How to make access control in ABAP CDS.

While working on my project the challenge that I often encountered was to segregate the records access based on user roles.

I used  SAP Access Control in CDS to implement this functionality.

So first let us understand what is SAP Access Control and how to create it in CDS.

SAP Access Control

ABAP CDS enables SAP Access Control based on a data control language (DCL). SAP Access control in ABAP CDS further restricts the data returned from a CDS entity in ABAP CDS.

SAP Access Control provides an additional method for checking authorizations in the SAP authorization concept.

Lets see how to create an SAP Access Control in CDS.

1. Right click on the package and then select new and then click on Other ABAP Repository Object.

2. Select Access Control under Core Data Services.
3. Fill all the details here and give the name of the Protected Entity for which you want to create the SAP Access Control for.

Now the SAP Access Control is created .

Here we are defining a CDS role using the DCL statement DEFINE ROLE, to grant select access on the CDS view created, using a specific PFCG authorization object for display.

Now here it will check if the person has ‘36’ role (Any specified role) then it will show all the data. otherwise it will fetch the C-user id of the person and will return only their entries.