Skip to content

Commit c1e88ee

Browse files
sspendolsspendol
authored
r24.2.7 (#15)
# Description * installation documentation updates * User documentation updates * separate AOP objects for easier maintenance - for license reasons they cannot reside in the github repo * bugfix sert_core.extension_xapi.grant_extension_workspace fails when installing with ADMIN * bugfix Uniqueness violation on new SERT exceptions for Breadcrumb Authz Inconsistency Fixes #14 Fixes #13 Fixes #10 Fixes #9
2 parents 085df9b + 399f60c commit c1e88ee

21 files changed

+706
-746
lines changed

development/scripts/add_apex_sql_license.sh

+1-2
Original file line numberDiff line numberDiff line change
@@ -3,9 +3,8 @@ for file in $(find ./product/sert/apex -type file -iname '*.sql' -exec grep -
33
do
44
if [ 0 -eq $(grep -c "Universal Permissive License" ${file} ) ]
55
then
6+
echo "add license for ${file}"
67
ed -s ${file} <<<$'1r development/licence_snip.txt\nw'
7-
else
8-
echo "****** found license for ${file}"
98
fi
109
done
1110
# fix format trick

development/scripts/add_sql_license.sh

+1-2
Original file line numberDiff line numberDiff line change
@@ -4,8 +4,7 @@ do
44
if [ 0 -eq $(grep -c "Universal Permissive License" ${file} ) ]
55
then
66
ed -s ${file} <<<$'1r development/licence_snip.txt\nw'
7-
else
8-
echo "****** found license for ${file}"
7+
echo "****** add license for ${file}"
98
fi
109
done
1110
# fix format trick

doc/install_guide.md

+1-26
Original file line numberDiff line numberDiff line change
@@ -62,10 +62,6 @@ Oracle internal only:
6262

6363
* [https://gbuconfluence.oraclecorp.com/display/CDSTS/Integrating+OCI+Document+Generator+Function](https://gbuconfluence.oraclecorp.com/display/CDSTS/Integrating+OCI+Document+Generator+Function)
6464

65-
once you have a working DocGen service, you can set preferences in the APEX-SERT administration application by navigating to Setup → Preferences and providing the required data values.
66-
67-
![image_here ](./#)
68-
6965
#### 2.1.2. Resources
7066

7167
In order to install APEX-SERT, you will need access to the following system resources:
@@ -88,28 +84,7 @@ For AUTONOMOUS, use DATA as your tablespace
8884

8985
#### 2.2 Downloading
9086

91-
#### 2.2.1 Download APEX-SERT
92-
93-
Recent versions can be found here: <https://artifacthub-iad.oci.oraclecorp.com/artifactory/xgbu-ace-dev/sert/>
94-
95-
for APEX 24.1, download the latest sert_24.1.N.zip file.
96-
97-
for APEX 24.2 download the latest sert_24.2.N.zip file.
98-
99-
once expanded/unzipped, the directory shall contain the following files and directories:
100-
101-
```sh
102-
$ ls -l
103-
total 40
104-
-rw-r--r-- 1 mipotter staff 1131 27 Sep 11:33 LICENSE.md
105-
-rw-r--r-- 1 mipotter staff 36 27 Sep 11:33 README.md
106-
-rw-r--r-- 1 mipotter staff 893 3 Oct 20:04 controller.xml
107-
-rw-r--r-- 1 mipotter staff 1656 17 Sep 15:42 install.sql
108-
drwxr-xr-x@ 4 mipotter staff 128 13 Sep 12:30 product
109-
-rw-r--r--@ 1 mipotter staff 819 3 Oct 21:13 sert.properties
110-
```
111-
112-
#### 2.2.2 ACDC installing schema creation script
87+
#### 2.2.1 ACDC installing schema creation script
11388

11489
Access the "acdc" setup scripts from the sert_latest.zip file, located in product/sert/pre-install/.  refer to the [README.md](README.md) for details of installation
11590

doc/samples..md

-37
This file was deleted.

doc/social_switching.md

-12
This file was deleted.

doc/unit_testing.md

-7
This file was deleted.

product/sert/apex/application/f2100/application/pages/page_00220.sql

+2-2
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
-- file_checksum: 886DE5203FA70D5B3AAD5E623DF5BA2231A374DF136D6BF0DCBBDC26C43312A3
1+
-- file_checksum: A2B6E827E8FEB3E95C11828EA7DFCA3A8C1ED77920015203C9C037585E2C96E2
22
-------------------------------------------------------------------------------
33
-- Copyright (c) 2024,2025 Oracle and/or its affiliates.
44
-- Licensed under the Universal Permissive License v 1.0 as shown
@@ -51,7 +51,7 @@ wwv_flow_imp_page.create_page_plug(
5151
,p_plug_template=>wwv_flow_imp.id(468194028275671212)
5252
,p_plug_display_sequence=>30
5353
,p_location=>null
54-
,p_plug_source=>'Report is generating and will automictically download when completed. Please check your inbox for the password.'
54+
,p_plug_source=>'Report is generating and will automatically download when completed. Please check your inbox for the password.'
5555
,p_ai_enabled=>false
5656
,p_attributes=>wwv_flow_t_plugin_attributes(wwv_flow_t_varchar2(
5757
'expand_shortcuts', 'N',

product/sert/apex/application/f2100/application/pages/page_00240.sql

+2-2
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
-- file_checksum: C46ADA36ACCD159CEE73D5E18A5BC9A7C0E26073B6FFC165A44970E0F156E0C7
1+
-- file_checksum: 0E8FBC4FD6D14EE5243B6FD11186E09B557A071BB3C2BA504B5242B4441AF44F
22
-------------------------------------------------------------------------------
33
-- Copyright (c) 2024,2025 Oracle and/or its affiliates.
44
-- Licensed under the Universal Permissive License v 1.0 as shown
@@ -51,7 +51,7 @@ wwv_flow_imp_page.create_page_plug(
5151
,p_plug_template=>wwv_flow_imp.id(468194028275671212)
5252
,p_plug_display_sequence=>40
5353
,p_location=>null
54-
,p_plug_source=>'Report is generating and will automictically download when completed. Please check your inbox for the password.'
54+
,p_plug_source=>'Report is generating and will automatically download when completed. Please check your inbox for the password.'
5555
,p_ai_enabled=>false
5656
,p_attributes=>wwv_flow_t_plugin_attributes(wwv_flow_t_varchar2(
5757
'expand_shortcuts', 'N',

product/sert/apex/application/f2100/application/pages/page_00302.sql

+2-2
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
-- file_checksum: 692DD2C15E0498A1A9A07B297833468EB69203A696A204C2D698224FE105D0DC
1+
-- file_checksum: 8ED1F5363E240D08511892F5E47627F9FA259F9D209F5F140DDBEE6AB7347445
22
-------------------------------------------------------------------------------
33
-- Copyright (c) 2024,2025 Oracle and/or its affiliates.
44
-- Licensed under the Universal Permissive License v 1.0 as shown
@@ -26,7 +26,7 @@ wwv_flow_imp_page.create_page(
2626
,p_reload_on_submit=>'A'
2727
,p_autocomplete_on_off=>'OFF'
2828
,p_step_template=>wwv_flow_imp.id(468163289284671148)
29-
,p_page_template_options=>'#DEFAULT#:js-dialog-class-t-Drawer--pullOutEnd:js-dialog-class-t-Drawer--xl:t-PageBody--noContentPadding'
29+
,p_page_template_options=>'#DEFAULT#:js-dialog-class-t-Drawer--pullOutEnd:js-dialog-class-t-Drawer--md:t-PageBody--noContentPadding'
3030
,p_required_role=>'MUST_NOT_BE_PUBLIC_USER'
3131
,p_required_patch=>wwv_flow_imp.id(54926183278448596)
3232
,p_protection_level=>'C'

product/sert/apex/application/f2100/application/shared_components/logic/build_options.sql

+2-2
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
-- file_checksum: 2B4E7DB90347A9C978CF1BDFD7D1D4C6C9EA3902FF551FC9F04BF49AE9C6AA3B
1+
-- file_checksum: 6A492B0C3CA4612E995AB1A4A293288458F3031701707DED84091ADCEF9754A9
22
-------------------------------------------------------------------------------
33
-- Copyright (c) 2024,2025 Oracle and/or its affiliates.
44
-- Licensed under the Universal Permissive License v 1.0 as shown
@@ -28,7 +28,7 @@ wwv_flow_imp_shared.create_build_option(
2828
p_id=>wwv_flow_imp.id(54925859627450308)
2929
,p_build_option_name=>'AOP'
3030
,p_build_option_status=>'INCLUDE'
31-
,p_version_scn=>44595640091786
31+
,p_version_scn=>44624300241151
3232
,p_default_on_export=>'INCLUDE'
3333
,p_on_upgrade_keep_status=>true
3434
);

product/sert/apex/application/f2100/install.sql

+1-1
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
prompt app_checksum: 86F1945335267E9F0D7E6DA88119A23CC54E913630F010C30AE63140F34FEB5B
1+
prompt app_checksum: 9DBE56965E8E6520BCF939EC4005C1BCC5F3216B8D997E31EC9EC8F6EA7C7643
22
-------------------------------------------------------------------------------
33
-- Copyright (c) 2024,2025 Oracle and/or its affiliates.
44
-- Licensed under the Universal Permissive License v 1.0 as shown

product/sert/apex/workspace/add_workspace.sql

+7-6
Original file line numberDiff line numberDiff line change
@@ -1,9 +1,9 @@
11
--liquibase formatted sql
2-
-------------------------------------------------------------------------------
3-
-- Copyright (c) 2024 Oracle and/or its affiliates.
4-
-- Licensed under the Universal Permissive License v 1.0 as shown
5-
-- at https://oss.oracle.com/licenses/upl/
6-
--------------------------------------------------------------------------------
2+
-------------------------------------------------------------------------------
3+
-- Copyright (c) 2024 Oracle and/or its affiliates.
4+
-- Licensed under the Universal Permissive License v 1.0 as shown
5+
-- at https://oss.oracle.com/licenses/upl/
6+
--------------------------------------------------------------------------------
77
--changeset SERT:create-apex-workspace stripComments:false runOnChange:true endDelimiter:/
88
--preconditions onFail:MARK_RAN onError:HALT
99
--precondition-sql-check expectedResult:0 select count(*) from APEX_WORKSPACES where workspace = upper('${sert_apex_workspace}');
@@ -42,8 +42,9 @@ null;
4242
wwv_flow_api.set_security_group_id(10);
4343

4444
-- Create the workspace
45+
-- default workspace_id for development is 32049826282261068
4546
APEX_INSTANCE_ADMIN.ADD_WORKSPACE(
46-
p_workspace_id => 32049826282261068,
47+
p_workspace_id => to_number('${sert_apex_workspace_id}'),
4748
p_workspace => l_workspace,
4849
p_primary_schema => 'sert_pub'
4950
);

product/sert/post_install/upgrade_sert_apex_version.sql renamed to product/sert/post_install/2000_upgrade_sert_apex_version.sql

File renamed without changes.

product/sert/post_install/setup_builder_menu_entries.sql

+29-2
Original file line numberDiff line numberDiff line change
@@ -33,8 +33,35 @@ end;
3333

3434
--changeset mipotter:post_install_setup_builder_extension_grants endDelimiter:/ runOnChange:true runAlways:true rollbackEndDelimiter:/
3535
-- this can be enabled AFTER workspace parameter ALLOW_HOSTING_EXTENSIONS is set ( no automated until patch 24.1.2)
36-
BEGIN
37-
sert_core.extension_xapi.grant_extension_workspace ( p_to_workspace =>'${sert_apex_workspace}' );
36+
-- BEGIN
37+
-- sert_core.extension_xapi.grant_extension_workspace ( p_to_workspace =>'${sert_apex_workspace}' );
38+
-- end;
39+
declare
40+
l_sql varchar2(4000);
41+
l_to_workspace varchar2(255) := 'SERT';
42+
begin
43+
-- verify the to_workspace exists
44+
if (apex_util.find_security_group_id(l_to_workspace) is null ) then
45+
raise NO_DATA_FOUND;
46+
end if;
47+
48+
for rec in
49+
(select workspace from apex_workspaces aw
50+
where aw.workspace <> upper(l_to_workspace)
51+
and not exists ( select workspace_name from apex_workspace_schemas ws
52+
where ws.workspace_name = aw.workspace and schema = apex_application.g_flow_schema_owner)
53+
minus
54+
select grantor_workspace workspace
55+
from apex_workspace_extension_grant
56+
where grantee_workspace = upper(l_to_workspace )
57+
)
58+
loop
59+
--
60+
-- apex_instance_admin.grant_extension_workspace ( p_from_workspace => rec.workspace,
61+
-- p_to_workspace => upper(p_to_workspace),p_read_access => true, p_menu_label => 'APEX SERT');
62+
apex_instance_admin.grant_extension_workspace ( p_from_workspace => rec.workspace,
63+
p_to_workspace => upper(l_to_workspace),p_read_access => true, p_menu_label => 'APEX SERT');
64+
end loop;
3865
end;
3966
/
4067
--rollback not required

product/sert/sert_core/json_data/APEX-SERT Rules.json

+2-2
Original file line numberDiff line numberDiff line change
@@ -222,8 +222,8 @@
222222
"ruleCriteriaTypeKey": null,
223223
"additionalWhere": null,
224224
"customQuery": "with b as\n(\nselect\n application_id\n ,page_id\n ,button_name\n ,region_id\n ,redirect_url\n ,REGEXP_SUBSTR(redirect_url, '[^:]+', 1, 2) as target_page_id\n ,(select authorization_scheme\n from apex_application_pages \n where to_char(page_id) = REGEXP_SUBSTR(redirect_url, '[^:]+', 1, 2) \n and REGEXP_LIKE(REGEXP_SUBSTR(redirect_url, '[^:]+', 1, 2), '^[[:digit:]]+$') \n and application_id = #APP_ID#\n ) target_authorization_scheme\n ,(select authorization_scheme_id\n from apex_application_pages \n where to_char(page_id) = REGEXP_SUBSTR(redirect_url, '[^:]+', 1, 2) \n and REGEXP_LIKE(REGEXP_SUBSTR(redirect_url, '[^:]+', 1, 2), '^[[:digit:]]+$') \n and application_id = #APP_ID#\n ) target_authorization_scheme_id\n ,authorization_scheme\n ,authorization_scheme_id\nfrom\n apex_application_page_buttons\nwhere\n redirect_url is not null\n and application_id = #APP_ID#\n)\nselect\n #EVAL_ID# as eval_id\n ,#RULE_ID# as rule_id \n ,b.application_id as application_id\n ,b.page_id page_id \n ,b.region_id as component_id \n ,b.button_name as component_name\n ,null as column_name \n ,null as item_name\n ,null as shared_comp_name\n ,'Button: ' || nvl(authorization_scheme, 'None') || ' / Page: ' || nvl(target_authorization_scheme, 'None') as current_value\n ,'AuthZ Schemes Match' as valid_values\n ,case when NOT regexp_like(target_page_id, '^[[:digit:]]+$') then '{ \"reasons\":[ {\"reason\":\"target page is not a literal\"} ] ,\"result\":\"FAIL\" }'\n when nvl(target_authorization_scheme_id,0) = nvl(authorization_scheme_id,0) then '{ \"reasons\":[ ] ,\"result\":\"PASS\" }' else '{ \"reasons\":[ ] ,\"result\":\"FAIL\" }' \n end as result\nfrom b\nwhere 1=1\n and application_id = #APP_ID#",
225-
"info": "The execution of a **Page Process**  can be linked to the click of a specific _button_ on the same page. When the **Authorization Scheme** of the Process and the Button do not match it might be possible for the user to have access to the Button and not the Process or vice versa.\n\nAPEX-SERT flags Page Processes where the execution is tied to a Button, but where the Button's Authorization scheme doesn't match the Authorization Scheme for the Process.",
226-
"fix": "Check the **Authorization Schemes** on both the driving **Button** and the **Page Process** for compatibility. Although they are not required to be the same, developers need to make sure that the Authorization Schemes are compatible and will provide the desired result.",
225+
"info": "When a **Button** is used to redirect to a **Page** within an application, the **Authorization Scheme** needs to match on both occasions. When the Authorization Scheme of the Page and the Button do not match, it might be possible for the user to have access to the Button and not the Page or vice versa.\r\n\r\nAPEX-SERT flags when the Button's Authorization scheme doesn't match the Authorization Scheme for the target Page redirection.",
226+
"fix": "Check the **Authorization Schemes** on both the driving **Button** and the target **Page** redirect for compatibility. Although they are not required to be the same, developers need to make sure that the Authorization Schemes are compatible and will provide the desired result.",
227227
"timeToFix": null,
228228
"ruleSeverityName": "Medium",
229229
"ruleSeverityKey": "MEDIUM",

product/sert/sert_core/package_body/is_reports_api.pkb.sql

+9-6
Original file line numberDiff line numberDiff line change
@@ -70,7 +70,6 @@ as
7070
end report_generate;
7171

7272

73-
7473
------------------------------------------------------------------------------
7574
function evaluation_summary_report_json (
7675
p_eval_id NUMBER,
@@ -104,7 +103,8 @@ as
104103
'current_value' value ers1.current_value,
105104
'region_name' value ers1.region_name,
106105
'column_name' value ers1.column_name
107-
) order by ers1.rule_name, ers1.page_id, ers1.result
106+
returning clob)
107+
order by ers1.rule_name, ers1.page_id, ers1.result
108108
returning clob)
109109
from
110110
sert_core.eval_results_pub_v ers1,
@@ -167,7 +167,8 @@ as
167167
'current_value' value ers1.current_value,
168168
'region_name' value ers1.region_name,
169169
'column_name' value ers1.column_name
170-
) order by ers1.page_id, ers1.result
170+
returning clob)
171+
order by ers1.page_id, ers1.result
171172
returning clob)
172173
from
173174
sert_core.eval_results_pub_v ers1
@@ -237,7 +238,8 @@ as
237238
'column_name' value ers1.column_name,
238239
'result' value ers1.result,
239240
'current_value' value ers1.current_value
240-
) order by ers1.page_id
241+
returning clob)
242+
order by ers1.page_id
241243
returning clob
242244
)
243245
from
@@ -299,7 +301,8 @@ end evaluation_exception_report_json;
299301
json_object('rule_id' value rul1.rule_id,
300302
'rule_name' value rul1.rule_name,
301303
'rule_count' value count(*)
302-
) order by rul1.rule_name
304+
returning clob)
305+
order by rul1.rule_name
303306
returning clob)
304307
from
305308
sert_core.rules rul1
@@ -322,7 +325,7 @@ end evaluation_exception_report_json;
322325
return l_json;
323326

324327
end attributes_master_report_json;
325-
328+
326329

327330
end is_reports_api;
328331
/

product/sert/sert_core/seed_data/055_prefs_internal_merge.sql

+1-1
Original file line numberDiff line numberDiff line change
@@ -61,7 +61,7 @@ begin
6161
merge into sert_core.prefs dst
6262
using ( select 'Release Version' as pref_name
6363
, 'RELEASE_VERSION' as pref_key
64-
, '24.2.6' as pref_value
64+
, '24.2.7' as pref_value
6565
, 'Y' as internal_yn from dual ) src
6666
on ( src.pref_key = dst.pref_key)
6767
when matched then

0 commit comments

Comments
 (0)