How to get the most out of APEX Advisor

In this blog, James Sanna advises how you can utilise APEX Advisor to its fullest potential. To find out more information, take a look at our APEX services.

What is APEX Advisor?

Oracle APEX Advisor is a built-in analysis tool that performs a series of sanity checks on your application to evaluate your developments’ overall integrity and quality. APEX Advisor works just like a typical lint tool (a program that analyses code for issues and bad practices) and will run pre-written automated tests to check for:

• Programming errors
• Security issues
• Warnings
• Performance
• Usability
• Quality assurance
• Accessibility

How to use APEX Advisor

APEX Advisor is simple to access and run and requires no pre-requisite setup. It can be found within the Utilities menu inside the application you wish to run it on.

Figure 1 - Where to find APEX Advisor

When you click 'Advisor', a popup window will appear with the following optional sections:

• Check Pages(s) – here, you can specify a comma-separated list of pages to run the Advisor against or leave it blank to run against the entire application.
• Pages last edited within the last 7 days – this provides useful information by highlighting where recent changes have been made. You can then specify these pages to run more efficient checks.
• Checks to Perform – a full list of every check the Advisor can perform, with the option to include or mitigate each check from the analysis.

Figure 2 - Checks to perform

Once you have made your selections, click ‘Perform Check’, and the Advisor will get to work.

Advisor Results

The results may take a small amount of time to generate; this will depend on the size of your application and the number of selected checks to perform. Once completed, the results of any check flagged as an issue will be displayed. Each result contains detailed information about the check, including:

• The location within the app
• The attribute being checked
• The category and type of check
• A message detailing why the issue was flagged
• A value – this could be, for example, an invalid query or link
• A 'View' button, which will take you to the source of the issue within the page designer

Figure 3 -Advisor Results

Getting the most out of Advisor

1. Split your analysis up

If you have not used APEX Advisor before, your initial approach might be to just run all the checks on everything. At least, mine was! The output returned many results that would have been easier to work through in smaller chunks. This is why APEX provides the options to define which pages to check and limit the types of checks to perform. Splitting things up makes the results more manageable, and there are a few different methods that can be taken:

• By Page: Advisor can also be conveniently run directly from a page within the app designer under the page's utilities menu. This gives the same popup Advisor window, but filters to check only the page you came from.
  
  
  Figure 4 - Running Advisor from page level
  
  Having an effortless option bounce between page designer and Advisor provides a simple and effective method to run checks on the go without having to analyse your entire application. You can quickly run checks, make changes, and re-run to ensure the issues have been mitigated.

• By Checks: an alternative way to break down the Advisor analysis is to run it across an entire app whilst focusing only on one area of checks. For example, you could choose to just run checks on accessibility factors and identify a common issue across multiple pages. Then, instead of fixing one page at a time, you might be able to apply a higher-level solution to resolve all the flagged checks at once.
  
• By Group: although running Advisor against page groups is not actually a built-in feature, I have found that filtering the checks to run on a selection of pages that are related in some way has given me the most helpful results. There are checks that ensure referenced items between pages are valid and that previously legitimate SQL has not become invalid if table columns are moved, deleted, or renamed. Working with groups of pages that are referencing each other’s items and calling the same tables keeps the checks contextually similar and makes for a smoother alleviation of the issues.

2. Improve Usability

Advisor can be used to capture elements of your application that may degrade the overall user experience. One useful check is identifying where a mismatch of authorisation occurs between components and target pages. If a user does not have the correct level of authorisation to access a page, the associated navigation components to that page should also be conditional based on the same level of authorisation. A simple example of this would be if a user is not an administrator, they should not be seeing an administration component in the navigation menu.

Figure 5 - Authorization mismatch between component and target

• The action of a button is “Defined by Dynamic Action”, but there is no corresponding dynamic action defined. This could render the button useless and impact the quality of your application
• A dynamic action references a button, but the action of a button is not set to “Defined by Dynamic Action”

3. Secure your application

Many important security factors may get overlooked during development, and Advisor can check for potential vulnerabilities. This may be where there are authorisation schemes that are inconsistent or missing entirely. Another important check that Advisor offers is where inappropriate use of the variable substitution syntax has occurred (e.g., using &P1_ID.) in PL/SQL code, creating potential exposure to SQL injection.

Figure 6 - Inappropriate use of substitution syntax

4. Accessibility

Testing for accessibility can sometimes get forgotten, as poor accessibility does not always have an immediate, noticeable effect. Advisor has a suite of checks that can highlight and improve the overall levels of accessibility. These will evaluate theme styles, missing alt text on images, legacy charts with limited accessibility, and much more.

APEX developments are typically well built for accessibility out of the box, but it becomes essential to assess levels of accessibility when we start introducing our own customisations to the look and feel of an application.

Summary

APEX Advisor is an imperative tool that offers a suite of integrity testing, giving you results that will improve the quality of your developments. By using Advisor to mitigate issues and potential problems, you can save time spent manually testing, checking, peer-reviewing, and debugging and have a better assurance of the integrity of your applications.

It is certainly recommended to run Advisor frequently during all stages of development. This could be regularly - whether daily, weekly, or dependant on how many changes are being made. Picking up issues early on can help a developer learn and prevent repeating the same mistakes throughout an application.

If you would like to speak to one of our Oracle APEX experts, get in touch through enquiries@dsp.co.uk or book a meeting...