Many
applications have requirement that a user should has access to a subset of
data. In most cases the user access settings are stored in a database table.
Using this approach you can implement this feature flexibly on different
views of information. Below are the steps.
1.
Create a class that extends ViewObjectImpl.
2.
Override the getCriteriaAdapter method from ViewObjectImpl.
@Override
public CriteriaAdapter
getCriteriaAdapter() {
return new
DSCustomCriteriaAdapter();
}
3.
Create a new class that extends CriteriaAdapterImpl.
4.
Override the method getCriteriaClause from CriteriaAdapterImpl. Use
this method to generate data security clause.
@Override
public java.lang.String
getCriteriaClause(oracle.jbo.ViewCriteria criteria) {
}
5.
Use this as the class for all the view object that need data
security.
o For classes that do not
have a custom implementation, navigate to view object -> java tab ->
Edit Java class -> use class Extends button -> provide this custom class
in the Object property. The xml would be modified as below
ComponentClass="com.adfSpecialists.dataSecurity.model.util.DSViewObjectImpl">
o For classes that have a
java implementation, simply change the code to extend this class.
public class DSViewObjectImpl extends ViewObjectImpl {
6. Add the dummy view criteria to all the view objects that need data
security.
o Eg: DS_DUMMYVC__EmployeesEO__DEPARTMENT_ID
o EmployeesEO
is the table alias and DEPARTMENT_ID is the constrained column. i.e logged in user
would have access to only few departments.
7. In the application module configure the view object instance and shuffle the dummy view criteria.
8. Now let’s look in detail at the getCriteriaClause implementation in custom curiteria adapter.
@Override
public java.lang.String getCriteriaClause(oracle.jbo.ViewCriteria
criteria) {
String viewCriteriaName = criteria.getName();
if(viewCriteriaName.contains("DS_DUMMYVC")){
String[] viewCriteriaAttrs = viewCriteriaName.split("__");
//viewCriteriaAttrs[0] holds the view criteria identifier
//viewCriteriaAttrs[1] holds the table alias
//viewCriteriaAttrs[2] holds the attribute alias
String userName =
((ApplicationModuleImpl)criteria.getViewObject().getApplicationModule()).getUserPrincipalName();
//now generate a clause using your security clause
return "
"+viewCriteriaAttrs[1]+"."+viewCriteriaAttrs[2]+" IN
(" +
" Select Department_Id
from Data_security where user_name = '"+userName+"')";
}else{
return super.getCriteriaClause(criteria);
}
}
You can download the full example here.