cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

XS restrict/filter oData calls by logged user using principal propagation

Go to solution
david_bizer
Product and Topic Expert
Product and Topic Expert

on ‎08-10-2020 2:01 PM

0 Kudos

Hello,

I have an oData Service (xsodata) that is consumed by an UI5 Application. However, everyone with access to the URL can f.e. get all the resources for /Requests . To solve this, I set up principal propagation to get the current user in the application also on the HANA XS Server. Whenever a user sends a call to /request, only resources with the property userID = CURRUSER should be returned. If the user enters queries for a request ID in the Frontend not belonging to his created request, he should get an auth error / empty result. What is the best way to solve this? I am fairly new to the xs implementation and little confused by all the configurations/files

thanks and best regards

Show replies
Show replies
Answer
View Entire Topic
pfefferf
Active Contributor
‎08-10-2020 3:38 PM

I hope I get your question correct. You try to restrict the response of an OData service, that only dat is returned which userID property equals the current user.

If yes, then an option is to use Structured Privileges. With that you can restrict the access to the data with a fixed filter clause.

Show replies
Show replies
Ask a Question