1. Configuring and Extending Applications
  2. Make Application Changes Visible Based on User Roles

Make Application Changes Visible Based on User Roles

This example demonstrates how you can make application changes visible to a specific user role.

To control page components conditionally based on user role:

  • Create security privileges

  • Add an Expression Language expression to the component property that you want to control

The following table summarizes the key decisions for this scenario.

Decisions to Consider

In This Example

What's the page object you're securing?

Reports link

To which user role you want to make the changes visible?

Hiring managers, Sherry Callaway and Terrance Whitaker

Tip: Create a role just for testing application changes. Call it DEVCUST_TEST_ROLE. When you're sure that the application change works, change the security to the appropriate role.

Which expression to add for verifying whether a user has the appropriate privilege?

#{securityContext.userGrantedPermission['MANAGER_REPORTS_LINK_PRIV']}

As a prerequisite, activate a sandbox that has the Page Composer tool in it. Make sure the context layer of your sandbox is supported by the page you want to edit. Otherwise, you won’t be able to edit the page.

Make Application Changes Visible to a User Role

Follow these steps:

  1. Create a privilege.

  2. Add the 'MANAGER_REPORTS_LINK_PRIV' object to 'DEVCUST_TEST_ROLE'.

  3. Assign DEVCUST_TEST_ROLE to Terrance and Sherry.

    Note: Make sure that Terrance and Sherry have access to the page before you make any changes.

  4. Open the page, having the Reports link that you want to modify, in Page Composer, and select the Reports link component.

  5. Click the Edit icon. This opens the Component Properties dialog box.

  6. Click the Display Options tab.

  7. Click the Edit icon next to the Show Component property, and select Expression Builder....

  8. Add an expression to verify whether the user has the appropriate privilege. Use this sample code: #{securityContext.userGrantedPermission['MANAGER_REPORTS_LINK_PRIV']}

  9. Save the property changes, and close Page Composer.

    After you change the show component property, whenever users open this page, the application evaluates the expression. Since Sherry and Terrance have the privilege, the Show Component property evaluates to be selected. Hence, Sherry and Terrance can see the Reports link while all other users can't.

    Tip: Use Oracle JDeveloper to define permissions that render UI components based on the user's access rights. (Oracle JDeveloper is not available in Oracle Cloud implementations.)

Related Topics