专栏首页Jerry的SAP技术分享SAP C4C基于自定义BO开发的OWL UI,如何实现动态访问控制

SAP C4C基于自定义BO开发的OWL UI,如何实现动态访问控制

My series of Cloud Application Studio Blogs

  • How to detect EditMode in an Embedded Component
  • Step by step to enable your custom BO with attachment upload functionality
  • Step by step to create an Adobe Print form in Cloud application Studio
  • How to render PDF which displays picture from the image attachment of your custom BO
  • How to get current logged on business user’s employee information and assigned organization unit via ABSL
  • How to implement dynamic access control based on custom BO using OWL
  • How to make Code List Restriction work when control field and restricted field are not on the same BO
  • How to implement custom number range using custom business object
  • Two approaches to create Code List in Cloud Studio
  • Create Dynamic Code List via Custom Business Object Association
  • Step by step to develop Thing Type based navigation and BO Object based navigation
  • Put Extension field into embedded component and make it visible in Standard UI
  • One possible cause that embedded component fails to display in UI
  • Step by step to create HTML Mashup and make it visible in UI
  • Step by step to enable Text Collection for your custom BO
  • Automatically send an Email notification to line manager via Workflow in Account application
  • Step by step to create Object Value Selector in Cloud Application Studio
  • Two approaches to fill an UI field with dedicated logic implemented in Cloud Application Studio
  • How to execute BO action on multiple selected BO instances in AdvancedListPane
  • How to add custom validation logic on mobile phone field in Contact TI

Suppose I have a testBO with the following fields:

import AP.Common.GDT as apCommonGDT;
import AP.FO.BusinessPartner.Global;

businessobject TestBO {
[Label("Agreement ID")] [AlternativeKey] element AgreementID:ID;
		[Label("Start Date")] element StartDate:Date;
		[Label("Close Date")] element CloseDate:Date;
		[Label("Duration")] element Duration:NumberValue;
		[Label("IsOverDue")] element IsOverDue:Indicator;
		[Label("Quantity")] element Quantity: Quantity;
		[Label("ProductName")] element ProductName: LANGUAGEINDEPENDENT_EXTENDED_Text;
		[Label("DepartmentName")] [Transient] element DepartmentName:LANGUAGEINDEPENDENT_EXTENDED_Text;
		[DependentObject(AttachmentFolder)] node Attachment;
}

And here is some test data displayed in OWL:

Now I would like to achieve the dynamic access control below: Suppose the currently logged on user has been assigned to an organization unit which is only allowed to sell product with name “Laptop”, then this business user SHOULD ONLY see those entries whose value in ProductName equals to Laptop as well. That is to say, the last two entries in above picture with ProductName Monitor should be filtered out.

How the restriction that only Laptop is allowed to sell for employees within a given Organization Unit

For demonstration purpose I just reuse the standard field “Department Name” to store the name of sellable product.

And I assign myself to this organization unit, which means Employee Jerry Wang is only allowed to sell Laptop.

Now I implement this dynamic access control into a new OWL named TestBORestricted_OWL.

Below is the achievement: I have put this new OWL into a new tab in Thing Inspector and once launched, only entries whose ProductName equal to Laptop are displayed. Other entries are filtered out due to the fact that this employee is not allowed to sell them.

Implementation Detail

Here below is step by step implementation detail: (1) Create an AfterLoading event in TestBO with mass enabled checkbox unselected,

And implement the following ABSL code to fill the transient field with product name which is allowed to sell for current logged on user.

import ABSL;
import AP.PC.IdentityManagement.Global;
import AP.FO.BusinessPartner.Global;

var queryByIdentityUUID = Identity.QueryByElements;
var queryByIdentityUUIDParameter = queryByIdentityUUID.CreateSelectionParams();
var queryByEmployeeBPUUID = Employee.QueryByIdentification;
var queryByEmployeeBPUUIDParameter = queryByEmployeeBPUUID.CreateSelectionParams();


if ( this.DepartmentName.IsInitial()){

	var id = Context.GetCurrentIdentityUUID().content;
	queryByIdentityUUIDParameter.Add( queryByIdentityUUID.UUID.content, "I", "EQ", id.ToString() );
	var result = queryByIdentityUUID.Execute(queryByIdentityUUIDParameter);
	var first = result.GetFirst(); // points to identity instance
	var person = first.Person;
	var bpUUId = person.UUID.content;
	queryByEmployeeBPUUIDParameter.Add( queryByEmployeeBPUUID.UUID.content, "I", "EQ", bpUUId.ToString());
	var employeeQueryResult = queryByEmployeeBPUUID.Execute(queryByEmployeeBPUUIDParameter);
	var EmployeeQueryResultCurrent = employeeQueryResult.GetFirst();
	if( EmployeeQueryResultCurrent.OrganisationalUnitAssignment.Count() > 0 ){
		var assignedOrg = EmployeeQueryResultCurrent.OrganisationalUnitAssignment.GetFirst();
		var org = assignedOrg.ToRoot;
	    // readOnly in AfterLoading event
	   this.DepartmentName  = org.NameAndAddress.AddressSnapshot.NameSuitableForLogonLanguage.GetFirst().Name.SecondLineName;
	}
}

(2) In new TestBORestricted_OWL, create a new field ProductName under search structure SearchParameters.

Bind the query to QueryByElements modelled in TestBO and bind the query parameter ProductName to the field ProductName under SearchParameters.

Create a new inport and bind the parameter to the field mentioned above as well.

(3) Create a new outport in Thing Inspector, bind the parameter productName with the transient field DepartmentName filled in step 1.

Create a new tab in Thing Inspector and drag the new OWL into it. Click Bind button:

Bind the parameter of outport defined in TI with the one in inport of new OWL.

With all the steps above done, the sellable product name calculated by ABSL is passed from TI to new OWL via parameter passing during navigation, and could be considered during the query of new OWL is executed. As a result the restriction takes effect due to this ProductName search parameter.

本文参与腾讯云自媒体分享计划,欢迎正在阅读的你也加入,一起分享。

我来说两句

0 条评论
登录 后参与评论

相关文章

  • 如何使用jMeter对某个OData服务进行高并发性能测试

    For project reason I have to measure the performance of OData service being acce...

    Jerry Wang
  • 如何使用jMeter对某个OData服务进行高并发性能测试

    For project reason I have to measure the performance of OData service being acce...

    Jerry Wang
  • SAP CRM settype的重要性

    Product settype acts as a very important role in CRM WebClient UI architecture.

    Jerry Wang
  • Top 5 Real Life Usage of Blockchain

    Many businesses are embracing blockchain technology to simplify tasks in their f...

    用户4822892
  • 如何使用jMeter对某个OData服务进行高并发性能测试

    For project reason I have to measure the performance of OData service being acce...

    Jerry Wang
  • 如何使用jMeter对某个OData服务进行高并发性能测试

    For project reason I have to measure the performance of OData service being acce...

    Jerry Wang
  • SAP CRM settype的重要性

    Product settype acts as a very important role in CRM WebClient UI architecture.

    Jerry Wang
  • SAP CRM settype的重要性

    Product settype acts as a very important role in CRM WebClient UI architecture.

    Jerry Wang
  • 为何JUC中有大量代码将成员变量复制到本地变量后再操作?

    总结:在性能核心部分,是有效果的(所以j.u.c和Netty大量这样搞)。 juc那么写是因为一开始就那么写(考虑到当时的jvm的现代化),而且单纯来看,loc...

    开发架构二三事
  • Design of the Shutdown Hooks API

    The following Q&A addresses some of the design issues of the Shutdown Hooks API.

    heidsoft

扫码关注云+社区

领取腾讯云代金券