In this exercise we will create a Data Access Control and apply it on the data models.
🎓 Data Access Control: Data access controls allow you to apply row-level security to your objects. When a data access control is applied to a data layer view or a business layer object, any user viewing its data will see only the rows for which they are authorized, based on the specified criteria. The Data Access Control acts like a Lock. Once defined, it can be attached to your data models to guard them from unauthorized data access.
For more information please see the SAP Help site.
In the first step you define a local table, which contains the allowed value for a user.
-
Navigate to the Repository Explorer
-
Click on Create - Local Table Button to create a new view
-
Configure the following properties on the General section:
- Business Name: T_DAC_DATA
- Technical Name: T_DAC_DATA
- Type: Relational Dataset
-
Add the following columns in the Columns section:
Primary Key Column Name Data Type Yes ALLOWED_VALUE String (100) Yes USER_EMAIL String (100) No USER_ID String (100) 
-
Click on the Deploy button to deploy the table.
In this step, we are creating the Data Access Control object and specify the critera for access per user.
-
Navigate to the Repository Explorer
-
Click on Create - Data Access Table button to create a new data access control.
-
Configure the following input:
- Business Name: D_COMPANYCODE
- Technical Name: D_COMPANYCODE
- Data Entity: T_DAC_DATA
- Identifier Column: USER_EMAIL
- Output: ALLOWED_VALUE
-
Click on the Deploy button to apply the changes.
