This article demonstrates how to redefine the OData services to enhance the security of the applications.
Procedure
Step 1 | Create a new project in transaction SEGW. |
Step 2 | Right-click on the Data Model → Redefine → OData Service (SAP GW) to enter the Redefine Service Wizard. Enter the following information: Technical Service Name: /IQX/FAB_SRV Version: 001 Click Next. |
Step 3 | Select all the Services and click Finish. Click Save. |
Step 4 | Go to Data Model → Model References → /IQX/FAB_MDL-0001 and click Generate. In the Model and Service Definition dialog, click Continue. Runtime Objects Generated. Take note of the Data provider implementation class and the Service Name. |
Step 5 (Optional) | Open the Data provider implementation class ZCL_ZTEST_PROJECT_DPC_EXT. Notice that it inherits from the superclass /IQX/CL_FAB_DPC_EXT. |
Step 6 | Go to transaction /n/IWFND/MAINT_SERVICE → Add Service. Input the System Alias and the Technical Service Name. Press Enter. Click Add Selected Services and click Continue. |
Step 7 | Edit the manifest.json file of the Stand-alone App in the transaction /n/IQX/FAB. Right-click on the Project Node → Create File. The Create File option is only visible for Stand-alone applications. Set the Id / File Name to manifest.json. Select the Ellipsis button of the Source Element to Edit the source code. A Source Conflict dialog will appear, click Continue to use the content from the Repository. Locate the "dataSources" section in manifest.json. Replace the “uri“ /iqx/FAB_SRV with the new service name /sap/ZTEST_PROJECT_SRV. Old JSON: "dataSources": { "FAB_SRV": { "uri": "/sap/opu/odata/iqx/FAB_SRV/", "type": "OData", "settings": { "odataVersion": "2.0", "localUri": "localService/FAB_SRV/metadata.xml" } }, New JSON: "dataSources": { "FAB_SRV": { "uri": "/sap/opu/odata/sap/ZTEST_PROJECT_SRV", "type": "OData", "settings": { "odataVersion": "2.0", "localUri": "localService/FAB_SRV/metadata.xml" } }, Click Save & Close. Ignore the syntax errors, click Ok. |
Step 8 | Save Project. The application is now using the redefined service. The security team can create a role that includes this service. |