Database Reference
In-Depth Information
We feel confident in using a static Oracle query instead of a stored procedure to get the list of
employees and other lists in our dataInit() method (see Listing 12-16) because there are no
application-user-provided parameters, so no chance of SQL injection and the data is non-sensitive,
though still protected by a role grant (it's not PUBLIC ). This doesn't go against what we've said about
using stored procedures for queries; it is in addition to that approach. Again, querying the data directly
from a view is safe as long as the query is static with no application-user-provided parameters.
In order for the hrview_role to query data from the HR.v_employees_public view, we need to grant
the SELECT privilege to hrview_role . We make that grant as the HR user, along with a grant to select from
HR.v_sms_carrier_host in Listing 12-18. In dataInit() , we also populate the contents of the job ID,
department ID, manager, and SMS carrier drop-down boxes, so we need to select from both these views.
Listing 12-18. Grant Further Select on HR Views
GRANT SELECT ON hr.v_employees_public TO hrview_role;
GRANT SELECT ON hr.v_sms_carrier_host TO hrview_role;
Note The script for these grants is located in the file named Chapter12/OrclHR.sql .
Select an Existing Employee
After the AddUser screen is initialized, the application user may elect to enter data and add a new
employee, or they may select an existing employee from the combo-box list. When an existing employee
is selected, the existingEmpComboBox_actionPerformed() method is called. We again want to request that
the application user be patient, so we make the sayWaitDialog visible—see the bottom of Listing 12-19.
We show the structure of the existingEmpComboBox_actionPerformed() method in Listing 12-19, but the
bulk of the run() method of our delayed Thread will be shown in later listings.
Listing 12-19. Method for Selecting Existing Employee
private void existingEmpComboBox_actionPerformed(ActionEvent e) {
// When action from dataInit() at removeAllItems(), getItemCount() = 0
if (0 == existingEmpComboBox.getItemCount() ||
0 == existingEmpComboBox.getSelectedIndex()) {
osUserIDTextField.setEnabled(false);
blankAll();
return;
}
employeeID = Integer.parseInt(Utility.pullIDFromParens(
(String)existingEmpComboBox.getSelectedItem()));
blankAll();
SwingUtilities.invokeLater(new Runnable() {
public void run() {
// The bulk of the run() method has been removed from this Listing
Login.sayWaitDialog.setVisible(false);
 
Search WWH ::




Custom Search