Access control in Oracle APEX allows you to define and manage user permissions within an application. This is achieved through an Access Control List (ACL), which you can create using the Access Control Wizard. This wizard is accessible via the Create Application Wizard or the Create Page Wizard.
When you run the Access Control Wizard, it:
Generates a management page for the access control list.
Creates two tables in the application's default parsing schema to store access control data.
Understanding Access Levels and Roles
The access control list enables you to assign specific privileges to users within the application. These privileges determine what actions users can perform and correspond to predefined access roles:
View Access (READER Role) – Users can view content but cannot make modifications.
Edit Access (CONTRIBUTOR Role) – Users can make changes but do not have administrative control.
Administration Access (ADMINISTRATOR Role) – Users have full control, including the ability to manage access control settings.
To enforce access restrictions on application pages and components, you must create an Authorization Scheme and associate it with the application.
Defining Additional Roles
Beyond the default roles, you can define custom roles through the Application Access Control page. Since roles are assigned to users, it is important to define roles before adding users.
Oracle APEX provides system views that allow you to review the access control settings:
APEX_APPL_ACL_USERS – Displays user access details.
APEX_APPL_ACL_USER_ROLES – Shows the roles assigned to users.
APEX_APPL_ACL_ROLES – Lists all roles defined in the application.
Creating Custom Access Control Roles
To enhance security and customize access control, you can create new roles within the application. Before assigning users to roles, ensure that the necessary roles have been created. This structured approach ensures that each user has the appropriate level of access based on their role in the application.
No comments:
Post a Comment