The issue

Have you ever had those moments when an end-user calls you out of the blue with a disturbing message about your app?

It happened to me last week; an end-user called in a panic with the message, "all my inspections are gone!"

FYI: This Oracle APEX application manages all inspections a company is doing. Those inspections are grouped into different categories.

My thoughts

Records don't disappear automatically, so my mind immediately started to think about the potential reasons why this might have happened:

- Did we update the app with an invalid WHERE clause or a bad JOIN?

- Did a user do a bulk delete action or delete a parent record that caused the child records to go?

- Did we have a DELETE process that didn't have a condition?

The investigation

On the call, I asked the user to tell me what he saw. It was weird indeed; the categories showed there were zero inspections.

But this one category (Thermography) still had two inspections... bizarre.

I asked a few more questions and got the answers that parents or children were not deleted, bulk actions were not executed, and the records were there in the morning but were gone in the afternoon.

As we didn't deploy a new version of the app, and it worked before, it was a bit of a mystery to me.

The proof

I love to use APEX Project Eye (APE) to bring my theories to life.   APE is a powerhouse of tools that helps any Oracle APEX developer and project manager. For me, APEX Project Eye is for Oracle APEX, what Enterprise Manager is for the Oracle Database. APE is the most advanced tool to give you insight into your Oracle APEX applications, from how it was developed to how it is being used.

Back to our investigation on the disappearance of the records... I focused on the window from the morning when the records were there till the records disappeared. In APE, I used Session Flow to see who accessed the application during this period and accessed a page where a delete could have been done. I saw an unusually high number of going back and forth between a report and a form... In Session Flow, it shows lines between pages. The bigger the line between the pages, the more that path was taken. Session Flow also allows you to replay a session. The path gets highlighted, and you get the details of the request.

This way, I knew exactly what happened... somebody went into the records individually and deleted them. APE gave me the power to present the end-users precisely when somebody made an action visually.

APEX Project Eye helps in DEV, TEST, and PROD

We use APEX Project Eye a lot; during development (e.g., quality assurance), during testing, e.g., to review performance and error investigation, and during production to monitor our applications. Session Flow, in particular, is beneficial when APE shows an end-user got an error.

For the error, we see the Session ID, and based on this Session ID, we can replay their session until the error pops up. We know exactly what they did and don't have to ask for a reproducible case.

There was another occasion when Session Flow was a rescuer for me. At one point, we had a security breach in one of the apps. At least one person saw data in an Interactive Report that he wasn't supposed to see. He reached a page he wasn't supposed to have access to. Using Session Flow, I knew exactly how he came there, how long he had stayed on the page, and what he had done. I could, for example, see that he didn't download the data from the Interactive Report. Without Session Flow, I could have probably found out by analyzing the logs, but it would have taken me much more time. This was one of the reasons we now have Quality Assurance in APE so that APE can warn us of security risks. Do you know eSert, the popular security scanner for Oracle APEX, from a few years ago? With APE, you can use all of the eSert rules!  If you have a paid APE license, submit a request via our support portal to receive the eSert rule set.

Recap APE's Session Flow

APE's Session Flow is fantastic for the following use cases:

- See how people use the application you built.

- View exactly when and how an error occurred.

- Have a visual representation when you talk to project managers and end users.

- Prove if an action was done or not.