Reputation: 67
Oracle Apex - Custom Authorization Scheme
I am a beginner to Oracle Apex.
How would I go about creating a custom Authorization scheme? The process should occur as below:
If the user does not have a certain role in database, a modal form should pop-up for creating an access request for that page.
Essentially, some row should get inserted into some table as a pending record of request. How do I do this using existing functionalities in oracle apex 19.1 ?
Upvotes: 2
Views: 775
Answers (2)
Reputation: 1033
Here is how I would approach it. It doesn't do a redirect to a page, but just rejects you and you can have a separate page elsewhere for requesting authorizations.
Set up an Authorization Scheme and set the page(or pages) to follow that scheme, so they cannot be accessed unless the scheme passes.
Then you set up a table of authorizations with three columns: user, page, date.
And set the authorization scheme to check if user is in the table for that page and the date is either empty or larger than sysdate(authorization has not yet expired).
And you have a page somewhere where people can request authorization for this authorization scheme, you can permit it and write them into the table, along with a date of expiry if their permission is temporary.
Upvotes: 3
Reputation: 5035
Here's how I'd think through the problem.
I need to protect each page, but not necessarily through declarative techniques, because of this requirement you describe - some sort of redirect, instead of a standard message.
I could define something that could check each page load.
Check out slide 62 of this presentation
Here I define an applicaiton process that checks a relevantly designed table, and redirects if necessary. I'm not sure if this would also work for a modal page, but you could try it.
You could display a region on the the page you redirect to that facilates the request, maybe as as a button on the alert region.
All these concepts would have existed since I started using 3.x, except the ease of the modal dialog... it's now a matter of defining the appropriate table. Perhaps along the lines of
page_auth (
app_id number not null
,page_id number not null
,app_user varchar2 not null
,requested date not null
,approved date
,approved_by varchar2
,revoked date
,revoked by
)
Upvotes: 3
Related Questions
- Oracle APEX Custom Authentication Scheme User Role
- Custom authorization for pages in oracle apex
- Multiple Authorization Scheme on one Apex page
- oracle apex 18.2 custom authentication and authorization
- custom authentication in oracle apex login page
- Custom Authentication in Oracle APEX
- APEX custom database authentication
- Oracle Apex 5.1 custom authorization scheme that only the user can view the data that is inserted on a table
- APEX 5 Authorization Scheme specific user
- APEX Authorization at PL/SQL level