Using Apex Authorization schemes in PL/SQL

The problem with using APEX authorization schemes in PL/SQL has been addressed several times in blogs and forums, but we occasionally still get questions on how to solve this:

I have a page where users with admin roles can modify data and other users can only view it. Hiding the button to save the record is easily done with an authorization scheme:

 

janw_readonly_01

However, now I want my items to be displayed as “Read Only” too. There is no option to select your authorization scheme, but Apex wouldn’t be Apex if there hadn’t been an easy solution.

The function “apex_authorization.is_authorized(‘authoutization_scheme’)” does the trick. It will check the authorization scheme and return a boolean. Add a small PL/SQL block in the Read Only-part of your item like this:

janw_readonly_02

Now your item is read only for persons without the admin role.

Some additional information:

With this function it’s also possible to combine multiple authorization schemes:
IF apex_authorization.is_authorized(‘isAdmin’)
OR apex_authorization.is_authorized(‘isWrite’)
OR :P3000_USER = ‘TEST’ THEN
RETURN FALSE;
ELSE
RETURN TRUE;
END IF;
Attention: if you want to use this functionality prior to Apex 4.2, you need to use “apex_util.public_check_authorization“!

Original article by: Jan Willems   url:  http://blog.iadvise.eu/2014/12/12/using-apex-authorization-schemes-in-plsql/

FacebookTwitterGoogle+LinkedInBookmark/FavoritesEmail

No comments

Geef een reactie

Het e-mailadres wordt niet gepubliceerd. Verplichte velden zijn gemarkeerd met *

De volgende HTML tags en attributen zijn toegestaan: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>