Verify URL and form parameters

The base permissions infrastructure automatically checks whether the current user can access a given page. However, you must verify that the user has access to the given record(s) being edited.

For example:

/DrugOrderShipInfo.aspx?SDR_enterDrugOrderFld=010004

The permissions system redirects any user without permission to enter shipment information. However, the code still verifies that drug order 010004 is in the list of shipments available to this user.

For example:

_linq.Shipment.ForUser(CurrentSession.UserID)

• Access to Oracle Support
• Accessibility
• Legal Notices

Copyright © 2016, 2018 Oracle and/or its affiliates. All rights reserved.