authorizationoracle-apex

Oracle Apex - How to limit what certain user can see based on the values from another table


I have table one:

Report Area
Report_24_09 1011
Report_24_09 1012

and table two:

User Area
Mark 1011
John 1012
Bruce 1013

How do I limit SQL query for table one so that Mark see only reports for area 1011, John only to see Report for area 1012 and Bruce to see both?
Of course real tables are more complicated with regions, subregions and areas.

I was thinking of adding where condition in query that calls a function, but I don't know how to do that or if that is the best way to do so.


Solution

  • If the table 2 stores the users of Apex application, you can use 'APP_USER' bind variable to get the logged in user. In this case, you can create a interactive grid/report with a sample query:

    select * 
    from table_one 
    where area in (
                   select area 
                   from table_two 
                   where upper(user) = upper(v('APP_USER')
                  );