Business Role – Based authorizations for your custom BOs
As you may know, SAP Cloud 4 Customer offers a standard object called UISwitch to influence the standard field properties based on the user role.
How to use it?
Standard use
The UI Switch is an object that can be assigned to any business Role. Any standard screen extension is able to recognize if the user has some role associated with the UI Switch and based on this information, it can change the field properties as defined by the developer.
Step 1.
Create the UISwitch in the PDI
Step 2.
In any standard screen extension, you can modify field properties (via extensibility explorer) and make these properties dependant from the UI Switch
Non-standard use:
The limitation to this fact is that there is no standard way to use UI Switch (and so business role authorization) for your custom developments.
Here a simple trick to make it working for all the kinds of developments 🙂
Step 1.
Create the UI Switch as shown before
Step 2.
Add an indicator (or some other kind of field if you need) and an action to your custom BO
Step 3.
Implement the action as shown below (highlighted part). Note that Context.GetCurrentUserUISwitches() is a standard method always available in the ABSL library.
Step 4.
In your custom screen bind the favourited property of your fields to the (in this example) indicator field
Step 5.
In the initialization of your screen call the action that refresh the status of the indicator field, based on the user business role
Testing the UI Switch
Step 1.
Create a new business role and assign the UI Switch to it
Step 2.
Assign the Business Role to the user
Step 3.
Enjoy!
Fantastic Document!
Alessandro I have small doubt as there is no option of Assigning UI Switch against a custom view ( in my case Quick create ).
Or do i have to handle everything by code?
Regards,
Dhruvin
Yes, there is no option of assigning UI Switch against a custom view, you need to handle the UI Switch via code and set your custom properties!
Oh! okay alessandro thanks for the info!!!
You're welcome! 🙂
A great help thanks Alessandro.
I have one problem...
I have used this idea in a EC to restrict edit access to certain users.
It works fine except now every time I open the EC, the screen goes in to edit mode without clicking edit?
Any idea why this would occur?
Uhmmmm
questions:
1) Are you using HTML5 UI? (I assume yes because you are speaking about an edit button)
2) Did you bind your custom fields with the custom indicator driven by the ui switch?
3) Before the binding at point 2, the standards behaviour was different? (EC editable only after clicking on edit?)
If all the 3 points are true, I think its a good thing to raise an incident. If you bind a custom field with a readonly indicator, this should not overwrite the standard behaviour (IMHO: they can't be enabled before you click on edit).
If points 1 and 2 are true, but point 3 is false, then you need to take in consideration the editable standard flag in order to control your readonly custom flag.
1) Yes.
2) Yes the columns 'Enabled' property is driven by the custom indicator.
3) If I remove the action from my initialization of the EC this unwanted edit access no longer occurs.
I thought this was a bug as there is no way I have told the system to go in to edit mode via my script, I just wanted to be sure it wasn't something to do with the EC. Thanks for your help, I will raise an incident.
Recently it was brought to my attention that this type of behaviour can occur when an embedded component is added to a custom object and the WorkProtectedRelevant flag on the embedded component is not set. You have this flag on field level but also on embedded component level
Hello Brad,
We are trying to acheive similar kind of requirement .We need to restrict access to create button and delete button in an Custom EC .
When i try to bind that Create button to the Indicator field , it always disables the button for all users even though the UI Switch has been assigned for the Users.
Can you please let me know on achieving this ? It would be helpful for us if there any information shared !
Thanks in Advance!
Regards
Adithyan RS
Alessandro,
How do I set up the initialisation of the OWL screen in the ByDesign application studio? You've got an event handler with a BO operation and a BO action and a script. How do you get that to trigger when the screen loads?
Lewis
Hi Lewis, as far as I know the OWL does not trigger any event
Hi Alessandro,
I'm facing the following situation: I need to segretate the visibility of some information of the material master data starting from the user's association to organizational structure.
For example the Material A is open for Sales org X and Sales Org Y and I belong to Sales Org X; if i view in details the master data of the material A, I should not see the row and the data related to Sales Org Y.
Do you think I can manage this segregation with the UI switch?
Regards
Ilaria