In this blog, we see how to use SAP UI Data Protection Masking to protect sensitive data represented through Trees.
Several transactions use Tree displays to represent data. A common example is the address usage tree in the BP transaction. In this blog, we use the BP transaction to showcase how sensitive data can be protected using SAP UI Data Protection Masking for SAP S/4HANA. However, the same steps would apply on any transaction / report which represents data through any sort of Tree.
Use the recording tool to capture the technical details of the fields. For more information of the recording tool, refer this
blog
Select the record with the Field ID 'TEXT' and assign a logical attribute to it. For more information on logical attributes and configuring data protection, refer this
blog.
Once the configuration is made, the entire tree will be masked.
Similarly, if the configuration is for data blocking, the entrie tree display will be blocked. Such as in the screenshot below:
However, to protect (mask/block) selective nodes in the tree through conditional logic, a few extra steps are required. This would require the setting up of a scenario with
Attribute based Masking
Furthermore, a helper class: /UISM/CL_DA_HELPER is delivered to provide additional contextual information in tree scenarios. The helper methods can be used to write the logic for derived attributes, which in turn can be used in the Policies. Through configurations, it is possible to protect certain nodes. As in the screenshot below, only certain nodes are protected
For more information on node-specific masking, please feel free to reach out to me / raise an OSS incident in the component 'GRC-UDS-DO'.