eTRM uses javascript that opens and focuses a separate window to display reports. Your browser does not appear to support javascript. This should not prevent you from using eTRM but it does mean the window focus feature will not work. Please check the contents of other windows on your desktop if you click on a link that does not appear to do anything.
PACKAGE BODY: APPS.BISM_ACCESS_CONTROL

Source


1 PACKAGE BODY bism_access_control AS
2 /* $Header: bibaclb.pls 115.4 2004/02/13 00:34:33 gkellner noship $ */
3 
4 function check_list_access(fid raw,myid raw)
5 return varchar2
6 is
7 priv number(2):=0;
8 name bism_objects.object_name%type;
9 begin
10 
11 -- resolve folder path,getUserPrivilege,checkUserPrivilege calls this function
12 -- cheks to see if the specified user has at least
13 -- list access to the specified folder
14 
15 select max(privilege) into priv from bism_permissions where
16 object_id = fid and subject_id in
17 (
18 select group_id from bism_groups where user_id = myid
19 );
20 
21 if priv is null then
22 begin
23 select object_name into name from bism_objects where object_id = fid;
24 raise_application_error(BISM_ERRORCODES.NO_PRIVILEGES,'User has no privileges for folder');
25 exception
26 when no_data_found then
27 raise_application_error(BISM_ERRORCODES.FOLDER_NOT_FOUND,'Folder not found');
28 end;
29 end if;
30 
31 if priv >= 10 then
32 return 'y';
33 else
34 raise_application_error(BISM_ERRORCODES.INSUFFICIENT_PRIVILEGES,'Insufficient privileges');
35 end if;
36 exception
37 when no_data_found then
38 return 'n';
39 end;
40 
41 function check_ins_access(fid raw,myid raw)
42 return varchar2
43 is
44 name bism_objects.object_name%type;
45 priv number(2):=0;
46 begin
47 
48 -- always look at the folder id and see if the folder allows this
49 -- object to be inserted (this object can be either be a folder
50 -- or an object - it does not matter)
51 select max(privilege) into priv from bism_permissions where
52 object_id = fid and subject_id in
53 (
54 select group_id from bism_groups where user_id = myid
55 );
56 
57 if priv is null then
58 begin
59 select object_name into name from bism_objects where object_id = fid;
60 raise_application_error(BISM_ERRORCODES.NO_PRIVILEGES,'User has no privileges for folder');
61 exception
62 when no_data_found then
63 raise_application_error(BISM_ERRORCODES.FOLDER_NOT_FOUND,'Folder not found');
64 end;
65 end if;
66 
67 if priv >= 30 then
68 return 'y';
69 else
70 raise_application_error(BISM_ERRORCODES.INSUFFICIENT_PRIVILEGES,'Insufficient privileges');
71 end if;
72 exception
73 when no_data_found then
74 return 'n';
75 end;
76 
77 
78 function check_upd_access(oid raw,fid raw,is_record_a_folder varchar2,curr_user_id raw)
79 return varchar2
80 is
81 priv number(2):=0;
82 thisid raw(16);
83 name bism_objects.object_name%type;
84 begin
85 
86 
87 if is_record_a_folder = 'Y' OR is_record_a_folder = 'y' then
88 thisid := oid;--if curr selection is a folder, fine lets look up access on folder
89 else
90 thisid := fid;-- if current record is an object, walk up to its parent folder
91 end if;
92 
93 select max(privilege) into priv from bism_permissions where
94 object_id = thisid and subject_id in
95 (
96 select group_id from bism_groups where user_id = curr_user_id
97 );
98 
99 if priv is null then
100 begin
101 select object_name into name from bism_objects where object_id = thisid;
102 raise_application_error(BISM_ERRORCODES.NO_PRIVILEGES,'User has no privileges for folder');
103 exception
104 when no_data_found then
105 raise_application_error(BISM_ERRORCODES.FOLDER_NOT_FOUND,'Folder not found');
106 end;
107 end if;
108 
109 if priv >= 40 then
110 return 'y';
111 else
112 raise_application_error(BISM_ERRORCODES.INSUFFICIENT_PRIVILEGES,'Insufficient privileges');
113 end if;
114 
115 exception
116 when no_data_found then
117 dbms_output.put_line('Exception occurred - No Data Found');
118 return 'n';
119 
120 end;
121 
122 
123 function check_read_access(oid raw,fid raw,current_selection_is_folder varchar2,curr_user_id raw)
124 return varchar2
125 is
126 priv number(2):=0;
127 tempid raw(16);
128 name bism_objects.object_name%type;
129 begin
130 
131 if current_selection_is_folder = 'Y' OR current_selection_is_folder = 'y' then
132 tempid := oid;
133 else
134 tempid := fid;
135 end if;
136 
137 select max(privilege) into priv from bism_permissions where
138 object_id = tempid and subject_id in
139 (
140 select group_id from bism_groups where user_id = curr_user_id
141 );
142 
143 if priv is null then
144 begin
145 select object_name into name from bism_objects where object_id = tempid;
146 raise_application_error(BISM_ERRORCODES.NO_PRIVILEGES,'User has no privileges for folder');
147 exception
148 when no_data_found then
149 raise_application_error(BISM_ERRORCODES.FOLDER_NOT_FOUND,'Folder not found');
150 end;
151 end if;
152 
153 if priv >= 20 then
154 return 'y';
155 else
156 raise_application_error(BISM_ERRORCODES.INSUFFICIENT_PRIVILEGES,'Insufficient privileges');
157 end if;
158 exception
159 when no_data_found then
160 return 'n';
161 
162 end;
163 
164 
165 function check_del_access(oid raw,fid raw,is_folder varchar2,name varchar2,curr_user_id raw)
166 return varchar2
167 is
168 c1 number;
169 c2 number;
170 priv number(2):=0;
171 tempid bism_objects.object_id%type;
172 fname bism_objects.object_name%type;
173 begin
174 
175 if is_folder = 'N' OR is_folder = 'n' then
176 -- if the record is an object, check its folder privilege
177 -- unbind() enters this block
178 tempid := fid;
179 else
180 -- if the selected record is a folder, use its oid
181 tempid := oid;
182 end if;
183 
184 
185 select max(privilege) into priv from bism_permissions
186 where object_id = tempid and subject_id in
187 (
188 select group_id from bism_groups where user_id = curr_user_id
189 );
190 
191 
192 if priv is null then
193 begin
194 select object_name into fname from bism_objects where object_id = tempid;
195 raise_application_error(BISM_ERRORCODES.NO_PRIVILEGES,'User has no privileges for folder');
196 exception
197 when no_data_found then
198 raise_application_error(BISM_ERRORCODES.FOLDER_NOT_FOUND,'Folder not found');
199 end;
200 end if;
201 
202 if priv >=40  then
203 return 'y';
204 else
205 raise_application_error(BISM_ERRORCODES.INSUFFICIENT_PRIVILEGES,'Insufficient privileges');
206 end if;
207 exception
208 when no_data_found then
209 dbms_output.put_line('Exception occurred - No Data Found');
210 return 'n';
211 
212 end;
213 
214 
215 function check_fullcontrol_access(oid raw,myid raw)
216 return varchar2
217 is
218 priv number(2):=0;
219 name bism_objects.object_name%type;
220 begin
221 -- this function mus be called only on a folder
222 select max(privilege) into priv from bism_permissions where
223 object_id = oid and subject_id in
224 (
225 select group_id from bism_groups where user_id = myid
226 );
227 
228 if priv is null then
229 begin
230 select object_name into name from bism_objects where object_id = oid;
231 raise_application_error(BISM_ERRORCODES.NO_PRIVILEGES,'User has no privileges for folder');
232 exception
233 when no_data_found then
234 raise_application_error(BISM_ERRORCODES.FOLDER_NOT_FOUND,'Folder not found');
235 end;
236 end if;
237 
238 if priv >= 50 then
239 return 'y';
240 else
241 raise_application_error(BISM_ERRORCODES.INSUFFICIENT_PRIVILEGES,'Insufficient privileges');
242 end if;
243 exception
244 when no_data_found then
245 dbms_output.put_line('Exception occurred - No Data Found');
246 return 'n';
247 
248 end;
249 
250 function check_show_entries_access(oid raw,myid raw)
251 return varchar2
252 is
253 priv number(2):=0;
254 name bism_objects.object_name%type;
255 oname bism_objects.object_name%type;
256 begin
257 
258 -- this function must be called only on a folder
259 -- for now entries() is the only method calling this
260 
261 select max(privilege) into priv from bism_permissions where
262 object_id = oid and subject_id in
263 (
264 select group_id from bism_groups where user_id = myid
265 );
266 
267 if priv is null then
268 begin
269 select object_name into name from bism_objects where object_id = oid;
270 raise_application_error(BISM_ERRORCODES.NO_PRIVILEGES,'User has no privileges for folder');
271 exception
272 when no_data_found then
273 raise_application_error(BISM_ERRORCODES.FOLDER_NOT_FOUND,'Folder not found');
274 end;
275 end if;
276 
277 -- to list the entries on a folder, the caller should have atleast the
278 -- LIST access. Originally I have coded it in such a way that the caller
279 -- needed to have FULLCONTROL (50) but then we found that NT allows the
280 -- user with LIST access to see the AclEntries on a folder, so Henry and I
281 -- decided to change the behavior here to be compliant with NT
282 --  now I only check for priv of 10
283 if priv >= 10 then
284 return 'y';
285 else
286 raise_application_error(BISM_ERRORCODES.INSUFFICIENT_PRIVILEGES, 'Insufficient privileges to show entries');
287 end if;
288 exception
289 when no_data_found then
290 begin
291 select object_name into oname from bism_objects where object_id = oid;
292 raise_application_error(BISM_ERRORCODES.NO_PRIVILEGES,'User has no privileges for folder');
293 exception
294 when no_data_found then
295 raise_application_error(BISM_ERRORCODES.FOLDER_NOT_FOUND,'Folder not found');
296 end;
297 
298 return 'n';
299 
300 end;
301 
302 
303 function dummy_op(oid raw,myid raw)
304 return varchar2
305 is
306 begin
307 return 'y';
308 end;
309 
310 function dummy_op2(oid raw,fid raw,current_selection_is_folder varchar2,myid raw)
311 return varchar2
312 is
313 begin
314 return 'y';
315 end;
316 
317 end bism_access_control;