Technology Blogs by SAP
Learn how to extend and personalize SAP applications. Follow the SAP technology blog for insights into SAP BTP, ABAP, SAP Analytics Cloud, SAP HANA, and more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Field Masking - Role based masking scenario in Shop app of SAPUI5

AmitKrSingh
Advisor
Advisor
‎01-08-2020 8:07 AM

Introduction


In this blog post, we will learn how to mask “Name“, “Description“, “Price” and "Currency Code" fields of Products in Shop application of SAPUI5.

A PFCG Role will be used for the authorization check which will allow users with the specified role to view the field value. If a user does not have this role, it means the user is not authorized and data will be protected either through masking, clearing, or disabling the field.

The end result for unauthorized users will look like below:


Prerequisite


Field Masking for SAPUI5 and SAP Fiori” is a solution to protect sensitive data on SAPUI5 and SAP Fiori screens at field level. Product “Field Masking for SAPUI5 and SAP Fiori” is delivered to customer as add-on (UIMGW 100 and UIMUI5 100). To achieve Role-based masking, Add-on UIMGW 100 and UIMUI5 100 must be installed in customer system.

In case of Hub landscape, Add-on UIMGW 100 needs to be installed in ECC/S4 HANA system and Add-on UIMUI5 100 needs to be installed in Fiori Front-end system.

Requirement


Role-based masking is required to mask “Name“, “Description“, “Price” and "Currency Code" fields of Products in Shop application of SAPUI5.

Maintain Masking configuration


Configure Technical Information (Service Name-Entity) of field in masking configuration.

Follow the given path:


SPRO -> SAP NetWeaver -> Field Masking for SAPUI5 and SAP Fiori -> Masking Configuration->Maintain Masking Configuration
Follow below mentioned steps:


  • Click on “New Entries” button

  • Enter “Service Name” as “SEPMRA_SHOP

  • Enter “Entity” as “Product

  • Check “Masking Control” checkbox”

  • Enter “Description” as “Product

  • Click on “Save” button



Maintain Property Details



  1. Select the row

  2. Double-Click on "Maintain Property Details" option

  3. Click on "New Entries" button

  4. Press "F4" button on "Property" field and select "Name" property

  5. Check "Masking Control" checkbox

  6. Enter "PFCG Role Name" as "/UIMGW/PFCG_ROLE". In this example, we have used a blank role “/UIMGW/PFCG_ROLE”. Customers can use any role as per their requirement.

  7. Click on "Save" button


For OData services based on CDS views, F4 Search Help will not available on Entity and Property fields. Entity and Property information can be found using transaction SEGW or by analyzing the Fiori App itself.





  • Repeat the steps 3 to 7 to configure masking for other properties (Description, Price, and CurrencyCode)


Conclusion


In this blog post, we have learnt how Role-based masking is achieved in Shop application of SAPUI5 for masking “Name“, “Description“, “Price” and "Currency Code" fields of Products.

Note:


For information on Masking in UI Data Protection in SAPUI5/Fiori application, please refer blog post Attribute Based Access Control (ABAC) – Field Masking scenario in Shop app of SAPUI5.
Labels:
1 Comment
Labels in this area
Popular Blog Posts