Dear community,
when developing a SAP gateway application, I was wondering whether there is an efficient, maintainable and customizable way to control user permissions at runtime to regulate which odata paths can be used by a certain user, i.e.
| Is there standard way to change runtime permissions for a user to be able to call certain odata resources of a SAP gateway service, other than manually writing code in every service implementation method to check if the request is allowed? For example, based on some setting in customizing, the odata paths below /foo and /bar for user x should be forbidden, i.e. HTTP GET/POST/DELETE <host>:<port>/foo/test and HTTP GET/POST/DELETE <host>:<port>/bar/test should yield HTTP 403 for user x, but HTTP GET/POST/DELETE <host>:<port>/something should be OK. Is there a way where this can be controlled at a single place rather than being required to implement a check in every method implementing the odata requests? |
Looking forward to your suggestions,
Sebastian B.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.