Accessing tables from different schema through AMDP.
Dear All,
Recently we have started working with ABAP on HANA and day by day we are getting more challenges, so one of my best part I am sharing here….
I got a business requirement which was very interesting, the data has to be taken from different schema’s table which is SLT replicated.
We are executing report from BW on HANA system.
Below I am presenting summarized code, hope that might be useful for ABAP lovers…..
Report Parts :
1. Selection On Date and Division Number from VBRK & VBRP (Data to be pulled from cross Schema).
2. F4 help for Division Number(Data to be pulled from cross Schema)
3. Display Output
Before that introduction of AMDP ABAP Managed Database Procedures – Introduction
Class :
Definition –
Implementation –
1.We can point schema tables like “RD2.VBRP” or RD2.VBRP.
2.If you want to access current schema tables then you can add tables in ‘USING’ clause.
Program :
Output :
Regards,
Amol
Hi Amol,
just a short remark concerning security. Be aware, that your WHERE clause is an importing parameter of type string. So you typically should check for possible SQL Injections (always an issue with ADBC, but also applies in your context).
Cheers,
Jasmin
Hi Jasmin,
We are using READ-ONLY AMDP clause, at least we have protection from delete and insert 🙂 .
I think SQL injection may not affect to APPLY_FILTER please correct me if I am wrong.
Cheers,
Amol
Hi Amol,
modification of the WHERE clause can result in being able to see data, which you would not be allowed to see (from restricted authorizations). See e.g. SQL injection - Wikipedia, the free encyclopedia.
Cheers,
Jasmin
Hi Jasmin,
I got your exact point. Thanks a lot.
Can you just give me ref. to avoid such a conflicts.
Regards,
Amol
Hi Amol,
sure. The ABAP Language documentation gives some more insight about SQL Injections ( SQL Injection - SAP NetWeaver Library: Function-Oriented View - SAP Library). You can e.g. have a look at the ABAP Class CL_ABAP_DYN_PROG (class documentation gives some examples) and has a couple of useful methods for checking the where clause - this class is typically used to solve ATC check findings in your ABAP coding.
And there's a nice article on SCN (How to Protect Your ABAP Code Against SQL Injection Attacks).
Cheers,
Jasmin
Thanks Jasmin.
This will help alot...
-Amol
Hi Amol,
Very Nice and useful article.
I am trying out the same, to read data from different schema. But before activating the AMDP I am getting error "SQLScript: SqlScript: Could not derive table type for variable "ET_RESULT" (SQL error: insufficient privilege: Not authorized)" in class implementation.
Any idea about this error?
Amit
Hi Amit,
For SAP system user ID you should have to provide authorization for ECC schema.
Regards,
Amol
Hi Amit,
Hi Amol,
true (what Amol said), you have to provide:
grant select on schema <ECC schema name> to <SAPSID DB username>;
The user to execute this grant statement is the user who owns the ECC schema.
Cheers,
Jasmin
Dear Jasmin and Amol,
I am new to AMDP and have a basic question. How to know what is the the HANA DB user id which has been mapped to my SAP user id?
Thanks,
Mainak
Hi Amol Samte ,
i am facing this error when i am try to get data from schema , could you please let me know the solution.
thanks in advance