Hi,
in ORDS, is there any way how to specify different required privileges (ORDS privileges/roles, not database ones) for different methods in the same template? The idea is to have one ORDS privilege for controlling read-only access (GET method handler for collection and collection item) and a different privilege for data manipulation operations (POST on collection and PUT + DELETE on collection item)?
I know, that privileges can be assigned to modules or URL patterns only, but these are the same in this situation:
GET …../customers - privilege customers.readonly
POST…../customers - privilege customers.readwrite
GET …../customers/:pk - privilege customers.readonly
PUT…../customers/:pk - privilege customers.readwrite
DELETE …../customers/:pk - privilege customers.readwrite
As a workaround I thought of checking the current user privileges in handler PL/SQL code as the POST, PUT and DELETE only support PL/SQL handler. But I have only found a way to get current user name (using :current_user bind variable), not his privileges. Is there any API or view, where I can get this information?
Regards,
David