Authorization scheme to prevent access to a specific page

Use of authorization scheme.

The roles page is only to be used by a very small subset of users of this application.  An authorization scheme was created in shared components and applied to the roles page:

select 'x' from ui_admin_users admin, ui_roles roles
where roles.role_name = 'role_admin'
and admin.email_address = lower(:APP_USER)

Scheme type: Exists SQL Query

Error message: You must be a role administrator to maintain roles.

Comments

Post a Comment

Popular posts from this blog

Roles Page - Validations and Primary Key

Roles page is a master detail pair of Interactive Grids. Master is the Roles. Detail is the Admins. In the Roles IG properties, the Master Region is the Roles Region.  This appears to be the only setting required to do the master detail coordination. Validations required role_name - must be lower case, alphabetic characters, numerals and underscore.  No leading or trailing spaces. role_id - populated from sequence. email_address - must be lower case with @oracle.com the domain, No leading or trailing spaces. admin_id - populated from sequence.  This column was added to get the master detail coordination working in Apex, normally I wouldn't have used it, the original admin primary key of role_id with email_address didn't work in apex, the email address field would get populated with text of t100x by default. It seems there is some setting possibly of user updateable columns that I found on googling the issue but didn't play with it. role_description - requi...
Read more

Database triggers and Application Express

On the use or not of database triggers.  I've held a view that triggers have a narrower scope than many in the Oracle world.  This view has been challenged in my use of Apex.  Triggers have some significant limitations. - While Oracle allows multiple triggers of the same type to be created, it's not possible to control the order of the firing of triggers.  Why does this matter? If you are integrating to an existing system that has triggers, your trigger might fire before the existing trigger, or after. No assumptions can be made. - Triggers are quite difficult to debug. - Triggers can be disabled thus bypassing all trigger logic. - If integrating to an existing system, you may not have access / privileges to create triggers. Some have said these "limitations" are contrived / atypical.  That may be the case, my background is in Oracle Education (originally) and as a trainer I learned all of the capabilities and limitations of triggers.  My role is ...
Read more