How does on implement Oracle Apex region authorization

好久不见. 提交于 2021-02-11 13:41:17

问题


The bind variable :app_region_id works region however it does not work for the authorization scheme

SQL statement for region

SELECT  WORKSPACE,APPLICATION_ID , PAGE_ID, REGION_ID, REGION_NAME,AUTHORIZATION_SCHEME, :app_region_id
from apex_application_page_regions 
where region_id = :app_region_id

Authorisation scheme
Scheme type: Exists SQL Query
SQL Query:

Select  1
from apex_application_page_regions 
where region_id = :app_region_id; 

which bind variable should I use to achieve region authorization. The code that I wanted to implement, it does not return the desired results

Select 1
    from AD_GRP_APEX_REGION_ASSOC r,
       AD_GRP_EMP e
    where  e.ad_grp = r.ad_grp
    and e.user_id =  :app_user
    and r.region_id = :app_region_id

回答1:


The variable :app_region_id is not a global variable in the same way as :APP_USER. Authorization schemas only work with global variables which are associated to the SESSION, not to a element in a page ( such is a region ). Besides that, it does not make any sense to have it because you use AUTHORIZATION SCHEMAS to limit access to different components in your application. Let me show how to apply authorization schemas to regions in Oracle Apex.

Let's imagine I have a test application with three regions:

  • Region 1 shows one field of a query ( one row )
  • Region 2 shows another field of a query ( one row )
  • Region 3 only shows a message ( static content )

Without any authentication schema, it shows this

Now, let's create an authorization schema example that derives who is the user and based on this will show only region 3. In my case my application uses the authentication schema by default ( apex users ) so the user logged is always assigned to the global variable :APP_USER.

Application Builder --> Shared Components --> Authorization schemas

Authorization Schema --> MY_TEST
Type --> Exist SQL QUERY 

select 1 from dual where exists  ( select user_name from apex_workspace_apex_users where workspace_name = 'MY_WORKSPACE' and user_name = upper(':APP_USER') )

This authorisation schema will forbid to see a region when the user exists, so basically for everybody, obviously I am doing it just for testing purposes.

Then I modified attributes of REGION 1 and REGION 2 , changing the authorization schema to MY_TEST

Now, when I execute the application , I can only see the region3 in the page.



来源:https://stackoverflow.com/questions/63148102/how-does-on-implement-oracle-apex-region-authorization

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!