)是基于浏览器的集成式开发环境,为开发者提供了一个稳定的云端工作站。用户在使用 Cloud Studio 时无需安装,随时随地打开浏览器即可使用。
领券
问题归档专栏文章快讯文章归档关键词归档开发者手册归档开发者手册 Section 归档