I have created an Edit button with associated Dynamic Action. In the dynamic action, set it to the Click event of the Edit button. I've created the actual action by reference to a JavaScript executing code. And then an update of the area.
In JavaScript code I wanted to enable items that are read only by pressing the edit button.
APEX_UTIL.PUBLIC_CHECK_AUTHORIZATION('ADMIN')
This was the check I made in the JavaScript code.
In this way I enabled edit mode for the region where I am applying.
ADMIN is a role.
How can I make the button click so that the items associated with the region that are just as read only, when clicking appear in an editable way?
In my opinion, you're reinventing the wheel.
OK, there's the ADMIN role (perhaps some other roles as well). If you know which user (identified by :APP_USER) has which role, then use
server-side condition (to decide whether to render (or process) certain page component (items, buttons, ...)
read only property (to decide whether user will be able to modify the value or not)
authorization scheme (under "Security")
So, there's no need for the EDIT button you currently have. Everything can be done declaratively by setting certain properties within Apex.
this function
APEX_UTIL.PUBLIC_CHECK_AUTHORIZATION('ADMIN')
is a plsql function, did you use it in your javascript code or as a server side condition?
you can make an ajax request to get the user role using that function and after getting the role in your javascript code you can disable/enable the items using the javascript api.
apex.item( "P1_ITEM" ).enable() ;
Related
I´m at that point on my app, where the user Logged in, receive the data from the server and now i need to make same changes. One of the changes is change the button that appears on my Sidedrawer saying Log In to Log Out and vice-versa when the user Logs Out...I could talk about other changes but i think the main thing is...
How do I access the Sidedrawer content in order to change/add buttons. I already entered the app-root.xml and made same testing adding the navigatingTo="onNavigatingTo" function and also in the .js file just to see if it responds, but it doesn´t...
How do i perform this?
You can show/hide your button via visibility, text binding or via a structural directive like *ngIf (if using Angular). For example, take a look here - I am showing/hiding a button based on whether the user is logged in or not (here is the related code-behind code).
The above example is using an Angular directive and can be applied only in Angular based applications, but with the same logic, you can substitute ****ngIf*** with visibility and achieve the same in TypeScript or plain JavaScript app.
The easiest way to do it is put the frame inside drawer content area, then navigate frame to another page.
I am developing an NSIS package for one the products. I have a custom page for gathering SQL Server login credentials. On this page, clicking next must validate the given inputs (whether it connects to the server with given credentials). This works fine.
Problem:
If I press back button on this page, it is still validating the input; which I do not want. I could not find any way out to skip the validation on clicking back button.
Any suggestions in this regard is appreciated.
Found the answer!
We can specify two function names while calling the page custom command. One to show the page and one for validating which is called as leave page.
Page custom ShowDatabasePage LeaveDatabasePage
In the leave function, we can do all the validation. If the validation fails just call abort and the work is done. Leave function is called only when the next button is clicked.
I am writing a simple web page, which shows some widgets based on user permission. If user has EDIT permission, the page renders EDIT widget else EDIT widget doesn't shows up.
What is the best way to achieve this?
I, first called a service to get logged in user's permission and then set visibility: none or block based on the permission. But, I see that user can "inspect element" on browser and set visibility accordingly. However, on server-side, I am using #PreAuthorize annotation on DAO to control the user actions.
How to control visibility of UI widgets without user being able to make changes, maybe from server side?
Update : I am looking for JSTL equivalent in GWT
AFAIK there is no JSTL equivalent for GWT.
However there are some 3rd party (i.e. ArcIS) libraries that make display/hiding UI elements based on user permissions more convenient.
However no matter whether you do it manually or using a library you should make sure that you properly secure your backend side (as far as I can tell you are doing that by using method level security).
One important thing to remember when dealing with client side permissions/security:
You should never trust input/actions from the client/browser, because you are not in control of it. So you must always do security on the backend
In my opinion, it really does not matter if the user could theoratically inspect the edit button for example using Browser Dev Tools and make it visible, as long as the the edit action on the backend is properly secured. If you are really that concerned you can remove the elements (i.e edit button) from the DOM instead of hiding it, but it won't make it more secure.
I, first called a service to get logged in user's permission and then
set visibility: none or block based on the permission.
Well instead of setting the visibility none or block, assuming you are using JSP, use JSTL tag
<c:if test="${if the user has permission}">Show widget UI code</c:if>
If the page has n widgets for which the user doesn't has permission, why would you load the code for all the n widgets. It's non performant.
write a panel that shows it's contents based on security settings in the client code
add the widgets to be controlled inside the security panel
the panel will now control the appearance of the children based on security in your client code
As has been mentioned before, and has been recognized by you, client security is only visibility control and thus not sufficient to protect the app.
I am trying to create a web form in Lotus Notes that is web enabled. So far this has all worked fine, however there are 2 issues.
When Creating a Java Script Alert in the OnLoad Event, it Pops up everytime a user selects a radio button or dropdown option since this reloads the page. Is there any way to make this only for the initial opening of the form?
When a user selects an option, the form reloads and puts that form field on the top which is proving to be very disorrienting for users. Is there a way to have it not scroll on reload?
Thanks in advance!
The best advice would be: use XPages for web development that is "state of the art". If you can't, you have to code a lot of JavaScript to make the form not behave like "havoc".
First of all: the field property "refresh fields on keyword change" is the reason for the jumping / reload.
What does domino do?
All events / formulas that occur when you normally press F9 or use the Option above (that can be field values, input translations, hide whens, etc.) are not "converted" to HTML and javascript but are executed by the server. Therefor each change in a field with the option set submits the form and adds an &Seq=x to the url to keep track of the state. X increments on every reload. Of course this reload causes all events to be triggered again.
For you this means:
Option
disable the option to reload the form after keyword change.
Unfortunately you have to recode every dependency / calculation / hide when with javascript. Using a framework like jquery or dojo this is possible, but a lot of work.
If there IS no dependency then just disable the option...
Option
Live with the "jumping" and let your onload event check for the existance of an URL- parameter called seq... And only if it does not exist, then it is a "real" OnLoad...
Both options are not quite nice and not very easy to code...
That's one reason why IBM started XPages... There all this stuff is already handled by default...
I have an app with 3 sections:
Main menu;
Context Menu - Related to selected item in main menu;
and Page body - Related to selected item in context menu;
"Main menu" and "Context menu" are based on membership. I don't want to load them everytime my page loads, because that would consume resources database. So, I'm using ajax to load main menu only one time, and when an item is selected, I load the context menu for that item.
My problem is: Every form's post will erase my menu.
Question: Will I have to build my entire application using ajax? I don't wanna do that, because it is too much simpler do a post in the form then send all data to controller with ajax.
Until now, I have 2 options:
Load my menus with ajax and the page body with IFRAME, so the post's will not render again my menus.
Do everything using ajax;
Is there any alternative to load my menus with ajax and be able to use form's post?
Sorry if I wasn't clear enough.
The sentence that gave me a pause is this "I don't want to load them everytime my page loads, because that would consume resources database."
You see, I've build quite a lot of apps, that display menus and sub-menus based on user roles (what you called membership). This has never been an issue from the resources or database perspective.
You can access all the membership information that you need once, when your used is being logged in. In the simplest case user's identity will be stored in the context along with the roles they have (HttpContext.User), so you do not to need a database lookup at all to get this information on every request. Note that with this scenario no ajax is required either.
If for whatever reason you can't store your membership information in the context like this, you still can store in in session (if in-memory) or in encrypted Cookies.
Now, I understand, that I don't all the details of your scenario, and that may be in your scenario what you are trying to do is warranted, however I suggest you think it through again, as under normal circumstances what you indicate is a problem (database resource) should not be a problem at all.
The bottom line is: if you alter your application that it stores the membership information when user logs on you won't have your problem to start with.
You don’t have to build all of your application using Ajax. But in this scenario Ajax may be the best way forward.
Following is my suggestion
Create your data entry for inside a dev
Have each input controller marked with a class (say ‘dataEntry’)
Create a javascript function to iterate the dev and build a list of all elements that has class dataEntry
Build a json object using the list. Use the name of each element as property name and value as the property value
Use jquery ajax to post this to the controller action
[optional] you can use .done and .fail methods to take action on success or failures of the call
I know this may look intimidating, but if you have many data entry forms, you can re-use this code.