Most Recent SAP C_ABAPD_2309 Exam Questions & Answers

An Access Control Object (ACO) is a CDS annotation that defines the access control rules for a CDS view entity.An ACO consists of one or more clauses that specify the role name, the data source, the access conditions, and the return code of the authority check12. Some of the clauses that are used in an ACO are:

Where (to specify the access conditions): This clause is used to define the logical expression that determines whether a user has access to the data source or not. The expression can use the fields of the data source, the parameters of the CDS view entity, or the predefined variables $user and $session.The expression can also use the functions check_authorization and check_role to perform additional authority checks12.

Define role (to specify the role name): This clause is used to assign a name to the role that is defined by the ACO. The role name must be unique within the namespace of the CDS view entity and must not contain any special characters.The role name can be used to reference the ACO in other annotations, such as @AccessControl.authorizationCheck or @AccessControl.grant12.

Revoke (to remove access to the data source): This clause is used to explicitly deny access to the data source for a user who meets the conditions of the where clause. The revoke clause overrides any grant clause that might grant access to the same user.The revoke clause can be used to implement the principle of least privilege or to enforce data segregation12.

You cannot do any of the following:

Grant (to identify the data source): This is not a valid clause in an ACO. The grant clause is a separate annotation that is used to grant access to a CDS view entity or a data source for a user who has a specific role.The grant clause can reference an ACO by its role name to apply the access conditions defined by the ACO12.

Return code (to assign the return code of the authority check): This is not a valid clause in an ACO. The return code of the authority check is a predefined variable that is set by the system after performing the access control check.The return code can be used in the where clause of the ACO to specify different access conditions based on the outcome of the check12.

The ABAP Cloud Development Model is the ABAP development model to build cloud-ready business apps, services, and extensions. It comes with SAP BTP and SAP S/4HANA.It works with public or private cloud, and even on-premise1.However, the complete ABAP Cloud Development Model, including the cloud-optimized ABAP language and public local SAP APIs and extension points, is available only in SAP BTP ABAP Environment and in the 2208/2022 versions of the SAP S/4HANA editions1. Therefore, you must use the ABAP Cloud Development Model in SAP BTP, ABAP environment and SAP S/4HANA Cloud, private edition. You can also use it in SAP S/4HANA on premise, but it is not mandatory.You cannot use it in SAP S/4HANA Cloud, public edition, because it does not allow custom ABAP code2.Reference::1: ABAP Cloud | SAP Blogs2: SAP S/4HANA Cloud Extensibility -- Overview and Comparison | SAP Blogs

The response will be an activation error because the field names of the union do not match. This is because the field names of the union must match in order for the definition to be activated. The union operator combines the result sets of two or more queries into a single result set.The queries that are joined by the union operator must have the same number and type of fields, and the fields must have the same names1. In the given code, the field names of the union do not match, because the first query has the fields carrname, connid, cityfrom, and cityto, while the second query has the fields carrname, carrier_id, cityfrom, and cityto. The field connid in the first query does not match the field carrier_id in the second query. Therefore, the definition cannot be activated.

Secondary keys are additional keys that can be defined for internal tables to optimize the access to the table using fields that are not part of the primary key. Secondary keys can be either sorted or hashed, depending on the table type and the uniqueness of the key.Secondary keys have the following characteristics1:

A . Secondary keys must be chosen explicitly when you actually read from an internal table. This means that when you use a READ TABLE or a LOOP AT statement to access an internal table, you have to specify the secondary key that you want to use with the USING KEY addition. For example, the following statement reads an internal table itab using a secondary key sec_key:

READ TABLE itab USING KEY sec_key INTO DATA(wa).

If you do not specify the secondary key, the system will use the primary key by default2.

B . Multiple secondary keys are allowed for any kind of internal table. This means that you can define more than one secondary key for an internal table, regardless of the table type. For example, the following statement defines an internal table itab with two secondary keys sec_key_1 and sec_key_2:

DATA itab TYPE SORTED TABLE OF ty_itab WITH NON-UNIQUE KEY sec_key_1 COMPONENTS field1 field2 sec_key_2 COMPONENTS field3 field4.

You can then choose which secondary key to use when you access the internal table1.

D . Sorted secondary keys do NOT have to be unique. This means that you can define a sorted secondary key for an internal table that allows duplicate values for the key fields. A sorted secondary key maintains a predefined sorting order for the internal table, which is defined by the key fields in the order in which they are specified. For example, the following statement defines a sorted secondary key sec_key for an internal table itab that sorts the table by field1 in ascending order and field2 in descending order:

DATA itab TYPE STANDARD TABLE OF ty_itab WITH NON-UNIQUE SORTED KEY sec_key COMPONENTS field1 ASCENDING field2 DESCENDING.

You can then access the internal table using the sorted secondary key with a binary search algorithm, which is faster than a linear search3.

The following are not characteristics of secondary keys for internal tables, because:

C . Hashed secondary keys do NOT have to be unique. This is false because hashed secondary keys must be unique. This means that you can only define a hashed secondary key for an internal table that does not allow duplicate values for the key fields. A hashed secondary key does not have a predefined sorting order for the internal table, but uses a hash algorithm to store and access the table rows. For example, the following statement defines a hashed secondary key sec_key for an internal table itab that hashes the table by field1 and field2:

DATA itab TYPE STANDARD TABLE OF ty_itab WITH UNIQUE HASHED KEY sec_key COMPONENTS field1 field2.

You can then access the internal table using the hashed secondary key with a direct access algorithm, which is very fast.

E . Secondary keys can only be created for standard tables. This is false because secondary keys can be created for any kind of internal table, such as standard tables, sorted tables, and hashed tables. However, the type of the secondary key depends on the type of the internal table.For example, a standard table can have sorted or hashed secondary keys, a sorted table can have sorted secondary keys, and a hashed table can have hashed secondary keys1.