Let us consider the following scenario:
- There are 4 CDS views V1 , V2 , V3 and V4
- There is another CDS view V5 which is a union of views V1,V2,V3,V4 .
Now there is a DCL required to be defined on V5 which is a union view, which should display only authorized records from these 4 views V1,V2,V3 and V4.
When AND/OR condition is used between
aspect pfcg_auth statements in a DCL, the requirement is not fulfilled because, when one of the four views pass through the authorization, it applies its result to rest all three views and similarly when any one of the view fails to pass through the authorization, even then it applies its result to rest all three views. So either all records get displayed or none get displayed because of AND/OR logic, which is not expected in the current scenario.
So how to deal with such scenarios?
Let us walk through a simple example considering the below objects are defined:
- There are 4 Tables for each product type:
- ZPRODUCTRG – Refrigerator
- ZPRODUCTMO – Microwave Oven
- ZPRODUCTWM – Washing Machine
2. Basic Interface views (I – views) on these tables:
3. A union view on these basic views:
4. There are 4 authorization objects for 4 types of products defined in SU21 tcode as below :
All these authorization objects have the following authorization fields :
5. A PFCG role is created ZPROD_ROLE with these authorization objects
To be continued in "Writing DCLs on Union Views in CDS - Part 2" blog post ........