Hi
Few Days ago, One Expert in Oracle Forms & DB asked me to include Oracle Security System already implemented in his Stand alone Applications and focus on the user responsibilities ..
in fact, Security System contains a Hierarchical Tables including all Data About Systems, Security Grades, Menues, Pages , Items Roles, Normal & Super users.
i finished the best solution for our case to use HashMap in Session Scope to have all User Responsibilities and no release until Log-out or Session Timeout.
i will Focus in only one part of how to Capture all user responsibility with 4 Types (Accessible,Insert-able,Update-able,Deletable)..
private Map<String, Validation> UserMap = new HashMap<String, Validation>();
public class Validation {
private Boolean Accessible;
private Boolean Insertable;
private Boolean Updatable;
private Boolean Deleteable;
public Validation(Boolean a, Boolean b, Boolean c , Boolean d){
Accessible = a;
Insertable = b;
Updatable = c;
Deleteable = d;
}
public void setAccessible(Boolean Accessible) {
this.Accessible = Accessible;
}
public Boolean getAccessible() {
return Accessible;
}
public void setInsertable(Boolean Insertable) {
this.Insertable = Insertable;
}
public Boolean getInsertable() {
return Insertable;
}
public void setUpdatable(Boolean Updatable) {
this.Updatable = Updatable;
}
public Boolean getUpdatable() {
return Updatable;
}
public void setDeleteable(Boolean Deleteable) {
this.Deleteable = Deleteable;
}
public Boolean getDeleteable() {
return Deleteable;
}
}
public void UserRolesDistribution(String UserID) {
ViewObject AllPages = cwc.AccessIteratorBinding(“UserRolesVO1Iterator”).getViewObject();
AllPages.reset();
AllPages.setWhereClause(null);
try {
AllPages.executeQuery();
} catch (JboException e) {
cwc.Validate(FacesContext.getCurrentInstance(),
cwc.AccessBundleItemValue(“CS.view.CS-InterfaceBundle”, “ValidatorMessageHeader7”),
cwc.AccessBundleItemValue(“CS.view.CS-InterfaceBundle”, “ValidatorMessageFooter7”), 1);
}
if (AllPages.getEstimatedRowCount() > 0) {
Row AllPagesRow;
while (AllPages.hasNext()) {
AllPagesRow = AllPages.next();
UserMap.put(AllPagesRow.getAttribute(“ScreenName”).toString().toUpperCase(),
new Validation(Boolean.FALSE, Boolean.FALSE, Boolean.FALSE, Boolean.FALSE));
}
}
AllPages.setWhereClause(“user_id = ” + UserID);
try {
AllPages.executeQuery();
} catch (JboException e) {
cwc.Validate(FacesContext.getCurrentInstance(),
cwc.AccessBundleItemValue(“CS.view.CS-InterfaceBundle”, “ValidatorMessageHeader7”),
cwc.AccessBundleItemValue(“CS.view.CS-InterfaceBundle”, “ValidatorMessageFooter7”), 1);
}
if (AllPages.getEstimatedRowCount() > 0) {
Row PagesRow;
while (AllPages.hasNext()) {
PagesRow = AllPages.next();
UserMap.remove(PagesRow.getAttribute(“ScreenName”).toString());
UserMap.put(PagesRow.getAttribute(“ScreenName”).toString(),
new Validation(((Number)PagesRow.getAttribute(“ScreenLogin”)).compareTo(1) == 0,
((Number)PagesRow.getAttribute(“ScreenAdd”)).compareTo(1) == 0,
((Number)PagesRow.getAttribute(“ScreenModify”)).compareTo(1) == 0,
((Number)PagesRow.getAttribute(“ScreenDel”)).compareTo(1) == 0));
}
}
AllPages.setWhereClause(null);
AllPages.reset();
}
#{!UserRolesBean.userMap[“UNIQUE”].insertable}
#{!UserRolesBean.userMap[“UNIQUE”].updateable}
#{!UserRolesBean.userMap[“UNIQUE”].deletable}
Finally, we have a complete solution for Oracle Forms Stand Alone Security Systems in User Responsibilities Distribution Phase. ?
Few Days ago, One Expert in Oracle Forms & DB asked me to include Oracle Security System already implemented in his Stand alone Applications and focus on the user responsibilities ..
in fact, Security System contains a Hierarchical Tables including all Data About Systems, Security Grades, Menues, Pages , Items Roles, Normal & Super users.
i finished the best solution for our case to use HashMap in Session Scope to have all User Responsibilities and no release until Log-out or Session Timeout.
i will Focus in only one part of how to Capture all user responsibility with 4 Types (Accessible,Insert-able,Update-able,Deletable)..
- in Back Bean - in Session Scope Level, Create your hash map using validation Object.
- Create Validation class to include all 4 security Rules ..
public class Validation {
private Boolean Accessible;
private Boolean Insertable;
private Boolean Updatable;
private Boolean Deleteable;
public Validation(Boolean a, Boolean b, Boolean c , Boolean d){
Accessible = a;
Insertable = b;
Updatable = c;
Deleteable = d;
}
public void setAccessible(Boolean Accessible) {
this.Accessible = Accessible;
}
public Boolean getAccessible() {
return Accessible;
}
public void setInsertable(Boolean Insertable) {
this.Insertable = Insertable;
}
public Boolean getInsertable() {
return Insertable;
}
public void setUpdatable(Boolean Updatable) {
this.Updatable = Updatable;
}
public Boolean getUpdatable() {
return Updatable;
}
public void setDeleteable(Boolean Deleteable) {
this.Deleteable = Deleteable;
}
public Boolean getDeleteable() {
return Deleteable;
}
}
- Now we have to implement a Back Bean Action Method to populate user responsibility based on user access to HashMap in Session Scope
public void UserRolesDistribution(String UserID) {
ViewObject AllPages = cwc.AccessIteratorBinding(“UserRolesVO1Iterator”).getViewObject();
AllPages.reset();
AllPages.setWhereClause(null);
try {
AllPages.executeQuery();
} catch (JboException e) {
cwc.Validate(FacesContext.getCurrentInstance(),
cwc.AccessBundleItemValue(“CS.view.CS-InterfaceBundle”, “ValidatorMessageHeader7”),
cwc.AccessBundleItemValue(“CS.view.CS-InterfaceBundle”, “ValidatorMessageFooter7”), 1);
}
if (AllPages.getEstimatedRowCount() > 0) {
Row AllPagesRow;
while (AllPages.hasNext()) {
AllPagesRow = AllPages.next();
UserMap.put(AllPagesRow.getAttribute(“ScreenName”).toString().toUpperCase(),
new Validation(Boolean.FALSE, Boolean.FALSE, Boolean.FALSE, Boolean.FALSE));
}
}
AllPages.setWhereClause(“user_id = ” + UserID);
try {
AllPages.executeQuery();
} catch (JboException e) {
cwc.Validate(FacesContext.getCurrentInstance(),
cwc.AccessBundleItemValue(“CS.view.CS-InterfaceBundle”, “ValidatorMessageHeader7”),
cwc.AccessBundleItemValue(“CS.view.CS-InterfaceBundle”, “ValidatorMessageFooter7”), 1);
}
if (AllPages.getEstimatedRowCount() > 0) {
Row PagesRow;
while (AllPages.hasNext()) {
PagesRow = AllPages.next();
UserMap.remove(PagesRow.getAttribute(“ScreenName”).toString());
UserMap.put(PagesRow.getAttribute(“ScreenName”).toString(),
new Validation(((Number)PagesRow.getAttribute(“ScreenLogin”)).compareTo(1) == 0,
((Number)PagesRow.getAttribute(“ScreenAdd”)).compareTo(1) == 0,
((Number)PagesRow.getAttribute(“ScreenModify”)).compareTo(1) == 0,
((Number)PagesRow.getAttribute(“ScreenDel”)).compareTo(1) == 0));
}
}
AllPages.setWhereClause(null);
AllPages.reset();
}
- Now, we can access the HashMap all over your system before open Pages,Buttons,Menues,Text items applying 4 security Rules (Accessible,Insert-able,Update-able,Deletable).
#{!UserRolesBean.userMap[“UNIQUE”].insertable}
#{!UserRolesBean.userMap[“UNIQUE”].updateable}
#{!UserRolesBean.userMap[“UNIQUE”].deletable}
Finally, we have a complete solution for Oracle Forms Stand Alone Security Systems in User Responsibilities Distribution Phase. ?
No comments:
Post a Comment