A DCL source allows you to limit the results returned by a CDS entity to those you authorize a user to see.
You have the standard developer authorization profile to create ABAP development objects.
You have created the CDS entities for which you want to restrict access.
A DCL source is an ABAP development object, which supports standard ABAP Workbench functions such as transport, syntax check, and activation.
In the selected package, SAP NetWeaver AS for ABAP creates an inactive version of a DCL source and stores it in the ABAP Repository. In the Project Explorer, the new DCL source is added to the Access Control Management Objects folder of the corresponding package node. As a result of this creation procedure, the DCL source editor is opened. Here, you can start defining the role for the CDS entity.
The following role grants access to entries of the SFlight_Entity CDS entity, which meet the following conditions:
The @MappingRole annotation must have the value true, so this role is assigned to all users in the system. The value false is not supported.
@EndUserText.label: 'Show only flights for which the carrier ID is LH' @MappingRole: true define role Sflight1 { grant select on SFlight_Entity where ( ConnID ) = aspect pfcg_auth( S_CONNID, CONNID) AND CarrID ='LH'; }