ABAP - Keyword Documentation →  ABAP - Dictionary →  ABAP CDS in ABAP Dictionary → 

ABAP CDS - Access Control

ABAP CDS enables access control based on a data control language (DCL). Access control in ABAP CDS further restricts the data returned from a CDS entity in ABAP CDS. CDS access control is based on the following:

If a CDS role is defined for a CDS entity, the access conditions are evaluated implicitly each time an object is accessed using Open SQL or using an SADL query (unless access control is disabled using the value #NOT_ALLOWED for the annotation @AccessControl.authorizationCheck. If access control is enabled, only that data is read that meets the access conditions.

Each CDS role is defined a separate piece of CDS source code. This CDS source code can only be edited in the ABAP Development Tools (ADT). When activated, the CDS role is characterized as a global internal object in ABAP Dictionary. The CDS source code of a CDS role is edited in a different editor from the CDS source code of a CDS entity (CDS view or CDS table function). The ADT documentation describes how the different types of source code are created.


ABAP CDS - DCL Statements