Hello,
we work in central hub scenario with a gateway hosting our ui5 apps and several backends providing data with sap netweaver gateway oData service implementations. therefore every applications requires a specific role on the frontendserver and one or more roles on the called backend systems.
The question "What role does the user need on which system?" was asked frequently and i got really annoyed by having to open the specific sap gui on the required systems and check the assigned roles with su01/su01d.
I wanted to provide a simple solution to this question, so i don't have to check it in the system directly.
The following document should give a brief overview of the implemented solution. The abap code in this document might not working by copy and paste (just in case )
What do i know?
- Fiori app the user is trying to open
- Service(s) which are called by the ui5/fiori app
- Username (as they are present on the gateway system)
How could it be solved:
- Select an App or a service
- Read Customizing to app or service
- Check if user has roles assigned
So now let us dive a little bit deeper into the technical solution.
- I've implemented a basic master detail template. Masterlist contains the sapui5 apps of the gateway service. I won't provide further details here as this is quite basice gateway / ui5 implementing topics.
- After having the relevant ui5 apps in the master list, i've build the following detail view. Object List Header with sapui5 appname & creator / last modifier. Tab Icon Bar (only with one tap), sap.m.list to show/update the required roles. The table has two fields (RfC Destination, Role Name (AGR_NAME). The table has a toolbar with the following functions: add role, remove role and check user.
- The oData Service for master & detail view data is implemented on the central gateway system.
So what is the sevice doing?
The first entity: RoleCustSet has implemented the GET_ENTITY_SET Method to read the role regarding IT_KEY_TAB having the sapui5 application name as key. Further the CREATE_ENTITY and the DELETE_ENTITY Methods are implemented as well. Thats pretty much the first entity.
The second entity: UserCheckSet implements the GET_ENTITY METHOD
The first entity is not that interesting as it provides only customizing. The second entity is more interesting. Let's have a look a this.
What do we need?
- Key of sapui5 app that roles of user have to be checked against (Easy: IT_KEY_TAB, READ TABLE with key name = 'BLUB' where BLUB is the UI5 App name or other gateway entity attribute key field)
- Read Customizing Table (Easy: SELECT * FROM custtab INTO CORESPONDING FIELDS OF TABLE lt_custtab WHERE ui5app = 'BLUB'.
- Check RfC Connections (FuBa *RFC*PING* does thet job)
- Run User roles assigned check
Build a internal table lets call it lt_checkuser with RfC System and Userid you wan't to check. Eg. RfCDest1 | USER1, RfCDest2 | USER2
- How to get Users roles? BAPI*USER*GET*DETAIL will do the trick - Check TABLES Parameters
In the UserCheckSet GET_ENTITY:
- Loop at lt_checkuser assigning <fs_checkuser>
call function BAPI*USER*GET*DETAIL
Destination <fs_checkuser>-rfcdest
tables
return = lt_bapiret2
roles = lt_roles
append lines of lt_roles to lt_roles_all or something or directly check if the required role from customizing is present by doing read table with agr_name.
endloop.
I'm sure a abaper will get from the description above what needs to be done.
Endresult:
I would like to give a brief overview of the endresult by adding two printscreens. One printscreens shows the customizing table for rfcdest and agr_name. Second printscreens shows a check user result. I'm working with sy-langu = DE so descriptions are german.
So that's all about the fiori app to check role assignments. I hope you enjoyed reading & as always thank you for your comments and feedback. Thanks in advance for ratings and/or booksmarks.
I've ereased some tab icons in the printscreens as my applications started with this simple question and now pretty much has everything included a customer, frontend developer, consultant, application responsible or product owner needs to know from his fiori app and/or gateway service. Eg. Statistics using external JS Libs, Billing/Reporting Stuff, Support Stuff and much more.
If i find some time, maybe i'll present additional tabs of the application in further documents/posts.
Have a nice day & kind regards,
Michael
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
50 | |
5 | |
5 | |
4 | |
4 | |
4 | |
3 | |
3 | |
3 | |
2 |