SAP Annotation Security Level for Handling Batch Requests
SAP Gateway provides an SAP annotation for handling batch requests that protects the data presented in the URL in a browser.
Make sure that you have the following:
Created an OData service using the Service Builder, (transaction SEGW).
Generated the project and noted the name of the Model Provider Extension Class, (MPC) for your service.
Registered your service.
Visible confidential data can appear in the URL in a browser, due to OData requests.
Use BATCH request in order to prevent displaying of confidential data in the URL that is displayed in the browser.
Use the method, set_use_batch( abap_true ), in the MPC extension class to set use-batch to true.
The resulting metadata document will then contain the SAP Annotation sap:use-batch="true" in the entity container.
In addition, SAPUI5 can be forced to always generate batch request through the method for SAP annotation, sap:use-batch="true" (in the metadata document).
In your MPC extension class, paste the following code into the redefined method, Define:
super->define( ). model->set_use_batch( abap_true ).
Activate your changes, and then use the transaction /IWFND/GW_CLIENT to open the SAP Gateway Client.
Enter the URL of your service to get the metadata document for the service (should end with $metadata).
Press F8 to execute the request.
In the response XML of the metadata document of your service, the entry, EntityContainer, should contain the SAP Annotation, sap:use-batch="true" as shown: <EntityContainer Name="TEST_SRV_Entities" sap:use-batch="true" />