Book Image

Oracle APEX Cookbook : Second Edition

Book Image

Oracle APEX Cookbook : Second Edition

Overview of this book

Related Content you might be interested in

Current Title:

Small book image
Oracle APEX Cookbook : Second Edition
Oct, 2013 | 444 pages
No titles found
Table of Contents (21 chapters)
Oracle APEX Cookbook Second Edition
Oracle APEX Cookbook Second Edition
Credits
Credits
About the Authors
About the Authors
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
Creating a Basic APEX Application
Creating a Basic APEX Application
Introduction
Creating an APEX 4.0 application
Creating a simple form page
Creating a simple report
Implementing an interactive report
Creating a chart
Creating a map chart
Creating a navigation bar
Creating a list of values
Including different item types
Protecting a page using an authorization scheme
Securing an application with Authentication
Controlling the display of regions and items with Dynamic Actions
Creating a computation
Creating an automated row fetch with a page process
Putting some validation in a form
Creating a report with PL/SQL Dynamic Content
2
Themes and Templates
Themes and Templates
Introduction
Creating your own theme
Importing a theme
Creating a custom template
Including images in your application
Referencing CSS classes in your application
Controlling the layout
3
Extending APEX
Extending APEX
Introduction
Adding JavaScript code to your application
Creating a tag cloud with AJAX
Creating visual effects with JavaScript libraries
Enhancing your application with the Google API
Including Google Maps
Embedding multimedia objects in your application
Creating a region selector
Sending mail via APEX
Uploading and downloading files
Calling APEX from an Oracle Form
Creating a data upload page
Using shipped files
4
Creating Websheet Applications
Creating Websheet Applications
Introduction
Creating a websheet application
Creating a page in a websheet
Adding a navigation section to a page
Implementing a datagrid
Allowing multiple users access to a websheet
Creating an enhanced datagrid from a spreadsheet
5
APEX Plug-ins
APEX Plug-ins
Introduction
Creating an item type plug-in
Creating a region type plug-in
Creating a dynamic action plug-in
Creating a process type plug-in
Creating an authorization plug-in
6
Creating Multilingual APEX Applications
Creating Multilingual APEX Applications
Introduction
Creating a translatable application
Using XLIFF files
Switching languages
Translating data in an application
7
APEX APIs
APEX APIs
Introduction
Updating a table with the hidden primary key
Reading a checkbox programmatically
Creating help functionality with apex_application.help
Counting clicks with apex_util.count_click
Setting default item settings with apex_ui_default_update
Creating a background process with apex_plsql_job
8
Using Web Services
Using Web Services
Introduction
Creating a SOAP web service reference
Creating a REST web service reference
Building a page on a web service reference
Publishing a RESTful web service
9
Publishing from APEX
Publishing from APEX
Introduction
Exporting to a comma-separated file
Creating a PDF report
Creating a report query
Creating a report layout using Oracle BI Publisher
Linking the report layout to the report query
Calling a report from a page
10
APEX Environment
APEX Environment
Introduction
Setting up a development environment using subscriptions
Debugging an APEX application

Debugging an APEX application remotely
Deploying an application with SQL Developer
Setting up version control with APEX and SVN
Setting up a production environment using an Apache proxy
Setting up the APEX Listener on Tomcat
Creating an error handling
Using packaged applications
11
APEX Administration
APEX Administration
Introduction
Creating a workspace manually
Creating a workspace by request
Creating a user
Adding a schema to your workspace
Setting up a system message
Setting up a workspace announcement
Setting up news items on the home page
Creating a site-specific task list
Creating a public theme
Locking a workspace
Creating table APIs
12
Team Development
Team Development
Introduction
Creating a list of features
Creating and assigning To-dos
Keeping track of bugs in the Bugtracker
Creating Milestones
Using Feedback
Using follow-ups
13
HTML5 and CSS3
HTML5 and CSS3
Introduction
Using a responsive HTML5 and CSS3 template
Creating a form with HTML5 item types
Creating a UI with drag-and-drop
Creating storage events
Geolocation – creating a tracker
Creating a video plug-in
Creating HTML5 charts
14
Mobile
Mobile
Introduction
Creating a smartphone application
Creating a hybrid application
Creating a list view report
Creating a mobile form
Using mobile item types
Creating a mobile calendar
Creating a date scroller with the Mobiscroll plug-in
Uploading images using the camera on the device
Using jQuery Mobile to fetch current GPS location
Creating swipe events
Index
Index

Protecting a page using an authorization scheme

In some cases, you might want to restrict access to certain parts of your application to certain users. For example, not everyone should have access to the Form Page where you can alter the salaries. In such a case, you can protect your page using an authorization scheme.

Getting ready

Before starting with the recipe you should have a table created in the database with usernames and roles. Let's say you have the following table APP_USERS:

ID       NUMBER(5)
USERNAME VARCHAR2(50)
PASSWORD VARCHAR2(50)
ROLE     VARCHAR2(10)

The table contains two rows. One is a user with admin privileges (role is ADMIN). The other one is a user with the no extra privileges (role is DEFAULT).

How to do it...

  1. Go to Shared Components.

  2. Click on the Authorization Schemes link. You can find it in the Security section.

  3. Next, you might see the authorization schemes that have already been created. If no authorization schemes have been created in the past, you see an empty page. Click on the Create button.

  4. Next, select From Scratch and click on Next.

  5. Next, enter a name for this authorization scheme and enter the conditions in the Authorization Scheme section.

    In our case, we name the scheme AUTH_ADMIN. The scheme type could be a PL/SQL function returning Boolean or an EXISTS SQL query. You have to create this function or query by yourself. The code could be included in the Expression 1 textarea but you can also make a call to a function stored in the database. In our case, we put the code in here and we choose for the EXISTS SQL query. You see the query as follows:

    select 1
from   app_users 
where  username = :APP_USER 
and    role = 'ADMIN'
[9672_01_11.txt]

    The query returns 1 if the username is the current user (:APP_USER) and the user has admin privileges.

  6. Also, enter the error message APEX should display if the query returns no rows. Click on the Create button.

  7. In the Evaluation Point section, select Once per page view to validate the authorization scheme. This will make APEX check the authorization for every call that is made to pages (or other components) using this scheme.

  8. The other option is Once per session. This is much more efficient, because the check is only done once (at the start of the session). But when it's possible that the session state changes or there is anything else that is not consistent during the session, this option is not reliable.

  9. The authorization scheme is now ready. Now, page access must be restricted by this authorization scheme.

  10. Go to the page that requires authorization and click on the Edit icon (the pencil) in the Page section.

  11. Go to the Security section and select the Authorization Scheme we just created (AUTH_ADMIN) in the Authorization Scheme list element.

That's it. The page now requires authorization to be accessed. Run the page to see how it works. Also see what happens if you do an update on the APP_USERS table:

update app_users
set    role     = 'DEFAULT'
where  username = ...;

Or

update app_users
set    role     = 'ADMIN'
where  username = ...;
[9672_01_12.txt]

Don't forget the commit.

How it works...

Every time you navigate to this page, APEX executes the query in the Authorization Scheme. If the query returns one row, everything is fine and the user is authorized to view this page. If the query returns no rows, the user is not authorized to view the page and the error message is displayed.

There's more...

You don't have to go to the Shared Components to create an Authorization Scheme. It can also be done when you are on a page. In the Security section on the right-hand side of the screen, click on the Add icon. The Create Authorization Scheme wizard will be started.

Previous Section
End of Section 12
Next Section