DBA Data[Home] [Help]

PACKAGE BODY: APPS.HR_SECURITY_UTILS

Source


1 PACKAGE BODY HR_SECURITY_UTILS AS
2 /* $Header: hrscutl.pkb 115.1 99/07/17 16:59:38 porting ship $ */
3 
4   --
5   -- PRIVATE FUNCTIONS AND PROCEDURES
6   --
7 
8   --
9   debug_mode_on    boolean  := FALSE ;
10 
11   --
12    custom_schema  boolean := FALSE ;
13   -- Raise an internal error. Not translated.
14   --
15   procedure raise_error( p_message in varchar2 ) is
16   begin
17      raise_application_error(-20001, p_message) ;
18   end raise_error;
19 
20   procedure debug_on is
21   begin
22      debug_mode_on := TRUE ;
23   end debug_on ;
24 
25   procedure debug_off is
26   begin
27      debug_mode_on := FALSE;
28   end debug_off ;
29 
30   --
31   -- Outputs a line if debug mode on or if force output
32   --
33   procedure output_line (p_message       in varchar2,
34                          p_always_output in boolean default false ) is
35   begin
36 
37    if ( p_always_output or debug_mode_on ) then
38       -- Bug#885806
39       -- dbms_output.put_line(p_message) ;
40       hr_utility.trace(p_message) ;
41    end if;
42 
43   end output_line ;
44 
45   --
46   -- PUBLIC FUNCTIONS AND PROCEDURES
47   --
48 
49  PROCEDURE check_profile_options IS
50  --
51  type bg_sp is record (
52      business_group_id     per_business_groups.business_group_id%type,
53      bg_name               per_business_groups.name%type,
54      security_profile_id   per_security_profiles.security_profile_id%type,
55      security_profile_name per_security_profiles.security_profile_name%type  ) ;
56 
57  l_site_value   varchar2(80) ;
58  l_appl_value   varchar2(80) ;
59  l_resp_value   varchar2(80) ;
60  l_defined      boolean := false ;
61  l_appl_defined boolean := false ;
62  l_resp_defined boolean := false ;
63 
64  --
65  -- These records contain the bg and sp values derived from the given
66  -- profile option
67  --
68  bg_profile bg_sp ;
69  sp_profile bg_sp ;
70 
71 
72  --
73  -- Returns details of the business group and its associated view
74  -- all security profile option
75  --
76  procedure get_details ( p_sp_id in varchar2 default null,
77                          p_bg_id in varchar2 default null ,
78                          p_output out bg_sp  ) is
79  cursor c1 is
80    select bg.business_group_id,
81           bg.name,
82           sp.security_profile_id,
83           sp.security_profile_name
84    from   per_security_profiles sp,
85           per_business_groups   bg
86    where  sp.security_profile_id = nvl(p_sp_id,sp.security_profile_id)
87    and    sp.business_group_id   = nvl(p_bg_id,sp.business_group_id)
88    and    sp.business_group_id   = bg.business_group_id
89    and    sp.view_all_flag       = decode(bg.business_group_id,null,
90                                           sp.view_all_flag,'Y') ;
91 
92  begin
93     open  c1 ;
94     fetch c1 into p_output ;
95     close c1 ;
96  end ;
97 
98 
99  --
100  -- Gets the Responsibility Level setting of the given profile option
101  --
102  procedure get_resp_level ( option_name  in varchar2,
103 		            appl_id      in number,
104 		            resp_id      in number,
105                             option_value out varchar2 ,
106                             defined out  boolean ) is
107   cursor c1 is
108        select V.PROFILE_OPTION_VALUE
109        from   FND_PROFILE_OPTIONS O, FND_PROFILE_OPTION_VALUES V
110        where  O.PROFILE_OPTION_NAME = option_name
111        and    V.LEVEL_ID = 10003 and V.LEVEL_VALUE = to_char(resp_id)
112        and    V.LEVEL_VALUE_APPLICATION_ID = to_char(appl_id)
113        and    O.PROFILE_OPTION_ID = V.PROFILE_OPTION_ID
114        and    O.APPLICATION_ID    = V.APPLICATION_ID ;
115 
116  begin
117 
118     open c1 ;
119     fetch c1 into option_value ;
120     defined := c1%found ;
121     close c1 ;
122 
123  end get_resp_level ;
124 
125  --
126  -- Gets the Application Level setting of the given profile option
127  -- Note that the GET_ functions in the FND_PROFILE package does
128  -- not detect whether the profile option is set already
129  --
130  procedure get_app_level ( option_name  in varchar2,
131 		           appl_id      in number,
132                            option_value out varchar2 ,
133                            defined out  boolean ) is
134   cursor c1 is
135        select V.PROFILE_OPTION_VALUE
136        from  FND_PROFILE_OPTIONS O, FND_PROFILE_OPTION_VALUES V
137        where O.PROFILE_OPTION_NAME = option_name
138        and   V.LEVEL_ID = 10002 and V.LEVEL_VALUE = to_char(appl_id)
139        and    O.PROFILE_OPTION_ID = V.PROFILE_OPTION_ID
140        and    O.APPLICATION_ID    = V.APPLICATION_ID ;
141 
142  begin
143 
144     open c1 ;
145     fetch c1 into option_value ;
146     defined := c1%found ;
147     close c1 ;
148 
149  end get_app_level ;
150 
151  begin
152 
153      dbms_output.enable(1000000) ;
154 
155      --
156      -- Get site level setting of business group. If it is set and the
157      -- security profile is not then set the security profile to be the
158      -- view all profile associated with that business group.
159      --
160 
161      l_site_value := fnd_profile.value_specific(name =>'PER_BUSINESS_GROUP_ID');
162 
163      if l_site_value is not null then
164 
165         get_details ( p_bg_id => l_site_value , p_output => bg_profile ) ;
166 
167         l_site_value := fnd_profile.value_specific(
168                                  name=>'PER_SECURITY_PROFILE_ID');
169         output_line('Site Level :business group profile is '||
170                       bg_profile.bg_name) ;
171 
172          if ( l_site_value is null or l_site_value = 0 ) then
173 
174              output_line('Setting site level security profile',true) ;
175              if NOT fnd_profile.save ( 'PER_SECURITY_PROFILE_ID',
176                                        bg_profile.security_profile_id,
177                                        'SITE' )
178              then
179                 raise_error('ERROR - Setting Security Profile at SITE level') ;
180              end if;
181 
182          end if;
183 
184      end if;
185 
186      --
187      -- Loop through each application and responsibility.
188      --
189      -- 1. If the Business Group Profile option was set at Application level
190      --    then clear it setting this value for each linked responsibility
191      --    which does not already have a value set.
192      --
193      -- 2. If the Security Profile profile option is not set for a given
194      --    responsibility then set it to be the View All security profile
195      --    for the given business group
196      --
197      for rec in ( select application_id,
198                          application_short_name,
199                          application_name
200                   from   fnd_application_vl
201                   order  by application_name )
202      loop
203 
204        output_line(rec.application_name||' ('||
205                    rec.application_short_name||') ... ',true );
206        get_app_level (
207             option_name  => 'PER_BUSINESS_GROUP_ID',
208             appl_id      => rec.application_id,
209             option_value => l_appl_value,
210             defined      => l_appl_defined ) ;
211 
212         if ( l_appl_defined = true  ) then
213 
214             get_details(p_bg_id => l_appl_value , p_output => bg_profile ) ;
215             output_line(' Appl. '||rec.application_short_name ||
216                                  ' BG Value '||l_appl_value||'.  '||
217                                  bg_profile.bg_name ) ;
218 
219         end if;
220 
221         for resp in ( select responsibility_id,
222                              responsibility_name
223 		      from   fnd_responsibility_vl
224                       where  application_id = rec.application_id
225                       order by responsibility_name )
226         loop
227 
228              get_resp_level (
229                 option_name  => 'PER_BUSINESS_GROUP_ID',
230                 appl_id      => rec.application_id,
231                 resp_id      => resp.responsibility_id,
232                 option_value => l_resp_value,
233                 defined      => l_resp_defined ) ;
234 
235              if ( l_resp_defined = true  ) then
236 
237                  get_details(p_bg_id => l_resp_value , p_output => bg_profile);
238 
239                  output_line('resp. '||rpad(resp.responsibility_name,30) ||
240                                       ' BG Profile value '||l_resp_value||'.'||
241                                       bg_profile.bg_name ) ;
242 
243              elsif ( l_appl_defined = true ) then
244 
245                 --
246                 -- Set the business group profile to the application setting
247                 --
248 
249                 output_line( 'Setting Business Group profile for resp '||
250                              rpad(resp.responsibility_name,30),true) ;
251                 if NOT fnd_profile.save (  'PER_BUSINESS_GROUP_ID',
252                                            l_appl_value,
253                                            'RESP',
254                                            resp.responsibility_id,
255                                            rec.application_id )
256                 then
257                    raise_error('ERROR - Setting Business Group profile option'||
258                                'at RESP level') ;
259                 end if;
260 
261             end if;
262 
263             --
264             -- If the business group profile option was defined for this
265             -- responsibility then check that the security profile option
266             -- has been set.
267             --
268             if ( l_resp_defined or l_appl_defined ) then
269 		    get_resp_level (
270 			    option_name  => 'PER_SECURITY_PROFILE_ID',
271 			    appl_id      => rec.application_id,
272 			    resp_id      => resp.responsibility_id,
273 			    option_value => l_resp_value,
274 			    defined      => l_defined ) ;
275 
276 		    if ( l_defined = true ) then
277 
278 		       get_details ( p_sp_id => l_resp_value ,
279                                      p_output => sp_profile ) ;
280 		       output_line('Resp '||rpad(resp.responsibility_name,30)||
281 					    ' SP Value '||l_resp_value||'.  '||
282 					    sp_profile.security_profile_name );
283 
284 		    else
285 
286                        output_line( 'Setting Security Profile for Resp '||
287                                     rpad(resp.responsibility_name,30),true) ;
288 		       if NOT fnd_profile.save ( 'PER_SECURITY_PROFILE_ID',
289 						 bg_profile.security_profile_id,
290 						 'RESP',
291 						 resp.responsibility_id,
292 						 rec.application_id )
293 		       then
294 			  raise_error('ERROR - Setting Security Profile option '
295                                       ||'at RESP level') ;
296 		       end if;
297 
298 		    end if;
299 	      end if;
300 
301         end loop ;
302 
303         --
304         -- Remove application level business group profile option setting
305         --
306 
307         if ( l_appl_defined = true ) then
308 
309             output_line('Clearing Application level Business Group profile '
310                         ||'option value',true);
311 	    if NOT fnd_profile.save ('PER_BUSINESS_GROUP_ID',
312 				      NULL,
313 				      'APPL',
314 				      rec.application_id )
315 	    then
319 
316 	       raise_error('ERROR - Clearing Business Group profile option at '
317                            ||'APPL level') ;
318 	    end if;
320         end if;
321 
322         output_line('',true);
323 
324   end loop ;
325 
326 end check_profile_options ;
327 
328 
329 function is_custom_schema return boolean is
330 begin
331   return custom_schema ;
332 end ;
333 
334 procedure set_custom_schema is
335 begin
336   custom_schema := true ;
337 end ;
338 
339 end HR_SECURITY_UTILS;