ADF BC Entity Object read security

Similar Messages

• Bug:  ADF BC Entity Object entity level validator on dates

  Hi JDev team
  I'm having an issue getting the ADF BC EO entity level compare validator to work on Date columns in JDev 11g TP and suspect a bug.
  Steps to reproduce:
  1.     Create EO based on table with 2 Date attributes, eg. StartDate and EndDate both domain Date.
  2.     In the EO editor, under General tab, select create button for Validation Rules.
  3.     In Validation Rule dialog.......
  4.     Select Compare Validator
  5.     Select StartDate as attribute
  6.     Select LessOrEqualTo as operator
  7.     Select Entity Attribute as compare with
  8.     Select EndDate in Select Entity Attribute list
  9.     Change to Validation Execution tab
  10.     StartDate should already by in Selected Attributes list
  11.     Also move EndDate to Selected Attributes list
  12.     Change to Failure Handling tab
  13.     Ensure Error is selected for Validation Failure Severity
  14.     Enter an error message in the Message Text field
  15.     Select ok button.
  Within Business Components Browser for an existing record, setting the StartDate >= EndDate then commit does not raise an error. I'm guessing we should see an error.
  I've attempted the same with 2 Number domain attributes and the error is correctly raised, so I suspect the error is with the Data domains.
  Regards,
  CM.

  Can no longer reproduce this bug in the JDEVADF_MAIN_GENERIC_070607.0749.4562 build I have on my machine today, so it has been fixed post-JavaOne tech preview.

• Customizing Entity Object SQL Query prior to Insert?

  I am using an ADF BC Entity Object to store values from a multi-page form input process.
  At the end of the process, I plan to call a method that will programmatically take the values from the Entity Object and insert a new row to the database. I need to customize the query to add an encryption function to the insert for one of the fields. For example, instead of 'INSERT password' I need the SQL to be 'INSERT encrypt_fct(password)'.
  Is this possible and if so how?
  thanks

  Hi javaX
  Easiest way of achieving this in ADF BC is overriding the doDML method in your underlying EO's EntityImpl class. The following gives an example, assuming a table called users with username & password columns, where you wish to encrypt the password column with a SQL function named encrypt_fc:
  protected void doDML(int operation, TransactionEvent transactionEvent) {
    if (operation == DML_INSERT) {
      CallableStatement statement = null;
      String insertDML =
        "INSERT INTO users (username, password) VALUES (?,encrypt_fc(?))";
      statement =
        getDBTransaction().createCallableStatement(insertDML, 1);
      try {
        // Bind the statement parameters and execute the statement
        statement.setString(1, getUsername().toString());
        statement.setString(2, getPassword().toString());
        statement.execute();
      } catch (Exception ex) {
        throw new oracle.jbo.JboException(ex);
      } finally {
        try {
          statement.close();
        } catch (Exception nex) {
          /* Ignore */
    } else // operation == DML_UPDATE || DML_DELETE
      super.doDML(operation, transactionEvent);
  }Another way is to include the code for your encrypt function in your ADF model project. By this I mean convert the encrypt function to Java, then add it as a piece of code to your EntityImpl or a more generic library if needed elsewhere. This way you don't have to modify the doDML, but rather the EO setter routine to call your encyption function, and the unencrypted password isn't passed between ADF and the DB.
  Hope this helps.
  CM.

• Refreshing Entity Objects after Altering the table

  Hi,
  My Entity Object is based on a table... and View Objects on the Entity Objects. Now if I alter the table (just changing the width of the column), that change is not visible on the Entity Object. Is there any way I can automatically refresh the Entity Objects after altering the table(only column width is changed).
  (Changes made to Entity Objects manually are reflected in the View Object correctly.)
  Regards
  Faiyaz

  'changing the width of the column' means changing the size of the column in the table description in the database. For e.g.. In the original table I had a column OIL_KEY NUMBER(6). Now I change the column to be of size 12 i.e. OIL_KEY NUMBER(12). This does not get refreshed in the Entity Object.

• ADF Entity Object: Securable Operation "Create"?

  Hello,
  I have the following scenario: Within one view I have a table bound to a view object that bases on an entity object. The view also contains a "create insert" button.
  Now I want to secure the "create insert" operation with a certain application role. However, within the entity object I can only activate the removeCurrentRow, read and update options as securable operation. Is there any way to control the creation of new items?
  Regards,
  Michael

  Hi.
  welcome to forum!
  Maybe this post can be useful http://andrejusb.blogspot.com/2011/03/how-to-enable-create-operation-security.html

• Can Designer generate ADF Entity Objects, View Objects and Apps Module ?

  Hi all,
  On what way can Designer integrate with JDeveloper (+ ADF) ?
  Can Designer generate ADF Entity Objects, View Objects and Apps Module ?
  Thank you for your help,
  xtanto

  Designer itself has no direct integration with JDeveloper. However, there are three options. First of all, you can get a JDeveloper extension (download this separately) that lets you create a Connection to a Designer repository. From that Connection you can find modules that you defined in Designer and generate Entity and View objects for the tables and columns that you used in those modules, and an Application Module. It does not create JSPs or other user interface objects.
  Another option is to buy JHeadstart from Oracle. This contains a set of code generators and ADF extensions that include an ability to get information from a Designer repository. JHeadstart works fine for non-Designer users too, but was built by the same people who wrote Designer Headstart - they know the repository API intimately.
  The third option is to download Oracle Designer Extension Builder (ODEB) which was just recently made available. This is a product of a collaboration between Designer users from the Oracle Development Tools Users Group (ODTUG) and Oracle to extend the capabilities of Designer with user written tools and utilities. You could use ODEB to write your own generators for ADF Business Components. Or you could wait and see if someone else in the user community does this. I hope that you or whoever does such a generator will be willing to share it with us all.

• ADF: use of view link Accessor in Entity Object = always null?

  Hi,
  JClient 9.0.5.2, adf model.
  I would like to use the view link accessor method in the master EO to retrieve detail EO values and the view link accessor method in the detail EO to retrieve master EO values.
  Detail Rule:
  In the detail EO an attribute is derived from an attribute of the master EO: detail attribute = master attribute.
  Master Rule:
  In the master EO an attribute is derived from the detail EO: master atribute set to 0 if detail EO exist else set to 0.
  Tables:
  Table Master => MasterEO => MasterVO
  - masterPK (not updateable)
  - masterField (not updateable)
  - hasDetailsFlag
  Table Detail => DetailEO => DetailVO
  - detailPK (not updateable)
  - masterPK => foreign key (not updateable)
  - masterField (query only)
  MasterDetailLink based on foreign key.
  In link wizard I asked for the generation of following accessors in the source & destination Entity Objects:
  In DetailEO accessor name: RetrieveFromMaster
  In MasterEO accessor name: RetrieveFromDetail
  In the DetailEO, I asked for the generation of the DetailEOImpl file, accessors and create method.
  As wriiten in the file, before the create method:
  ** Add attribute defaulting logic in this method. **
  I tought this is the place to retrieve the master attribute:
  The code:
  MasterVORowImpl masterVO = getRetrieveFromMaster();
  if (masterVO == null)
  System.out.println("MasterVORowImpl masterVO create NNNNNNNNNNNUUUUUUUULLLLLLLLLL");
  The masterVO is always null?
  I suppose I didn't understand something, my guest is that ViewObjects may not be used for default logic?
  I know how to implement those rules in the database with triggers.
  I think that the data I need for implementing those rules exist somewhere at the ADF level so retrieving the data from the db is not necessary?
  Could somebody give some clues?
  I didn't find a similar example in the Business Rules in BC4J document.
  Your help will be appreciated
  Frederic

  Hi,
  Detail Rule, copy attribute value form master.
  In DetailEOImpl:
  protected void create(AttributeList attributeList)
  setAttribute(MASTERFIELD,this.getMaster().getMasterField());
  super.create(attributeList);
  Master rule, set flag to 0 if no details else set to 1.
  In the MasterEOImpl added method to check if detail row exists based on Row Iterator => no db retrieval?
  This method also sets the flag accordingly:
  protected void checkHasOtherDetails()
  oracle.jbo.RowIterator ri = this.getRetrieveFromdetail();
  ri.last();
  // last() must be called else hasNext() returns true even on last delete ???
  Number hasDetails = Constants.NUMBER_NO; // = 1
  if (ri.hasNext() || ri.hasPrevious())
  hasDetails = Constants.NUMBER_YES; // = 0
  if (!getHasDetailsFlag().equals(hasDetails)) {
  this.setHasDetailsFlag(hasDetails);
  I call this method in the remove method of the detailEOImpl:
  public void remove()
  this.getRetrieeFromMaster().checkHasOtherDetails();
  super.remove();
  To set the flag I added follwoing code in the create method of the DetailEOImpl:
  protected void create(AttributeList attributeList)
  setAttribute(MASTERFIELD,this.getMaster().getMasterField());
  **** ADDED ***
  Number masterHasDetailsFlag = getRetrieveFromMaster().getHasDetailsFlag();
  if (!masterHasDetailsFlag.equals(Constants.NUMBER_YES)) {
  getRetrieveFromMaster().setHasDetailsFlag(Constants.NUMBER_YES));
  super.create(attributeList);
  One more question:
  Is there a danger of calling last() on row iterators in create/update/remove methods of *Impl files?
  => current row changed => any effect on display in JPanel
  Thanks
  Frederic
  PS All variable/method/class names have been manually renamed in this code so some small syntax problems may exist.

• Should ADF Entity Object Map to Database Table or View?

  We are building a new 3-tier JClient/ADF application. We have mapped most entity objects directly to database tables. Now that we are preparing to deploy, our DBA is angry; he believes that all entity objects should be mapped to database views. The developers see this as a headache, UML can not forward/reverse changes, and now we have another layer of abstraction, which doesn't seem to serve a useful purpose. What is the best practice in a new 3-tier application?

  Hi,
  I'm still having problems but I found out why these tables are returning errors. The username I've been given by the DBA to connect to the database is CONSULTA, but this user is only for querying purposes, the actual objects reside on a differente schema, of course, which is PROD. So the line:
  "CONSULTA"."ESTADOS"@"PROD@AYADEV_LOCATION" "ESTADOS"
  raises an exception because the table ESTADOS is not located on that schema, but on PROD. If I query the table from SQL Plus with:
  SELECT *
  FROM [email protected]@AYADEV_LOCATION
  then there's no problem at all.
  Why is this? How do I instruct OWB to point to the correct schema or to avoind fully qualifying the table name?
  Please help me, I'm kind of confused here.
  Best Regards,
  --oswaldo.
  [osantos]

• Possible?Multi-Entity View Object with one Entity Object that is Read-only.

  I know this sounds crazy, but I would like to create a multi-entity view object, where one entity object is based on a table in my application (we'll call it "Users", which basically stores the primary key for the person from the institutional people database), and the other table is a entity object based on a view of the institutional people database table (read only access), which we can call "People".
  I know that since no updates will be done to the People table, it really should be a read-only View Object, but I would lose the ability to sort on attributes like Last Name, Hire date, etc, since those would be transient attributes in my ViewObject for the Users. By having People as an entity object, I can then create a multi entity view object and have the ability to join Users to People and be able to sort on the above mentioned fields (like Last Name).
  The problem is that when I use the JDev (I'm currently using 10.1.2.1) AppModule BC4J tester, when I click on the multi-entity view object that I added to the AppModule it gives me an error:
  oracle.jbo.RowCreateException) JBO-25017: Error while creating a new entity row for People.
  ----- LEVEL 1: DETAIL 0 -----
  (java.lang.InstantiationException) null
  I have tried to change all the attributes to updateable in my entity object, but no create method, and I have tried to make them all read-only, but no effect, I get the same error (probably because the People view is read-only in my schema).
  Is there a way to change the entity object so that it will not try to create a new row when it runs the Tester? So that the multi entity view object behaves more like a view link, but gives me the added bonus of being able to sort on the Last Name column from the People table?
  Thanks for any help on this subject...at worst, I will have to use the view link method to get the job accomplished, but it would be "cooler" if this would work!
  Jeremy.

  Steve, thanks for your quick response to my question.
  To answer your questions, I was trying to create the Multi-entity View Object to give me more flexibility when working with my User table, and my People view. The flexibility I desired was that I would be able to sort my Users based on attributes in the People view. This is not possible when the there is only one Entity in my VO, and the People view data are all transient attributes, because they are not in the SQL statement.
  Ultimately, after working with one of my colleagues, we decided to use the approach that you mentioned by creating a read-only VO with the SQL query we want to display to the user (contains both User and People data fields), and then use a different ViewObject when performing other actions on the User Table (such as inserts/updates/deletes). By using the setWhereClauseParam() method in the handleLifeCycle() for the JSP page, we should be able to navigate between the different View Objects, so that the user does not see any difference.
  Thanks! Oh, and by the way, I have read your article you included before, and I have used it many times before to tune my View Objects! Thanks!

• Dynamic Creation of Entity Objects (ADF Business Components)

  Hi All,
  We have a requirement to create Entity Objects for the dynamically generated tables in our application and at the same time bind them to different views.
  Our product create multiple tables at runtime with some sort of naming convention, and we couldn't find a way in JDeveloper to generate entity objects for the tables created dynamically.
  Please provide some pointers if you have experienced or worked on similar requirement.
  Thanks,
  Nikhilesh

  Thanks for the help Sudipto.
  The link which you have shared, describes the creation of an entity object and then modify the operations like Delete Update and Insert etc to be performed on the entity object by creating IMPL classes and implementing certain interfaces.
  But I need to create Entity objects dynamically. My application creates new tables for some functionality at the run time and I have to create Entity objects for those new tables as soon as the new tables are created.
  I was just wondering if, there is any API available for creating the entity object from Java code instead of invoking the wizard in the Jdeveloper.

• Passing SQL Server identity attributes values into adf entity objects

  Hi all.
  I'm using Jdeveloper 10g for developing an ADF Swing application based on MS SQL Server DB.
  Does anyone know if it is possible to pass SQL Server identity attributes values into the correspondent attrributes of adf entity objects, like we do with Oracle DB Sequence.
  The problem is that i should somhow implement cascade deleting of detail view objects, so i should use the composition association. But since i cant fill the primary key attribute with appropriate value (that is actually a ms sql server db sequence value) i always get
  the following exception: oracle.jbo.InvalidOwnerException: JBO-25030 as i try to create a new pair of master/detail objects.
  Thanks in advance.
  Alex.

  The approach is good. but i still dont understand how i can address the sql server db sequence (identity field) programmatically...
  The code offered
  SequenceImpl sequence = new SequenceImpl("PRODUCTS_SEQ",getDBTransaction());
  setProdId(sequence.getSequenceNumber());
  generates something like this:
  select deq_name.nextval from dual
  but this syntax works for oracle only... and not for sql server...
  Edited by: Timin on Mar 26, 2009 6:34 AM
  Edited by: Timin on Mar 26, 2009 10:25 AM

• Unable to create Entity objects for tables in TimesTen database using ADF

  Hi,
  I am not able to create Entity and View objects for tables in TimesTen database using ADF. I have installed TimesTen client on my machine.
  I have created a database connection by using connection type as "Generic JDBC" and giving driver class and JDBC URL. I am attaching screen shot of the same.
  I am right clicking on Model project and selecting New option after that I am selecting ADF Business components and in it I am selecting Business components from tables and there I am querying for tables.I am getting list of tables and when I am trying to create a Entity object from the table after clicking finish Jdev is closing by itself giving an error.
  Can anyone please help me how to create Entity objects for tables using TimesTen as database.I might be missing some jars or the way I am creating connection might be wrong or any plugins required to connect to TimesTen.

  What is the actual error being given by Jdev? Are you sure that the JDBC connection is using the TimesTen JDBC driver JAR and not some other JDBC driver or the Generic JDBC/ODBC bridge?
  Is ADF even supported with TimesTen?
  Chris

• ADF Entity Object

  Is it true that
  1) Against every request, for data, from the screen (ViewController UI), the data is fetched from the related Entity object only and no request is fired to the database at any level.
  2) When both Application Server & database Server are up, Entity Object & the related database table are always completely synchronized (Whether data is changed manually directly at database level or through related ViewController UI).

  Hi,
  see the documentation
  http://www.oracle.com/webapps/online-help/jdeveloper/10.1.2?topic=bc_acaches_html
  and
  http://www3.nexpak.com/bc4jdoc/bc_ahowdoesbltcachedata.htm
  Frank

• Multiple updateable adf entity objects

  I've got a situation that is real similar to something that's covered in the developer's guide, yet it's just different enough that I need to get someone's help. I have a view object that is based on two entity objects. These 2 entity objects have a one to one association with each other. They both share the same primary key (hris_id). There is no foreign key relationship between them. This hris_id column for one of the entity objects has been set as a DBSequence type so that it's value can be set by a sequence. When i want to create a new row via this view object, I need to know where/when I can get this sequence generated value from the first entity object so that when the second entity row gets created, i can use this value (hris_id) from the first entity object to populate the hris_id column in the table for the "second" entity, since both tables will need to share the same value for hris_id column. Just not sure about where in the code this needs to happen. Any ideas? Thanks.

  Hi,
  I think your situation is similar as described in the guide.
  Override create in your view object row class, create first and second entity and probably you need to copy key value from first to second entity.
  Try this:
      @Override
      protected void create(AttributeList attributeList) {
          Entity1Impl newEntity1 = getEntity1();
          Entity2Impl newEntity2 = getEntity2();
          try {
              newEntity1.create(attributeList);
              oracle.jbo.domain.Number hrisId = newEntity1.getHrisId().getSequenceNumber();
              newEntity2.create(attributeList);
              newEntity2.setHrisId(hridId);
              .Rado

• Entity Object's "addNewRow" Permission, how to implement?

  Hi,
  this is a generic question about an implementation strategy to be followed for ADF Authorization.
  I've been researching the definition of permissions at the entity object level, and successfully tested the 3 permission targets available: read, update, removeCurrentRow.
  However, I'd actually need the full set of permission targets for CRUD operations, which means that ADF lacks an "addNewRow" to secure row creation on EOs.
  What should be the strategy to implement that?
  Is it a planned feature so waiting till, say, 11g Release 2 should bring it to the table, or has it been left out by design and thus it just won't be added? In the latter case, how to actually implement it?
  I'd need to actually hide/disable the Create/CreateInsert button on my edit pages if the underlying EO does not allow new row creation for the current role. I gave a thought to EO's Custom Properties as a way to handle that extra permission flag, but is it a viable way? Can they be accessed through EL so that I can, say, use them directly in the Rendered/Disabled property of the button to regulate access?
  Or would you suggest another strategy altogether?
  Please share your ideas.
  thanks,
  RickyS

  Well, I can definitely see some benefits in having security at the model layer, at least in our scenario. In a complex app with many edit pages often dealing multiple times with the same EOs, having to specify a single set of policies on the EO itself and see it automatically implemented on every page seems a plus and a step ahead from 10g - not that I tried Security in 10g, but I know the approach. Seeing fields automatically become read-only or datacontrol operation buttons such as Delete become disabled without specifying anything on the page is cleaner and will speed up development a bit, too (for large numbers of pages that might be significant, on a small app it's probably irrelevant).
  Probably not as useful and powerful as model-driven lists, but still a welcome feature. You probably have a point about the double mainteinance, but that may be avoided if the BC layer security truly encompasses everything (e.g. if I can't rely on a "create" permissions, I'll certainly have to maintain additional code as well as additional BC data such as custom properties to deal with that, and this is even worse).
  Another point is that I might want to enable/disable functionality on the page via EL/backing bean based on BC permissions, and that seems useful. Being able to express a condition like "this EO is accessible" or "this attribute is accessible" is sometimes much superior to "user belongs to this role". It's better to decouple roles from the secured targets and just use the latter, IMHO. Especially becuse we'll likely won't have a fixed set of static roles defined in advance for all customers we'll deploy our webapp to.
  Just my 2 cents, anyway, you might end up being totally right :-)
  Cheers,
  RickyS