Show TOC Start of Content Area

Object documentation Permissions Tab Page  Locate the document in its SAP Library structure

Definition

A type of index view used to set permissions in service modeling.

Use

With the Permissions tab page, you specify whether an entity service has permissions associated with it and if there are permission checks for each instance.

For more information about Composite Application Services permissions, see Service Permissions.

Permission Checking

You can choose the following:

     Permission checks enabled

This option indicates that the entity service is secured and the permissions checking is performed for its CRUD (create, read, update, delete) methods. If the option is enabled, a code with permissions checks is added in every CRUD method.

In runtime, the permission checks are performed for the principal who is currently working with the application. You can assign permissions to principals using the Authorization Assignment.

For more information, see Assigning Authorizations.

     Permission on instance level

This option provides a permissions check for every instance of the entity service. This can only be activated in conjunction with Permission checks enabled.

If you enable this option when you create a new instance, the following principals are assigned by default:

     Owner

     CAFAdmin

If the principal does not have permission to perform an operation, a CAFPermissionException is thrown.

Permission Propagation

Some of the elements in the list of related entity services can be chosen as parents for the current business entity to provide inheritance of propagated permissions. These parent objects (secured entity services enabled to check permissions) are associated with the current entity service.

At runtime, an additional check of propagated permissions to parent objects is performed recursively. 

For more information, see Managing Propagated Permissions.

 

End of Content Area