I have an XSA SAPUI5 app which is used in a workflow scenario by 2 roles
- data capturer
- data approver
scopes and roles for each defined in xs-security.json
I want to determine which scopes a user has, i can do that in an api by calling @sap/xxsec checkScope
eg
app.get('/isApprover', (req, res)=>{
const isAuthorized = req.authInfo.checkScope('$XSAPPNAME.Approver');
if (!isAuthorized) {
res.status(403).send('Forbidden');
}
})
is there a function similar in SQLScript?
You can access the Roles Attributes via
SELECT SESSION_CONTEXT('XS_COSTCENTER') FROM DUMMY
Also would be handy to get the ORG and SPACE from a SQL call
