Here's everything you need to know about securing the SAPUI5 ABAP repository when using the team repository provider and the repository upload and download reports, when executing apps from the repository, when tracking code changes or text changes, or when using the SAPUI5 application index REST API.
Using the team repository provider, you can synchronize the application resources between the team provider REST API and the SAPUI5 ABAP repository. Alternatively, you can use the interactive ABAP reports /UI5/UI5_REPOSITORY_LOAD or /UI5/UI5_REPOSITORY_LOAD_HTTP, which offer a similar functionality. Compared to the team repository provider, these interactive reports do not offer a built-in code merge. You can use a separate source code repository such as Git or Subversion (SVN).
Authorization Objects for Team Repository Provider
|
Authorization Object |
Values |
What is it for? |
Needed for deployment from |
|---|---|---|---|
|
|
|
Create, update, and delete applications in the SAPUI5 ABAP repository |
All tools |
|
|
|
Optional: Create a new transport request or new task |
All tools |
|
|
|
For the ABAP back-end communication via team repository provider REST API or RFC |
Eclipse, SAP Web IDE |
|
|
|
For the ABAP back-end communication via team repository provider API via RFC |
Eclipse |
|
|
|
For the ABAP back-end communication via OData service |
SAP Business Application Studio, SAP Fiori tools |
In addition to assigning these authorization objects, you also have to activate certain ICF services . For more information, see Configuring the ABAP Back-end for ABAP Development Tools
Delivered Virus Scan Profiles
When uploading files to the SAPUI5 ABAP repository, you can perform a virus scan. SAP delivers virus scan profile/UI/UI5_INFRA_APP/REP_DT_PUT, which is used to store files in theSAPUI5 ABAP repository. This profile is deactivated when delivered. To activate it, create at least one basis profile and save it as the default profile. You can then activate one of the delivered profiles.
By default, it links to a reference profile that is the default profile. For more information, search for ABAB-Specific Configuration in the documentation of your SAP NetWeaver version on the SAP Help Portal.
Using an ICF handler, you can execute SAPUI5 applications by retrieving their resources from the SAPUI5 ABAP repository.
Delivered ICF Nodes
For the execution of SAPUI5 applications from the SAPUI5 ABAP repository, SAP delivers ICF node /sap/bc/ui5_ui5/. This node contains sub nodes for each application.
Since all services delivered by SAP are inactive initially, please activate all required services.
For more information, search for Activating and Deactivating ICF Services in the documentation of your SAP NetWeaver version on the SAP Help Portal.
Authorization Objects
There are no specific authorization objects needed to execute SAPUI5 applications from the SAPUI5 ABAP repository.
As for ICF service nodes in general, authorization for specific ICF service nodes can be restricted. For more information, search for Defining Service Data in the documentation of your SAP NetWeaver version on the SAP Help Portal.
You can track code changes by using the general ABAP version control of the corresponding resource file. A new version is created when a new transport is written.
You can track text changes by using Table History (transaction SCU3). The relevant tables for texts are /UI5/TREP_TEXT and /UI5/TREP_TEXT_T (for translated text). Bear in mind that you have to activate table logging in the system for this feature.
The SAPUI5 application index REST API can be executed from ABAP systems with an ICF handler to get the transitive dependencies of an app.
This API is not for public use. It's only used when packaging SAP Fiori apps with SAP Mobile Platform Hybrid SDK plugins.
Delivered ICF Nodes
For the execution of the SAPUI5 application index REST API, SAP delivers ICF node /sap/bc/ui2/app_index.
Since all services delivered by SAP are inactive initially, please activate all required services.
For more information about ICF services and security, search for Activating and Deactivating ICF Services and RFC/ICF Security Guide in the documentation of your SAP NetWeaver version on the SAP Help Portal.
For more information about the SAPUI5 application index, see SAPUI5 Application Index.