Show TOC Entering content frame

Function documentation Restrict Access to a Business Object Locate the document in its SAP Library structure

Use

This function enables you to restrict access to a business object (BO). As a result of this, the tile to which this BO is associated with cannot display business data during runtime. However, you can allow controlled access to this BO by defining a token.

Example 

In the Mobile Sales application, to restrict the Address Details tile from displaying address details of any business partner, restrict the access to the BOBPADDRESS business object associated to the tile. 

This graphic is explained in the accompanying text 

Restricting access to the higher-level BO also restricts access to all its lower-level business objects. This is because the lower-level business objects inherit the same access rights from the higher-level BO. Access rights such as creation, modification, and deletion that are defined for a lower-level BO are considered as modification rights for the corresponding higher-level BO.

You can protect a business object using the Business Object Authorization/ Protect Business Objects tile set. A list of higher-level business objects existing in the mobile application repository is displayed where you can select the required business objects.

This graphic is explained in the accompanying text

Selecting a business object will take a while due to the number of business objects that have to be retrieved. 

 

Prerequisites

You must ensure that the BO if existing in a relationship has the following characteristics:

·        Participation type is Source

·        Cardinality is Single

Example

Scenario 1: In the figure below:

·         1-n relationship exists between BO1 and BO2, where BO1 is the source business object.

·         1-n relationship exists between BO2 and BO3, where BO2 is the source business object.

This graphic is explained in the accompanying text

In this scenario:

·         You can restrict access only to BO1.

·         You cannot restrict access to BO3 as the participation type is not a source.

·         You cannot restrict access to BO2 even if its participation type is source. This is because its cardinality is not single.  

Scenario 2: In the figure below:

·         1-1 relationship exists between BO1 and BO2, where BO1 is the source business object.

·         1-n relationship exists between BO2 and BO3, where BO2 is the source business object.

This graphic is explained in the accompanying text

In this scenario:

·         You can restrict access to BO1 and BO2.

·         You cannot restrict access to BO3 because the participation type is not a source.

 

See also:

Defining an Authorization Token

Leaving content frame