By using Open SQL, one can read and modify data, and also buffer data on the application server, which reduces the number of database accesses the system has to perform. This acts as an interface between the programs created and the database. One of the key tools which can be used is Open SQL. Fortunately, most of this work is done automatically by the SAP system, and one doesn’t have to worry too much about the underlying technologies related to how data is locked and so on. If records are constantly being updated, programs must be able to read and work with data which is current in the system. It is important to ensure that programs created do not cause any problems in the rest of the system and that the most recent version of the data held on the database is accessed when a program runs. If one has a three-tier architecture (with a presentation layer, an application server and an underlying database), you must bear in mind that there may be a very large number of users accessing the data at any one time. There are some important concepts to keep in mind here, for example, the architecture of the system. So far, reading data from database tables has been looked at, now modifying and deleting this data will be examined. While, this will not be examined in great detail here (the topic is huge in itself), it is important to bear authorisations in mind when working in SAP. This must be used if a program or transaction is not sufficiently protected by the standard authorisation profiles already set up in the system. Where specific authorisations have not been implemented, programs can be made to carry out an authority check, using the statement AUTHORITY-CHECK. For example, transaction SE38, the ABAP editor, could be tweaked so that while some users may be able to access it, perhaps they can only do so in display mode, or perhaps they can display and debug the code, but not change it themselves. Once a user has one of these profiles, the system will tell them whether or not they can execute a transaction when they try to do this.
The system administrators can then use and enhance these to be applied to users.
This profile then gives the user the correct rights within the program to then carry out their job and SAP delivers many predetermined user profiles with the base system.
#CREATE STRUCTURE SAP HANA STUDIO CODE#
These will not be examined in great detail here, but ordinarily users are assigned their own authorisation profile (or composite profile) against their user record, which for informational purposes is managed through transaction code SU01. All the rules pertaining to this are stored as authorisation objects. The way authorisations are set up can also limit how data is used, whether a user can only display data or whether they can modify it. This includes individual fields as well as individual records. An SAP system has its own security tools to ensure that users can only access data which they are authorised to see. When writing programs using open SQL, one has to bear in mind the concepts of authorisation in an SAP system.
0 kommentar(er)
