Create an oData service from CDS

This blog is about how to create an oData service from a CDS View. The code and example follow closely SAP Help documentation and the included example on this topic:

I only cut the documentation overhead and make the information available in a single blog. As you can see in the above two links, the task consists of 2 steps:

  1. Create CDS View
  2. Expose OData service

For the example, I used NW ABAP 7.52 Developer Edition and ABAP in Eclipse (ADT) tools. If you have a “real” SAP NW ABAP System available, you may also implement the sample service there.

Create CDS Data Source

In ADT, create a new CDS Data Definition.

Name: ZDEMO_CDS_SalesOrderItem
Description: List Reporting for Sales Order Item

Click on next to go throught the wizard.

Paste the following code in the new created file: https://github.com/tobiashofmann/cds_sample_service/blob/master/ZDEMO_CDS_SalesOrderItem

@AbapCatalog.sqlViewName: 'ZDEMO_SOI_001'
@AbapCatalog.compiler.compareFilter: true
@AbapCatalog.preserveKey: true
@AccessControl.authorizationCheck: #CHECK
@EndUserText.label: 'List Reporting for Sales Order Item'
@OData.publish: true

define view ZDEMO_CDS_SalesOrderItem as select from SEPM_I_SalesOrderItem_E as Item {
  key Item.SalesOrder as SalesOrderID,
  key Item.SalesOrderItem as ItemPosition,
  Item._SalesOrder._Customer.CompanyName as CompanyName,
  Item.Product as Product,
  @Semantics.currencyCode: true
  Item.TransactionCurrency as CurrencyCode,
  @Semantics.amount.currencyCode: 'CurrencyCode'
  Item.GrossAmountInTransacCurrency as GrossAmount,
  @Semantics.amount.currencyCode: 'CurrencyCode'
  Item.NetAmountInTransactionCurrency as NetAmount,
  @Semantics.amount.currencyCode: 'CurrencyCode'
  Item.TaxAmountInTransactionCurrency as TaxAmount,
  Item.ProductAvailabilityStatus as ProductAvailabilityStatus
}

Save and activate the CDS View.

Activate OData Service

The above created a CDS Data Definition and when activating, some magic happened. What is missing is to activate the OData service. ADT won’t do this for you, this needs to be done manually in the Gateway System.

Tx: /n/IWFND/MAINT_SERVICE

Click on Add Service

Search for services in the local system.

System Alias: LOCAL
Technical Service Name: ZDEMO_CDS_SALESORDERITEM_CDS

Click on Get Services

The CDS Service is shown.

Select the service and click on Add selected Services

Add service dialog.

Package Assignment: $TMP (click on Local Object)

Test service

After performing the above steps, the CDS View is implemented and the OData service exposing the data is activate and can be used. You may now test the service to see if everything is working as expected.

Tx: /n/IWFND/MAINT_SERVICE
Select the service: ZDEMO_CDS_SALESORDERITEM_CDS

Click on SAP Gateway Client. To test the service, use the URL:

/sap/opu/odata/sap/ZDEMO_CDS_SALESORDERITEM_CDS/$metadata

Available entity sets can be seen by clicking on EntitySets.

Available options by clicking on Add URI Option

The see the top 2 results in json, the URL is:

/sap/opu/odata/sap/ZDEMO_CDS_SALESORDERITEM_CDS/ZDEMO_CDS_SalesOrderItem?$top=2&$format=json

Let the world know

Presentation SITMUC 2018

Event information

  • Location: SITMUC 2018, Einstein Kultur
  • Date: 13.10.2018
  • Site: Event website
  • Title: Creating apps with UI5
  • Presentation: PDF

Additional information

  • Make sure to select a language that supports the team, not just you.
  • App development is not just coding: that’s why the presentation is about creating apps. It’s a team effort.
  • Demo apps are mostly for myself and to make my life easier
  • Cognitive Leave Request was developed by BridgingIT in partnership with Microsoft. More information about the project: Tobias und Martin entwickeln. (Video in German)
  • Testing is important. Several tools from and for UI5 are available that can be used or other tools. Just use them if you can.
Let the world know

Presentation UI5Con 2019

Event information

  • Location: UI5Con 2019, SAP ROT03
  • Date: 28.06.2019
  • Site: Event website
  • Title: More than Code
  • Presentation: PDF

Additional information

  • Fruit Checker App is not a productive app. It is a showcase with the intention to make people think about the possibilities: what can you do today, value that combination of services can bring, etc.
  • OData v4 is not feature complete. SAP is investing and constantly adding new features to OData v4 model.
  • Testing is important. Several tools from and for UI5 are available that can be used or other tools. Just use them if you can.
Let the world know

Presentation SITWDF 2019

Event information

  • Location: SAP Inside Track Walldorf, SAP ROT03
  • Date: 26.01.2019
  • Site: Event website
  • Title: Creating apps with UI5
  • Presentation: PDF

Additional information

  • App development is not just coding: that’s why the presentation is about creating apps. It’s a team effort.
  • OData can now also designed and documented in Swagger (OpenAPI).
  • Demo apps are mostly for myself and to make my life easier
  • Cognitive Leave Request was developed by BridgingIT in partnership with Microsoft. More information about the project: Tobias und Martin entwickeln. (Video in German)
  • Testing is important. Several tools from and for UI5 are available that can be used or other tools. Just use them if you can.
Let the world know

How to publish an iOS App from Microsoft AppCenter to Apple App Store Connect

In this blog I will detail how you use Microsoft’s AppCenter to build an iOS app und publish it directly to iTunes Connect. This allows you to decouple the building, testing and distribution process from the developers. The developer only has to push the app to the repository (I am using Azure DevOps) and AppCenter takes care of the rest.

The steps to do so are:

  1. Create app project
  2. Configure build
  3. Add signing certificates
  4. Configure distribution to iTunes Connect

Create App Project

Open AppCenter and create a new project.

You can add AppCenter features to you app, but it’s optional. I already have a running app that I just want to build and distribute. Next step is to configure the build.

Build

Select the repository where the source code is hosted. I use Azure DevOps (free tier). Unfortunately, GitLab is not listed and in the free tier I am using it is not possible to add self-hosted git repositories.

AppCenter will connect to Azure DevOps via SSO and list the available projects.

This adds the repository to the build configuration. You’ll see the branches and last commit message.

To configure the build, click on the configuration option for the branch. The option will only appear when you hover with your mouse over the branch.

AppCenter will scan the project and find the available XCode settings.

You can configure the XCode version to be used for the build. This is very useful when you are using external libraries that do not work with newer XCode versions. For instance, the Fiori libraries included in my project were not released for 10.2.1 and the newer Swift version that comes with it. Therefore, the build exited with an error. Until SAP released an updated version of Fiori for iOS, I had to use XCode 10.2.

AppCenter offers options to automatically increase the build number, or run your XCTests.

Sign build

To be able to send the app to iTunes, you must sign the build using your certificate and provisioning profile. I wrote two blogs on how to get these:

When you have these available, you can start configuring the app signing. You upload the files and provide needed credentials for your private key.

Distribute

Next step is to define where you want to distribute the app to. You can send it to the official App Store, App Store Connect Users for your TestFlight beta testers, or to an internal Company Portal.

I am going to distribute the app to App Store Connect for TestFlight. Select App Store Connect. If you do not have yet an account linked to Apple, you can do this here.

AppCenter is connecting to App Store Connect and retrieves a list of apps. I only have one app available, making the selection easier. It also means that you have to create the app first in App Store Connect. AppCenter is not able to create the app definition for you.

Select the app and click on Assign.

In case 2FA is enabled for your Apple ID, you will have to provide an app-specific password. I wrote a blog an how to create an app specific password.

After informing the app-specific password, you get back to the previous screen. Click again on assign.

Now AppCenter is configured to connect to Apple Connect. Back at the Distribute builds section, you can select App Store Connect Users.

Result

You can now click on save or already start your first build.

Run build and distribute to App Store Connect

After the project is created and the build configured, you can start a build. AppCenter will find an available build agent, clone the repository, build, test, sign and distribute the app.

AppCenter

Waiting for a free build agent

Build starting

Distribute

After the build is done, the app is send to Apple Connect and processed there. Apple will check if the build is OK. This will take some time. The status of the build is Processing.

App Store Connect

When processing is done, you get an email form Apple.

The status of the app in AppCenter and App Store Connect changes and you can distribute the app to your beta testers via TestFlight.

Let the world know

State of the art documentation from SAP

SAP is investing heavily in marketing the Fiori for iOS and the SDK. In case you are slightly interested in Fiori and UX in general in SAP, for sure you heard a lot about the SDK. 2 ½ years after the announcement the Fiori Design guidelines include an iOS section, there are SAP Developers tutorials, a special iPad app for learning its usage is available, even Apple has set up a Fiori page. Current version of the SDK is 3.0, and now there is even an Android version available (with much less marketing activities).

If you want to write an app with the SDK, make sure you have an iPad. The online SDK documentation is available too, but offers less benefit than the Fiori Mentor app. In case you are wondering why the SDK documentation is not good enough: I suggest you take a look at it. For instance, the documentation for the map component.

As you can see, you see … not much.

No images, therefore: good luck in finding out what the UI control should look like. A look at the page source code reveals that the images are only visible to SAP employees with access to SAP’s intranet.

Server github.wdf.sap.corp is not accessible from the internet. In case you are wondering how to find the SDK documentation: SAP Cloud Platform SDK for iOS Assistant contains a link in its help to the API. And of course: Google. So yes, made available to the interested developer. No S-, I- or D-User required.

In case you are one of the few that develop apps using Fiori for iOS SDK, ask your manager to get an iPad. The public available SDK documentation is already not easily consumable (use the Fiori Mentor app), does not include complete sample code and comes with missing images.

SAP is now pushing the intelligent enterprise. Let’s hope that it will be intelligent enough to test if the public available documentation is complete.

 

Let the world know

Activate Clickjacking-Framing-Protection service

SAP NetWeaver comes with its own solution to prevent clickjacking for its most relevant UI frameworks. For more information about this protection, see the corresponding SAP Notes.

By default, clickjacking protection is disabled. To activate it, you need to insert a value into table HTTP_WHITELIST.

Insert values into table HTTP_WHITELIST

Transaction: SE16

Check if clickjacking protection service is enabled or disabled. It is disabled, if no record with ENTRY_TYPE=30 is in the table, or if the table is empty.

Table name: HTTP_WHITELIST

Execute

Result

By default, no values are in the table and the service is not enabled. For data that needs to be inserted into table HTTP_WHITELIST, see SAP Note 2142551. Creating an entry type with vale 30 activates the whitelist.

Transaction: SE16

Select F5 or click on the new entry icon.

Insert data. See links below for additional information on possible values.

Click save to persist the entry in the table.

Afterwards, the table will contain one record. As the record has value 30 for column ENTRY_TYPE, the clickjacking protection service is enabled.

Activate ICF whitelist service

Adding a record activates the service, but to make apps working, additional configuration steps must be taken. For instance, accessing now a WDA app (e.g. SAML2) will resolve in a HTTP 500 internal server error. This is caused by having the clickjacking protection activated, but not the whitelist service.

To solve the HTTP 500 error, you need to activate the ICF whitelist service.

Transaction SICF_INST
Technical name: UICS_BASIC

Execute. This will activate the ICF node

/sap/public/bc/uics/whitelist

Result

After enabling the service and the ICF node, the above WDA app will open in the browser.

https://vhcalnplci:44300/sap/bc/webdynpro/sap/saml2

Additional information on setting whitelist entries.

 

Let the world know

How to access UI5 model data

Old habits are not easily dying and replaced by best practices and general recommendations. In the early days, when UI5 started to gain traction, people discovered it, tried it out, wrote apps, made them somehow work. Everybody was learning, and things we can do today were not possible or known then. Changes to the documentation, API and recommendations are simply the result of lessons learned.

As UI5 apps are based around a model, its data, representation and manipulation, a lot of questions around UI5 development are about the model: how to access data, change, update or delete it. A good thing of UI5 is that it is following semantic versioning, and code written for UI5 1.1x or 1.2x will still work with latest versions like 1.5x. It doesn’t mean that you, as a developer, should simply copy & paste example code found somewhere.

Example

After loading the model, be it JSON or OData, you may have to access a specific property in you code. What you can find in the Internet is code like:

oData

var oData = this.getView().getModel().oData;
var firstname oModel.getModel().oData[entity].firstname;
var name = oData[entity].name;

JSON

var oData = this.getView().getModel(“device”).oData;
var osname = oModel.oData.os.name;
var osname = this.getView().getModel().getData().os.name;

First line will give you the model data object, 2nd and 3rd line the property osname of the model. The 3rd line is partly correct, as the access to the data is done through a method, but access to property name is done directly. You can work with the data object now directly, but you shouldn’t. What you want is not to work with the raw data that defines your model, but with properties.

Use access methods

Data binding is important when developing an UI5 app. You update properties, and you want to have the UI elements automatically be updated too. When accessing the properties directly, you have to check if the change is correctly propagated. Using access methods, UI5 will for sure take care of this. The method to access properties of your data model are getData, getProperty or getObject. Applying this to above code:

JSON

var oData = this.getView().getModel().getData();
var osname = this.getView().getModel(“device”).getProperty(“/os/name”);

OData

var entity = this.getView().getModel().getObject("/"+key);
var property = this.getView().getModel().getProperty("/"+key+"/Depth");

This is now only using the methods to access data. To alter the property, use the setProperty method.

OData

this.getView().getModel().setProperty("/"+key+"/Depth", 11.111)

JSON

this.getView().getModel("device").setProperty("/os/name", "windows")

The above examples may not be perfect. They show that UI5 offers methods to access model data. Using these methods your code will continue to work in the future and is guaranteed to work in future releases of UI5. Direct access to the model data is done at your own risk. In case you work on a UI5 app, use the access methods. If you work on an older app that uses direct access to the model, try to refactor the app. The change from oModel.oData to oModel.getData() is as simple as executing a find and replace.

 

Let the world know

SAP Web IDE: Invalid backend response received by SCC

Connectivity between SAP Cloud Platform and an on premise SAP NetWeaver system is normally achieved via SAP Cloud Connector. A nice feature depending on this is the remote connection of SAP Web IDE to an on premise ABAP system. The feature allows to easily load apps from the ABAP system and change or extend them from everywhere.

For this feature to work, some ICF services must be active on the ABAP system and remote access enabled on SCC. If not, Web IDE cannot “talk” to NW ABAP. Some possible errors and solutions regarding the setup are shown in this blog.

Scenario

A NetWeaver ABAP system with Fiori apps is available and the SAP Cloud Connector is configured to expose the system to SAP Cloud. I am using the SAP NetWeaver ABAP 7.51 Developer Edition for the scenario.

In the destination section of SCP, the SCC is shown as connected and the destination NPL is configured and working. A connection tests gives back a successful message: SCP <–> SCC <–> NW works.

Problem

A developer tries to extend a Fiori app. In Web IDE, the project wizard for an extension project is used.

After selecting the on premise system destination, an error message is displayed. The actual error message can differ. Sometimes you see an informative error message or just some red text or maybe nothing.

Error messages

In all cases, you can check the log of SCC and see a detailed information on the error.

The error message is:

Access denied to /sap/bc/adt/discovery for virtual host npl:443

Solution

The ICF service /sap/bc/adt/discovery is not accessible. This can be because the user does not have the right permissions, or the service is not active in the NW system, or SCC is not exposing the service.

Alternative A: SCC not exposing service

Adding a service in SCC will only expose the exact path, not the sub path. Either you add all paths exactly in the resource list, or change the access policy to accept sub-paths too.

Root cause: Path only, excluding sub-paths.

Solution: Change this to will allow Web IDE to access the resource.

Alternative B: ICF service not active

In the NW ABAP system, got to transaction SICF and check node /sap/bc/adt. This node must be activated. By default, this node is deactivated and must be activated by Basis.

Root cause: Service deactivated

Solution: Activate node adt. Right click and select Activate Service.

Alternative C: Missing authorization

Check with SU53 and SAP Help what is missing and assign the right permissions to your user.

Result

After applying the correct solution, the developer can use the extension project wizard in SAP Web IDE to load available applications.

 

Let the world know

Reset password for SAP Web Dispatcher user

It happened. You do not remember anymore the password created by SAP Web Dispatcher (WD) during bootstrap operation. While this is not bad (who can remember a password like aR$#¨%_09fms!” anyway?) and normally your browser safes it for you (hm, maybe not so good) or your password safe (better). But the password is gone, you cannot log on anymore to WD admin interface. No worries, if you have access to the computer where WD is running, you can either

  1. Get the icmauth.txt file and try to hack the password or
  2. Create a new password for your user.

I prefer option b.

The documentation at SAP Help for this gives you some options, like recreate the configuration (bootstrap) and you’ll get a new password for the icmadm user.

  • Creating Administration Users SAP Help

The online documentation for this section only mentions icmon, but for Web Dispatcher you have to use wdispmon. The authors explain this at the parent page of the topic and justify it that this makes things easier. I am not sure to whom, but definitely not for the person reading the guide, as you have to read the parent page to find out why icmon is not available for WD. Note: the page is for WD and still the documentation is using commands for ICM for NetWeaver ABAP #yay.

Content of the icmauth.txt file looks like:

# Authentication file for ICM and SAP Web Dispatcher authentication

icmadm:{SHA384}z3Lq992UB3lmK3F5dND266RBGU1S2xflxQOtSJn4irawcIce+Xo:admin

Field 1 Field 2 Field 3
icmadm is the user {SHA384}z3… is the encrypted password of the user admin is the group of the user.

To change the password of the user icmadm you have to use the wdispmon command with the –a flag. Also provide the path to the WD profile file.

Command: wsdispmon –a pf=sapwebdisp.pfl

Enter c to change the password of an existing user.

Inform the new password. As of now, the new password will not be available to WD, as it is not saved to icmauth.txt. To persist the new password you have to save it. To do so, select s from the menu.

Do not worry, a copy of the old file will be created (in case your co-worker still has the old password). With this done, you can exit the program. Select q from the menu.

(Not sure if you have to restart WD, but I did.) Now you can log on using the new password to WD. Access your WD admin page and log on using icmadm and the new password.

https://localhost:4300/sap/wdisp/admin/public/default.html

Let the world know