For every fiori app in SAP, authorization check is requested and it's reasonable, for example company code check. People from company A should only be allowed to look into data of company A.  Company B's data should be fitered out.

I am working on a POC project, the structure of the  fiori app:

     FrontEnd: smart template

     BackEnd: CDS View

     Authorization Check: DCL for the above CDS View created.

DCL looks like:

define role I_GAPSTARTNUM_DOC {

    grant select on FISVD_DOCNR_GAP_STARTNUM

    where

     ( bukrs )          = aspect pfcg_auth ( F_BKPF_BUK, BUKRS  ,            ACTVT = '03' );

}

Problem Description: Authorization check unsuccessful. Everyone can get every company's information.

How I reach my solution:

   Step 1: ensure the DCL is in the system (for systems other than Dev system.)

   Step 2: Go to backend system(where CDS view is located), use Tcode: SACM, full name for this tool is Access Control Management.

Step 3: Use Runtime tool "ACM Runtime Tool", input parameters like below, execuate it. You will find if the DCL is execuated.

Step 4: If you find issues inside of the Runtime tools mentioned in Step3, or you just have no idea, you can go to Designtime tool "DCL-Documents" mentioned in Step 2. Check the status of your DCL. Run "Generate ABAP-Artifacts" if the status is not green.

Till this step, I have solved my problem. There are other tools that can be used. Try carefully.