Using Page Text Item in an Authorization Scheme

Similar Messages

• Using page 1 items in page 3

  hi, i can't use page 1 items such as P1_USERNAME in page 3 through i write " &P1_USERNAME. " in html region. Is there any way to use page 1 variable or form area in page 3? thanks.

  actually, i want to do a login form. But my login form not Apex's default login form. I have an excel document there are employees, i will convert this excel to database table to use in database. Then i want to a login form.
  Login form has 2 textfield, username and password. If user press submit button after filling the textfields, i redirect this login page to loginhandle page, this page check password, if it is true, login handle page redirects user to page 4, if it is wrong login handle page redirects user to page5.
  So, i have a process in loginhandle page to perform redirection. There is conditionally branch. I've written in conditional expression a pl sql block. This block call a function, that fucntion return true or false. That function get username and password as parameters. If i do this
  declare
  begin
  boola := check_pass(:P1_USERNAME,'1234');
  return boola;
  end;
  the P1_USERNAME value is couldn't understand and the function doesnt work. If i do this:
  declare
  begin
  boola := check_pass('FUAT','1234');
  return boola;
  end;
  everything work perfect. As i mentioned earlier, the above function is written in loginhandle page.
  Why do not i get the P1_USERNAME?
  Thanks

• Which situation should we use the text item with the item category TATX

  Dear experts!
  Thank you for your attention!
  I am confused with text item (TATX).
  which situation should we use the text item with the item category TATX????
  Someone told me that the text item is dummy and should be used as a manual of certain standard item. But the manual may be a book or several papers and it also takes up some inventory not a dummy.
  So, could some body tell me what the text item (TATX) exact is and what function it has.
  Best regard!
  Tangdark

  Hi,
  you can use TATX if you like to enter a text and to print some information between the item lines.
  Regards
  William

• Display page items based on Authorization Scheme...

  I have a report form that shows all my columns, but I have two columns that I only want "Admin" and "Edit" from my authorization scheme to be able to edit; but I would like for "User" to view.
  Currently I have "authorization" enabled for the two items, and set for "Edit". This works, except the "User" logins cannot view the items.
  I thought of two possibilities, both I think I'd need help on though!:
  1. Create a duplicate page item for these two items. One would show as "Text" only (cannot edit). The other would be "Text Field". The "Text Field" column would only be
  accessible by "Edit" or "Admin".
  The problem, though, is now "Edit" or "Admin" users will see both columns
  2. Set up something in "Conditions" that would show as "text" for "User", and as "Text Field" for "Admin" or "Edit"?
  I would have no clue how to do this...
  Any thoughts?
  Kevin L.

  Kevin
  You can create two items and in the Authorization Scheme you can set one as Users and second as Edit. Also You can do something using small JS. Create a variable P_USR_TYPE to hold the value of User group lets say 1 for Users and 2 for Edit. Then on the HTML header or footer of the region you can add a javascript call
  function UsrCustomization()
       if ( P_USR_TYPE == 1 )
            // mark the item as readonly
            // document.getElementById('P1_FIELD_QUESTION').disabled = true;
            document.getElementById('P1_FIELD_QUESTION').readOnly="readonly"
  UsrCustomization();Thanks,
  Manish

• Warning when calling function using page text

  Hi *,
  I have a function in package which generates some parameters for a link I want to put on bottom of the View Form.
  The HTML I put in the bottom of View Form user text field looks like this:
  Create default visit for this group
  The problem is that Desinger throws a warning when I try to generate and the auto-install option gets ignored due to this error...
  Can I set Designer to ignore this "parse error", so that the auto-install works again?
  Here is the exact error message:
  Message
  CDG-03707: Module Component GROUPS.GROUPS: Invalid syntax in User Help Text or Page Text for Bottom of View Form: 'guides_package.visit_create...'
  Thanks in advance,
  Goeran Zaengerlein

  Is there actually a procedure 'get' inside a package 'pk_test'?
  Justin

• Generic Authorization Scheme for items?

  I have created a generic authorization scheme for our application pages, and I would like to extend that to items if possible.
  The page one was easy enough as I could identify the calling page through :APP_PAGE_ID in the authorization scheme. Unfortunately, I do not know of any built in variables that would identify a calling item on a page.
  Is there such a variable or some other way of identifying the item?
  thanks!
  John

  John,
  No, currently you cannot pass any parameters to an Authorization Scheme. I have requested that this be a new feature in a future release of APEX, as it makes all the sense in the world. It would be a lot easier to have 1 scheme that can take a parameter for 100 items vs. 100 schemes, one for each of 100 items.
  In the mean time, you'll have to default to using a condition to determine if an item should be rendered or not. The trick here is that conditions are often used for business rules (such as not showing the SAVE button when you're inserting). Thus, you'll have to account for that when creating your conditions, and thus check both.
  Hope this helps.
  Thanks,
  - Scott -
  http://spendolini.blogspot.com/
  http://sumnertechnologies.com/

• Authorization Scheme problem using query

  Greetings:
  I have an application with 4 different roles in my application. Depending on the user role, the access to different pages within the application are filtered. We have 4 group types: admin, general, transactional and read_only; each, with descending levels of authorization.
  The application utilizes a two-level tab navigation system in which I hide the tabs that the users are not supposed to see, depending on the level of authorization that they have. I have implemented three authorization schemes for three different types of access depending on the pages within my application. The only page without any auhorization is the login page.
  The three created authorization schemes are as follows.
  My first scheme (set as scheme type: exists SQL Query):
  Select APP_USER_NAME, APP_GROUP_TYPE from APP_USERS
  where
  APP_USER_NAME = :APP_USER
  AND
  APP_GROUP_TYPE != 'READ_ONLY'
  This one is supposed to negate access to the READ_ONLY group, but allow access to all other groups.
  My Second scheme (set as scheme type: exists SQL Query):
  Select APP_USER_NAME, APP_GROUP_TYPE from APP_USERS
  where
  APP_USER_NAME = :APP_USER
  AND
  (APP_GROUP_TYPE != 'READ_ONLY'
  and
  APP_GROUP_TYPE != 'transactional')
  The second one, I have added the transactional group as to be explicitly negated access.
  My Third scheme
  Select APP_USER_NAME, APP_GROUP_TYPE from APP_USERS
  where
  APP_USER_NAME = :APP_USER
  AND
  (APP_GROUP_TYPE != 'READ_ONLY'
  AND
  APP_GROUP_TYPE != 'transactional'
  AND
  APP_GROUP_TYPE != 'general')
  the last one, I have added the general group as to be explicitly negated access.
  I am thinking that, logically, this would work, but the pages do not display properly. I am always getting the failed authorization page, even with my admin user. Is there something wrong with my methodology? Should I be white-listing instead of black-listing in my queries? Thanks for your support.

  I appreciate your help Jeff, you helped me a great deal, but not in the way you may think. In your link, there was a post that offered a solution with a simple query. There was one person that posted a query using (upper) to bring the username to uppercase so it can be properly compared to :APP_USER. Yes, the users were entered as lowercase, the logic was ok. I changed the query logic to a white list as to avoid possible users that may be able to authenticate into the application without a proper group configured.
  Thanks for your support. Maybe this can help someone on the forums out.

• Page Authorization Scheme OK button not working

  Hi All,
  I have a Page Level Authorization scheme, which makes a PL/SQL Function call to determine whether the logged in user should have access to the Page. This works well and displays an 'Access denied by Page security check' error message, but the OK Hyperlink that is displayed does not work as I would expect as I am not returned to the calling page.
  The pages in question are Popups and when I hover over the OK Hyperlink, the Javascript in the Taskbar shows javascript:window.history.go(-1). Is this the route of my problem, and is there any way around this when using Popup windows?
  Thanks,
  Mike

  Scott,
  Thanks for your response. Yes you have the sequence right: "User clicks on link to popup page from base page and the link is to a forbidden page"
  "The basic question is why would you ever show a link to a forbidden page to the user?"
  The main reason is time, ideally yes we would like to hide links to forbidden pages but it will take time to implement due to complexity of role combinations and number of pages. So for now, we are confident in our method for denying access to forbidden pages.
  The error message that is displayed on the forbidden page is set in the Authorization Scheme, but how do I alter the OK link? Isn't this generated 'behind the scenes'?
  Thanks,
  Mike

• Authorization Scheme -- Best Practices?

  Hi All --
  We have a reporting application containing approximately 300 pages and 60 or so menu items all using authorization schemes (exists SQL method) as a means to determine whether or not a use can see the menu items and/or access the pages. We've been seeing an issue where a user logging into the application experiences poor performance upon login and have traced it to our access checks and the number of "exists" queries run when a user logs in and before our menu is displayed.
  What would be considered best practice in a case such as this? Does anyone have any ideas on how to increase the performance on these authorizaton checks?
  Thanks,
  Leigh Johnson
  Fastenal Company

  Leigh - No, the asktom post Joel referred to is posted above: http://asktom.oracle.com/pls/asktom/f?p=100:11:0::::P11_QUESTION_ID:62048567543425
  We just want to know if this post if from you folks or not.
  About the authorization schemes for each page, I would think that whatever scheme you code to authorize a link to a page, e.g., on a menu, would be the same scheme you'd want to attach to the page itself.
  So the authorization has to take place first at the point you render (or suppress) a link to a page and again at the point the page is requested (the latter being necessary because a user can bypass the menu links and try to access pages directly by entering the page ID in the URL.
  So again, if you have X links on the menu page, each requiring a distinct query for authorization, you'll have to pay the price to do all that authorization once per session because of the design of the menu page. More precisely, the authorization scheme code, e.g., their EXISTS queries, have to be executed once per session per resource access attempted. For performance purposes, the results of these checks are cached for the duration of the session (because you set them up to be evaluated once per session and not on every page view).
  One thing that might help you is region caching (or page caching) for the menu. You'd use the Cache By User option, of course. Then if the same named user logged in and out numerous times during the "cache valid" period, which is adjustable, the user would see the cached menu "instantly". Authorization checks will not have been performed during these page requests however, so you'd want to be sure that it makes sense to present cached versions of these links. However, the corresponding authorization schemes that you'd attach to the pages themselves would be evaluated when the user clicked on a "cached" link, so you'll get the protection you need, ultimately.
  Scott

• Multi Row Text Item (Not Text Area)

  Is it possible to create a multi-row text item for entering data i.e. a text area WITHOUT a scrollbar?. I know exactly how many rows I need e.g. an address field
  The scroll bar looks terrible on printouts when printing off data entry forms.
  Also any way of having ruled lines appear in the multi row text field?
  regards
  Paul

  Hello,
  No, just use three text items. or a textarea with the style ="overflow:hidden;" should supress the scrollbar
  Carl
  Message was edited by:
  Carl Backstrom

• Page 0 item vs. Application Item

  Hello All,
  Is there any advantage of using an application item over page 0 item .
  My requirement is to store a value in a global item so that I can access it across all pages in the application . The value of this item is computed from an SQL query.
  Now my concern with creating an application item is if at a later stage I have to change the query that computes the value, and then if i have to patch that change to production , I will have to send the entire application(2 hrs to import) since application items are shared component . But if I create an item in page 0 , I need to only patch the page .
  1) Is there any way I can patch application items without having to send the whole application ?
  2) Is it okay to use page 0 items (hidden) instead of application items ?
  Thanks,
  Dippy

  I've used page 0 items for "globals" with no issues. A few things I like about them:
  1) They're visible in the standard tree view, without having to go to the shared components section. Much easier to remember that they're there. (This is the same reason I like using dynamic actions for page-level javascript, rather than tucking it into the page attributes.)
  2) I can use the standard page item source processes. Application items are just harder to deal with--you either have to use an after-login process to set the value, or create your own application/page process to do so. Which is harder to track/remember.
  3) Inherent "global" naming convention. When I'm creating a page item, APEX helps me remember to use the PX_* notation; there's nothing like that for application items. Which means I can (and probably will) tend to get sloppy--not to mention any other programmers I have to work with. Once you understand page items and page 0, however, it's trivial to remember that P0_* means global. (Incidentally, is there a recommended standard convention for naming application items? APP_* would be obvious, but there's risk of colliding with APEX there...A_*? G_*? GLOBAL_*?)
  And as has been noted, they're available to javascript, though I haven't needed that particular feature (yet).
  -David

• Page 0 items

  Hi All.
  I have a number of page 0 items that we use as the labels for buttons and other items. I populate these items in an application process that runs for each page by means of a pl/sql procedure that reads from a table and uses apex_util.set_session_state to put a value in the item. Looking at the debug timings for page load we suspect that this process is taking a unacceptably long tiime for each page.
  Does anyone know of a way that I can cache these values so I only have to set them up once.
  Andy Boyd(Northgate).

  Andy,
  I'm still curious about how you're using page 0 items for labels of items and buttons throughout the system. Are these hidden items on page 0? Are these items appearing on every page?
  That aside, you could switch from an page level process to an application level process and set the firing point as "On New Session: After Authentication". This would ensure that the code only fires once. Note that you'll have to logout of the application and back in before it fires.
  Regards,
  Dan
  http://danielmcghan.us
  http://sourceforge.net/projects/tapigen

• Accessing an item on a page based on authorization scheme

  Hi,
  I've two authorization schemes :ADMIN and VIEW.I've created a public page which will be accessed by both schemes.But on that page in particular region I want to display an item only for ADMIN not for VIEW scheme.
  Thanks,
  Mahender.

  for that region properties , go to conditional display and use this bult in function (after you pick plsql function return boolean) : APEX_UTIL.PUBLIC_CHECK_AUTHORIZATION('your_auth_scheme');
  This function return true if current user is in that auth. scheme.
  Let me know if that helps,
  Sam K.

• Trying to make new text item in Pages 5.2 using Applescript

  I am trying to upgrade(?) from Pages 3 to Pages 5 and have a script that used to make a new document with text boxes. Previous line was:
    make text box with properties {object text:receiptDD, vertical position:6.9, horizontal position:2.7, height:0.5, width:1, extra space:0}
  Have the line changed to:
                                make new text item with properties {object text:receiptDD, position:{6.9, 2.7}, height:0.5, width:1}
  but fails with error "Pages got an error: Don't know how to create TMAScriptInfoProxy" number -2763
  Not sure where to go from here,  searched various forums but cannot find a solution, any guidance gratefully received.

  Does your Photoshop menu bar have a 3D item? If not make sure you machine meets CC requirements and thatou GPU is enabled in you Photoshop preferences performance section

• Authorization scheme for display/read only conditions on item level

  Hi All,
  I have question. I want to use an authorization scheme to manage if users with a certain role have the permission to either update an item or have the persmission to only see the item or that they don't have permission to see it at all.
  So, the input for the scheme would be: 1. user role 2. the current page 3. the current item.
  The output would be: 0 (update) 1 (read only) 2 (not displayed).
  I think I can manage that.
  And I can attach this schema to the items.
  So far so good.
  But how can I make it so that the 0,1 and the 2 will actually do what they need to do?
  I have been thinking about making a function like GET_AUTHORISATON(ROLE,PAGE,ITEM) output: 0,1,2 but I still can't figure out how to connect this with the functionality I want to achieve.
  Can somebody give me a hint?
  Andre

  Thanks Hari,
  Thanks, it works, almost, but what if items are mandatory on a page, but not always mandatory?
  If a user has a certain role, some fields are manadatory, otherwise not.
  Again, a function would do the trick as far as the input and output information
  something like IS_MANDATORY(USER_ROLE, CURRENT_PAGE, CURRENT_ITEM) but how can I make it work?
  I guess a PL/SQL validation like:
  IF IS_MANDATORY(USER_ROLE, CURRENT_PAGE, CURRENT_ITEM) THEN ITEM IS NOT NULL
  END IF;
  Andre
  PS: personally I think item level security is not something you wish to implement in your system. I prefer different screens for different roles.
  Far more straightforeward. Easy for maintenance. When something disfunctions, it's far more easy to pinpoint the location of the cause.