SAP CDS DCL ACCESS CONTROL CON

Get Example source ABAP code based on a different SAP table
  SAP Help

SAP_ONLY

ABAP_CDS_DCL - DEFINE ROLE, access_control_context
The CDS access control context is a hierarchical data structure with nodes that can have other nodes and values as child nodes.
It is created by special frameworks to provide access roles with specific information about the type of data selection that is actually being performed so that the access control can react in a particular way.
For example, a framework might choose to communicate that the current SELECT statement performs aggregations, on which fields these aggregations are performed, and by which fields the result is grouped. An access role can use this information to apply different access control to the aggregated data selection than to the raw data selection.
Since the ownership of the access control lies with the frameworks that use this mechanism, the documentation here only describes the technical foundation, but cannot make any statements about which frameworks use the access control context, and in particular what data they fill the access control context with. This information must be obtained from the documentation of the respective framework.
ABAP_NOTE Currently, no frameworks use the access control context. In particular, AB-SQL does not populate the access control context.
Read the following sections for further details:
SUBNODES