Skip to Content
Technical Articles

SAP Cloud Application Programming Model – Demo4

Hello All

One more continuous effort on SAP Cloud Application Programming Model.

Here are the links to earlier blogs:

https://blogs.sap.com/2020/05/01/sap-cloud-application-programming-model-demo1/

https://blogs.sap.com/2020/05/03/sap-cloud-application-programming-model-demo2/

https://blogs.sap.com/2020/05/10/sap-cloud-application-programming-model-demo3/

I have briefed on the authorization checks meaning only authorized users can have access to our application built using SAP Business Application Studio.

Authorizations can be defined in the CAP CDS model using two annotations shown below.

Now let’s see a demo in action.

Build an app in SAP Business Application Studio workspace by executing cds init ProjectName

user: projects $ cds init secureapp

Place a data model in db folder: schema.cds

entity Student {
  key ID   : Integer;
  name    :  String(100);
  score :  String(20);
 attendance : String;
}

Create a service file in srv folder: cat-service.cds

Here i have used the annotation restrict to authorize the service with credentials to sign in to our application.

using { sap.com.secureapp as my } from '../db/schema';

service CatalogService @(_requires:'authenticated-user') {
  entity Student as projection on my.Student;
}

 annotate CatalogService.Student with  @(restrict: [
   { grant: 'READ', to: 'admin' } 
  ]);

Open a file cat-service.jsΒ in srv folder.

module.exports = (srv)=>{

 const {Student} = cds.entities

srv.after ('READ','Student', (each)=>{
    if (each.score < 50) 
    each.name += ' -- You are failed'
  })
}

For the authorization access, please add the below code into existing file .cdsrc.json.

{
    "odata": {
        "version": "v4"
    },
    "build": {
        "target": "gen",
        "tasks": [
            {
                "src": "db",
                "for": "hana",
                "options": {
                    "model": [
                        "db",
                        "srv"
                    ]
                }
            },
            {
                "src": "srv",
                "for": "node-cf",
                "options": {
                    "model": [
                        "db",
                        "srv"
                    ]
                }
            },
            {
                "src": "app",
                "for": "fiori",
                "options": {
                    "model": [
                        "app"
                    ]
                }
            }
        ]
    },
    "auth": {
        "passport": {
            "strategy": "mock",
            "users": {
                "suppu": {
                    "password": "123",
                    "ID": "sup",
                    "roles": [
                        "admin",
                        "authenticated-user"
                    ]
                },
                "surya": {
                    "password": "123",
                    "ID": "sai",
                    "roles": [
                        "authenticated-user"
                    ]
                }
            }
        }
    }
}

Run the application in the terminal with cds watch command and Open the service in New Tab.

Click on below link.

When we open the Student Service, We can see the Sign in pop-up as we restricted the app with credentials before in the file .cdsrc.json.

Please connect for any inputs to you or me.

Thank you!!
#EnhanceLearning

BR//Dhanasupriya Sidagam πŸ™‚

2 Comments
You must be Logged on to comment or reply to a post.
  • Hi Dhanasupriya,

     

    Nice Blog….This is for local with mock users, do you any blog with cloud testing?

     

    Regards,

    VM Kumar

  • Excellent blog Dhanasupriya!

     

    As a question, is it possible to add any connection to the SCP authentication service tenant for example, to get from there the users repository instead of the harcoded users?

     

    Best regards!