Solved: Dynamic SQL in SAP HANA stored procedures - Using ...

former_member204732 · ‎2021 May 29

In SAP ECC we have created a mapping table containing user and organisation authorization access.

U1 : OrgA
U2 : OrgB
U3 : *

We have created a SAP HANA Calculation View in SQL Analytics Privileges. And we have an authorization dynamic authorization process in place, which will filter the access to the organisation dynamically based on the reading of the mapping table.

The solution works.

Expect for the management of the * value corresponding to the access to all organisation.

Would you know how to adjust the source code below to manage the access to all organisation ?

PROCEDURE "_SYS_BIC"."REPORTS::CONTROLE_AUTH_ORGANISATION" ( out OUT_FILTER VARCHAR(500) ) 
    LANGUAGE SQLSCRIPT
    SQL SECURITY definer
    DEFAULT SCHEMA ABAP
    READS SQL DATA AS
BEGIN

 VALUES_LIST = SELECT USER_NAME,'organisation in (' ||'''' || STRING_AGG(RESTRICTION, ''',''' )  ||  '''' || ')' 
 as RESTRICTION from auth_table
 where USER_NAME = SESSION_USER
 group by USER_NAME;
 
 SELECT distinct RESTRICTION into OUT_FILTER from :VALUES_LIST;

END;

pfefferf · ‎2021 May 29

The IN operator will not work for that case, because it will just do a string comparison for the '*' from your auth_table.

You need to implement a special handling. If for the user a star is found in the auth_table, instead of returning an expression with the IN operator, you have to return an expression with the LIKE operator (-> 'organisation like ''%''').

Dynamic SQL in SAP HANA stored procedures - Using mapping table

Know the answer?

Need more details?

Re: SAC Story Planning Version unable to display e...

Retrieve FIORI Adaptation project from SAP ABAP sy...

SAC Story Planning Version unable to display empty...

Re: Are BTP Solution Diagram Guidelines available?

Re: How to trigger an abap breakpoint from Fiori p...