SAP HANA Developer Guide - Get a Free Blog

Recommendations

Info

Some database objects depend on other objects. Views, for example, are defined as queries on other tables and views. The authorization for an operation on the dependent object (the queried tables and views) requires privileges for the dependent object and the underlying object. In case of views, the SAP HANA database implements the standard SQL behavior. A user has the authorization for an operation on a view if the following is true: ● The privilege for operations on the view has been granted to the user or a role assigned to the user. ● The owner of the view has the corresponding privileges on the underlying objects with the option to grant them to others. This behavior can be used to grant selective access to a table. 12.4.3 Package Privileges In the SAP HANA repository, authorizations can be assigned to individual packages. Authorizations assigned to a repository package are implicitly assigned to the design-time objects in the package as well as to all sub-packages. Users are only allowed to maintain objects in a repository package if they have the necessary privileges for the package in which they want to perform an operation, for example to read or write to an object in that package. Note: Package authorizations can be set for a specific user or for a role. If the user-authorization check establishes that a user does not have the necessary privileges to perform the requested operation in a specific package, the authorization check is repeated on the parent package and recursively up the package hierarchy to the root level of the repository. If the user does not have the necessary privileges for any of the packages in the hierarchy chain, the authorization check fails and the user is not permitted to perform the requested operation. In the context of repository authorizations, there is a distinction to be made between native packages and imported packages. ● Native Package A package that is created in the current system and expected to be edited in the current system. Changes to package objects must be performed in the original development system where they were created and transported into subsequent systems. The content of native packages are regularly edited by developers. ● Imported Package A package that is created in a remote system and imported into the current system. Imported packages should not usually be modified, except when replaced by new imports during an update. Otherwise, imported packages should only be modified in exceptional cases, for example, to carry out emergency repairs. To perform every-day, package-related, application-development tasks in the repository, developers typically need the following privileges for the application packages: ● REPO.READ Read access to the selected package and design-time objects (both native and imported) ● REPO.EDIT_NATIVE_OBJECTS Authorization to modify design-time objects in packages originating in the system the user is working in ● REPO.ACTIVATE_NATIVE_OBJECTS Authorization to activate/reactivate design-time objects in packages originating in the system the user is working in ● REPO.MAINTAIN_NATIVE_PACKAGES 330 P U B L I C © 2012 SAP AG. All rights reserved. SAP HANA Developer Guide Setting Up Roles and Authorizations
Authorization to update or delete native packages, or create sub-packages of packages originating in the system in which the user is working SAP HANA Repository Privileges In addition to the authorizations you can grant users for specific packages (and the design-time objects in those packages), you can also assign general system privileges to users to enable them to perform basic repository operations, for example: importing and exporting content, and maintaining delivery units (DU). If your daily tasks include general administration tasks, you need basic system-level privileges in the repository. To perform basic administration tasks in the repository, you typically need the following privileges: ● REPO.EXPORT Enables you to export delivery units; exporting a DU transports it to another system ● REPO.IMPORT Enables you to import delivery units; importing a DU transports it from another system ● REPO.MAINTAIN_DELIVERY_UNITS Enables you to maintain your own delivery units (the DU-vendor must equal the system-vendor) ● REPO.WORK_IN_FOREIGN_WORKSPACE Enables you to move objects from a "foreign" inactive workspace into your own workspace You can grant or revoke basic, repository privileges to users in the following ways: ● SAP HANA Studio The System Privileges tab page in the Modeler perspective: Catalog -> Authorization -> Roles or Users Note: If you want to access the repository from the SAP HANA studio, Eclipse, or other clients,you need the EXECUTE privilege for SYS.REPOSITORY_REST, the database procedure through which the REST API is tunneled. Defining Repository Package Privileges In the SAP HANA repository, you can set package authorizations for a specific user or for a role. Authorizations that are assigned to a repository package are implicitly assigned to all sub-packages, too. You can also specify if the assigned user authorizations can be passed on to other users. To set user (or role) authorizations for repository packages, perform the following steps: 1. In the SAP HANA studio, open the Navigator view of the Modeler perspective. 2. In the Navigator view, expand the Security Roles/Users node for the system hosting the repository that contains the packages you want to grant access to. You can also define roles via source files; roles defined in this way can be assigned to a delivery unit and transported to other systems. 3. Double click the user (or role) to whom you want to assign authorizations. 4. Open the Package Privileges tab page. 5. Choose [+] to add one or more packages. Press and hold the Ctrl key to select multiple packages. 6. In the Select Repository Package dialog, use all or part of the package name to locate the repository package that you want to authorize access to. 7. Select one or more repository packages that you want to authorize access to; the selected packages appear in the Package Privileges tab page. SAP HANA Developer Guide Setting Up Roles and Authorizations P U B L I C © 2012 SAP AG. All rights reserved. 331
Page 1 and 2:
SAP HANA Appliance Software SPS 05
Page 3 and 4:
4.3.1 SAP HANA Repository Packages
Page 5 and 6:
6.5.12 Searching Tables, Models and
Page 7 and 8:
12.2 Authentication Overview. .....
Page 9 and 10:
2 SAP HANA SAP HANA is an in-memory
Page 11 and 12:
With a scanning speed of several gi
Page 13 and 14:
SAP HANA greatly extends the tradit
Page 15 and 16:
2.4 Refactoring SAP HANA Based Appl
Page 17 and 18:
In either case, as a developer you
Page 19 and 20:
For this scenario, you may need to
Page 21 and 22:
Object Description File Extension M
Page 23 and 24:
Committing the file saves it in the
Page 25 and 26:
● Security: Contains the roles an
Page 27 and 28:
The view essentially is a list of r
Page 29 and 30:
Action Description ● Creates a ne
Page 31 and 32:
● Debug Session: The debug sessio
Page 33 and 34:
○ MODELING ○ CONTENT_ADMIN 3.5.
Page 35 and 36:
4.1 Setting up Delivery Units A del
Page 37 and 38:
Related Links ○ In the text boxes
Page 39 and 40:
4.2.2 Creating a Repository Workspa
Page 41 and 42:
3. Open the Project Explorer view.
Page 43 and 44:
1. Create a package Packages are ne
Page 45 and 46:
● Non-Structural Package contains
Page 47 and 48:
In the New Package dialog, enter in
Page 49 and 50:
Maintaining Translation Details [pa
Page 51 and 52:
Note: Exposed package content can i
Page 53 and 54:
Application-Access File Keyword Opt
Page 55 and 56:
Note: You can disable authenticatio
Page 57 and 58:
| |---2011... |---subpackage1 | |--
Page 59 and 60:
You use the mime_mapping keyword to
Page 61 and 62:
1. If you have not already done so,
Page 63 and 64:
2. Select Open Development. The def
Page 65 and 66:
3. Select Next. 4. Enter a user nam
Page 67 and 68:
In the SAP HANA Repositories view,
Page 69 and 70:
Since you only have one workspace,
Page 71 and 72:
6. Add a file called .xsaccess (no
Page 73 and 74:
SAP HANA Developer Guide Setting Up
Page 75 and 76:
5.1 Schema Relational databases con
Page 77 and 78:
creation, but can have any number o
Page 79 and 80:
If you want to define a transportab
Page 81 and 82:
ool public(default=true); optional
Page 83 and 84:
5.9.1 Table-Import Model The table-
Page 85 and 86:
○ The key area of the input value
Page 87 and 88:
{name = "Forename"; sqlType = VARCH
Page 89 and 90:
var pstatement1 = conn.prepareState
Page 91 and 92:
Note: The following example is for
Page 93 and 94:
You can perform the following tasks
Page 95 and 96:
Requirement Preference Substeps Not
Page 97 and 98:
a) Log on to the Central Management
Page 99 and 100:
4. In the Target System section, se
Page 101 and 102:
Remember: Schema mapping only appli
Page 103 and 104:
) Select the required granularity c
Page 105 and 106:
● Hierarchies Note: In the Semant
Page 107 and 108:
Restriction: It is not allowed to a
Page 109 and 110:
Related Links ● When you open an
Page 111 and 112:
○ Select the Data Foundation node
Page 113 and 114:
a) In the Output panel of the Logic
Page 115 and 116:
Related Links Note: If an active ve
Page 117 and 118:
Note: Definer's right: If you want
Page 119 and 120:
Optional Step: Creating Calculated
Page 121 and 122:
4. Choose OK. Activate Note: 1. If
Page 123 and 124:
a. To map the source to the target
Page 125 and 126:
a. Enter a name and description. b.
Page 127 and 128:
example, to calculate Discount for
Page 129 and 130:
○ Name Path - the unique node ID
Page 131 and 132:
specifying target currency and dese
Page 133 and 134:
● In the Activate dialog, you can
Page 135 and 136:
Note: You can also create a join be
Page 137 and 138:
● You can choose to create parame
Page 139 and 140:
● A decision table is based on in
Page 141 and 142:
Objects in edit mode in other works
Page 143 and 144:
shown. You can apply a filter for p
Page 145 and 146:
Type Description Calculation View G
Page 147 and 148:
3. From the context menu, choose Da
Page 149 and 150:
Function Syntax Purpose hextoraw st
Page 151 and 152:
Function Syntax Purpose daysbetween
Page 153 and 154:
6.5.13 Setting Keyboard Shortcuts Y
Page 155 and 156:
case, the name of calculation view
Page 157 and 158:
The generated information models an
Page 159 and 160:
● CALL: Calls a procedure. For ex
Page 161 and 162:
7.2 Debugging SQLScript The SAP HAN
Page 163 and 164:
Invoker's right: If you want the sy
Page 165 and 166:
The main aim of OData is to define
Page 167 and 168:
The OData specification requires an
Page 169 and 170:
Entity Sets This construct allows y
Page 171 and 172:
● Sample JSON Output: Single Prop
Page 173 and 174:
$count This request allows you to r
Page 175 and 176:
● Sample ATOM and JSON Output: SA
Page 177 and 178:
● Sample JSON Output: $orderby Th
Page 179 and 180:
● Sample JSON Output: $top This o
Page 181 and 182:
.xsodata//$inlinecount=allpages ●
Page 183 and 184:
8.1.4 OData Security Considerations
Page 185 and 186:
object :=['entity'] ( repoobject |
Page 187 and 188:
SAP HANA SQL Type OData EDM Type Se
Page 189 and 190:
An empty service metadata document
Page 191 and 192:
All information about the table, fo
Page 193 and 194:
OData Key Specification The OData s
Page 195 and 196:
As a consequence of the transient n
Page 197 and 198:
The second association is similar t
Page 199 and 200:
"1" dependent "Orders"("CustomerID"
Page 201 and 202:
} parameters via entity; During act
Page 203 and 204:
XMLA Service-Definition Keywords Cu
Page 205 and 206:
Function Description DrillDownLevel
Page 207 and 208:
Function Description PrevMember Ret
Page 209 and 210:
Analytic and calculation views can
Page 211 and 212:
4. Place the valid XMLA service def
Page 213 and 214:
The functions provided by the JavaS
Page 215 and 216:
Cross-site scripting (XSS) ● Prob
Page 217 and 218:
Make sure you have addressed the is
Page 219 and 220:
Server-side JavaScript files have t
Page 221 and 222:
Use the $.import function, as follo
Page 223 and 224:
Note: A SQL connection configuratio
Page 225 and 226:
8. Find the trace matching your app
Page 227 and 228:
The session ID is the value of the
Page 229 and 230:
10 Building UIs with SAPUI5 This se
Page 231 and 232:
2. Specify the name, for example My
Page 233 and 234:
// use alternative bootstrap for t
Page 235 and 236:
11 Enabling Search With a SAP HANA
Page 237 and 238:
Synchronization [page 240] Full tex
Page 239 and 240:
) content SHORTTEXT(100) Changes to
Page 241 and 242:
● Preprocessing ● Preprocessed
Page 243 and 244:
Name of Option Description In most
Page 245 and 246:
Column ID Key Description Data Type
Page 247 and 248:
a) Delete the existing full text in
Page 249 and 250:
Parameter Data Type FUZZY_SEAR CH_I
Page 251 and 252:
Parameter Data Type Default (TEXT)
Page 253 and 254:
The CONTAINS predicate is optional
Page 255 and 256:
Limitations The SNIPPET function ha
Page 257 and 258:
Fuzzy search can be used in various
Page 259 and 260:
Original Letter Standardized Letter
Page 261 and 262:
Option similarCalculationMode The o
Page 263 and 264:
Supported Data Types Fuzzy search w
Page 265 and 266:
option2=value2')) ORDER BY score DE
Page 267 and 268:
Name of Option Short Name maxDateDi
Page 269 and 270:
TEXT and SHORTTEXT TEXT and SHORTTE
Page 271 and 272:
2. Perform the search on two column
Page 273 and 274:
Rule 2 - House Numbers or House Num
Page 275 and 276:
col1 NVARCHAR(20) FUZZY SEARCH MODE
Page 277 and 278:
2. Country codes are standardized t
Page 279 and 280: Postcode 1 Postcode 2 Score Remarks
Page 281 and 282: WHERE CONTAINS(postcode, '1234', FU
Page 283 and 284: PHRASE is similar to AND but restri
Page 285 and 286: Tokens=input')) ORDER BY score DESC
Page 287 and 288: )) ORDER BY score DESC, id; SCORE I
Page 289 and 290: Option textSearch The textSearch op
Page 291 and 292: Fuzzy Search with Stopwords Usage S
Page 293 and 294: Stopword Example CREATE COLUMN TABL
Page 295 and 296: Stopword ltd The stopwords will not
Page 297 and 298: Column Name Type Primary Key Descri
Page 299 and 300: Only one of these errors is allowed
Page 301 and 302: 2000-01-11 -> 0.96 2000-01-12 -> 0.
Page 303 and 304: This deletes the node and all its c
Page 305 and 306: Hofmann -- specifies the input valu
Page 307 and 308: SCORE ID COMPANYNAME 0.88 6 xabc 0.
Page 309 and 310: advanced customizing and layout of
Page 311 and 312: Example: http://hana1.acme.corp:800
Page 313 and 314: Along with the full text index, you
Page 315 and 316: 11.3.7 Defining the Page Layout Now
Page 317 and 318: switchbox Parameter Name Default Va
Page 319 and 320: 11.3.9 Defining the Layout of Resul
Page 321 and 322: 12.2 Authentication Overview Authen
Page 323 and 324: Secondly, roles created as design-t
Page 325 and 326: Caution: Theoretically, a user with
Page 327 and 328: Example: role :: { catalog schema "
Page 329: 12.4 Privileges SAP HANA offers var
Page 333 and 334: ● Activity ● Validity ● Attri
Page 335 and 336: The SAP HANA modeler automatically
Page 337 and 338: Runtime Authorization Check of Anal
Page 339 and 340: Implications of Creating Analytic P
Page 341 and 342: Now when a database user requests a
Page 343 and 344: If you create restrictions on colum
Page 345 and 346: 12.4.6 Granting Privileges to Users
Page 347 and 348: The location of the application-des
Page 349 and 350: For example, you need to plan, mana
Page 351 and 352: 13.4 Importing Delivery Units Impor
Page 353 and 354: 4. Download translated text to the
Page 355 and 356: 14 Using Database Client Interfaces
Page 357 and 358: 1. In a command line, run the follo
Page 359 and 360: The port should be 315, for example
Page 361 and 362: The first column shows the field na
Page 363 and 364: 3. In the Connection tab of the Dat
Page 365 and 366: SAP HANA supports the following Mic
Page 367 and 368: Function Description Avg Returns th
Page 369 and 370: Function Description MembersAscenda
Page 371 and 372: ○ MEMBERS_AND_ASCENDANTS ○ MEMB
Page 373 and 374: 15 SAP HANA Developer References Th
show all

SAP HANA Developer Guide - Get a Free Blog

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?