[Home] [Help]
PACKAGE BODY: APPS.EGO_DATA_SECURITY
Source
1 PACKAGE BODY EGO_DATA_SECURITY AS
2 /* $Header: EGOPFDSB.pls 120.27 2007/11/05 07:01:30 vkeerthi ship $ */
3
4 G_PKG_NAME CONSTANT VARCHAR2(30):= 'EGO_DATA_SECURITY';
5 G_LOG_HEAD CONSTANT VARCHAR2(40):= 'fnd.plsql.ego.EGO_DATA_SECURITY.';
6 G_TYPE_SET CONSTANT VARCHAR2(30):= 'SET';
7 G_TYPE_INSTANCE CONSTANT VARCHAR2(30):= 'INSTANCE';
8 G_TYPE_UNIVERSAL CONSTANT VARCHAR2(30):= 'UNIVERSAL';
9
10 g_pred_buf_size CONSTANT NUMBER := 32767;
11 /* This is the VPD size limit of predicates in the database. */
12 /* In 8.1.7 databases the limit is 4k, and in 8.2 it will be 32k. */
13 /* Once we no longer support 8.1.7 then we can increase this to 32,000 */
14 g_vpd_buf_limit CONSTANT NUMBER := 4*1024;
15
16 -- Character-set independent NEWLINE, TAB and WHITESPACE
17 --
18 NEWLINE CONSTANT VARCHAR2(4) := fnd_global.newline;
19 MAX_SEG_SIZE CONSTANT NUMBER := 200;
20
21 G_RETURN_SUCCESS CONSTANT VARCHAR2(1) := 'T';
22 G_RETURN_FAILURE CONSTANT VARCHAR2(1) := 'F';
23 G_RETURN_UNEXP_ERR CONSTANT VARCHAR2(1) := 'U';
24
25 G_DEBUG_LEVEL_UNEXPECTED CONSTANT NUMBER := FND_LOG.LEVEL_UNEXPECTED;
26 G_DEBUG_LEVEL_ERROR CONSTANT NUMBER := FND_LOG.LEVEL_ERROR;
27 G_DEBUG_LEVEL_EXCEPTION CONSTANT NUMBER := FND_LOG.LEVEL_EXCEPTION;
28 G_DEBUG_LEVEL_EVENT CONSTANT NUMBER := FND_LOG.LEVEL_EVENT;
29 G_DEBUG_LEVEL_PROCEDURE CONSTANT NUMBER := FND_LOG.LEVEL_PROCEDURE;
30 G_DEBUG_LEVEL_STATEMENT CONSTANT NUMBER := FND_LOG.LEVEL_STATEMENT;
31
32 G_CURRENT_DEBUG_LEVEL NUMBER;
33 G_USER_NAME VARCHAR2(100);
34
35 TYPE DYNAMIC_CUR IS REF CURSOR;
36
37 ----------------------------------------------------------------------
38 ----------------------------------------------
39 --This is an internal procedure. Not in spec.
40 ----------------------------------------------
41 -- For debugging purposes.
42 PROCEDURE code_debug (p_log_level IN NUMBER
43 ,p_module IN VARCHAR2
44 ,p_message IN VARCHAR2
45 ) IS
46 BEGIN
47 IF (p_log_level >= G_CURRENT_DEBUG_LEVEL ) THEN
48 fnd_log.string(log_level => p_log_level
49 ,module => G_LOG_HEAD||p_module
50 ,message => p_message
51 );
52 END IF;
53 -- sri_debug(G_PKG_NAME||' - '||p_module||' - '||p_message);
54 EXCEPTION
55 WHEN OTHERS THEN
56 RAISE;
57 END code_debug;
58
59 ----------------------------------------------
60 --This is an internal procedure. Not in spec.
61 ----------------------------------------------
62 PROCEDURE SetGlobals IS
63 BEGIN
64 G_CURRENT_DEBUG_LEVEL := FND_LOG.G_CURRENT_RUNTIME_LEVEL;
65 G_USER_NAME := FND_GLOBAL.USER_NAME;
66 EXCEPTION
67 WHEN OTHERS THEN
68 RAISE;
69 END SetGlobals;
70
71 ----------------------------------------------
72 --This is an internal procedure. Not in spec.
73 ----------------------------------------------
74 FUNCTION get_group_info (p_party_id IN NUMBER) RETURN VARCHAR2 IS
75
76 CURSOR group_membership_c (cp_orig_system_id IN NUMBER) IS
77 SELECT 'HZ_GROUP:'||group_membership_rel.object_id group_name
78 FROM hz_relationships group_membership_rel
79 WHERE group_membership_rel.RELATIONSHIP_CODE = 'MEMBER_OF'
80 AND group_membership_rel.status= 'A'
81 AND group_membership_rel.start_date <= SYSDATE
82 AND NVL(group_membership_rel.end_date, SYSDATE) >= SYSDATE
83 AND group_membership_rel.subject_id = cp_orig_system_id;
84 l_group_info VARCHAR2(32767);
85 BEGIN
86 l_group_info := '';
87 FOR group_rec IN group_membership_c (p_party_id) LOOP
88 l_group_info := l_group_info ||''''||group_rec.group_name ||''' , ';
89 END LOOP;
90
91 IF( length( l_group_info ) >0) THEN
92 -- strip off the trailing ', '
93 l_group_info := SUBSTR(l_group_info, 1,
94 length(l_group_info) - length(', '));
95 ELSE
96 l_group_info := '''NULL''';
97 END IF;
98 RETURN l_group_info;
99 EXCEPTION
100 WHEN OTHERS THEN
101 RETURN '''NULL''';
102 END get_group_info;
103
104 ----------------------------------------------
105 --This is an internal procedure. Not in spec.
106 ----------------------------------------------
107
108 FUNCTION get_company_info (p_party_id IN NUMBER) RETURN VARCHAR2 IS
109 CURSOR company_membership_c (cp_orig_system_id IN NUMBER) IS
110 SELECT 'HZ_COMPANY:'||group_membership_rel.object_id company_name
111 FROM hz_relationships group_membership_rel
112 WHERE group_membership_rel.RELATIONSHIP_CODE = 'EMPLOYEE_OF'
113 AND group_membership_rel.status= 'A'
114 AND group_membership_rel.start_date <= SYSDATE
115 AND NVL(group_membership_rel.end_date, SYSDATE) >= SYSDATE
116 AND group_membership_rel.subject_id = cp_orig_system_id;
117 l_company_info VARCHAR2(32767);
118 BEGIN
119 l_company_info := '';
120 FOR company_rec IN company_membership_c (p_party_id) LOOP
121 l_company_info:=l_company_info||''''||company_rec.company_name||''' , ';
122 END LOOP;
123
124 IF( length( l_company_info ) >0) THEN
125 -- strip off the trailing ', '
126 l_company_info := SUBSTR(l_company_info, 1,
127 length(l_company_info) - length(', '));
128 ELSE
129 l_company_info := '''NULL''';
130 END IF;
131 RETURN l_company_info;
132 EXCEPTION
133 WHEN OTHERS THEN
134 RETURN '''NULL''';
135 END get_company_info;
136
137 ----------------------------------------------
138 --This is an internal procedure. Not in spec.
139 ----------------------------------------------
140
141 FUNCTION getRole_mappedTo_profileOption(p_object_name IN VARCHAR2,
142 p_user_name IN VARCHAR2)
143 RETURN VARCHAR2
144 IS
145 l_role_name VARCHAR2(99) := '';
146 l_party_id NUMBER;
147 l_colon NUMBER;
148 l_count NUMBER;
149 l_ego_item_profile_option VARCHAR2(99) := 'EGO_INTERNAL_USER_DEFAULT_ROLE';
150 l_eng_change_profile_option VARCHAR2(99) := 'ENG_INTERNAL_USER_DEFAULT_ROLE';
151
152 BEGIN
153
154 l_colon := instr(p_user_name, ':');
155 IF (l_colon <> 0) THEN
156 l_party_id := to_number(substr(p_user_name, l_colon+1));
157 ELSE
158 l_party_id := NULL;
159 END IF;
160
161 -- check in ego_internal_people_v if the user exists.
162 -- This tells if he is an internal user.
163 -- If not we do not check the internal option at all
164 -- We may need to go against the table rather than the view
165 -- to improve performance.
166
167 --PERF:Bug NO:6531906 --changed the query to look into the base tables instead of the View.
168 IF p_object_name IN ('EGO_ITEM','ENG_CHANGE') THEN
169 IF l_party_id IS NULL THEN
170 SELECT count(1) into l_count
171 FROM hz_parties employee,
172 FND_USER FND_user,
173 PER_ALL_PEOPLE_F HR_EMPLOYEE
174 WHERE HR_EMPLOYEE.PERSON_ID = FND_user.EMPLOYEE_ID
175 AND fnd_user.start_date <= SYSDATE
176 AND NVL(fnd_user.end_date, SYSDATE) >= SYSDATE
177 AND (HR_EMPLOYEE.CURRENT_EMPLOYEE_FLAG = 'Y'
178 OR HR_EMPLOYEE.CURRENT_NPW_FLAG = 'Y'
179 )
180 AND HR_EMPLOYEE.EFFECTIVE_START_DATE <= SYSDATE
181 AND NVL(HR_EMPLOYEE.EFFECTIVE_END_DATE,SYSDATE) >= SYSDATE
182 AND employee.party_type = 'PERSON'
183 AND employee.status = 'A'
184 AND employee.party_id = HR_EMPLOYEE.PARTY_ID
185 AND user_name = p_user_name;
186 ELSE
187 SELECT Count(1) into l_count
188 FROM hz_parties employee ,
189 FND_USER FND_user ,
190 PER_ALL_PEOPLE_F HR_EMPLOYEE
191 WHERE HR_EMPLOYEE.PERSON_ID = FND_user.EMPLOYEE_ID
192 AND fnd_user.start_date <= SYSDATE
193 AND NVL(fnd_user.end_date, SYSDATE) >= SYSDATE
194 AND (HR_EMPLOYEE.CURRENT_EMPLOYEE_FLAG = 'Y'
195 OR HR_EMPLOYEE.CURRENT_NPW_FLAG = 'Y')
196 AND HR_EMPLOYEE.EFFECTIVE_START_DATE <= SYSDATE
197 AND NVL(HR_EMPLOYEE.EFFECTIVE_END_DATE,SYSDATE) >= SYSDATE
198 AND employee.party_type = 'PERSON'
199 AND employee.status = 'A'
200 AND employee.party_id = HR_EMPLOYEE.PARTY_ID
201 AND employee.party_id = l_party_id;
202 END IF;
203 IF (l_count = 0) THEN
204 l_role_name := '';
205 ELSE
206 IF (p_object_name = 'EGO_ITEM') THEN
207 l_role_name := FND_PROFILE.VALUE(l_ego_item_profile_option);
208 ELSIF (p_object_name = 'ENG_CHANGE') THEN
209 l_role_name := FND_PROFILE.VALUE(l_eng_change_profile_option);
210 END IF;
211 END IF; --l_count = 0
212 END IF;
213 RETURN l_role_name;
214
215 END getRole_mappedTo_profileOption;
216
217 ----------------------------------------------
218 --This is an internal procedure. Not in spec.
219 ----------------------------------------------
220
221 PROCEDURE getPrivilege_for_profileOption
222 (p_api_version IN NUMBER,
223 p_object_name IN VARCHAR2,
224 p_user_name IN VARCHAR2,
225 x_privilege_tbl OUT NOCOPY EGO_VARCHAR_TBL_TYPE,
226 x_return_status OUT NOCOPY VARCHAR2
227 )
228 IS
229 l_role_name VARCHAR2(30);
230 BEGIN
231
232 l_role_name := getRole_mappedTo_profileOption(p_object_name, p_user_name);
233 -- Now we need to find all the privileges in this role
234 -- add it to the out table
235 get_role_functions
236 (p_api_version => p_api_version
237 ,p_role_name => l_role_name
238 ,x_return_status => x_return_status
239 ,x_privilege_tbl => x_privilege_tbl
240 );
241
242 END getPrivilege_for_profileOption;
243
244 ----------------------------------------------
245 --This is an internal procedure. Not in spec.
246 ----------------------------------------------
247 PROCEDURE translate_pk_values (p_instance_pk2_value IN VARCHAR2
248 ,p_instance_pk3_value IN VARCHAR2
249 ,p_instance_pk4_value IN VARCHAR2
250 ,p_instance_pk5_value IN VARCHAR2
251 ,x_trans_pk2_value OUT NOCOPY VARCHAR2
252 ,x_trans_pk3_value OUT NOCOPY VARCHAR2
253 ,x_trans_pk4_value OUT NOCOPY VARCHAR2
254 ,x_trans_pk5_value OUT NOCOPY VARCHAR2
255 ) IS
256 BEGIN
257 IF p_instance_pk2_value IS NULL THEN
258 x_trans_pk2_value := '*NULL*';
259 ELSE
260 x_trans_pk2_value := p_instance_pk2_value;
261 END IF;
262 IF p_instance_pk3_value IS NULL THEN
263 x_trans_pk3_value := '*NULL*';
264 ELSE
265 x_trans_pk3_value := p_instance_pk3_value;
266 END IF;
267 IF p_instance_pk4_value IS NULL THEN
268 x_trans_pk4_value := '*NULL*';
269 ELSE
270 x_trans_pk4_value := p_instance_pk4_value;
271 END IF;
272 IF p_instance_pk5_value IS NULL THEN
273 x_trans_pk5_value := '*NULL*';
274 ELSE
275 x_trans_pk5_value := p_instance_pk5_value;
276 END IF;
277 END;
278
279 -----------------------------------------------
280 -- This is an internal procedure. Not in spec.
281 -----------------------------------------------
282 -- Gets the orig_system_id and orig_system from wf_roles,
283 -- given the user_name. These can be used as keys for selects
284 -- against WF_USER_ROLES so it hits the index (user_name alone won't).
285 -- Eventually a routine to do this, more performant than
286 -- wf_directory.getRoleOrigSysInfo, should become part of the workflow
287 -- system and then we can replace this with a callout to that routine.
288 -----------------------------------------------
289 PROCEDURE get_orig_key (x_user_name IN OUT NOCOPY VARCHAR2,
290 -- x_orig_system OUT NOCOPY VARCHAR2,
291 x_orig_system_id OUT NOCOPY NUMBER)
292 is
293 l_api_name CONSTANT VARCHAR2(30) := 'GET_ORIG_KEY';
294 colon pls_integer;
295 begin
296
297 -- x_orig_system := NULL;
298 x_orig_system_id := NULL;
299
300 if x_user_name IS NULL THEN
301 x_user_name := G_USER_NAME;
302 end if;
303 colon := instr(x_user_name, ':');
304 if (colon = 0) then
305 begin
306 /***
307 -- Get the key from wf_roles. Note that if the wf_roles view
308 -- gets more parts that don't have colons in the user, those will
309 -- have to be added to this SQL stmnt.
310 select WR.orig_system, WR.orig_system_id
311 into x_orig_system, x_orig_system_id
312 from WF_ROLES WR
313 where WR.NAME = x_user_name
314 and WR.ORIG_SYSTEM IN ('PER', 'FND_USR');
315 x_user_name := 'HZ_PARTY:'||x_orig_system_id;
316 ***/
317 SELECT party_id
318 INTO x_orig_system_id
319 FROM ego_user_v
320 where user_name = x_user_name;
321 exception
322 when no_data_found then
323 if( FND_LOG.LEVEL_PROCEDURE >= FND_LOG.G_CURRENT_RUNTIME_LEVEL ) then
324 fnd_log.string(FND_LOG.LEVEL_PROCEDURE,
325 g_log_head || l_api_name || '.end_nodatafound',
326 'returning NULLs.');
327 end if;
328 return;
329 end;
330 else
331 -- x_orig_system := substr(x_user_name, 1, colon-1);
332 x_orig_system_id := to_number(substr(x_user_name, colon+1));
333 end if;
334
335 end get_orig_key;
336
337
338 -----------------------------------------------
339 -- This is an internal procedure. Not in spec.
340 -----------------------------------------------
341 -- Out is a string that is a SQL call that returns the value passed in
342 -- (in varchar format), in the data type specified.
343 -- That description probably doesn't make much sense, so just look
344 -- at the code and you'll get what it does.
345 -----------------------------------------------
346 FUNCTION get_conv_from_char(p_instance_value in VARCHAR2,
347 p_col_type IN VARCHAR2)
348 RETURN VARCHAR2 IS
349 BEGIN
350 if(p_col_type = 'NUMBER' OR p_col_type = 'INTEGER') then
351 return 'FND_NUMBER.CANONICAL_TO_NUMBER('||p_instance_value||')';
352 elsif(p_col_type = 'DATE') then
353 return 'FND_DATE.CANONICAL_TO_DATE('||p_instance_value||')';
354 else
355 return p_instance_value;
356 end if;
357 END;
358
359 ----------------------------------------------
360 --This is an internal procedure. Not in spec.
361 ----------------------------------------------
362 Function get_object_id(p_object_name in varchar2) return number is
363 l_object_id number;
364 Begin
365 select object_id
366 into l_object_id
367 from fnd_objects
368 where obj_name=p_object_name;
369 return l_object_id;
370 exception
371 when no_data_found then
372 return null;
373 end get_object_id;
374
375 ----------------------------------------------
376 --This is an internal procedure. Not in spec.
377 ----------------------------------------------
378 Function get_role_id(p_role_name in varchar2) return number is
382 into l_role_id
379 l_role_id number;
380 Begin
381 select menu_id
383 from fnd_menus
384 where menu_name = p_role_name;
385 RETURN l_role_id;
386 EXCEPTION
387 when no_data_found then
388 RETURN NULL;
389 end get_role_id;
390
391 -----------------------------------------------
392 -- This is an internal procedure. Not in spec.
393 -----------------------------------------------
394 -- Procedure get_pk_information
395 -- x_aliased_pk_column returns the aliased list of columns without
396 -- type conv.
397 -- x_aliased_ik_column returns 'INSTANCE_PK1_VALUE' etc with type
398 -- conversion from char type, with to_number() to_date() etc.
399 -- x_orig_pk_column returns the unaliased list of columns
400 -- without type conv.
401 -- returns 'T' for success or 'U' for unexpected error.
402 -----------------------------------------------
403 function get_pk_information(p_object_name IN VARCHAR2,
404 x_pk1_column_name OUT NOCOPY VARCHAR2,
405 x_pk2_column_name OUT NOCOPY VARCHAR2,
406 x_pk3_column_name OUT NOCOPY VARCHAR2,
407 x_pk4_column_name OUT NOCOPY VARCHAR2,
408 x_pk5_column_name OUT NOCOPY VARCHAR2,
409 x_aliased_pk_column OUT NOCOPY VARCHAR2,
410 x_aliased_ik_column OUT NOCOPY VARCHAR2,
411 x_orig_pk_column OUT NOCOPY VARCHAR2,
412 x_database_object_name OUT NOCOPY VARCHAR2,
413 p_pk1_alias IN VARCHAR2 DEFAULT NULL,
414 p_pk2_alias IN VARCHAR2 DEFAULT NULL,
415 p_pk3_alias IN VARCHAR2 DEFAULT NULL,
416 p_pk4_alias IN VARCHAR2 DEFAULT NULL,
417 p_pk5_alias IN VARCHAR2 DEFAULT NULL)
418 RETURN VARCHAR2 IS
419 l_api_name CONSTANT VARCHAR2(30) := 'GET_PK_INFORMATION';
420 x_pk1_column_type varchar2(8);
421 x_pk2_column_type varchar2(8);
422 x_pk3_column_type varchar2(8);
423 x_pk4_column_type varchar2(8);
424 x_pk5_column_type varchar2(8);
425 cursor c_pk is
426 SELECT pk1_column_name
427 ,pk2_column_name
428 ,pk3_column_name
429 ,pk4_column_name
430 ,pk5_column_name
431 ,pk1_column_type
432 ,pk2_column_type
433 ,pk3_column_type
434 ,pk4_column_type
435 ,pk5_column_type
436 , database_object_name
437 FROM fnd_objects
438 WHERE obj_name=p_object_name ;
439 begin
440 open c_pk;
441 fetch c_pk into
442 x_pk1_column_name ,
443 x_pk2_column_name ,
444 x_pk3_column_name ,
445 x_pk4_column_name ,
446 x_pk5_column_name ,
447 x_pk1_column_type ,
448 x_pk2_column_type ,
449 x_pk3_column_type ,
450 x_pk4_column_type ,
451 x_pk5_column_type ,
452 x_database_object_name;
453
454 IF(c_pk%NOTFOUND) THEN
455 fnd_message.set_name('FND', 'GENERIC-INTERNAL ERROR');
456 fnd_message.set_token('ROUTINE',
457 g_pkg_name || '.'|| l_api_name);
458 fnd_message.set_token('REASON',
459 'FND_OBJECTS does not have column obj_name with value:'||
460 p_object_name);
461 return G_RETURN_UNEXP_ERR;
462 end if;
463
464 CLOSE c_pk;
465
466 -- Build up the list of unaliased column names
467 x_orig_pk_column := NULL;
468 if(x_pk1_column_name is not NULL) then
469 x_orig_pk_column := x_orig_pk_column || x_pk1_column_name;
470 end if;
471 if(x_pk2_column_name is not NULL) then
472 x_orig_pk_column := x_orig_pk_column || ',' || x_pk2_column_name;
473 end if;
474 if(x_pk3_column_name is not NULL) then
475 x_orig_pk_column := x_orig_pk_column || ',' || x_pk3_column_name;
476 end if;
477 if(x_pk4_column_name is not NULL) then
478 x_orig_pk_column := x_orig_pk_column || ',' || x_pk4_column_name;
479 end if;
480 if(x_pk5_column_name is not NULL) then
481 x_orig_pk_column := x_orig_pk_column || ',' || x_pk5_column_name;
482 end if;
483
484
485 -- Replace column names with aliases if aliases were passed.
486 if(x_pk1_column_name is not NULL) and (p_pk1_alias is not NULL) then
487 x_pk1_column_name := p_pk1_alias;
488 end if;
489 if(x_pk2_column_name is not NULL) and (p_pk2_alias is not NULL) then
490 x_pk2_column_name := p_pk2_alias;
491 end if;
492 if(x_pk3_column_name is not NULL) and (p_pk3_alias is not NULL) then
493 x_pk3_column_name := p_pk3_alias;
494 end if;
495 if(x_pk4_column_name is not NULL) and (p_pk4_alias is not NULL) then
496 x_pk4_column_name := p_pk4_alias;
497 end if;
498 if(x_pk5_column_name is not NULL) and (p_pk5_alias is not NULL) then
499 x_pk5_column_name := p_pk5_alias;
500 end if;
501
502 -- Build up the x_aliased_pk_column and x_aliased_ik_column lists
503 -- by adding values for each column name.
504 x_aliased_pk_column:=x_pk1_column_name;
505
506 x_aliased_ik_column := get_conv_from_char(
507 'INSTANCE_PK1_VALUE', x_pk1_column_type);
508
512 x_aliased_ik_column := x_aliased_ik_column||','||get_conv_from_char(
509 if x_pk2_COLUMN_name is not null then
510 x_aliased_pk_column:=
511 x_aliased_pk_column||','||x_pk2_COLUMN_name;
513 'INSTANCE_PK2_VALUE', x_pk2_column_type);
514
515 if x_pk3_COLUMN_name is not null then
516 x_aliased_pk_column :=
517 x_aliased_pk_column||','||x_pk3_COLUMN_name;
518 x_aliased_ik_column := x_aliased_ik_column||','||get_conv_from_char(
519 'INSTANCE_PK3_VALUE', x_pk3_column_type);
520
521 if x_pk4_COLUMN_name is not null then
522 x_aliased_pk_column:=
523 x_aliased_pk_column||','||x_pk4_COLUMN_name;
524 x_aliased_ik_column := x_aliased_ik_column||','||
525 get_conv_from_char(
526 'INSTANCE_PK4_VALUE', x_pk4_column_type);
527
528 if x_pk5_COLUMN_name is not null then
529 x_aliased_pk_column:=
530 x_aliased_pk_column||','||x_pk5_COLUMN_name;
531 x_aliased_ik_column := x_aliased_ik_column||','||
532 get_conv_from_char('INSTANCE_PK5_VALUE', x_pk5_column_type);
533 end if;
534 end if;
535 end if;
536 end if;
537
538 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
539 ,p_module => l_api_name
540 ,p_message => 'Returning PK information as ' ||
541 'p_object_name: '|| p_object_name ||
542 ' - x_pk1_column_name: '|| x_pk1_column_name ||
543 ' - x_pk2_column_name: '|| x_pk2_column_name ||
544 ' - x_pk3_column_name: '|| x_pk3_column_name ||
545 ' - x_pk4_column_name: '|| x_pk4_column_name ||
546 ' - x_pk5_column_name: '|| x_pk5_column_name ||
547 ' - x_aliased_pk_column: '|| x_aliased_pk_column ||
548 ' - x_aliased_ik_column: '|| x_aliased_ik_column ||
549 ' - x_database_object_name: '|| x_database_object_name
550 );
551 return G_RETURN_SUCCESS;
552 end get_pk_information;
553 --Bug 5027160 :START
554 ----------------------------------------------
555 --This is an internal procedure. Not in spec.
556 ----------------------------------------------
557 --This will return either T or F depending on
558 --whethe the user has privilege or not
559 ----------------------------------------------
560 FUNCTION process_set_ids(
561 p_db_pk1_column IN VARCHAR2,
562 p_db_pk2_column IN VARCHAR2,
563 p_db_pk3_column IN VARCHAR2,
564 p_db_pk4_column IN VARCHAR2,
565 p_db_pk5_column IN VARCHAR2,
566 p_instance_pk1_value IN VARCHAR2,
567 p_instance_pk2_value IN VARCHAR2 DEFAULT NULL,
568 p_instance_pk3_value IN VARCHAR2 DEFAULT NULL,
569 p_instance_pk4_value IN VARCHAR2 DEFAULT NULL,
570 p_instance_pk5_value IN VARCHAR2 DEFAULT NULL,
571 p_dynamic_sql IN VARCHAR2,
572 p_instance_predicate_list IN VARCHAR2
573 ) RETURN VARCHAR2 IS
574 l_api_name CONSTANT VARCHAR2(30) := 'PROCESS_SET_IDS';
575 instance_set DYNAMIC_CUR;
576 l_instance_id_col1 VARCHAR2(512);
577 l_instance_id_col2 VARCHAR2(512);
578 l_instance_id_col3 VARCHAR2(512);
579 l_instance_id_col4 VARCHAR2(512);
580 l_instance_id_col5 VARCHAR2(512);
581 l_dynamic_sql VARCHAR2(32767);
582 l_instance_predicate_list VARCHAR2(32767);
583 l_inst_pred_length NUMBER;
584
585 BEGIN
586 l_instance_predicate_list := p_instance_predicate_list;
587 -- if the last word is 'OR' then strip the trailing 'OR'
588 l_inst_pred_length := LENGTH(l_instance_predicate_list);
589 IF l_inst_pred_length <= 1 THEN
590 RETURN G_RETURN_FAILURE;
591 ELSE
592 l_instance_predicate_list := SUBSTR(l_instance_predicate_list, 1,
593 l_inst_pred_length - length('OR ('));
594 END IF;
595 l_dynamic_sql := p_dynamic_sql ||'('||l_instance_predicate_list||')';
596 if(p_db_pk5_column is not NULL) THEN
597 OPEN instance_set FOR l_dynamic_sql USING
598 p_instance_pk1_value, p_instance_pk1_value,
599 p_instance_pk2_value, p_instance_pk2_value,
600 p_instance_pk3_value, p_instance_pk3_value,
601 p_instance_pk4_value, p_instance_pk4_value,
602 p_instance_pk5_value, p_instance_pk5_value;
603 FETCH instance_set INTO l_instance_id_col1, l_instance_id_col2,
604 l_instance_id_col3, l_instance_id_col4,
605 l_instance_id_col5;
606 CLOSE instance_set;
607 IF (l_instance_id_col1 = p_instance_pk1_value
608 and l_instance_id_col2 = p_instance_pk2_value
609 and l_instance_id_col3 = p_instance_pk3_value
610 and l_instance_id_col4 = p_instance_pk4_value
611 and l_instance_id_col5 = p_instance_pk5_value) THEN
612 RETURN G_RETURN_SUCCESS;
613 ELSE
614 RETURN G_RETURN_FAILURE;
615 END IF;
616 elsif(p_db_pk4_column is not NULL) then
617 OPEN instance_set FOR l_dynamic_sql USING
618 p_instance_pk1_value, p_instance_pk1_value,
622 FETCH instance_set into l_instance_id_col1,
619 p_instance_pk2_value, p_instance_pk2_value,
620 p_instance_pk3_value, p_instance_pk3_value,
621 p_instance_pk4_value, p_instance_pk4_value;
623 l_instance_id_col2,
624 l_instance_id_col3,
625 l_instance_id_col4;
626 CLOSE instance_set;
627 IF (l_instance_id_col1 = p_instance_pk1_value
628 and l_instance_id_col2 = p_instance_pk2_value
629 and l_instance_id_col3 = p_instance_pk3_value
630 and l_instance_id_col4 = p_instance_pk4_value) THEN
631 RETURN G_RETURN_SUCCESS;
632 ELSE
633 RETURN G_RETURN_FAILURE;
634 END IF;
635 elsif(p_db_pk3_column is not NULL) then
636 OPEN instance_set FOR l_dynamic_sql USING
637 p_instance_pk1_value, p_instance_pk1_value,
638 p_instance_pk2_value, p_instance_pk2_value,
639 p_instance_pk3_value, p_instance_pk3_value;
640 FETCH instance_set INTO l_instance_id_col1,
641 l_instance_id_col2,
642 l_instance_id_col3;
643 CLOSE instance_set;
644 IF (l_instance_id_col1 = p_instance_pk1_value
645 and l_instance_id_col2 = p_instance_pk2_value
646 and l_instance_id_col3 = p_instance_pk3_value) THEN
647 RETURN G_RETURN_SUCCESS;
648 ELSE
649 RETURN G_RETURN_FAILURE;
650 END IF;
651 elsif(p_db_pk2_column is not NULL) then
652 OPEN instance_set FOR l_dynamic_sql USING
653 p_instance_pk1_value, p_instance_pk1_value,
654 p_instance_pk2_value, p_instance_pk2_value;
655 FETCH instance_set INTO l_instance_id_col1, l_instance_id_col2;
656 CLOSE instance_set;
657 IF (l_instance_id_col1 = p_instance_pk1_value
658 and l_instance_id_col2 = p_instance_pk2_value) THEN
659 RETURN G_RETURN_SUCCESS;
660 ELSE
661 RETURN G_RETURN_FAILURE;
662 END IF;
663 elsif(p_db_pk1_column is not NULL) then
664 OPEN instance_set FOR l_dynamic_sql USING
665 p_instance_pk1_value, p_instance_pk1_value;
666 FETCH instance_set INTO l_instance_id_col1;
667 CLOSE instance_set;
668 IF (l_instance_id_col1 = p_instance_pk1_value) THEN
669 RETURN G_RETURN_SUCCESS;
670 ELSE
671 RETURN G_RETURN_FAILURE;
672 END IF;
673 else
674 RETURN G_RETURN_UNEXP_ERR; /* This will never happen since pk1 is reqd*/
675 end if;
676 EXCEPTION
677 WHEN OTHERS THEN
678 return G_RETURN_UNEXP_ERR;
679 END process_set_ids;
680 --------------------------------------------------------------------------
681 --Bug 5027160 :END
682
683 --------------------------------------------------------
684 ---- check_function
685 --------------------------------------------------------
686 FUNCTION check_function
687 (
688 p_api_version IN NUMBER,
689 p_function IN VARCHAR2,
690 p_object_name IN VARCHAR2,
691 p_instance_pk1_value IN VARCHAR2,
692 p_instance_pk2_value IN VARCHAR2 DEFAULT NULL,
693 p_instance_pk3_value IN VARCHAR2 DEFAULT NULL,
694 p_instance_pk4_value IN VARCHAR2 DEFAULT NULL,
695 p_instance_pk5_value IN VARCHAR2 DEFAULT NULL,
696 p_user_name IN VARCHAR2 DEFAULT NULL
697 )
698 RETURN VARCHAR2 IS
699
700 l_api_version CONSTANT NUMBER := 1.0;
701 l_api_name CONSTANT VARCHAR2(30) := 'CHECK_FUNCTION';
702 -- l_orig_system VARCHAR2(48);
703 l_orig_system_id NUMBER;
704 l_db_object_name VARCHAR2(99);
705 l_db_pk1_column VARCHAR2(99);
706 l_db_pk2_column VARCHAR2(99);
707 l_db_pk3_column VARCHAR2(99);
708 l_db_pk4_column VARCHAR2(99);
709 l_db_pk5_column VARCHAR2(99);
710 l_pk_column_names VARCHAR2(512);
711 l_pk_orig_column_names VARCHAR2(512);
712 l_type_converted_val_cols VARCHAR2(512);
713 l_result VARCHAR2(1);
714 l_return_status VARCHAR2(1);
715 l_group_info VARCHAR2(32767); /* Must match g_pred_buf_size*/
716 l_company_info VARCHAR2(32767); /* Must match g_pred_buf_size*/
717 l_menu_info VARCHAR2(32767); /* Must match g_pred_buf_size*/
718 l_object_id NUMBER;
719 l_user_name VARCHAR2(80);
720 l_prof_privilege_tbl EGO_VARCHAR_TBL_TYPE;
721
722 candidate_sets_c DYNAMIC_CUR;
723 instance_set DYNAMIC_CUR;
724 l_dynamic_sql_1 VARCHAR2(32767);
725 l_dynamic_sql VARCHAR2(32767);
726 l_select_query_part VARCHAR2(3000);
727 l_one_set_predicate VARCHAR2(32767);
728 l_one_set_id NUMBER;
729 --bug 5027160.
730 l_instance_predicate_list VARCHAR2(10000);
731 l_has_priv VARCHAR2(1);
732 l_set_id_cnt NUMBER;
733
734 CURSOR menu_functions_c (cp_function_name IN VARCHAR2) IS
735 SELECT menu_id
736 FROM fnd_menu_entries
737 WHERE function_id =
738 (SELECT function_id
739 FROM fnd_form_functions
740 WHERE function_name = cp_function_name
741 );
745 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
742
743 BEGIN
744 SetGlobals();
746 ,p_module => l_api_name
747 ,p_message => 'Started with 9 params '||
748 ' p_api_version: '|| to_char(p_api_version) ||
749 ' - p_function: '|| p_function ||
750 ' - p_object_name: '|| p_object_name ||
751 ' - p_instance_pk1_value: '|| p_instance_pk1_value ||
752 ' - p_instance_pk2_value: '|| p_instance_pk2_value ||
753 ' - p_instance_pk3_value: '|| p_instance_pk3_value ||
754 ' - p_instance_pk4_value: '|| p_instance_pk4_value ||
755 ' - p_instance_pk5_value: '|| p_instance_pk5_value ||
756 ' - p_user_name: '|| p_user_name
757 );
758
759 if TRUNC(l_api_version) <> TRUNC(p_api_version) THEN
760 fnd_message.set_name('FND', 'GENERIC-INTERNAL ERROR');
761 fnd_message.set_token('ROUTINE',
762 g_pkg_name || '.'|| l_api_name);
763 fnd_message.set_token('REASON',
764 'Unsupported version '|| to_char(p_api_version)||
765 ' passed to API; expecting version '||
766 to_char(l_api_version));
767 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
768 ,p_module => l_api_name
769 ,p_message => 'Returning as the call in incompatible '
770 );
771 return G_RETURN_UNEXP_ERR;
772 end if;
773 l_user_name := p_user_name;
774 get_orig_key(x_user_name => l_user_name
775 -- ,x_orig_system => l_orig_system
776 ,x_orig_system_id => l_orig_system_id);
777 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
778 ,p_module => l_api_name
779 ,p_message => 'l_user_name: '||l_user_name||
780 -- ' - l_orig_system: '||l_orig_system||
781 ' - l_orig_system_id: '||l_orig_system_id
782 );
783 ------------------------------------------------------------------
784 --First we see if a profile option is set and if function exists--
785 -- if so we return it here itself without doing further query --
786 -------------------------------------------------------------------
787 getPrivilege_for_profileOption(p_api_version => p_api_version,
788 p_object_name => p_object_name,
789 p_user_name => l_user_name,
790 x_privilege_tbl => l_prof_privilege_tbl,
791 x_return_status => l_return_status);
792
793 IF (l_return_status = G_RETURN_SUCCESS) THEN
794 IF (l_prof_privilege_tbl.COUNT > 0) THEN
795 FOR i IN l_prof_privilege_tbl.first .. l_prof_privilege_tbl.last LOOP
796 IF (l_prof_privilege_tbl(i) = p_function) THEN
797 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
798 ,p_module => l_api_name
799 ,p_message => 'Returning TRUE as privilege is obtained from profile '
800 );
801 RETURN G_RETURN_SUCCESS;
802 END IF; --if function match, returning T
803 END LOOP;
804 END IF; -- x_prof_privilege_tbl >0
805 END IF; --return status is T
806
807 ------------------------------------------------------------------
808 --end of check in profile option --
809 -------------------------------------------------------------------
810 -- get All privileges of a user on a given object
811 -- Step 1.
812 -- get database object name and column
813 -- cache the PK column name
814 l_return_status := get_pk_information(p_object_name ,
815 l_db_pk1_column ,
816 l_db_pk2_column ,
817 l_db_pk3_column ,
818 l_db_pk4_column ,
819 l_db_pk5_column ,
820 l_pk_column_names ,
821 l_type_converted_val_cols ,
822 l_pk_orig_column_names,
823 l_db_object_name );
824 IF (l_return_status <> G_RETURN_SUCCESS) THEN
825 /* There will be a message on the msg dict stack. */
826 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
827 ,p_module => l_api_name
828 ,p_message => 'Returning FALSE as pk values are not correct'
829 );
830 return l_return_status; /* We will return the x_return_status as out param */
831 end if;
832
833 l_object_id:=get_object_id(p_object_name => p_object_name );
834 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
835 ,p_module => l_api_name
836 ,p_message => 'l_object_id: '||l_object_id
837 );
838 -- step 1.1
839 -- pre-fetch company/group/menu info
840 l_menu_info := '';
841 FOR menu_rec IN menu_functions_c (cp_function_name => p_function) LOOP
842 l_menu_info:=l_menu_info||menu_rec.menu_id||', ';
843 END LOOP;
844 IF( length( l_menu_info ) >0) THEN
845 -- strip off the trailing ', '
846 l_menu_info := SUBSTR(l_menu_info,1,length(l_menu_info) - length(', '));
847 ELSE
848 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
849 ,p_module => l_api_name
853 END IF;
850 ,p_message => 'Returning FALSE as function not associated to any menu'
851 );
852 RETURN G_RETURN_FAILURE;
854 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
855 ,p_module => l_api_name
856 ,p_message => 'l_menu_info: '||l_menu_info
857 );
858
859 l_group_info := get_group_info(p_party_id => l_orig_system_id);
860 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
861 ,p_module => l_api_name
862 ,p_message => 'l_group_info: '||l_group_info
863 );
864 l_company_info := get_company_info (p_party_id => l_orig_system_id);
865 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
866 ,p_module => l_api_name
867 ,p_message => 'l_company_info: '||l_company_info
868 );
869
870 --end_date:= DBMS_UTILITY.GET_TIME;
871 --millisec:= (end_date-start_date)*24*60*60*1000;
872 --dbms_output.put_line('2. Diff. in Get Time 100th of a sec ::'||to_char(end_date-start_date,'9999999'));
873 -- R12C Security Changes
874 /* l_dynamic_sql :=
875 'SELECT ''X'' ' ||
876 ' FROM fnd_grants grants ' ||
877 ' WHERE grants.object_id = :object_id ' ||
878 ' AND grants.start_date <= SYSDATE '||
879 ' AND NVL(grants.end_date, SYSDATE) >= SYSDATE ' ||
880 ' AND grants.instance_type = :instance_type ' ||
881 ' AND ( ( grants.grantee_type = ''USER'' AND ' ||
882 ' grants.grantee_key = :user_name ) '||
883 ' OR ( grants.grantee_type = ''GROUP'' AND '||
884 ' grants.grantee_key in ( '||l_group_info||' ))' ||
885 ' OR ( grants.grantee_type = ''COMPANY'' AND '||
886 ' grants.grantee_key in ( '||l_company_info||' ))' ||
887 ' OR (grants.grantee_type = ''GLOBAL'' AND '||
888 ' grants.grantee_key in (''HZ_GLOBAL:-1000'', ''GLOBAL'') )) '||
889 ' AND grants.menu_id IN (' || l_menu_info ||') ' ||
890 ' AND grants.instance_pk1_value = :pk1_val ' ||
891 ' AND ( grants.instance_pk2_value = :pk2_val OR' ||
892 ' ( grants.instance_pk2_value = ''*NULL*'' AND :pk2_val is NULL )) '||
893 ' AND ( grants.instance_pk3_value = :pk3_val OR '||
894 ' ( grants.instance_pk3_value = ''*NULL*'' AND :pk3_val is NULL )) '||
895 ' AND ( grants.instance_pk4_value = :pk4_val OR '||
896 ' ( grants.instance_pk4_value = ''*NULL*'' AND :pk4_val is NULL )) '||
897 ' AND ( grants.instance_pk5_value = :pk5_val OR '||
898 ' ( grants.instance_pk5_value = ''*NULL*'' AND :pk5_val is NULL )) '; */
899
900 IF (p_object_name = 'EGO_CATALOG_GROUP') THEN
901 l_dynamic_sql :=
902 'SELECT ''X'' ' ||
903 ' FROM fnd_grants grants, ego_item_cat_denorm_hier cathier ' ||
904 ' WHERE grants.object_id = :object_id ' ||
905 ' AND grants.start_date <= SYSDATE '||
906 ' AND NVL(grants.end_date, SYSDATE) >= SYSDATE ' ||
907 ' AND grants.instance_type = :instance_type ' ||
908 ' AND ( ( grants.grantee_type = ''USER'' AND ' ||
909 ' grants.grantee_key = :user_name ) '||
910 ' OR ( grants.grantee_type = ''GROUP'' AND '||
911 ' grants.grantee_key in ( '||l_group_info||' ))' ||
912 ' OR ( grants.grantee_type = ''COMPANY'' AND '||
913 ' grants.grantee_key in ( '||l_company_info||' ))' ||
914 ' OR (grants.grantee_type = ''GLOBAL'' AND '||
915 ' grants.grantee_key in (''HZ_GLOBAL:-1000'', ''GLOBAL'') )) '||
916 ' AND grants.menu_id IN (' || l_menu_info ||') ' ||
917 ' AND grants.instance_pk1_value = cathier.parent_catalog_group_id ' ||
918 ' AND cathier.child_catalog_group_id = :pk1_val ' ||
919 ' AND ( grants.instance_pk2_value = :pk2_val OR' ||
920 ' ( grants.instance_pk2_value = ''*NULL*'' AND :pk2_val is NULL )) '||
921 ' AND ( grants.instance_pk3_value = :pk3_val OR '||
922 ' ( grants.instance_pk3_value = ''*NULL*'' AND :pk3_val is NULL )) '||
923 ' AND ( grants.instance_pk4_value = :pk4_val OR '||
924 ' ( grants.instance_pk4_value = ''*NULL*'' AND :pk4_val is NULL )) '||
925 ' AND ( grants.instance_pk5_value = :pk5_val OR '||
926 ' ( grants.instance_pk5_value = ''*NULL*'' AND :pk5_val is NULL )) ';
927 ELSE
928 l_dynamic_sql :=
929 'SELECT ''X'' ' ||
930 ' FROM fnd_grants grants ' ||
931 ' WHERE grants.object_id = :object_id ' ||
932 ' AND grants.start_date <= SYSDATE '||
933 ' AND NVL(grants.end_date, SYSDATE) >= SYSDATE ' ||
934 ' AND grants.instance_type = :instance_type ' ||
935 ' AND ( ( grants.grantee_type = ''USER'' AND ' ||
936 ' grants.grantee_key = :user_name ) '||
937 ' OR ( grants.grantee_type = ''GROUP'' AND '||
938 ' grants.grantee_key in ( '||l_group_info||' ))' ||
939 ' OR ( grants.grantee_type = ''COMPANY'' AND '||
940 ' grants.grantee_key in ( '||l_company_info||' ))' ||
941 ' OR (grants.grantee_type = ''GLOBAL'' AND '||
942 ' grants.grantee_key in (''HZ_GLOBAL:-1000'', ''GLOBAL'') )) '||
943 ' AND grants.menu_id IN (' || l_menu_info ||') ' ||
944 ' AND grants.instance_pk1_value = :pk1_val ' ||
945 ' AND ( grants.instance_pk2_value = :pk2_val OR' ||
946 ' ( grants.instance_pk2_value = ''*NULL*'' AND :pk2_val is NULL )) '||
947 ' AND ( grants.instance_pk3_value = :pk3_val OR '||
951 ' AND ( grants.instance_pk5_value = :pk5_val OR '||
948 ' ( grants.instance_pk3_value = ''*NULL*'' AND :pk3_val is NULL )) '||
949 ' AND ( grants.instance_pk4_value = :pk4_val OR '||
950 ' ( grants.instance_pk4_value = ''*NULL*'' AND :pk4_val is NULL )) '||
952 ' ( grants.instance_pk5_value = ''*NULL*'' AND :pk5_val is NULL )) ';
953 END IF;
954 -- R12C Security Changes
955
956 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
957 ,p_module => l_api_name
958 ,p_message => 'Binds for instance_set sql '||
959 ' l_object_id: '||l_object_id||
960 ' - G_TYPE_INSTANCE: '||G_TYPE_INSTANCE||
961 ' - l_user_name: '||l_user_name||
962 ' - p_instance_pk1_value: '|| p_instance_pk1_value ||
963 ' - p_instance_pk2_value: '|| p_instance_pk2_value ||
964 ' - p_instance_pk3_value: '|| p_instance_pk3_value ||
965 ' - p_instance_pk4_value: '|| p_instance_pk4_value ||
966 ' - p_instance_pk5_value: '|| p_instance_pk5_value
967 );
968
969 OPEN instance_set FOR l_dynamic_sql
970 USING IN l_object_id,
971 IN G_TYPE_INSTANCE,
972 IN l_user_name,
973 IN p_instance_pk1_value,
974 IN p_instance_pk2_value,
975 IN p_instance_pk2_value,
976 IN p_instance_pk3_value,
977 IN p_instance_pk3_value,
978 IN p_instance_pk4_value,
979 IN p_instance_pk4_value,
980 IN p_instance_pk5_value,
981 IN p_instance_pk5_value;
982 FETCH instance_set INTO l_result;
983 CLOSE instance_set;
984 IF (l_result = 'X') THEN
985 RETURN G_RETURN_SUCCESS;
986 END IF;
987 -- Step 2.
988 -- get instance set ids in which the given object_key exist
989 -- as a set into l_instance_set
990 -- R12C Security Changes
991 /*l_select_query_part:=
992 'SELECT '|| l_pk_column_names ||
993 ' FROM '|| l_db_object_name ||
994 ' WHERE '; */
995
996 IF (p_object_name = 'EGO_ITEM') THEN
997 l_select_query_part:=
998 'SELECT '|| l_pk_column_names ||
999 ' FROM '|| l_db_object_name || ', ego_item_cat_denorm_hier cathier'||
1000 ' WHERE ';
1001 ELSE
1002 l_select_query_part:=
1003 'SELECT '|| l_pk_column_names ||
1004 ' FROM '|| l_db_object_name ||
1005 ' WHERE ';
1006 END IF;
1007 -- R12C Security Changes
1008
1009 IF (l_db_pk1_column IS NOT NULL) THEN
1010 l_select_query_part := l_select_query_part ||
1011 ' ( '||l_db_pk1_column||' = :pk1_val '||
1012 ' OR ( '||l_db_pk1_column||' is NULL AND :pk1_val is NULL))';
1013 END IF;
1014 IF (l_db_pk2_column IS NOT NULL) THEN
1015 l_select_query_part := l_select_query_part ||
1016 ' AND ( '||l_db_pk2_column||' = :pk2_val '||
1017 ' OR ( '||l_db_pk2_column||' is NULL AND :pk2_val is NULL))';
1018 END IF;
1019 IF (l_db_pk3_column IS NOT NULL) THEN
1020 l_select_query_part := l_select_query_part ||
1021 ' AND ( '||l_db_pk3_column||' = :pk3_val '||
1022 ' OR ( '||l_db_pk3_column||' is NULL AND :pk3_val is NULL))';
1023 END IF;
1024 IF (l_db_pk4_column IS NOT NULL) THEN
1025 l_select_query_part := l_select_query_part ||
1026 ' AND ( '||l_db_pk4_column||' = :pk4_val '||
1027 ' OR ( '||l_db_pk4_column||' is NULL AND :pk4_val is NULL))';
1028 END IF;
1029 IF (l_db_pk5_column IS NOT NULL) THEN
1030 l_select_query_part := l_select_query_part ||
1031 ' AND ( '||l_db_pk5_column||' = :pk5_val '||
1032 ' OR ( '||l_db_pk5_column||' is NULL AND :pk5_val is NULL))';
1033 END IF;
1034
1035 -- R12C Security Changes
1036 -- l_select_query_part := l_select_query_part || ' AND ';
1037 IF (p_object_name = 'EGO_ITEM') THEN
1038 l_select_query_part := l_select_query_part || ' AND item_catalog_group_id = cathier.child_catalog_group_id AND ';
1039 ELSE
1040 l_select_query_part := l_select_query_part || ' AND ';
1041 END IF;
1042 -- R12C Security Changes
1043
1044 l_dynamic_sql := l_select_query_part;
1045 l_instance_predicate_list := '(';
1046 l_set_id_cnt := 0;
1047
1048
1049 --end_date:= DBMS_UTILITY.GET_TIME;
1050 --millisec:= (end_date-start_date)*24*60*60*1000;
1051 --dbms_output.put_line('1. Diff. in Get Time 100th of a sec ::'||to_char(end_date-start_date,'9999999'));
1052 --bug 5027160.:START
1053
1054 --
1055 -- open cursor for candidate sets and find out what all are required
1056 --
1057 l_dynamic_sql_1 :=
1058 ' SELECT DISTINCT sets.instance_SET_ID, sets.predicate ' ||
1059 ' FROM fnd_grants grants, ' ||
1060 ' fnd_object_instance_sets sets '||
1061 ' WHERE grants.object_id = :object_id ' ||
1062 ' AND grants.start_date <= SYSDATE ' ||
1063 ' AND NVL(grants.end_date,SYSDATE) >= SYSDATE '||
1064 ' AND grants.instance_type = :instance_type ' ||
1065 ' AND ( ( grants.grantee_type = ''USER'' AND '||
1066 ' grants.grantee_key = :user_name ) '||
1067 ' OR ( grants.grantee_type = ''GROUP'' AND '||
1071 ' OR (grants.grantee_type = ''GLOBAL'' AND '||
1068 ' grants.grantee_key in ( '||l_group_info||' ))' ||
1069 ' OR ( grants.grantee_type = ''COMPANY'' AND '||
1070 ' grants.grantee_key in ( '||l_company_info||' ))' ||
1072 ' grants.grantee_key in (''HZ_GLOBAL:-1000'', ''GLOBAL'') )) '||
1073 ' AND grants.menu_id IN (' || l_menu_info ||') ' ||
1074 ' AND sets.instance_set_id = grants.instance_set_id ' ||
1075 ' AND sets.object_id = grants.object_id ';
1076 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
1077 ,p_module => l_api_name
1078 ,p_message => 'SQL for candidate_sets_cursor '||l_dynamic_sql_1
1079 );
1080 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
1081 ,p_module => l_api_name
1082 ,p_message => 'Binds for candidate_sets_cursor '||
1083 ' l_object_id: '||l_object_id||
1084 ' - G_TYPE_SET: '||G_TYPE_SET||
1085 ' - l_user_name: '||l_user_name
1086 );
1087
1088 OPEN candidate_sets_c FOR l_dynamic_sql_1
1089 USING IN l_object_id,
1090 IN G_TYPE_SET,
1091 IN l_user_name;
1092 LOOP
1093 FETCH candidate_sets_c INTO l_one_set_id, l_one_set_predicate;
1094 EXIT WHEN candidate_sets_c%NOTFOUND;
1095 --incrementing the count so that we can call the API process_set_ids if
1096 --the count is 10.
1097 l_set_id_cnt:=l_set_id_cnt+1;
1098 l_instance_predicate_list :=
1099 l_instance_predicate_list ||l_one_set_predicate ||') OR (';
1100 --we are collectig prdicates and trying to process 10 at a time
1101 --by executing the l_dynamic_sql once for ten predicates, thus reducing
1102 --the number of times the l_dynamic_sql is executed.
1103 IF (MOD(l_set_id_cnt,10) = 0) THEN
1104 l_has_priv := process_set_ids (
1105 p_db_pk1_column => l_db_pk1_column,
1106 p_db_pk2_column => l_db_pk2_column,
1107 p_db_pk3_column => l_db_pk3_column,
1108 p_db_pk4_column => l_db_pk4_column,
1109 p_db_pk5_column => l_db_pk5_column,
1110 p_instance_pk1_value => p_instance_pk1_value,
1111 p_instance_pk2_value => p_instance_pk2_value,
1112 p_instance_pk3_value => p_instance_pk3_value,
1113 p_instance_pk4_value => p_instance_pk4_value,
1114 p_instance_pk5_value => p_instance_pk5_value,
1115 p_dynamic_sql => l_dynamic_sql,
1116 p_instance_predicate_list => l_instance_predicate_list
1117 );
1118 --return T if the user has a privilege
1119 IF l_has_priv = G_RETURN_SUCCESS THEN
1120 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
1121 ,p_module => l_api_name
1122 ,p_message => 'Returning from set id''s '||l_has_priv
1123 );
1124 RETURN l_has_priv;
1125 ELSIF l_has_priv = G_RETURN_UNEXP_ERR THEN
1126 RAISE FND_API.G_EXC_UNEXPECTED_ERROR;
1127 ELSE
1128 l_instance_predicate_list :='(';
1129 l_set_id_cnt:=0;
1130 END IF;
1131 END IF;--MOD(l_set_id_cnt,10)
1132 END LOOP;
1133 CLOSE candidate_sets_c;
1134 --calling the API process_set_ids for the rest of the set_ids.
1135 l_has_priv := process_set_ids (
1136 p_db_pk1_column => l_db_pk1_column,
1137 p_db_pk2_column => l_db_pk2_column,
1138 p_db_pk3_column => l_db_pk3_column,
1139 p_db_pk4_column => l_db_pk4_column,
1140 p_db_pk5_column => l_db_pk5_column,
1141 p_instance_pk1_value => p_instance_pk1_value,
1142 p_instance_pk2_value => p_instance_pk2_value,
1143 p_instance_pk3_value => p_instance_pk3_value,
1144 p_instance_pk4_value => p_instance_pk4_value,
1145 p_instance_pk5_value => p_instance_pk5_value,
1146 p_dynamic_sql => l_dynamic_sql,
1147 p_instance_predicate_list => l_instance_predicate_list
1148 );
1149 IF l_has_priv = G_RETURN_UNEXP_ERR THEN
1150 RAISE FND_API.G_EXC_UNEXPECTED_ERROR;
1151 END IF;
1152 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
1153 ,p_module => l_api_name
1154 ,p_message => 'Returning status '||l_has_priv
1155 );
1156 RETURN l_has_priv;
1157 --bug 5027160.:END
1158 EXCEPTION
1159 WHEN FND_API.G_EXC_UNEXPECTED_ERROR THEN
1160 code_debug (p_log_level => G_DEBUG_LEVEL_EXCEPTION
1161 ,p_module => l_api_name
1162 ,p_message => 'Returning EXCEPTION '||SQLERRM
1163 );
1164 RETURN G_RETURN_UNEXP_ERR;
1165 WHEN OTHERS THEN
1166 fnd_message.set_name('FND', 'SQL_PLSQL_ERROR');
1167 fnd_message.set_token('ROUTINE',G_PKG_NAME||l_api_name);
1168 fnd_message.set_token('ERRNO', SQLCODE);
1169 fnd_message.set_token('REASON', SQLERRM);
1170 code_debug (p_log_level => G_DEBUG_LEVEL_EXCEPTION
1171 ,p_module => l_api_name
1172 ,p_message => 'Returning EXCEPTION '||SQLERRM
1176
1173 );
1174 RETURN G_RETURN_UNEXP_ERR;
1175 END check_function;
1177 --------------------------------------------------------
1178 ---- check_inherited_function
1179 --------------------------------------------------------
1180 FUNCTION check_inherited_function
1181 (
1182 p_api_version IN NUMBER,
1183 p_function IN VARCHAR2,
1184 p_object_name IN VARCHAR2,
1185 p_instance_pk1_value IN VARCHAR2,
1186 p_instance_pk2_value IN VARCHAR2 DEFAULT NULL,
1187 p_instance_pk3_value IN VARCHAR2 DEFAULT NULL,
1188 p_instance_pk4_value IN VARCHAR2 DEFAULT NULL,
1189 p_instance_pk5_value IN VARCHAR2 DEFAULT NULL,
1190 p_user_name IN VARCHAR2 DEFAULT NULL,
1191 p_object_type IN VARCHAR2 DEFAULT NULL,
1192 p_parent_object_name IN VARCHAR2,
1193 p_parent_instance_pk1_value IN VARCHAR2,
1194 p_parent_instance_pk2_value IN VARCHAR2 DEFAULT NULL,
1195 p_parent_instance_pk3_value IN VARCHAR2 DEFAULT NULL,
1196 p_parent_instance_pk4_value IN VARCHAR2 DEFAULT NULL,
1197 p_parent_instance_pk5_value IN VARCHAR2 DEFAULT NULL
1198 )
1199 RETURN VARCHAR2 IS
1200
1201 l_api_version CONSTANT NUMBER := 1.0;
1202 l_api_name CONSTANT VARCHAR2(30) := 'CHECK_INHERITED_FUNCTION';
1203 l_sysdate DATE := Sysdate;
1204 l_predicate VARCHAR2(32767);
1205 -- l_orig_system VARCHAR2(48);
1206 l_orig_system_id NUMBER;
1207 l_dummy_id NUMBER;
1208 l_db_object_name VARCHAR2(30);
1209 l_db_pk1_column VARCHAR2(30);
1210 l_db_pk2_column VARCHAR2(30);
1211 l_db_pk3_column VARCHAR2(30);
1212 l_db_pk4_column VARCHAR2(30);
1213 l_db_pk5_column VARCHAR2(30);
1214 l_pk_column_names VARCHAR2(512);
1215 l_pk_orig_column_names VARCHAR2(512);
1216 l_type_converted_val_cols VARCHAR2(512);
1217 l_result VARCHAR2(1);
1218 l_return_status VARCHAR2(1);
1219 result VARCHAR2(30);
1220 l_own_result VARCHAR2(1);
1221 l_parent_object_table_count NUMBER;
1222 l_set_predicates VARCHAR2(32767);
1223 l_set_predicate_segment VARCHAR2(32767);
1224 l_group_info VARCHAR2(32767); /* Must match g_pred_buf_size*/
1225 l_company_info VARCHAR2(32767); /* Must match g_pred_buf_size*/
1226 l_menu_info VARCHAR2(32767); /* Must match g_pred_buf_size*/
1227 l_pk2_value VARCHAR2(200);
1228 l_pk3_value VARCHAR2(200);
1229 l_pk4_value VARCHAR2(200);
1230 l_pk5_value VARCHAR2(200);
1231
1232 instance_sets_cur DYNAMIC_CUR;
1233 dynamic_sql VARCHAR2(32767);
1234 parent_instance_grants_c DYNAMIC_CUR;
1235 parent_instance_set_grants_c DYNAMIC_CUR;
1236 l_dynamic_sql_1 VARCHAR2(32767);
1237
1238 CURSOR menu_id_c (cp_function VARCHAR2, cp_object_id NUMBER,
1239 cp_object_type VARCHAR2, cp_parent_object_id NUMBER)
1240 IS
1241 SELECT p.parent_role_id parent_role_id
1242 FROM fnd_menu_entries r, fnd_form_functions f,
1243 fnd_menus m, ego_obj_role_mappings p
1244 WHERE r.function_id = f.function_id
1245 AND r.menu_id = m.menu_id
1246 AND f.function_name = cp_function
1247 AND m.menu_id = p.child_role_id
1248 AND p.child_object_id = cp_object_id
1249 AND p.parent_object_id = cp_parent_object_id
1250 AND p.child_object_type = cp_object_type;
1251
1252 l_object_id NUMBER;
1253 l_parent_object_id NUMBER;
1254 l_user_name VARCHAR2(80);
1255 l_inst_pred_length NUMBER;
1256 l_profile_role VARCHAR2(30);
1257 BEGIN
1258 SetGlobals();
1259 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
1260 ,p_module => l_api_name
1261 ,p_message => 'Started with 16 params '||
1262 ' p_api_version: '|| to_char(p_api_version) ||
1263 ' - p_function: '|| p_function ||
1264 ' - p_object_name: '|| p_object_name ||
1265 ' - p_instance_pk1_value: '|| p_instance_pk1_value ||
1266 ' - p_instance_pk2_value: '|| p_instance_pk2_value ||
1267 ' - p_instance_pk3_value: '|| p_instance_pk3_value ||
1268 ' - p_instance_pk4_value: '|| p_instance_pk4_value ||
1269 ' - p_instance_pk5_value: '|| p_instance_pk5_value ||
1270 ' - p_user_name: '|| p_user_name ||
1271 ' - p_object_type: '|| p_object_type ||
1272 ' - p_parent_object_name: '|| p_parent_object_name ||
1273 ' - p_parent_instance_pk1_value: '|| p_parent_instance_pk1_value ||
1274 ' - p_parent_instance_pk2_value: '|| p_parent_instance_pk2_value ||
1275 ' - p_parent_instance_pk3_value: '|| p_parent_instance_pk3_value ||
1276 ' - p_parent_instance_pk4_value: '|| p_parent_instance_pk4_value ||
1277 ' - p_parent_instance_pk5_value: '|| p_parent_instance_pk5_value
1278 );
1279
1280 -- check for call compatibility.
1284 g_pkg_name || '.'|| l_api_name);
1281 IF TRUNC(l_api_version) <> TRUNC(p_api_version) THEN
1282 fnd_message.set_name('FND', 'GENERIC-INTERNAL ERROR');
1283 fnd_message.set_token('ROUTINE',
1285 fnd_message.set_token('REASON',
1286 'Unsupported version '|| to_char(p_api_version)||
1287 ' passed to API; expecting version '||
1288 to_char(l_api_version));
1289 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
1290 ,p_module => l_api_name
1291 ,p_message => 'Returning as the call in incompatible '
1292 );
1293 RETURN G_RETURN_UNEXP_ERR;
1294 END IF;
1295
1296 l_user_name := p_user_name;
1297 get_orig_key(x_user_name => l_user_name
1298 -- ,x_orig_system => l_orig_system
1299 ,x_orig_system_id => l_orig_system_id);
1300 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
1301 ,p_module => l_api_name
1302 ,p_message => 'l_user_name: '||l_user_name||
1303 -- ' - l_orig_system: '||l_orig_system||
1304 ' - l_orig_system_id: '||l_orig_system_id
1305 );
1306
1307 --call check_function first to check its own security
1308 --won't check it if object_instance is -1
1309
1310 if (p_instance_pk1_value<>-1) then
1311 l_own_result := check_function
1312 (p_api_version => 1.0,
1313 p_function => p_function,
1314 p_object_name => p_object_name,
1315 p_instance_pk1_value => p_instance_pk1_value,
1316 p_instance_pk2_value => p_instance_pk2_value,
1317 p_instance_pk3_value => p_instance_pk3_value,
1318 p_instance_pk4_value => p_instance_pk4_value,
1319 p_instance_pk5_value => p_instance_pk5_value,
1320 p_user_name => l_user_name);
1321
1322 if (l_own_result = G_RETURN_SUCCESS) then
1323 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
1324 ,p_module => l_api_name
1325 ,p_message => 'Returning Success as we have direct role '
1326 );
1327 RETURN G_RETURN_SUCCESS;
1328 end if;
1329 end if;
1330
1331 l_object_id := get_object_id(p_object_name => p_object_name);
1332 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
1333 ,p_module => l_api_name
1334 ,p_message => 'l_object_id: '||l_object_id
1335 );
1336 l_parent_object_id := get_object_id(p_object_name => p_parent_object_name);
1337 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
1338 ,p_module => l_api_name
1339 ,p_message => 'l_parent_object_id: '||l_parent_object_id
1340 );
1341
1342 l_menu_info := '';
1343 FOR menu_rec IN menu_id_c(p_function, l_object_id,
1344 p_object_type, l_parent_object_id)
1345 LOOP
1346 l_menu_info := l_menu_info || menu_rec.parent_role_id || ', ';
1347 END LOOP;
1348
1349 IF (length(l_menu_info) > 0) THEN
1350 -- strip off the trailing ', '
1351 l_menu_info := substr(l_menu_info, 1, length(l_menu_info) - length(', '));
1352 ELSE
1353 l_menu_info := 'NULL';
1354 END IF;
1355 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
1356 ,p_module => l_api_name
1357 ,p_message => 'l_menu_info: '||l_menu_info
1358 );
1359 l_group_info := get_group_info(p_party_id => l_orig_system_id);
1360 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
1361 ,p_module => l_api_name
1362 ,p_message => 'l_group_info: '||l_group_info
1363 );
1364 l_company_info := get_company_info (p_party_id => l_orig_system_id);
1365 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
1366 ,p_module => l_api_name
1367 ,p_message => 'l_company_info: '||l_company_info
1368 );
1369
1370 ------------------------------------------------------------------
1371 -- we see if a profile option is set and if so we add it to --
1372 -- the other list of menus --
1373 -------------------------------------------------------------------
1374 l_profile_role :=
1375 getRole_mappedTo_profileOption(p_parent_object_name, p_user_name);
1376 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
1377 ,p_module => l_api_name
1378 ,p_message => 'profile role for '||p_parent_object_name||
1379 ' is: '||l_profile_role
1380 );
1381 IF (l_profile_role <> '') THEN
1382 l_dummy_id := get_role_id(l_profile_role);
1383 IF l_dummy_id IS NOT NULL THEN
1384 IF(l_menu_info = 'NULL') THEN
1385 l_menu_info := l_dummy_id;
1386 ELSE
1387 l_menu_info := l_menu_info || ', ' || l_dummy_id;
1388 END IF;
1389 END IF;
1390 END IF;
1391
1392 -------------------------------------------------------
1393 -- We set PK query strings based on values passed in --
1394 -- (NOTE: following bug 2865553, FND_GRANTS will not --
1395 -- have null PK column values, so I'm changing this --
1399 ,p_instance_pk3_value => p_parent_instance_pk3_value
1396 -- code to check for '*NULL*' instead of null. -Dylan--
1397 -------------------------------------------------------
1398 translate_pk_values (p_instance_pk2_value => p_parent_instance_pk2_value
1400 ,p_instance_pk4_value => p_parent_instance_pk4_value
1401 ,p_instance_pk5_value => p_parent_instance_pk5_value
1402 ,x_trans_pk2_value => l_pk2_value
1403 ,x_trans_pk3_value => l_pk3_value
1404 ,x_trans_pk4_value => l_pk4_value
1405 ,x_trans_pk5_value => l_pk5_value
1406 );
1407 /***
1408 IF (p_instance_pk2_value IS NULL) THEN
1409 l_pk2_value := '*NULL*';
1410 else
1411 l_pk2_value := p_parent_instance_pk2_value;
1412 end if;
1413
1414 IF (p_instance_pk3_value IS NULL) THEN
1415 l_pk3_value := '*NULL*';
1416 ELSE
1417 l_pk3_value := p_parent_instance_pk3_value;
1418 END IF;
1419
1420 IF (p_instance_pk4_value IS NULL) THEN
1421 l_pk4_value := '*NULL*';
1422 ELSE
1423 l_pk4_value := p_parent_instance_pk4_value;
1424 END IF;
1425
1426 IF (p_instance_pk5_value IS NULL) THEN
1427 l_pk5_value := '*NULL*';
1428 ELSE
1429 l_pk5_value := p_parent_instance_pk5_value;
1430 END IF;
1431 ***/
1432 -------------------------------------------------------------------------------
1433 -- Now we build dynamic SQL using the work we just did to optimize the query --
1434 -------------------------------------------------------------------------------
1435 -- R12C Security Changes
1436 /* l_dynamic_sql_1 :=
1437 ' SELECT ''X'' ' ||
1438 ' FROM fnd_grants grants ' ||
1439 ' WHERE grants.object_id = :object_id' ||
1440 ' AND grants.start_date <= SYSDATE ' ||
1441 ' AND NVL(grants.end_date,SYSDATE) >= SYSDATE ' ||
1442 ' AND grants.instance_type = :instance_type ' ||
1443 ' AND grants.instance_pk1_value = :parent_instance_pk1_value ' ||
1444 ' AND grants.instance_pk2_value = :pk2_value ' ||
1445 ' AND grants.instance_pk3_value = :pk3_value ' ||
1446 ' AND grants.instance_pk4_value = :pk4_value ' ||
1447 ' AND grants.instance_pk5_value = :pk5_value ' ||
1448 ' AND ( ( grants.grantee_type = ''USER'' AND ' ||
1449 ' grants.grantee_key = :user_name ) '||
1450 ' OR (grants.grantee_type = ''GROUP'' AND ' ||
1451 ' grants.grantee_key in ( '||l_group_info||' )) ' ||
1452 ' OR (grants.grantee_type = ''COMPANY'' AND ' ||
1453 ' grants.grantee_key in ( '||l_company_info||' )) ' ||
1454 ' OR (grants.grantee_type = ''GLOBAL'' AND ' ||
1455 ' grants.grantee_key in (''HZ_GLOBAL:-1000'', ''GLOBAL'') )) '||
1456 ' AND grants.menu_id IN (' || l_menu_info ||') '; */
1457
1458
1459 IF (p_object_name = 'EGO_CATALOG_GROUP') THEN
1460 l_dynamic_sql_1 :=
1461 ' SELECT ''X'' ' ||
1462 ' FROM fnd_grants grants , ego_item_cat_denorm_hier cathier ' ||
1463 ' WHERE grants.object_id = :object_id' ||
1464 ' AND grants.start_date <= SYSDATE ' ||
1465 ' AND NVL(grants.end_date,SYSDATE) >= SYSDATE ' ||
1466 ' AND grants.instance_type = :instance_type ' ||
1467 ' AND grants.instance_pk1_value = cathier.parent_catalog_group_id ' ||
1468 ' AND cathier.child_catalog_group_id = :parent_instance_pk1_value ' ||
1469 ' AND grants.instance_pk2_value = :pk2_value ' ||
1470 ' AND grants.instance_pk3_value = :pk3_value ' ||
1471 ' AND grants.instance_pk4_value = :pk4_value ' ||
1472 ' AND grants.instance_pk5_value = :pk5_value ' ||
1473 ' AND ( ( grants.grantee_type = ''USER'' AND ' ||
1474 ' grants.grantee_key = :user_name ) '||
1475 ' OR (grants.grantee_type = ''GROUP'' AND ' ||
1476 ' grants.grantee_key in ( '||l_group_info||' )) ' ||
1477 ' OR (grants.grantee_type = ''COMPANY'' AND ' ||
1478 ' grants.grantee_key in ( '||l_company_info||' )) ' ||
1479 ' OR (grants.grantee_type = ''GLOBAL'' AND ' ||
1480 ' grants.grantee_key in (''HZ_GLOBAL:-1000'', ''GLOBAL'') )) '||
1481 ' AND grants.menu_id IN (' || l_menu_info ||') ';
1482 ELSE
1483 l_dynamic_sql_1 :=
1484 ' SELECT ''X'' ' ||
1485 ' FROM fnd_grants grants ' ||
1486 ' WHERE grants.object_id = :object_id' ||
1487 ' AND grants.start_date <= SYSDATE ' ||
1488 ' AND NVL(grants.end_date,SYSDATE) >= SYSDATE ' ||
1489 ' AND grants.instance_type = :instance_type ' ||
1490 ' AND grants.instance_pk1_value = :parent_instance_pk1_value ' ||
1491 ' AND grants.instance_pk2_value = :pk2_value ' ||
1492 ' AND grants.instance_pk3_value = :pk3_value ' ||
1493 ' AND grants.instance_pk4_value = :pk4_value ' ||
1494 ' AND grants.instance_pk5_value = :pk5_value ' ||
1495 ' AND ( ( grants.grantee_type = ''USER'' AND ' ||
1496 ' grants.grantee_key = :user_name ) '||
1497 ' OR (grants.grantee_type = ''GROUP'' AND ' ||
1498 ' grants.grantee_key in ( '||l_group_info||' )) ' ||
1499 ' OR (grants.grantee_type = ''COMPANY'' AND ' ||
1500 ' grants.grantee_key in ( '||l_company_info||' )) ' ||
1501 ' OR (grants.grantee_type = ''GLOBAL'' AND ' ||
1502 ' grants.grantee_key in (''HZ_GLOBAL:-1000'', ''GLOBAL'') )) '||
1506 --R12C Security Changes
1503 ' AND grants.menu_id IN (' || l_menu_info ||') ';
1504 END IF;
1505
1507
1508 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
1509 ,p_module => l_api_name
1510 ,p_message => 'Binds for parent direct grants '||
1511 ' l_parent_object_id: '||l_parent_object_id||
1512 ' - G_TYPE_INSTANCE: '||G_TYPE_INSTANCE||
1513 ' - p_parent_instance_pk1_value: '|| p_parent_instance_pk1_value ||
1514 ' - l_pk2_value: '|| l_pk2_value ||
1515 ' - l_pk3_value: '|| l_pk3_value ||
1516 ' - l_pk4_value: '|| l_pk4_value ||
1517 ' - l_pk5_value: '|| l_pk5_value ||
1518 ' - l_user_name: '||l_user_name
1519 );
1520 OPEN parent_instance_grants_c
1521 FOR l_dynamic_sql_1
1522 USING IN l_parent_object_id,
1523 IN G_TYPE_INSTANCE,
1524 IN p_parent_instance_pk1_value,
1525 IN l_pk2_value,
1526 IN l_pk3_value,
1527 IN l_pk4_value,
1528 IN l_pk5_value,
1529 IN l_user_name;
1530 FETCH parent_instance_grants_c INTO l_result;
1531 CLOSE parent_instance_grants_c;
1532
1533 IF (l_result = 'X') THEN
1534 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
1535 ,p_module => l_api_name
1536 ,p_message => 'Returning Success as function found in parent direct grants '
1537 );
1538 RETURN G_RETURN_SUCCESS;
1539 ELSE
1540 result := get_pk_information(p_parent_object_name, l_db_pk1_column,
1541 l_db_pk2_column, l_db_pk3_column,
1542 l_db_pk4_column, l_db_pk5_column,
1543 l_pk_column_names, l_type_converted_val_cols,
1544 l_pk_orig_column_names, l_db_object_name);
1545 if (result <> G_RETURN_SUCCESS) then
1546 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
1547 ,p_module => l_api_name
1548 ,p_message => 'Parent PK informatino not available returning: '||result
1549 );
1550 /* There will be a message on the msg dict stack. */
1551 return result;
1552 end if;
1553
1554 ---------------------------------------------------------------------------------
1555 -- Now we build a second dynamic SQL to check instance sets (still optimizing) --
1556 ---------------------------------------------------------------------------------
1557 l_set_predicates := '(';
1558 l_set_predicate_segment := '';
1559 l_dynamic_sql_1 :=
1560 ' SELECT DISTINCT instance_sets.predicate ' ||
1561 ' FROM fnd_grants grants, fnd_object_instance_sets instance_sets ' ||
1562 ' WHERE grants.instance_type = :instance_type '||
1563 ' AND grants.start_date <= SYSDATE ' ||
1564 ' AND NVL(grants.end_date,SYSDATE) >= SYSDATE ' ||
1565 ' AND grants.instance_set_id = instance_sets.instance_set_id ' ||
1566 ' AND grants.object_id = :object_id ' ||
1567 ' AND ( ( grants.grantee_type = ''USER'' AND ' ||
1568 ' grants.grantee_key = :user_name ) '||
1569 ' OR (grants.grantee_type = ''GROUP'' AND ' ||
1570 ' grants.grantee_key in ( '||l_group_info||' )) ' ||
1571 ' OR (grants.grantee_type = ''COMPANY'' AND ' ||
1572 ' grants.grantee_key in ( '||l_company_info||' )) ' ||
1573 ' OR (grants.grantee_type = ''GLOBAL'' AND ' ||
1574 ' grants.grantee_key in (''HZ_GLOBAL:-1000'', ''GLOBAL'') )) '||
1575 ' AND grants.menu_id IN (' || l_menu_info ||') ';
1576 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
1577 ,p_module => l_api_name
1578 ,p_message => 'Binds for parent_instance_set_grants_c '||
1579 ' G_TYPE_SET: '||G_TYPE_SET||
1580 ' - l_parent_object_id: '||l_parent_object_id||
1581 ' - l_user_name: '||l_user_name
1582 );
1583
1584 ----------------------------------------------------------------------
1585 -- Loop through the result set adding each segment to the predicate --
1586 ----------------------------------------------------------------------
1587 OPEN parent_instance_set_grants_c
1588 FOR l_dynamic_sql_1
1589 USING IN G_TYPE_SET,
1590 IN l_parent_object_id,
1591 IN l_user_name;
1592 LOOP
1593 FETCH parent_instance_set_grants_c into l_set_predicate_segment;
1594 EXIT WHEN parent_instance_set_grants_c%NOTFOUND;
1595
1596 l_set_predicates := substrb(l_set_predicates ||
1597 l_set_predicate_segment ||
1598 ') OR (',
1599 1, g_pred_buf_size);
1600 END LOOP;
1601 CLOSE parent_instance_set_grants_c;
1602
1603 l_inst_pred_length := LENGTH(l_set_predicates);
1604 IF l_inst_pred_length = 1 THEN
1605 -- No predicate
1606 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
1607 ,p_module => l_api_name
1608 ,p_message => 'No instance sets available returning: '||G_RETURN_FAILURE
1609 );
1610 RETURN G_RETURN_FAILURE;
1611 ELSE
1612 l_set_predicates := SUBSTR(l_set_predicates, 1,
1613 l_inst_pred_length - length('OR ('));
1614 END IF;
1618 ,p_module => l_api_name
1615 -- finished by.a
1616 l_predicate := l_set_predicates;
1617 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
1619 ,p_message => 'l_set_predicates: '||l_set_predicates
1620 );
1621 -- R12C Security Changes
1622 /*dynamic_sql :=
1623 'SELECT ''X'' '||
1624 ' FROM '|| l_db_object_name ||
1625 ' WHERE '; */
1626
1627 IF (p_object_name = 'EGO_ITEM') THEN
1628 dynamic_sql :=
1629 'SELECT ''X'' '||
1630 ' FROM '|| l_db_object_name || ', ego_item_cat_denorm_hier cathier'||
1631 ' WHERE ';
1632 ELSE
1633 dynamic_sql :=
1634 'SELECT ''X'' '||
1635 ' FROM '|| l_db_object_name ||
1636 ' WHERE ';
1637 END IF;
1638 -- R12C Security Changes
1639
1640 if (l_db_pk1_column is not NULL) then
1641 dynamic_sql := dynamic_sql ||
1642 ' (('||l_db_pk1_column||' = :pk1_val) '||
1643 ' OR (('||l_db_pk1_column||' is NULL) '||
1644 ' AND (:pk1_val is NULL)))';
1645 end if;
1646 if (l_db_pk2_column is not NULL) then
1647 dynamic_sql := dynamic_sql ||
1648 ' AND (('||l_db_pk2_column||' = :pk2_val) '||
1649 ' OR (('||l_db_pk2_column||' is NULL) '||
1650 ' AND (:pk2_val is NULL)))';
1651 end if;
1652 if (l_db_pk3_column is not NULL) then
1653 dynamic_sql := dynamic_sql ||
1654 ' AND (('||l_db_pk3_column||' = :pk3_val) '||
1655 ' OR (('||l_db_pk3_column||' is NULL) '||
1656 ' AND (:pk3_val is NULL)))';
1657 end if;
1658 if (l_db_pk4_column is not NULL) then
1659 dynamic_sql := dynamic_sql ||
1660 ' AND (('||l_db_pk4_column||' = :pk4_val) '||
1661 ' OR (('||l_db_pk4_column||' is NULL) '||
1662 ' AND (:pk4_val is NULL)))';
1663 end if;
1664 if (l_db_pk5_column is not NULL) then
1665 dynamic_sql := dynamic_sql ||
1666 ' AND (('||l_db_pk5_column||' = :pk5_val) '||
1667 ' OR (('||l_db_pk5_column||' is NULL) '||
1668 ' AND (:pk2_val is NULL)))';
1669 end if;
1670
1671 --R12C Security Changes
1672 /*dynamic_sql := dynamic_sql ||
1673 ' AND ('||l_predicate||') ';*/
1674 IF (p_object_name = 'EGO_ITEM') THEN
1675 dynamic_sql := dynamic_sql ||
1676 ' AND item_catalog_group_id = cathier.child_catalog_group_id AND ('||l_predicate||') ';
1677 ELSE
1678 dynamic_sql := dynamic_sql ||
1679 ' AND ('||l_predicate||') ';
1680 END IF;
1681 --R12C Security Changes
1682
1683 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
1684 ,p_module => l_api_name
1685 ,p_message => 'dynamic_sql: '||dynamic_sql
1686 );
1687
1688 if(l_db_pk5_column is not NULL) then
1689 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
1690 ,p_module => l_api_name
1691 ,p_message => 'Binds for instance_sets_cur is '||
1692 ' - p_parent_instance_pk1_value: '|| p_parent_instance_pk1_value ||
1693 ' - p_parent_instance_pk1_value: '|| p_parent_instance_pk1_value ||
1694 ' - p_parent_instance_pk2_value: '|| p_parent_instance_pk2_value ||
1695 ' - p_parent_instance_pk2_value: '|| p_parent_instance_pk2_value ||
1696 ' - p_parent_instance_pk3_value: '|| p_parent_instance_pk3_value ||
1697 ' - p_parent_instance_pk3_value: '|| p_parent_instance_pk3_value ||
1698 ' - p_parent_instance_pk4_value: '|| p_parent_instance_pk4_value ||
1699 ' - p_parent_instance_pk4_value: '|| p_parent_instance_pk4_value ||
1700 ' - p_parent_instance_pk5_value: '|| p_parent_instance_pk5_value ||
1701 ' - p_parent_instance_pk5_value: '|| p_parent_instance_pk5_value
1702 );
1703 OPEN instance_sets_cur FOR dynamic_sql USING
1704 p_parent_instance_pk1_value, p_parent_instance_pk1_value,
1705 p_parent_instance_pk2_value, p_parent_instance_pk2_value,
1706 p_parent_instance_pk3_value, p_parent_instance_pk3_value,
1707 p_parent_instance_pk4_value, p_parent_instance_pk4_value,
1708 p_parent_instance_pk5_value, p_parent_instance_pk5_value;
1709 elsif (l_db_pk4_column is not NULL) then
1710 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
1711 ,p_module => l_api_name
1712 ,p_message => 'Binds for instance_sets_cur is '||
1713 ' - p_parent_instance_pk1_value: '|| p_parent_instance_pk1_value ||
1714 ' - p_parent_instance_pk1_value: '|| p_parent_instance_pk1_value ||
1715 ' - p_parent_instance_pk2_value: '|| p_parent_instance_pk2_value ||
1716 ' - p_parent_instance_pk2_value: '|| p_parent_instance_pk2_value ||
1717 ' - p_parent_instance_pk3_value: '|| p_parent_instance_pk3_value ||
1718 ' - p_parent_instance_pk3_value: '|| p_parent_instance_pk3_value ||
1719 ' - p_parent_instance_pk4_value: '|| p_parent_instance_pk4_value ||
1720 ' - p_parent_instance_pk4_value: '|| p_parent_instance_pk4_value
1721 );
1722 OPEN instance_sets_cur FOR dynamic_sql USING
1726 p_parent_instance_pk4_value, p_parent_instance_pk4_value;
1723 p_parent_instance_pk1_value, p_parent_instance_pk1_value,
1724 p_parent_instance_pk2_value, p_parent_instance_pk2_value,
1725 p_parent_instance_pk3_value, p_parent_instance_pk3_value,
1727 elsif (l_db_pk3_column is not NULL) then
1728 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
1729 ,p_module => l_api_name
1730 ,p_message => 'Binds for instance_sets_cur is '||
1731 ' - p_parent_instance_pk1_value: '|| p_parent_instance_pk1_value ||
1732 ' - p_parent_instance_pk1_value: '|| p_parent_instance_pk1_value ||
1733 ' - p_parent_instance_pk2_value: '|| p_parent_instance_pk2_value ||
1734 ' - p_parent_instance_pk2_value: '|| p_parent_instance_pk2_value ||
1735 ' - p_parent_instance_pk3_value: '|| p_parent_instance_pk3_value ||
1736 ' - p_parent_instance_pk3_value: '|| p_parent_instance_pk3_value
1737 );
1738 OPEN instance_sets_cur FOR dynamic_sql USING
1739 p_parent_instance_pk1_value, p_parent_instance_pk1_value,
1740 p_parent_instance_pk2_value, p_parent_instance_pk2_value,
1741 p_parent_instance_pk3_value, p_parent_instance_pk3_value;
1742 elsif (l_db_pk2_column is not NULL) then
1743 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
1744 ,p_module => l_api_name
1745 ,p_message => 'Binds for instance_sets_cur is '||
1746 ' - p_parent_instance_pk1_value: '|| p_parent_instance_pk1_value ||
1747 ' - p_parent_instance_pk1_value: '|| p_parent_instance_pk1_value ||
1748 ' - p_parent_instance_pk2_value: '|| p_parent_instance_pk2_value ||
1749 ' - p_parent_instance_pk2_value: '|| p_parent_instance_pk2_value
1750 );
1751 OPEN instance_sets_cur FOR dynamic_sql USING
1752 p_parent_instance_pk1_value, p_parent_instance_pk1_value,
1753 p_parent_instance_pk2_value, p_parent_instance_pk2_value;
1754 elsif (l_db_pk1_column is not NULL) then
1755 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
1756 ,p_module => l_api_name
1757 ,p_message => 'Binds for instance_sets_cur is '||
1758 ' - p_parent_instance_pk1_value: '|| p_parent_instance_pk1_value ||
1759 ' - p_parent_instance_pk1_value: '|| p_parent_instance_pk1_value
1760 );
1761 OPEN instance_sets_cur FOR dynamic_sql USING
1762 p_parent_instance_pk1_value, p_parent_instance_pk1_value;
1763 else
1764 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
1765 ,p_module => l_api_name
1766 ,p_message => 'No pk values for parent!! : '||G_RETURN_UNEXP_ERR
1767 );
1768 return G_RETURN_UNEXP_ERR; /* This will never happen since pk1 is reqd*/
1769 end if;
1770
1771 FETCH instance_sets_cur INTO l_own_result;
1772 IF(instance_sets_cur%NOTFOUND) THEN
1773 CLOSE instance_sets_cur;
1774 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
1775 ,p_module => l_api_name
1776 ,p_message => 'No role from instance sets after query: '||G_RETURN_FAILURE
1777 );
1778 RETURN G_RETURN_FAILURE;
1779 ELSE
1780 CLOSE instance_sets_cur;
1781 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
1782 ,p_module => l_api_name
1783 ,p_message => 'No instance sets available returning: '||G_RETURN_SUCCESS
1784 );
1785 RETURN G_RETURN_SUCCESS;
1786 END IF;
1787 END IF; -- End of if l_result is 'X' else clause
1788
1789 EXCEPTION
1790 WHEN OTHERS THEN
1791 fnd_message.set_name('FND', 'SQL_PLSQL_ERROR');
1792 fnd_message.set_token('ROUTINE',G_PKG_NAME||l_api_name);
1793 fnd_message.set_token('ERRNO', SQLCODE);
1794 fnd_message.set_token('REASON', SQLERRM);
1795 code_debug (p_log_level => G_DEBUG_LEVEL_EXCEPTION
1796 ,p_module => l_api_name
1797 ,p_message => 'Returning EXCEPTION '||SQLERRM
1798 );
1799 RETURN G_RETURN_UNEXP_ERR;
1800 END check_inherited_function;
1801
1802 --------------------------------------------------------
1803 ---- get_functions
1804 --------------------------------------------------------
1805 PROCEDURE get_functions
1806 (
1807 p_api_version IN NUMBER,
1808 p_object_name IN VARCHAR2,
1809 p_instance_pk1_value IN VARCHAR2,
1810 p_instance_pk2_value IN VARCHAR2 DEFAULT NULL,
1811 p_instance_pk3_value IN VARCHAR2 DEFAULT NULL,
1812 p_instance_pk4_value IN VARCHAR2 DEFAULT NULL,
1813 p_instance_pk5_value IN VARCHAR2 DEFAULT NULL,
1814 p_user_name IN varchar2 default null,
1815 x_return_status OUT NOCOPY VARCHAR2,
1816 x_privilege_tbl OUT NOCOPY EGO_PRIVILEGE_NAME_TABLE_TYPE
1817 ) IS
1818
1819 l_api_version CONSTANT NUMBER := 1.0;
1820 l_api_name CONSTANT VARCHAR2(30) := 'GET_FUNCTIONS';
1821
1822 -- On addition of any Required parameters the major version needs
1823 -- to change i.e. for eg. 1.X to 2.X.
1824 -- On addition of any Optional parameters the minor version needs
1825 -- to change i.e. for eg. X.6 to X.7.
1826 l_sysdate DATE := SYSDATE;
1827
1828 l_index NUMBER;
1829 l_dynamic_sql VARCHAR2(32767);
1833 l_instance_id_col4 VARCHAR2(512);
1830 l_instance_id_col1 VARCHAR2(512);
1831 l_instance_id_col2 VARCHAR2(512);
1832 l_instance_id_col3 VARCHAR2(512);
1834 l_instance_id_col5 VARCHAR2(512);
1835 l_instance_sets_list VARCHAR2(10000);
1836 l_privilege VARCHAR2(480);
1837 l_select_query_part VARCHAR2(3000);
1838
1839 l_group_info VARCHAR2(32767); /* Must match g_pred_buf_size*/
1840 l_company_info VARCHAR2(32767); /* Must match g_pred_buf_size*/
1841
1842 start_date number;
1843 end_date number;
1844 millisec number;
1845
1846 instance_set DYNAMIC_CUR;
1847
1848 l_one_set_predicate VARCHAR2(32767);
1849 l_one_set_id NUMBER;
1850 candidate_sets_c DYNAMIC_CUR;
1851 l_dynamic_sql_1 VARCHAR2(32767);
1852 l_common_dyn_sql VARCHAR2(32767);
1853 l_set_dyn_sql VARCHAR2(32767);
1854 l_inst_dyn_sql VARCHAR2(32767);
1855
1856 l_db_object_name varchar2(30);
1857 l_db_pk1_column varchar2(30);
1858 l_db_pk2_column varchar2(30);
1859 l_db_pk3_column varchar2(30);
1860 l_db_pk4_column varchar2(30);
1861 l_db_pk5_column varchar2(30);
1862
1863 l_pk_column_names varchar2(512);
1864 l_pk_orig_column_names varchar2(512);
1865 l_type_converted_val_cols varchar2(512);
1866 l_object_id number;
1867 l_user_name varchar2(80);
1868 -- l_orig_system varchar2(48);
1869 l_orig_system_id NUMBER;
1870 l_prof_privilege_tbl EGO_VARCHAR_TBL_TYPE;
1871
1872 l_pk2_value VARCHAR2(200);
1873 l_pk3_value VARCHAR2(200);
1874 l_pk4_value VARCHAR2(200);
1875 l_pk5_value VARCHAR2(200);
1876
1877 BEGIN
1878 SetGlobals();
1879 --start_date:= DBMS_UTILITY.GET_TIME;
1880 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
1881 ,p_module => l_api_name
1882 ,p_message => 'Started with 10 params '||
1883 ' p_api_version: '|| to_char(p_api_version) ||
1884 ' - p_object_name: '|| p_object_name ||
1885 ' - p_instance_pk1_value: '|| p_instance_pk1_value ||
1886 ' - p_instance_pk2_value: '|| p_instance_pk2_value ||
1887 ' - p_instance_pk3_value: '|| p_instance_pk3_value ||
1888 ' - p_instance_pk4_value: '|| p_instance_pk4_value ||
1889 ' - p_instance_pk5_value: '|| p_instance_pk5_value ||
1890 ' - p_user_name: '|| p_user_name
1891 );
1892 -- check for call compatibility.
1893 if TRUNC(l_api_version) <> TRUNC(p_api_version) THEN
1894 fnd_message.set_name('FND', 'GENERIC-INTERNAL ERROR');
1895 fnd_message.set_token('ROUTINE',
1896 g_pkg_name || '.'|| l_api_name);
1897 fnd_message.set_token('REASON',
1898 'Unsupported version '|| to_char(p_api_version)||
1899 ' passed to API; expecting version '||
1900 to_char(l_api_version));
1901 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
1902 ,p_module => l_api_name
1903 ,p_message => 'Returning as the call in incompatible '
1904 );
1905 x_return_status := G_RETURN_UNEXP_ERR;
1906 RETURN;
1907 END IF;
1908
1909 x_return_status := G_RETURN_SUCCESS; /* Assume Success */
1910 l_user_name := p_user_name;
1911 get_orig_key(x_user_name => l_user_name
1912 -- ,x_orig_system => l_orig_system
1913 ,x_orig_system_id => l_orig_system_id);
1914 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
1915 ,p_module => l_api_name
1916 ,p_message => 'l_user_name: '||l_user_name||
1917 -- ' - l_orig_system: '||l_orig_system||
1918 ' - l_orig_system_id: '||l_orig_system_id
1919 );
1920
1921 -- first get all the privileges set by the profile option
1922 l_index:=0;
1923 getPrivilege_for_profileOption
1924 (p_api_version => p_api_version,
1925 p_object_name => p_object_name,
1926 p_user_name => l_user_name,
1927 x_privilege_tbl => l_prof_privilege_tbl ,
1928 x_return_status => x_return_status);
1929
1930 IF (x_return_status = G_RETURN_SUCCESS) THEN
1931 IF (l_prof_privilege_tbl.COUNT > 0) THEN
1932 FOR i IN l_prof_privilege_tbl.first .. l_prof_privilege_tbl.last LOOP
1933 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
1934 ,p_module => l_api_name
1935 ,p_message => 'Privilege from profile at: '||i||' value: '||l_prof_privilege_tbl(i)
1936 );
1937 x_privilege_tbl(i) := l_prof_privilege_tbl(i);
1938 END LOOP;
1939 END IF; -- x_prof_privilege_tbl >0
1940 l_index := l_prof_privilege_tbl.COUNT;
1941 END IF; --return status is T
1942
1943 --end of getting privileges from profile option
1944
1945 -- get All privileges of a user on a given object
1946 --Step 1.
1947 -- get database object name and column
1948 -- cache the PK column name
1949 x_return_status := get_pk_information(p_object_name ,
1950 l_db_pk1_column ,
1954 l_db_pk5_column ,
1951 l_db_pk2_column ,
1952 l_db_pk3_column ,
1953 l_db_pk4_column ,
1955 l_pk_column_names ,
1956 l_type_converted_val_cols ,
1957 l_pk_orig_column_names,
1958 l_db_object_name );
1959 if (x_return_status <> G_RETURN_SUCCESS) then
1960 /* There will be a message on the msg dict stack. */
1961 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
1962 ,p_module => l_api_name
1963 ,p_message => 'Returning FALSE as pk values are not correct'
1964 );
1965 RETURN; /* We will return the x_return_status as out param */
1966 end if;
1967
1968 -- Step 2.
1969 -- get instance set ids in which the given object_key exist
1970 -- as a set into l_instance_set
1971 l_instance_sets_list :='(';
1972
1973 -- R12C Security Changes
1974 /*l_select_query_part:=
1975 'SELECT '|| l_pk_column_names ||
1976 ' FROM '|| l_db_object_name ||
1977 ' WHERE '; */
1978 IF (p_object_name = 'EGO_ITEM') THEN
1979 l_select_query_part:=
1980 'SELECT '|| l_pk_column_names ||
1981 ' FROM '|| l_db_object_name || ', ego_item_cat_denorm_hier cathier'||
1982 ' WHERE ';
1983 ELSE
1984 l_select_query_part:=
1985 'SELECT '|| l_pk_column_names ||
1986 ' FROM '|| l_db_object_name ||
1987 ' WHERE ';
1988 END IF;
1989 -- R12C Security Changes
1990
1991 IF (l_db_pk1_column IS NOT NULL) THEN
1992 l_select_query_part := l_select_query_part ||
1993 ' ( '||l_db_pk1_column||' = :pk1_val '||
1994 ' OR ( '||l_db_pk1_column||' is NULL AND :pk1_val is NULL))';
1995 END IF;
1996 IF (l_db_pk2_column IS NOT NULL) THEN
1997 l_select_query_part := l_select_query_part ||
1998 ' AND ( '||l_db_pk2_column||' = :pk2_val '||
1999 ' OR ( '||l_db_pk2_column||' is NULL AND :pk2_val is NULL))';
2000 END IF;
2001 IF (l_db_pk3_column IS NOT NULL) THEN
2002 l_select_query_part := l_select_query_part ||
2003 ' AND ( '||l_db_pk3_column||' = :pk3_val '||
2004 ' OR ( '||l_db_pk3_column||' is NULL AND :pk3_val is NULL))';
2005 END IF;
2006 IF (l_db_pk4_column IS NOT NULL) THEN
2007 l_select_query_part := l_select_query_part ||
2008 ' AND ( '||l_db_pk4_column||' = :pk4_val '||
2009 ' OR ( '||l_db_pk4_column||' is NULL AND :pk4_val is NULL))';
2010 END IF;
2011 IF (l_db_pk5_column IS NOT NULL) THEN
2012 l_select_query_part := l_select_query_part ||
2013 ' AND ( '||l_db_pk5_column||' = :pk5_val '||
2014 ' OR ( '||l_db_pk5_column||' is NULL AND :pk5_val is NULL))';
2015 END IF;
2016
2017 -- R12C Security Changes
2018 --l_select_query_part := l_select_query_part || ' AND ';
2019 IF (p_object_name = 'EGO_ITEM') THEN
2020 l_select_query_part := l_select_query_part || ' AND item_catalog_group_id = cathier.child_catalog_group_id AND ';
2021 ELSE
2022 l_select_query_part := l_select_query_part || ' AND ';
2023 END IF;
2024 -- R12C Security Changes
2025
2026 --end_date:= DBMS_UTILITY.GET_TIME;
2027 --millisec:= (end_date-start_date)*24*60*60*1000;
2028 --dbms_output.put_line('1. Diff. in Get Time 100th of a sec ::'||to_char(end_date-start_date,'9999999'));
2029
2030 l_object_id:=get_object_id(p_object_name => p_object_name );
2031 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
2032 ,p_module => l_api_name
2033 ,p_message => 'l_object_id: '||l_object_id
2034 );
2035 -- step 1.1
2036 -- pre-fetch company/group info
2037 l_group_info := get_group_info(p_party_id => l_orig_system_id);
2038 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
2039 ,p_module => l_api_name
2040 ,p_message => 'l_group_info: '||l_group_info
2041 );
2042 l_company_info := get_company_info (p_party_id => l_orig_system_id);
2043 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
2044 ,p_module => l_api_name
2045 ,p_message => 'l_company_info: '||l_company_info
2046 );
2047 --end_date:= DBMS_UTILITY.GET_TIME;
2048 --millisec:= (end_date-start_date)*24*60*60*1000;
2049 --dbms_output.put_line('2. Diff. in Get Time 100th of a sec ::'||to_char(end_date-start_date,'9999999'));
2050
2051 l_dynamic_sql_1 :=
2052 ' SELECT DISTINCT sets.instance_set_id, sets.predicate ' ||
2053 ' FROM fnd_grants grants, ' ||
2054 ' fnd_object_instance_sets sets '||
2055 ' WHERE grants.instance_type = :instance_type '||
2056 ' AND grants.start_date <= SYSDATE ' ||
2057 ' AND NVL(grants.end_date,SYSDATE) >= SYSDATE ' ||
2058 ' AND grants.instance_set_id = sets.instance_set_id ' ||
2059 ' AND grants.object_id = :object_id ' ||
2060 ' AND ( ( grants.grantee_type = ''USER'' AND ' ||
2061 ' grants.grantee_key = :user_name ) '||
2062 ' OR (grants.grantee_type = ''GROUP'' AND ' ||
2063 ' grants.grantee_key in ( '||l_group_info||' )) ' ||
2064 ' OR (grants.grantee_type = ''COMPANY'' AND ' ||
2065 ' grants.grantee_key in ( '||l_company_info||' )) ' ||
2069 ,p_module => l_api_name
2066 ' OR (grants.grantee_type = ''GLOBAL'' AND ' ||
2067 ' grants.grantee_key in (''HZ_GLOBAL:-1000'', ''GLOBAL'') )) ';
2068 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
2070 ,p_message => 'Binds for candidate_sets_c '||
2071 ' G_TYPE_SET: '||G_TYPE_SET||
2072 ' - l_object_id: '||l_object_id||
2073 ' - l_user_name: '||l_user_name
2074 );
2075 OPEN candidate_sets_c FOR l_dynamic_sql_1
2076 USING IN G_TYPE_SET,
2077 IN l_object_id,
2078 IN l_user_name;
2079 LOOP
2080 l_instance_id_col1 := '';
2081 l_instance_id_col2 := '';
2082 l_instance_id_col3 := '';
2083 l_instance_id_col4 := '';
2084 l_instance_id_col5 := '';
2085
2086 FETCH candidate_sets_c INTO l_one_set_id, l_one_set_predicate;
2087 EXIT WHEN candidate_sets_c%NOTFOUND;
2088
2089 l_dynamic_sql :=l_select_query_part ||
2090 ' ( ' || l_one_set_predicate || ' ) ';
2091
2092 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
2093 ,p_module => l_api_name
2094 ,p_message => 'l_dynamice_sql '||
2095 ' l_select_query_part: '||l_select_query_part||
2096 ' - l_one_set_predicate: '||l_one_set_predicate
2097 );
2098
2099 if(l_db_pk5_column is not NULL) then
2100 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
2101 ,p_module => l_api_name
2102 ,p_message => 'Binds for instance_sets_cur is '||
2103 ' - p_instance_pk1_value: '|| p_instance_pk1_value ||
2104 ' - p_instance_pk1_value: '|| p_instance_pk1_value ||
2105 ' - p_instance_pk2_value: '|| p_instance_pk2_value ||
2106 ' - p_instance_pk2_value: '|| p_instance_pk2_value ||
2107 ' - p_instance_pk3_value: '|| p_instance_pk3_value ||
2108 ' - p_instance_pk3_value: '|| p_instance_pk3_value ||
2109 ' - p_instance_pk4_value: '|| p_instance_pk4_value ||
2110 ' - p_instance_pk4_value: '|| p_instance_pk4_value ||
2111 ' - p_instance_pk5_value: '|| p_instance_pk5_value ||
2112 ' - p_instance_pk5_value: '|| p_instance_pk5_value
2113 );
2114 OPEN instance_set FOR l_dynamic_sql USING
2115 p_instance_pk1_value, p_instance_pk1_value,
2116 p_instance_pk2_value, p_instance_pk2_value,
2117 p_instance_pk3_value, p_instance_pk3_value,
2118 p_instance_pk4_value, p_instance_pk4_value,
2119 p_instance_pk5_value, p_instance_pk5_value;
2120 elsif(l_db_pk4_column is not NULL) then
2121 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
2122 ,p_module => l_api_name
2123 ,p_message => 'Binds for instance_sets_cur is '||
2124 ' - p_instance_pk1_value: '|| p_instance_pk1_value ||
2125 ' - p_instance_pk1_value: '|| p_instance_pk1_value ||
2126 ' - p_instance_pk2_value: '|| p_instance_pk2_value ||
2127 ' - p_instance_pk2_value: '|| p_instance_pk2_value ||
2128 ' - p_instance_pk3_value: '|| p_instance_pk3_value ||
2129 ' - p_instance_pk3_value: '|| p_instance_pk3_value ||
2130 ' - p_instance_pk4_value: '|| p_instance_pk4_value ||
2131 ' - p_instance_pk4_value: '|| p_instance_pk4_value
2132 );
2133 OPEN instance_set FOR l_dynamic_sql USING
2134 p_instance_pk1_value, p_instance_pk1_value,
2135 p_instance_pk2_value, p_instance_pk2_value,
2136 p_instance_pk3_value, p_instance_pk3_value,
2137 p_instance_pk4_value, p_instance_pk4_value;
2138 elsif(l_db_pk3_column is not NULL) then
2139 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
2140 ,p_module => l_api_name
2141 ,p_message => 'Binds for instance_sets_cur is '||
2142 ' - p_instance_pk1_value: '|| p_instance_pk1_value ||
2143 ' - p_instance_pk1_value: '|| p_instance_pk1_value ||
2144 ' - p_instance_pk2_value: '|| p_instance_pk2_value ||
2145 ' - p_instance_pk2_value: '|| p_instance_pk2_value ||
2146 ' - p_instance_pk3_value: '|| p_instance_pk3_value ||
2147 ' - p_instance_pk3_value: '|| p_instance_pk3_value
2148 );
2149 OPEN instance_set FOR l_dynamic_sql USING
2150 p_instance_pk1_value, p_instance_pk1_value,
2151 p_instance_pk2_value, p_instance_pk2_value,
2152 p_instance_pk3_value, p_instance_pk3_value;
2153 elsif(l_db_pk2_column is not NULL) then
2154 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
2155 ,p_module => l_api_name
2156 ,p_message => 'Binds for instance_sets_cur is '||
2157 ' - p_instance_pk1_value: '|| p_instance_pk1_value ||
2158 ' - p_instance_pk1_value: '|| p_instance_pk1_value ||
2159 ' - p_instance_pk2_value: '|| p_instance_pk2_value ||
2160 ' - p_instance_pk2_value: '|| p_instance_pk2_value
2161 );
2162 OPEN instance_set FOR l_dynamic_sql USING
2163 p_instance_pk1_value, p_instance_pk1_value,
2164 p_instance_pk2_value, p_instance_pk2_value;
2165 elsif(l_db_pk1_column is not NULL) then
2166 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
2167 ,p_module => l_api_name
2171 );
2168 ,p_message => 'Binds for instance_sets_cur is '||
2169 ' - p_instance_pk1_value: '|| p_instance_pk1_value ||
2170 ' - p_instance_pk1_value: '|| p_instance_pk1_value
2172 OPEN instance_set FOR l_dynamic_sql USING
2173 p_instance_pk1_value, p_instance_pk1_value;
2174 else
2175 x_return_status := G_RETURN_UNEXP_ERR;
2176 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
2177 ,p_module => l_api_name
2178 ,p_message => 'No pk values for oobject : '||G_RETURN_UNEXP_ERR
2179 );
2180 return; /* This will never happen since pk1 is reqd*/
2181 end if;
2182
2183 if l_db_pk5_column is not null
2184 and l_db_pk4_column is not null
2185 and l_db_pk3_column is not null
2186 and l_db_pk2_column is not null
2187 and l_db_pk1_column is not null then
2188 fetch instance_set into l_instance_id_col1, l_instance_id_col2,
2189 l_instance_id_col3,
2190 l_instance_id_col4, l_instance_id_col5;
2191 CLOSE instance_set;
2192 IF (l_instance_id_col1 = p_instance_pk1_value
2193 and l_instance_id_col2 = p_instance_pk2_value
2194 and l_instance_id_col3 = p_instance_pk3_value
2195 and l_instance_id_col4 = p_instance_pk4_value
2196 and l_instance_id_col5 = p_instance_pk5_value) THEN
2197 l_instance_sets_list :=l_instance_sets_list ||
2198 l_one_set_id || ',';
2199 END IF;
2200 elsif l_db_pk4_column is not null
2201 and l_db_pk3_column is not null
2202 and l_db_pk2_column is not null
2203 and l_db_pk1_column is not null then
2204 fetch instance_set into l_instance_id_col1,
2205 l_instance_id_col2,
2206 l_instance_id_col3,
2207 l_instance_id_col4;
2208 CLOSE instance_set;
2209 IF (l_instance_id_col1 = p_instance_pk1_value
2210 and l_instance_id_col2 = p_instance_pk2_value
2211 and l_instance_id_col3 = p_instance_pk3_value
2212 and l_instance_id_col4 = p_instance_pk4_value) THEN
2213 l_instance_sets_list :=l_instance_sets_list ||
2214 l_one_set_id || ',';
2215 END IF;
2216 elsif l_db_pk3_column is not null
2217 and l_db_pk2_column is not null
2218 and l_db_pk1_column is not null then
2219 fetch instance_set into l_instance_id_col1,
2220 l_instance_id_col2,
2221 l_instance_id_col3;
2222 CLOSE instance_set;
2223 IF (l_instance_id_col1 = p_instance_pk1_value
2224 and l_instance_id_col2 = p_instance_pk2_value
2225 and l_instance_id_col3 = p_instance_pk3_value) THEN
2226 l_instance_sets_list :=l_instance_sets_list
2227 || l_one_set_id || ',';
2228 END IF;
2229 elsif l_db_pk2_column is not null
2230 and l_db_pk1_column is not null then
2231 fetch instance_set into l_instance_id_col1, l_instance_id_col2;
2232 --EXIT WHEN instance_set%NOTFOUND;
2233 CLOSE instance_set;
2234 IF (l_instance_id_col1 = p_instance_pk1_value
2235 and l_instance_id_col2 = p_instance_pk2_value) THEN
2236 l_instance_sets_list :=l_instance_sets_list
2237 || l_one_set_id || ',';
2238 END IF;
2239 elsif l_db_pk1_column is not null then
2240 fetch instance_set into l_instance_id_col1;
2241 CLOSE instance_set;
2242 IF (l_instance_id_col1 = p_instance_pk1_value) THEN
2243 l_instance_sets_list :=l_instance_sets_list
2244 || l_one_set_id || ',';
2245 END IF;
2246 end if;
2247
2248 END LOOP;
2249 CLOSE candidate_sets_c;
2250
2251 --end_date:= DBMS_UTILITY.GET_TIME;
2252 --millisec:= (end_date-start_date)*24*60*60*1000;
2253 --dbms_output.put_line('3. Diff. in Get Time 100th of a sec ::'||to_char(end_date-start_date,'9999999'));
2254
2255 -- if the last character is ',' then strip the trailing ','
2256 if(substr(l_instance_sets_list,
2257 length(l_instance_sets_list),
2258 length(','))
2259 = ',')
2260 then
2261 l_instance_sets_list := substr(l_instance_sets_list, 1,
2262 length(l_instance_sets_list) - length(','));
2263 end if;
2264
2265 l_instance_sets_list :=l_instance_sets_list ||' )';
2266 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
2267 ,p_module => l_api_name
2268 ,p_message => 'l_instance_sets_list: '||l_instance_sets_list
2269 );
2270
2271 l_common_dyn_sql := '';
2272 l_set_dyn_sql := '';
2273 l_inst_dyn_sql := '';
2274
2275 -- R12C Security Changes Bug 6507794
2276 /* l_common_dyn_sql:=
2277 'SELECT DISTINCT fnd_functions.function_name ' ||
2278 ' FROM fnd_grants grants, ' ||
2279 ' fnd_form_functions fnd_functions, ' ||
2283 ' AND NVL(grants.end_date,SYSDATE) >= SYSDATE ' ||
2280 ' fnd_menu_entries cmf '||
2281 ' WHERE grants.object_id = :object_id ' ||
2282 ' AND grants.start_date <= SYSDATE ' ||
2284 ' AND ( ( grants.grantee_type = ''USER'' AND ' ||
2285 ' grants.grantee_key = :user_name ) '||
2286 ' OR (grants.grantee_type = ''GROUP'' AND ' ||
2287 ' grants.grantee_key in ( '||l_group_info||' )) ' ||
2288 ' OR (grants.grantee_type = ''COMPANY'' AND ' ||
2289 ' grants.grantee_key in ( '||l_company_info||' )) ' ||
2290 ' OR (grants.grantee_type = ''GLOBAL'' AND ' ||
2291 ' grants.grantee_key in (''HZ_GLOBAL:-1000'', ''GLOBAL'') ))'||
2292 ' AND cmf.function_id = fnd_functions.function_id ' ||
2293 ' AND cmf.menu_id = grants.menu_id '; */
2294
2295 IF (p_object_name = 'EGO_CATALOG_GROUP') THEN
2296 l_common_dyn_sql:=
2297 'SELECT DISTINCT fnd_functions.function_name ' ||
2298 ' FROM fnd_grants grants, ' ||
2299 ' fnd_form_functions fnd_functions, ' ||
2300 ' fnd_menu_entries cmf, '||
2301 ' ego_item_cat_denorm_hier cathier '||
2302 ' WHERE grants.object_id = :object_id ' ||
2303 ' AND grants.start_date <= SYSDATE ' ||
2304 ' AND NVL(grants.end_date,SYSDATE) >= SYSDATE ' ||
2305 ' AND ( ( grants.grantee_type = ''USER'' AND ' ||
2306 ' grants.grantee_key = :user_name ) '||
2307 ' OR (grants.grantee_type = ''GROUP'' AND ' ||
2308 ' grants.grantee_key in ( '||l_group_info||' )) ' ||
2309 ' OR (grants.grantee_type = ''COMPANY'' AND ' ||
2310 ' grants.grantee_key in ( '||l_company_info||' )) ' ||
2311 ' OR (grants.grantee_type = ''GLOBAL'' AND ' ||
2312 ' grants.grantee_key in (''HZ_GLOBAL:-1000'', ''GLOBAL'') ))'||
2313 ' AND cmf.function_id = fnd_functions.function_id ' ||
2314 ' AND cmf.menu_id = grants.menu_id ';
2315 ELSE
2316 l_common_dyn_sql:=
2317 'SELECT DISTINCT fnd_functions.function_name ' ||
2318 ' FROM fnd_grants grants, ' ||
2319 ' fnd_form_functions fnd_functions, ' ||
2320 ' fnd_menu_entries cmf '||
2321 ' WHERE grants.object_id = :object_id ' ||
2322 ' AND grants.start_date <= SYSDATE ' ||
2323 ' AND NVL(grants.end_date,SYSDATE) >= SYSDATE ' ||
2324 ' AND ( ( grants.grantee_type = ''USER'' AND ' ||
2325 ' grants.grantee_key = :user_name ) '||
2326 ' OR (grants.grantee_type = ''GROUP'' AND ' ||
2327 ' grants.grantee_key in ( '||l_group_info||' )) ' ||
2328 ' OR (grants.grantee_type = ''COMPANY'' AND ' ||
2329 ' grants.grantee_key in ( '||l_company_info||' )) ' ||
2330 ' OR (grants.grantee_type = ''GLOBAL'' AND ' ||
2331 ' grants.grantee_key in (''HZ_GLOBAL:-1000'', ''GLOBAL'') ))'||
2332 ' AND cmf.function_id = fnd_functions.function_id ' ||
2333 ' AND cmf.menu_id = grants.menu_id ';
2334 END IF;
2335 -- R12C Security Changes Bug 6507794
2336
2337
2338 translate_pk_values (p_instance_pk2_value => p_instance_pk2_value
2339 ,p_instance_pk3_value => p_instance_pk3_value
2340 ,p_instance_pk4_value => p_instance_pk4_value
2341 ,p_instance_pk5_value => p_instance_pk5_value
2342 ,x_trans_pk2_value => l_pk2_value
2343 ,x_trans_pk3_value => l_pk3_value
2344 ,x_trans_pk4_value => l_pk4_value
2345 ,x_trans_pk5_value => l_pk5_value
2346 );
2347
2348 -- R12C Security Changes Bug 6507794
2349 /* l_inst_dyn_sql :=
2350 ' AND grants.instance_type = :instance_type_instance '||
2351 ' AND grants.instance_pk1_value = :pk1_val '||
2352 ' AND grants.instance_pk2_value = :pk2_val '||
2353 ' AND grants.instance_pk3_value = :pk3_val '||
2354 ' AND grants.instance_pk4_value = :pk4_val '||
2355 ' AND grants.instance_pk5_value = :pk5_val ';*/
2356 IF (p_object_name = 'EGO_CATALOG_GROUP') THEN
2357 l_inst_dyn_sql :=
2358 ' AND grants.instance_type = :instance_type_instance '||
2359 ' AND grants.instance_pk1_value = cathier.parent_catalog_group_id ' ||
2360 ' AND cathier.child_catalog_group_id = :pk1_val '||
2361 ' AND grants.instance_pk2_value = :pk2_val '||
2362 ' AND grants.instance_pk3_value = :pk3_val '||
2363 ' AND grants.instance_pk4_value = :pk4_val '||
2364 ' AND grants.instance_pk5_value = :pk5_val ';
2365 ELSE
2366 l_inst_dyn_sql :=
2367 ' AND grants.instance_type = :instance_type_instance '||
2368 ' AND grants.instance_pk1_value = :pk1_val '||
2369 ' AND grants.instance_pk2_value = :pk2_val '||
2370 ' AND grants.instance_pk3_value = :pk3_val '||
2371 ' AND grants.instance_pk4_value = :pk4_val '||
2372 ' AND grants.instance_pk5_value = :pk5_val ';
2373 END IF;
2374 -- R12C Security Changes Bug 6507794
2375
2376 -- check whether it is empty set
2377 IF( l_instance_sets_list <> '( )') THEN
2378 l_set_dyn_sql:=l_set_dyn_sql ||
2379 ' AND ' ||
2380 ' ( ' ||
2381 ' grants.instance_type = :instance_type_set '||
2382 ' AND grants.instance_set_id IN ' || l_instance_sets_list ||
2383 ' ) ';
2384 END IF;
2385
2386 IF( l_instance_sets_list <> '( )') THEN
2390 ELSE
2387 l_dynamic_sql:= l_common_dyn_sql || l_inst_dyn_sql ||
2388 ' UNION ' ||
2389 l_common_dyn_sql || l_set_dyn_sql;
2391 l_dynamic_sql:=l_common_dyn_sql || l_inst_dyn_sql;
2392 END IF;
2393 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
2394 ,p_module => l_api_name
2395 ,p_message => 'l_dynamic_sql: '||l_dynamic_sql
2396 );
2397
2398 --end_date:= DBMS_UTILITY.GET_TIME;
2399 --millisec:= (end_date-start_date)*24*60*60*1000;
2400 --dbms_output.put_line('4. Diff. in Get Time 100th of a sec ::'||to_char(end_date-start_date,'9999999'));
2401
2402 -- Step 4.
2403 -- execute the dynamic SQL and Collect all privileges
2404
2405 IF( l_instance_sets_list <> '( )') THEN
2406 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
2407 ,p_module => l_api_name
2408 ,p_message => 'Binds for Dynamic sql '||
2409 ' l_object_id: '||l_object_id||
2410 ' - l_user_name: '||l_user_name||
2411 ' - G_TYPE_INSTANCE: '||G_TYPE_INSTANCE||
2412 ' - p_instance_pk1_value: '||p_instance_pk1_value||
2413 ' - p_instance_pk2_value: '||l_pk2_value||
2414 ' - p_instance_pk3_value: '||l_pk3_value||
2415 ' - p_instance_pk4_value: '||l_pk4_value||
2416 ' - p_instance_pk5_value: '||l_pk5_value||
2417 ' - l_object_id: '||l_object_id||
2418 ' - l_user_name: '||l_user_name||
2419 ' - G_TYPE_SET: '||G_TYPE_SET
2420 );
2421 OPEN instance_set FOR l_dynamic_sql
2422 USING IN l_object_id,
2423 IN l_user_name,
2424 IN G_TYPE_INSTANCE,
2425 IN p_instance_pk1_value,
2426 IN l_pk2_value,
2427 IN l_pk3_value,
2428 IN l_pk4_value,
2429 IN l_pk5_value,
2430 IN l_object_id,
2431 IN l_user_name,
2432 IN G_TYPE_SET;
2433 ELSE
2434 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
2435 ,p_module => l_api_name
2436 ,p_message => 'Binds for Dynamic sql '||
2437 ' l_object_id: '||l_object_id||
2438 ' - l_user_name: '||l_user_name||
2439 ' - G_TYPE_INSTANCE: '||G_TYPE_INSTANCE||
2440 ' - p_instance_pk1_value: '||p_instance_pk1_value||
2441 ' - p_instance_pk2_value: '||l_pk2_value||
2442 ' - p_instance_pk3_value: '||l_pk3_value||
2443 ' - p_instance_pk4_value: '||l_pk4_value||
2444 ' - p_instance_pk5_value: '||l_pk5_value
2445 );
2446 OPEN instance_set FOR l_dynamic_sql
2447 USING IN l_object_id,
2448 IN l_user_name,
2449 IN G_TYPE_INSTANCE,
2450 IN p_instance_pk1_value,
2451 IN l_pk2_value,
2452 IN l_pk3_value,
2453 IN l_pk4_value,
2454 IN l_pk5_value;
2455 END IF;
2456
2457 LOOP
2458 FETCH instance_set INTO l_privilege;
2459 --dbms_output.put_line('in executeing the dynamic sql');
2460 EXIT WHEN instance_set%NOTFOUND;
2461 l_index:=l_index+1;
2462 x_privilege_tbl (l_index):=l_privilege;
2463 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
2464 ,p_module => l_api_name
2465 ,p_message => 'Privilege from profile at: '||l_index||' - privilege: '||l_privilege
2466 );
2467 END LOOP;
2468 CLOSE instance_set;
2469 --end_date:= DBMS_UTILITY.GET_TIME;
2470 --millisec:= (end_date-start_date)*24*60*60*1000;
2471 --dbms_output.put_line('5. Diff. in Get Time 100th of a sec ::'||to_char(end_date-start_date,'9999999'));
2472
2473 IF x_privilege_tbl.count > 0 THEN
2474 x_return_status := G_RETURN_SUCCESS; /* Success */
2475 FOR i in x_privilege_tbl.first .. x_privilege_tbl.last LOOP
2476 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
2477 ,p_module => l_api_name
2478 ,p_message => 'Index : '||i||' - privilege: '||x_privilege_tbl(i)
2479 );
2480 END LOOP;
2481 ELSE
2482 x_return_status := G_RETURN_FAILURE; /* No functions */
2483 END IF;
2484
2485 EXCEPTION
2486 WHEN OTHERS THEN
2487 --dbms_output.put_line('error :' || SQLERRM);
2488 fnd_message.set_name('FND', 'SQL_PLSQL_ERROR');
2489 fnd_message.set_token('ROUTINE',G_PKG_NAME||l_api_name);
2490 fnd_message.set_token('ERRNO', SQLCODE);
2491 fnd_message.set_token('REASON', SQLERRM);
2492 code_debug (p_log_level => G_DEBUG_LEVEL_UNEXPECTED
2493 ,p_module => l_api_name
2494 ,p_message => 'Ending: Returning OTHER ERROR '||SQLERRM
2495 );
2496 x_return_status := G_RETURN_UNEXP_ERR;
2497 END get_functions;
2498
2499 --------------------------------------------------------
2500 ---- get_inherited_functions
2501 --------------------------------------------------------
2502 PROCEDURE get_inherited_functions
2503 (
2507 p_instance_pk2_value IN VARCHAR2 DEFAULT NULL,
2504 p_api_version IN NUMBER,
2505 p_object_name IN VARCHAR2,
2506 p_instance_pk1_value IN VARCHAR2,
2508 p_instance_pk3_value IN VARCHAR2 DEFAULT NULL,
2509 p_instance_pk4_value IN VARCHAR2 DEFAULT NULL,
2510 p_instance_pk5_value IN VARCHAR2 DEFAULT NULL,
2511 p_user_name IN VARCHAR2 DEFAULT NULL,
2512 p_object_type IN VARCHAR2 DEFAULT NULL,
2513 p_parent_object_name IN VARCHAR2,
2514 p_parent_instance_pk1_value IN VARCHAR2,
2515 p_parent_instance_pk2_value IN VARCHAR2 DEFAULT NULL,
2516 p_parent_instance_pk3_value IN VARCHAR2 DEFAULT NULL,
2517 p_parent_instance_pk4_value IN VARCHAR2 DEFAULT NULL,
2518 p_parent_instance_pk5_value IN VARCHAR2 DEFAULT NULL,
2519 x_return_status OUT NOCOPY VARCHAR2,
2520 x_privilege_tbl OUT NOCOPY EGO_VARCHAR_TBL_TYPE
2521 )
2522 IS
2523
2524 l_api_name CONSTANT VARCHAR2(30) := 'GET_INHERITED_FUNCTIONS';
2525
2526 -- On addition of any Required parameters the major version needs
2527 -- to change i.e. for eg. 1.X to 2.X.
2528 -- On addition of any Optional parameters the minor version needs
2529 -- to change i.e. for eg. X.6 to X.7.
2530 l_api_version CONSTANT NUMBER := 1.0;
2531 l_sysdate DATE := Sysdate;
2532
2533 l_index NUMBER;
2534 l_dynamic_sql VARCHAR2(32767);
2535 l_common_dyn_sql VARCHAR2(32767);
2536 l_set_dyn_sql VARCHAR2(32767);
2537 l_inst_dyn_sql VARCHAR2(32767);
2538
2539 l_instance_id_col1 VARCHAR2(512);
2540 l_instance_id_col2 VARCHAR2(512);
2541 l_instance_id_col3 VARCHAR2(512);
2542 l_instance_id_col4 VARCHAR2(512);
2543 l_instance_id_col5 VARCHAR2(512);
2544 l_instance_sets_list VARCHAR2(10000);
2545 l_privilege VARCHAR2(480);
2546 l_select_query_part VARCHAR2(3000);
2547 l_group_info VARCHAR2(32767); /* Must match g_pred_buf_size*/
2548 l_company_info VARCHAR2(32767); /* Must match g_pred_buf_size*/
2549
2550 l_db_object_name VARCHAR2(30);
2551 l_db_pk1_column VARCHAR2(30);
2552 l_db_pk2_column VARCHAR2(30);
2553 l_db_pk3_column VARCHAR2(30);
2554 l_db_pk4_column VARCHAR2(30);
2555 l_db_pk5_column VARCHAR2(30);
2556
2557 l_pk_column_names VARCHAR2(512);
2558 l_pk_orig_column_names VARCHAR2(512);
2559 l_type_converted_val_cols VARCHAR2(512);
2560 l_parent_object_id NUMBER;
2561 l_object_id NUMBER;
2562 l_user_name VARCHAR2(80);
2563 -- l_orig_system VARCHAR2(48);
2564 l_orig_system_id NUMBER;
2565
2566 l_return_status VARCHAR2(1);
2567 l_privilege_tbl EGO_PRIVILEGE_NAME_TABLE_TYPE;
2568 l_privilege_tbl_count NUMBER;
2569 l_privilege_tbl_index NUMBER;
2570 m_privilege_tbl EGO_PRIVILEGE_NAME_TABLE_TYPE;
2571 m_privilege_tbl_count NUMBER;
2572 m_privilege_tbl_index NUMBER;
2573 x_index NUMBER;
2574
2575 l_prof_privilege_tbl EGO_VARCHAR_TBL_TYPE;
2576 l_profile_role VARCHAR2(80);
2577
2578 instance_set DYNAMIC_CUR;
2579 candidate_sets_c DYNAMIC_CUR;
2580 l_dynamic_sql_1 VARCHAR2(32767);
2581 l_one_set_predicate VARCHAR2(32767);
2582 l_one_set_id NUMBER;
2583
2584 BEGIN
2585 SetGlobals();
2586 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
2587 ,p_module => l_api_name
2588 ,p_message => 'Started with 17 params '||
2589 ' p_api_version: '|| to_char(p_api_version) ||
2590 ' - p_object_name: '|| p_object_name ||
2591 ' - p_instance_pk1_value: '|| p_instance_pk1_value ||
2592 ' - p_instance_pk2_value: '|| p_instance_pk2_value ||
2593 ' - p_instance_pk3_value: '|| p_instance_pk3_value ||
2594 ' - p_instance_pk4_value: '|| p_instance_pk4_value ||
2595 ' - p_instance_pk5_value: '|| p_instance_pk5_value ||
2596 ' - p_user_name: '|| p_user_name ||
2597 ' - p_object_type: '|| p_object_type ||
2598 ' - p_parent_object_name: '|| p_parent_object_name ||
2599 ' - p_parent_instance_pk1_value: '|| p_parent_instance_pk1_value ||
2600 ' - p_parent_instance_pk2_value: '|| p_parent_instance_pk2_value ||
2601 ' - p_parent_instance_pk3_value: '|| p_parent_instance_pk3_value ||
2602 ' - p_parent_instance_pk4_value: '|| p_parent_instance_pk4_value ||
2603 ' - p_parent_instance_pk5_value: '|| p_parent_instance_pk5_value
2604 );
2605
2606 -- check for call compatibility.
2607 IF TRUNC(l_api_version) <> TRUNC(p_api_version) THEN
2608 fnd_message.set_name('FND', 'GENERIC-INTERNAL ERROR');
2609 fnd_message.set_token('ROUTINE', g_pkg_name || '.'|| l_api_name);
2610 fnd_message.set_token('REASON', 'Unsupported version '||
2611 to_char(p_api_version)||
2612 ' passed to API; expecting version '||
2613 to_char(l_api_version));
2614 x_return_status := G_RETURN_UNEXP_ERR;
2618 );
2615 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
2616 ,p_module => l_api_name
2617 ,p_message => 'Returning as the call in incompatible '
2619 RETURN;
2620 END IF;
2621
2622 x_return_status := G_RETURN_SUCCESS; /* Assume Success */
2623 l_user_name := p_user_name;
2624 get_orig_key(x_user_name => l_user_name
2625 -- ,x_orig_system => l_orig_system
2626 ,x_orig_system_id => l_orig_system_id);
2627 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
2628 ,p_module => l_api_name
2629 ,p_message => 'l_user_name: '||l_user_name||
2630 -- ' - l_orig_system: '||l_orig_system||
2631 ' - l_orig_system_id: '||l_orig_system_id
2632 );
2633
2634 -- get All privileges of a user on a given object
2635 --Step 1.
2636 -- get database object name and column
2637 -- cache the PK column name
2638 x_return_status := get_pk_information(p_parent_object_name,
2639 l_db_pk1_column,
2640 l_db_pk2_column,
2641 l_db_pk3_column,
2642 l_db_pk4_column,
2643 l_db_pk5_column,
2644 l_pk_column_names,
2645 l_type_converted_val_cols,
2646 l_pk_orig_column_names,
2647 l_db_object_name);
2648 if (x_return_status <> G_RETURN_SUCCESS) then
2649 /* There will be a message on the msg dict stack. */
2650 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
2651 ,p_module => l_api_name
2652 ,p_message => 'Ending: Returning Unable to get PK info '
2653 );
2654 return; /* We will return the x_return_status as out param */
2655 end if;
2656
2657 -- Step 2.
2658 -- get instance set ids in which the given object_key exists
2659 -- as a set into l_instance_set
2660
2661 l_group_info := get_group_info(p_party_id => l_orig_system_id);
2662 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
2663 ,p_module => l_api_name
2664 ,p_message => 'l_group_info: '||l_group_info
2665 );
2666 l_company_info := get_company_info (p_party_id => l_orig_system_id);
2667 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
2668 ,p_module => l_api_name
2669 ,p_message => 'l_company_info: '||l_company_info
2670 );
2671 l_object_id := get_object_id(p_object_name => p_object_name);
2672 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
2673 ,p_module => l_api_name
2674 ,p_message => 'l_object_id: '||l_object_id
2675 );
2676 l_parent_object_id:=get_object_id(p_object_name => p_parent_object_name);
2677 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
2678 ,p_module => l_api_name
2679 ,p_message => 'l_parent_object_id: '||l_parent_object_id
2680 );
2681 --R12C Security Changes
2682 /* l_select_query_part:=
2683 'SELECT '|| l_pk_column_names ||
2684 ' FROM '|| l_db_object_name ||
2685 ' WHERE ';*/
2686 IF (p_parent_object_name = 'EGO_ITEM') THEN
2687 l_select_query_part:=
2688 'SELECT '|| l_pk_column_names ||
2689 ' FROM '|| l_db_object_name ||', ego_item_cat_denorm_hier cathier'||
2690 ' WHERE ';
2691 ELSE
2692 l_select_query_part:=
2693 'SELECT '|| l_pk_column_names ||
2694 ' FROM '|| l_db_object_name ||
2695 ' WHERE ';
2696 END IF;
2697 --R12C Security Changes
2698
2699 IF (l_db_pk1_column IS NOT NULL) THEN
2700 l_select_query_part := l_select_query_part ||
2701 ' ( '||l_db_pk1_column||' = :pk1_val '||
2702 ' OR ( '||l_db_pk1_column||' is NULL AND :pk1_val is NULL))';
2703 END IF;
2704 IF (l_db_pk2_column IS NOT NULL) THEN
2705 l_select_query_part := l_select_query_part ||
2706 ' AND ( '||l_db_pk2_column||' = :pk2_val '||
2707 ' OR ( '||l_db_pk2_column||' is NULL AND :pk2_val is NULL))';
2708 END IF;
2709 IF (l_db_pk3_column IS NOT NULL) THEN
2710 l_select_query_part := l_select_query_part ||
2711 ' AND ( '||l_db_pk3_column||' = :pk3_val '||
2712 ' OR ( '||l_db_pk3_column||' is NULL AND :pk3_val is NULL))';
2713 END IF;
2714 IF (l_db_pk4_column IS NOT NULL) THEN
2715 l_select_query_part := l_select_query_part ||
2716 ' AND ( '||l_db_pk4_column||' = :pk4_val '||
2717 ' OR ( '||l_db_pk4_column||' is NULL AND :pk4_val is NULL))';
2718 END IF;
2719 IF (l_db_pk5_column IS NOT NULL) THEN
2720 l_select_query_part := l_select_query_part ||
2721 ' AND ( '||l_db_pk5_column||' = :pk5_val '||
2722 ' OR ( '||l_db_pk5_column||' is NULL AND :pk5_val is NULL))';
2723 END IF;
2724 --R12C Security Changes
2725 --l_select_query_part := l_select_query_part || ' AND ';
2726 IF (p_parent_object_name = 'EGO_ITEM') THEN
2727 l_select_query_part := l_select_query_part || ' AND item_catalog_group_id = cathier.child_catalog_group_id AND ';
2728 ELSE
2732 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
2729 l_select_query_part := l_select_query_part || ' AND ';
2730 END IF;
2731 --R12C Security Changes
2733 ,p_module => l_api_name
2734 ,p_message => 'Select Query Part '||l_select_query_part
2735 );
2736 -------------------------------------------------------------------------------
2737 -- Now we build dynamic SQL using the work we just did to optimize the query --
2738 -------------------------------------------------------------------------------
2739 l_dynamic_sql_1 :=
2740 ' SELECT DISTINCT sets.instance_set_id, sets.predicate ' ||
2741 ' FROM fnd_grants grants, fnd_object_instance_sets sets' ||
2742 ' WHERE grants.object_id = :object_id ' ||
2743 ' AND grants.start_date <= SYSDATE ' ||
2744 ' AND NVL(grants.end_date,SYSDATE) >= SYSDATE '||
2745 ' AND grants.instance_type = :instance_type ' ||
2746 ' AND ( ( grants.grantee_type = ''USER'' AND '||
2747 ' grants.grantee_key = :user_name ) '||
2748 ' OR ( grants.grantee_type = ''GROUP'' AND '||
2749 ' grants.grantee_key in ( '||l_group_info||' ))' ||
2750 ' OR ( grants.grantee_type = ''COMPANY'' AND '||
2751 ' grants.grantee_key in ( '||l_company_info||' ))' ||
2752 ' OR (grants.grantee_type = ''GLOBAL'' AND '||
2753 ' grants.grantee_key in (''HZ_GLOBAL:-1000'', ''GLOBAL'') )) '||
2754 ' AND sets.instance_set_id = grants.instance_set_id ' ||
2755 ' AND sets.object_id = grants.object_id ';
2756
2757 l_instance_sets_list := '';
2758 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
2759 ,p_module => l_api_name
2760 ,p_message => 'Binds for get the candidate sets '||
2761 ' l_parent_object_id: '||l_parent_object_id||
2762 ' - G_TYPE_SET: '||G_TYPE_SET||
2763 ' - l_user_name: '||l_user_name
2764 );
2765 OPEN candidate_sets_c FOR l_dynamic_sql_1
2766 USING IN l_parent_object_id,
2767 IN G_TYPE_SET,
2768 IN l_user_name;
2769 LOOP
2770 l_instance_id_col1 := '';
2771 l_instance_id_col2 := '';
2772 l_instance_id_col3 := '';
2773 l_instance_id_col4 := '';
2774 l_instance_id_col5 := '';
2775
2776 FETCH candidate_sets_c INTO l_one_set_id, l_one_set_predicate;
2777 EXIT WHEN candidate_sets_c%NOTFOUND;
2778
2779 l_dynamic_sql := l_select_query_part ||
2780 ' (' || l_one_set_predicate || ') ';
2781
2782 if(l_db_pk5_column is not NULL) then
2783 OPEN instance_set FOR l_dynamic_sql USING
2784 p_parent_instance_pk1_value, p_parent_instance_pk1_value,
2785 p_parent_instance_pk2_value, p_parent_instance_pk2_value,
2786 p_parent_instance_pk3_value, p_parent_instance_pk3_value,
2787 p_parent_instance_pk4_value, p_parent_instance_pk4_value,
2788 p_parent_instance_pk5_value, p_parent_instance_pk5_value;
2789 elsif(l_db_pk4_column is not NULL) then
2790 OPEN instance_set FOR l_dynamic_sql USING
2791 p_parent_instance_pk1_value, p_parent_instance_pk1_value,
2792 p_parent_instance_pk2_value, p_parent_instance_pk2_value,
2793 p_parent_instance_pk3_value, p_parent_instance_pk3_value,
2794 p_parent_instance_pk4_value, p_parent_instance_pk4_value;
2795 elsif(l_db_pk3_column is not NULL) then
2796 OPEN instance_set FOR l_dynamic_sql USING
2797 p_parent_instance_pk1_value, p_parent_instance_pk1_value,
2798 p_parent_instance_pk2_value, p_parent_instance_pk2_value,
2799 p_parent_instance_pk3_value, p_parent_instance_pk3_value;
2800 elsif(l_db_pk2_column is not NULL) then
2801 OPEN instance_set FOR l_dynamic_sql USING
2802 p_parent_instance_pk1_value, p_parent_instance_pk1_value,
2803 p_parent_instance_pk2_value, p_parent_instance_pk2_value;
2804 elsif(l_db_pk1_column is not NULL) then
2805 OPEN instance_set FOR l_dynamic_sql USING
2806 p_parent_instance_pk1_value, p_parent_instance_pk1_value;
2807 else
2808 x_return_status := G_RETURN_UNEXP_ERR;
2809 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
2810 ,p_module => l_api_name
2811 ,p_message => 'Ending: PK1 not available!! '
2812 );
2813 return; /* This will never happen since pk1 is reqd*/
2814 end if;
2815
2816 if (l_db_pk5_column is not null
2817 and l_db_pk4_column is not null
2818 and l_db_pk3_column is not null
2819 and l_db_pk2_column is not null
2820 and l_db_pk1_column is not null) then
2821 fetch instance_set into l_instance_id_col1, l_instance_id_col2,
2822 l_instance_id_col3, l_instance_id_col4,
2823 l_instance_id_col5;
2824 CLOSE instance_set;
2825 if (l_instance_id_col1 = p_parent_instance_pk1_value
2826 and l_instance_id_col2 = p_parent_instance_pk2_value
2827 and l_instance_id_col3 = p_parent_instance_pk3_value
2828 and l_instance_id_col4 = p_parent_instance_pk4_value
2829 and l_instance_id_col5 = p_parent_instance_pk5_value) THEN
2830 l_instance_sets_list := l_instance_sets_list || l_one_set_id || ',';
2831 end if;
2832 elsif (l_db_pk4_column is not null
2833 and l_db_pk3_column is not null
2834 and l_db_pk2_column is not null
2838 CLOSE instance_set;
2835 and l_db_pk1_column is not null) then
2836 fetch instance_set into l_instance_id_col1, l_instance_id_col2,
2837 l_instance_id_col3, l_instance_id_col4;
2839 if (l_instance_id_col1 = p_parent_instance_pk1_value
2840 and l_instance_id_col2 = p_parent_instance_pk2_value
2841 and l_instance_id_col3 = p_parent_instance_pk3_value
2842 and l_instance_id_col4 = p_parent_instance_pk4_value) THEN
2843 l_instance_sets_list :=l_instance_sets_list || l_one_set_id || ',';
2844 end if;
2845 elsif (l_db_pk3_column is not null
2846 and l_db_pk2_column is not null
2847 and l_db_pk1_column is not null) then
2848 fetch instance_set into l_instance_id_col1, l_instance_id_col2, l_instance_id_col3;
2849 CLOSE instance_set;
2850 if (l_instance_id_col1 = p_parent_instance_pk1_value
2851 and l_instance_id_col2 = p_parent_instance_pk2_value
2852 and l_instance_id_col3 = p_parent_instance_pk3_value) THEN
2853 l_instance_sets_list := l_instance_sets_list || l_one_set_id || ',';
2854 end if;
2855 elsif (l_db_pk2_column is not null
2856 and l_db_pk1_column is not null) then
2857 fetch instance_set into l_instance_id_col1, l_instance_id_col2;
2858 CLOSE instance_set;
2859 if (l_instance_id_col1 = p_parent_instance_pk1_value
2860 and l_instance_id_col2 = p_parent_instance_pk2_value) THEN
2861 l_instance_sets_list := l_instance_sets_list || l_one_set_id || ',';
2862 end if;
2863 elsif l_db_pk1_column is not null then
2864 fetch instance_set into l_instance_id_col1;
2865 CLOSE instance_set;
2866 if (l_instance_id_col1 = p_parent_instance_pk1_value) THEN
2867 l_instance_sets_list := l_instance_sets_list || l_one_set_id || ',';
2868 end if;
2869 end if;
2870
2871 END LOOP;
2872 -- if the last character is ',' then strip the trailing ','
2873 if (substr(l_instance_sets_list, length(l_instance_sets_list), length(',')) = ',') then
2874 l_instance_sets_list := substr(l_instance_sets_list, 1,
2875 length(l_instance_sets_list) - length(','));
2876 end if;
2877 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
2878 ,p_module => l_api_name
2879 ,p_message => ' Instance Sets List: '||l_instance_sets_list
2880 );
2881
2882 l_common_dyn_sql := '';
2883 l_set_dyn_sql := '';
2884 l_inst_dyn_sql := '';
2885
2886 l_common_dyn_sql:=
2887 'SELECT DISTINCT fnd_functions.function_name ' ||
2888 ' FROM fnd_grants grants, ' ||
2889 ' fnd_form_functions fnd_functions, ' ||
2890 ' fnd_menu_entries cmf, '||
2891 ' ego_obj_role_mappings mapping '||
2892 ' WHERE grants.object_id = :object_id '||
2893 ' AND grants.start_date <= SYSDATE '||
2894 ' AND NVL(grants.end_date,SYSDATE) >= SYSDATE ' ||
2895 ' AND ( ( grants.grantee_type = ''USER'' AND ' ||
2896 ' grants.grantee_key = :user_name ) '||
2897 ' OR (grants.grantee_type = ''GROUP'' AND ' ||
2898 ' grants.grantee_key in ( '||l_group_info||' )) ' ||
2899 ' OR (grants.grantee_type = ''COMPANY'' AND ' ||
2900 ' grants.grantee_key in ( '||l_company_info||' )) ' ||
2901 ' OR (grants.grantee_type = ''GLOBAL'' AND ' ||
2902 ' grants.grantee_key in (''HZ_GLOBAL:-1000'', ''GLOBAL'') ))'||
2903 ' AND mapping.child_role_id = cmf.menu_id ' ||
2904 ' AND mapping.parent_role_id = grants.menu_id ' ||
2905 ' AND mapping.child_object_id = :child_object_id ' ||
2906 ' AND mapping.parent_object_id = :parent_object_id ' ||
2907 ' AND mapping.child_object_type = :object_type ' ||
2908 ' AND cmf.function_id = fnd_functions.function_id ';
2909
2910 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
2911 ,p_module => l_api_name
2912 ,p_message => 'Binds for common dyn sql '||
2913 ' l_parent_object_id: '||l_parent_object_id||
2914 ' - l_user_name: '||l_user_name||
2915 ' - l_object_id: '||l_object_id||
2916 ' - l_parent_object_id: '||l_parent_object_id||
2917 ' - p_object_type: '||p_object_type
2918 );
2919
2920 l_inst_dyn_sql :=
2921 ' AND ( grants.instance_type = :instance_type_instance ' ||
2922 ' AND grants.instance_pk1_value = :pk1_val ' ||
2923 ' AND ( grants.instance_pk2_value = :pk2_val OR' ||
2924 ' ( grants.instance_pk2_value = ''*NULL*'' AND :pk2_val is NULL )) '||
2925 ' AND ( grants.instance_pk3_value = :pk3_val OR '||
2926 ' ( grants.instance_pk3_value = ''*NULL*'' AND :pk3_val is NULL )) '||
2927 ' AND ( grants.instance_pk4_value = :pk4_val OR '||
2928 ' ( grants.instance_pk4_value = ''*NULL*'' AND :pk4_val is NULL )) '||
2929 ' AND ( grants.instance_pk5_value = :pk5_val OR '||
2930 ' ( grants.instance_pk5_value = ''*NULL*'' AND :pk5_val is NULL )) )';
2931
2932 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
2933 ,p_module => l_api_name
2934 ,p_message => 'Binds for inst dyn sql '||
2935 ' G_TYPE_INSTANCE: '||G_TYPE_INSTANCE||
2936 ' - p_parent_instance_pk1_value: '||p_parent_instance_pk1_value||
2940 ' - p_parent_instance_pk3_value: '||p_parent_instance_pk3_value||
2937 ' - p_parent_instance_pk2_value: '||p_parent_instance_pk2_value||
2938 ' - p_parent_instance_pk2_value: '||p_parent_instance_pk2_value||
2939 ' - p_parent_instance_pk3_value: '||p_parent_instance_pk3_value||
2941 ' - p_parent_instance_pk4_value: '||p_parent_instance_pk4_value||
2942 ' - p_parent_instance_pk4_value: '||p_parent_instance_pk4_value||
2943 ' - p_parent_instance_pk5_value: '||p_parent_instance_pk5_value||
2944 ' - p_parent_instance_pk5_value: '||p_parent_instance_pk5_value
2945 );
2946
2947 -- check whether it is empty set
2948 IF( LENGTH(l_instance_sets_list) > 0) THEN
2949 l_set_dyn_sql:=l_set_dyn_sql ||
2950 ' AND ( grants.instance_type = :instance_type_set ' ||
2951 ' AND grants.instance_set_id IN ('||l_instance_sets_list||' )) ';
2952 l_dynamic_sql := l_common_dyn_sql || l_inst_dyn_sql ||
2953 ' UNION ' ||
2954 l_common_dyn_sql || l_set_dyn_sql;
2955
2956 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
2957 ,p_module => l_api_name
2958 ,p_message => 'Dynamic sql with sets and without profile '||l_dynamic_sql
2959 );
2960 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
2961 ,p_module => l_api_name
2962 ,p_message => 'Binds for Dynamic sql with sets and without profile '||
2963 ' l_parent_object_id: '||l_parent_object_id||
2964 ' - l_user_name: '||l_user_name||
2965 ' - l_object_id: '||l_object_id||
2966 ' - l_parent_object_id: '||l_parent_object_id||
2967 ' - p_object_type: '||p_object_type||
2968 ' - G_TYPE_INSTANCE: '||G_TYPE_INSTANCE||
2969 ' - p_parent_instance_pk1_value: '||p_parent_instance_pk1_value||
2970 ' - p_parent_instance_pk2_value: '||p_parent_instance_pk2_value||
2971 ' - p_parent_instance_pk2_value: '||p_parent_instance_pk2_value||
2972 ' - p_parent_instance_pk3_value: '||p_parent_instance_pk3_value||
2973 ' - p_parent_instance_pk3_value: '||p_parent_instance_pk3_value||
2974 ' - p_parent_instance_pk4_value: '||p_parent_instance_pk4_value||
2975 ' - p_parent_instance_pk4_value: '||p_parent_instance_pk4_value||
2976 ' - p_parent_instance_pk5_value: '||p_parent_instance_pk5_value||
2977 ' - p_parent_instance_pk5_value: '||p_parent_instance_pk5_value||
2978 ' - l_parent_object_id: '||l_parent_object_id||
2979 ' - l_user_name: '||l_user_name||
2980 ' - l_object_id: '||l_object_id||
2981 ' - l_parent_object_id: '||l_parent_object_id||
2982 ' - p_object_type: '||p_object_type||
2983 ' - G_TYPE_SET: '||G_TYPE_SET
2984 );
2985
2986 ELSE
2987 l_dynamic_sql := l_common_dyn_sql || l_inst_dyn_sql;
2988 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
2989 ,p_module => l_api_name
2990 ,p_message => 'Dynamic sql without profile '||l_dynamic_sql
2991 );
2992 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
2993 ,p_module => l_api_name
2994 ,p_message => 'Binds for Dynamic sql '||
2995 ' l_parent_object_id: '||l_parent_object_id||
2996 ' - l_user_name: '||l_user_name||
2997 ' - l_object_id: '||l_object_id||
2998 ' - l_parent_object_id: '||l_parent_object_id||
2999 ' - p_object_type: '||p_object_type||
3000 ' - G_TYPE_INSTANCE: '||G_TYPE_INSTANCE||
3001 ' - p_parent_instance_pk1_value: '||p_parent_instance_pk1_value||
3002 ' - p_parent_instance_pk2_value: '||p_parent_instance_pk2_value||
3003 ' - p_parent_instance_pk2_value: '||p_parent_instance_pk2_value||
3004 ' - p_parent_instance_pk3_value: '||p_parent_instance_pk3_value||
3005 ' - p_parent_instance_pk3_value: '||p_parent_instance_pk3_value||
3006 ' - p_parent_instance_pk4_value: '||p_parent_instance_pk4_value||
3007 ' - p_parent_instance_pk4_value: '||p_parent_instance_pk4_value||
3008 ' - p_parent_instance_pk5_value: '||p_parent_instance_pk5_value||
3009 ' - p_parent_instance_pk5_value: '||p_parent_instance_pk5_value
3010 );
3011 END IF;
3012
3013 -------------------------------------------------
3014 -- we see if a profile option is set and if so --
3015 -- we add it to the other list of menus --
3016 -------------------------------------------------
3017 l_profile_role := getRole_mappedTo_profileOption(p_parent_object_name, p_user_name);
3018 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
3019 ,p_module => l_api_name
3020 ,p_message => 'profile role for '||p_parent_object_name||
3021 ' is: '||l_profile_role
3022 );
3023
3024 IF (l_profile_role is not null) THEN
3025 l_dynamic_sql:= l_dynamic_sql ||
3026 ' UNION ' ||
3027 ' SELECT DISTINCT fnd_functions.function_name ' ||
3028 ' FROM fnd_form_functions fnd_functions, ' ||
3029 ' fnd_menu_entries cmf, ' ||
3030 ' ego_obj_role_mappings mapping, ' ||
3031 ' fnd_menus menus ' ||
3032 ' WHERE menus.menu_name = :profile_role ' ||
3033 ' AND mapping.parent_role_id = menus.menu_id ' ||
3034 ' AND mapping.child_role_id = cmf.menu_id ' ||
3038 ' AND cmf.function_id = fnd_functions.function_id ';
3035 ' AND mapping.child_object_id = :profile_ch_object_id ' ||
3036 ' AND mapping.parent_object_id = :profile_parent_object_id ' ||
3037 ' AND mapping.child_object_type = :profile_ch_object_type ' ||
3039 END IF;
3040
3041 -- Step 4.
3042 -- execute the dynamic SQL and Collect all privileges
3043 l_index:=0;
3044 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
3045 ,p_module => l_api_name
3046 ,p_message => 'Final Dynamic sql '||l_dynamic_sql
3047 );
3048 IF( LENGTH(l_instance_sets_list) > 0) THEN
3049 IF l_profile_role IS NOT NULL THEN
3050 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
3051 ,p_module => l_api_name
3052 ,p_message => 'Binds for Final Dynamic sql: '||
3053 ' l_parent_object_id: '||l_parent_object_id||
3054 ' - l_user_name: '||l_user_name||
3055 ' - l_object_id: '||l_object_id||
3056 ' - l_parent_object_id: '||l_parent_object_id||
3057 ' - p_object_type: '||p_object_type||
3058 ' - G_TYPE_INSTANCE: '||G_TYPE_INSTANCE||
3059 ' - p_parent_instance_pk1_value: '||p_parent_instance_pk1_value||
3060 ' - p_parent_instance_pk2_value: '||p_parent_instance_pk2_value||
3061 ' - p_parent_instance_pk2_value: '||p_parent_instance_pk2_value||
3062 ' - p_parent_instance_pk3_value: '||p_parent_instance_pk3_value||
3063 ' - p_parent_instance_pk3_value: '||p_parent_instance_pk3_value||
3064 ' - p_parent_instance_pk4_value: '||p_parent_instance_pk4_value||
3065 ' - p_parent_instance_pk4_value: '||p_parent_instance_pk4_value||
3066 ' - p_parent_instance_pk5_value: '||p_parent_instance_pk5_value||
3067 ' - p_parent_instance_pk5_value: '||p_parent_instance_pk5_value||
3068 ' - l_parent_object_id: '||l_parent_object_id||
3069 ' - l_user_name: '||l_user_name||
3070 ' - l_object_id: '||l_object_id||
3071 ' - l_parent_object_id: '||l_parent_object_id||
3072 ' - p_object_type: '||p_object_type||
3073 ' - G_TYPE_SET: '||G_TYPE_SET||
3074 ' - l_profile_role: '||l_profile_role||
3075 ' - l_object_id: '||l_object_id||
3076 ' - l_parent_object_id: '||l_parent_object_id||
3077 ' - p_object_type: '||p_object_type
3078 );
3079 OPEN instance_set FOR l_dynamic_sql
3080 USING IN l_parent_object_id,
3081 IN l_user_name,
3082 IN l_object_id,
3083 IN l_parent_object_id,
3084 IN p_object_type,
3085 IN G_TYPE_INSTANCE,
3086 IN p_parent_instance_pk1_value,
3087 IN p_parent_instance_pk2_value,
3088 IN p_parent_instance_pk2_value,
3089 IN p_parent_instance_pk3_value,
3090 IN p_parent_instance_pk3_value,
3091 IN p_parent_instance_pk4_value,
3092 IN p_parent_instance_pk4_value,
3093 IN p_parent_instance_pk5_value,
3094 IN p_parent_instance_pk5_value,
3095 IN l_parent_object_id,
3096 IN l_user_name,
3097 IN l_object_id,
3098 IN l_parent_object_id,
3099 IN p_object_type,
3100 IN G_TYPE_SET,
3101 IN l_profile_role,
3102 IN l_object_id,
3103 IN l_parent_object_id,
3104 IN p_object_type;
3105 ELSE
3106 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
3107 ,p_module => l_api_name
3108 ,p_message => 'Binds for Final Dynamic sql: '||
3109 ' l_parent_object_id: '||l_parent_object_id||
3110 ' - l_user_name: '||l_user_name||
3111 ' - l_object_id: '||l_object_id||
3112 ' - l_parent_object_id: '||l_parent_object_id||
3113 ' - p_object_type: '||p_object_type||
3114 ' - G_TYPE_INSTANCE: '||G_TYPE_INSTANCE||
3115 ' - p_parent_instance_pk1_value: '||p_parent_instance_pk1_value||
3116 ' - p_parent_instance_pk2_value: '||p_parent_instance_pk2_value||
3117 ' - p_parent_instance_pk2_value: '||p_parent_instance_pk2_value||
3118 ' - p_parent_instance_pk3_value: '||p_parent_instance_pk3_value||
3119 ' - p_parent_instance_pk3_value: '||p_parent_instance_pk3_value||
3120 ' - p_parent_instance_pk4_value: '||p_parent_instance_pk4_value||
3121 ' - p_parent_instance_pk4_value: '||p_parent_instance_pk4_value||
3122 ' - p_parent_instance_pk5_value: '||p_parent_instance_pk5_value||
3123 ' - p_parent_instance_pk5_value: '||p_parent_instance_pk5_value||
3124 ' - l_parent_object_id: '||l_parent_object_id||
3125 ' - l_user_name: '||l_user_name||
3126 ' - l_object_id: '||l_object_id||
3127 ' - l_parent_object_id: '||l_parent_object_id||
3128 ' - p_object_type: '||p_object_type||
3129 ' - G_TYPE_SET: '||G_TYPE_SET
3130 );
3131 OPEN instance_set FOR l_dynamic_sql
3132 USING IN l_parent_object_id,
3133 IN l_user_name,
3134 IN l_object_id,
3135 IN l_parent_object_id,
3136 IN p_object_type,
3137 IN G_TYPE_INSTANCE,
3138 IN p_parent_instance_pk1_value,
3139 IN p_parent_instance_pk2_value,
3140 IN p_parent_instance_pk2_value,
3141 IN p_parent_instance_pk3_value,
3145 IN p_parent_instance_pk5_value,
3142 IN p_parent_instance_pk3_value,
3143 IN p_parent_instance_pk4_value,
3144 IN p_parent_instance_pk4_value,
3146 IN p_parent_instance_pk5_value,
3147 IN l_parent_object_id,
3148 IN l_user_name,
3149 IN l_object_id,
3150 IN l_parent_object_id,
3151 IN p_object_type,
3152 IN G_TYPE_SET;
3153 END IF;
3154 ELSE
3155 IF l_profile_role IS NOT NULL THEN
3156 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
3157 ,p_module => l_api_name
3158 ,p_message => 'Binds for Final Dynamic sql: '||
3159 ' l_parent_object_id: '||l_parent_object_id||
3160 ' - l_user_name: '||l_user_name||
3161 ' - l_object_id: '||l_object_id||
3162 ' - l_parent_object_id: '||l_parent_object_id||
3163 ' - p_object_type: '||p_object_type||
3164 ' - G_TYPE_INSTANCE: '||G_TYPE_INSTANCE||
3165 ' - p_parent_instance_pk1_value: '||p_parent_instance_pk1_value||
3166 ' - p_parent_instance_pk2_value: '||p_parent_instance_pk2_value||
3167 ' - p_parent_instance_pk2_value: '||p_parent_instance_pk2_value||
3168 ' - p_parent_instance_pk3_value: '||p_parent_instance_pk3_value||
3169 ' - p_parent_instance_pk3_value: '||p_parent_instance_pk3_value||
3170 ' - p_parent_instance_pk4_value: '||p_parent_instance_pk4_value||
3171 ' - p_parent_instance_pk4_value: '||p_parent_instance_pk4_value||
3172 ' - p_parent_instance_pk5_value: '||p_parent_instance_pk5_value||
3173 ' - p_parent_instance_pk5_value: '||p_parent_instance_pk5_value||
3174 ' - l_profile_role: '||l_profile_role||
3175 ' - l_object_id: '||l_object_id||
3176 ' - l_parent_object_id: '||l_parent_object_id||
3177 ' - p_object_type: '||p_object_type
3178 );
3179 OPEN instance_set FOR l_dynamic_sql
3180 USING IN l_parent_object_id,
3181 IN l_user_name,
3182 IN l_object_id,
3183 IN l_parent_object_id,
3184 IN p_object_type,
3185 IN G_TYPE_INSTANCE,
3186 IN p_parent_instance_pk1_value,
3187 IN p_parent_instance_pk2_value,
3188 IN p_parent_instance_pk2_value,
3189 IN p_parent_instance_pk3_value,
3190 IN p_parent_instance_pk3_value,
3191 IN p_parent_instance_pk4_value,
3192 IN p_parent_instance_pk4_value,
3193 IN p_parent_instance_pk5_value,
3194 IN p_parent_instance_pk5_value,
3195 IN l_profile_role,
3196 IN l_object_id,
3197 IN l_parent_object_id,
3198 IN p_object_type;
3199 ELSE
3200 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
3201 ,p_module => l_api_name
3202 ,p_message => 'Binds for Final Dynamic sql: '||
3203 ' l_parent_object_id: '||l_parent_object_id||
3204 ' - l_user_name: '||l_user_name||
3205 ' - l_object_id: '||l_object_id||
3206 ' - l_parent_object_id: '||l_parent_object_id||
3207 ' - p_object_type: '||p_object_type||
3208 ' - G_TYPE_INSTANCE: '||G_TYPE_INSTANCE||
3209 ' - p_parent_instance_pk1_value: '||p_parent_instance_pk1_value||
3210 ' - p_parent_instance_pk2_value: '||p_parent_instance_pk2_value||
3211 ' - p_parent_instance_pk2_value: '||p_parent_instance_pk2_value||
3212 ' - p_parent_instance_pk3_value: '||p_parent_instance_pk3_value||
3213 ' - p_parent_instance_pk3_value: '||p_parent_instance_pk3_value||
3214 ' - p_parent_instance_pk4_value: '||p_parent_instance_pk4_value||
3215 ' - p_parent_instance_pk4_value: '||p_parent_instance_pk4_value||
3216 ' - p_parent_instance_pk5_value: '||p_parent_instance_pk5_value||
3217 ' - p_parent_instance_pk5_value: '||p_parent_instance_pk5_value
3218 );
3219 OPEN instance_set FOR l_dynamic_sql
3220 USING IN l_parent_object_id,
3221 IN l_user_name,
3222 IN l_object_id,
3223 IN l_parent_object_id,
3224 IN p_object_type,
3225 IN G_TYPE_INSTANCE,
3226 IN p_parent_instance_pk1_value,
3227 IN p_parent_instance_pk2_value,
3228 IN p_parent_instance_pk2_value,
3229 IN p_parent_instance_pk3_value,
3230 IN p_parent_instance_pk3_value,
3231 IN p_parent_instance_pk4_value,
3232 IN p_parent_instance_pk4_value,
3233 IN p_parent_instance_pk5_value,
3234 IN p_parent_instance_pk5_value;
3235 END IF;
3236 END IF;
3237
3238 LOOP
3239 FETCH instance_set INTO l_privilege;
3240 EXIT WHEN instance_set%NOTFOUND;
3241 m_privilege_tbl (l_index):=l_privilege;
3242 l_index:=l_index+1;
3243 END LOOP;
3244 CLOSE instance_set;
3245
3246
3247 -- Step 5.
3248 -- get all the profile option privileges for the parent object type
3249 --and add to m_privilege_tbl
3250 get_role_functions
3251 (p_api_version => p_api_version
3252 ,p_role_name => l_profile_role
3253 ,x_return_status => x_return_status
3254 ,x_privilege_tbl => l_prof_privilege_tbl
3255 );
3256 IF (x_return_status = G_RETURN_SUCCESS) THEN
3257 IF (l_prof_privilege_tbl.COUNT > 0) THEN
3261 END LOOP;
3258 FOR i IN l_prof_privilege_tbl.first .. l_prof_privilege_tbl.last LOOP
3259 m_privilege_tbl(l_index) := l_prof_privilege_tbl(i);
3260 l_index:=l_index+1;
3262 END IF; -- x_prof_privilege_tbl >0
3263 END IF; --return status is T
3264 --end of getting privileges from profile option
3265
3266 -- last step, get object function list itself to append
3267 get_functions(p_api_version => 1.0,
3268 p_object_name => p_object_name,
3269 p_instance_pk1_value => p_instance_pk1_value,
3270 p_instance_pk2_value => p_instance_pk2_value,
3271 p_instance_pk3_value => p_instance_pk3_value,
3272 p_instance_pk4_value => p_instance_pk4_value,
3273 p_instance_pk5_value => p_instance_pk5_value,
3274 p_user_name => l_user_name,
3275 x_return_status => l_return_status,
3276 x_privilege_tbl => l_privilege_tbl);
3277
3278 l_privilege_tbl_count := l_privilege_tbl.COUNT;
3279 if (l_privilege_tbl_count > 0) then
3280 FOR i IN l_privilege_tbl.first .. l_privilege_tbl.last
3281 LOOP
3282 m_privilege_tbl(l_index):=l_privilege_tbl(i);
3283 l_index:=l_index+1;
3284 END LOOP;
3285 end if;
3286
3287 m_privilege_tbl_count := m_privilege_tbl.COUNT;
3288
3289 x_privilege_tbl := EGO_VARCHAR_TBL_TYPE();
3290
3291 x_index := 0;
3292 if (m_privilege_tbl_count > 0) then
3293 x_privilege_tbl.extend(m_privilege_tbl_count);
3294 FOR i IN m_privilege_tbl.first .. m_privilege_tbl.last LOOP
3295 x_privilege_tbl(i+1) := m_privilege_tbl(i);
3296 --x_index := x_index+1;
3297 END LOOP;
3298 end if;
3299
3300 -- last step done
3301 if(x_privilege_tbl.COUNT > 0) then
3302 x_return_status := G_RETURN_SUCCESS; /* Success */
3303 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
3304 ,p_module => l_api_name
3305 ,p_message => 'Returning Previleges '
3306 );
3307 FOR i in x_privilege_tbl.first .. x_privilege_tbl.last LOOP
3308 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
3309 ,p_module => l_api_name
3310 ,p_message => 'Index : '||i||' - privilege: '||x_privilege_tbl(i)
3311 );
3312 END LOOP;
3313 else
3314 x_return_status := G_RETURN_FAILURE; /* No functions */
3315 end if;
3316 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
3317 ,p_module => l_api_name
3318 ,p_message => 'Ending: with status: ' ||x_return_status
3319 );
3320
3321 EXCEPTION
3322 WHEN OTHERS THEN
3323 fnd_message.set_name('FND', 'SQL_PLSQL_ERROR');
3324 fnd_message.set_token('ROUTINE',G_PKG_NAME||l_api_name);
3325 fnd_message.set_token('ERRNO', SQLCODE);
3326 fnd_message.set_token('REASON', SQLERRM);
3327 x_return_status := G_RETURN_UNEXP_ERR;
3328 code_debug (p_log_level => G_DEBUG_LEVEL_UNEXPECTED
3329 ,p_module => l_api_name
3330 ,p_message => 'Ending: Returning OTHER ERROR '||SQLERRM
3331 );
3332 END get_inherited_functions;
3333
3334 --------------------------------------------------------
3335 ---- get_security_predicate
3336 --------------------------------------------------------
3337 PROCEDURE get_security_predicate
3338 (
3339 p_api_version IN NUMBER,
3340 p_function IN VARCHAR2 default null,
3341 p_object_name IN VARCHAR2,
3342 p_grant_instance_type IN VARCHAR2 DEFAULT 'UNIVERSAL',/* SET, INSTANCE*/
3343 p_user_name IN VARCHAR2 default null,
3344 /* stmnt_type: 'OTHER', 'BASE'=VPD, 'EXISTS'= for checking existence. */
3345 p_statement_type IN VARCHAR2 DEFAULT 'OTHER',
3346 p_pk1_alias IN VARCHAR2 DEFAULT NULL,
3347 p_pk2_alias IN VARCHAR2 DEFAULT NULL,
3348 p_pk3_alias IN VARCHAR2 DEFAULT NULL,
3349 p_pk4_alias IN VARCHAR2 DEFAULT NULL,
3350 p_pk5_alias IN VARCHAR2 DEFAULT NULL,
3351 x_predicate OUT NOCOPY VARCHAR2,
3352 x_return_status OUT NOCOPY VARCHAR2
3353 ) IS
3354 l_api_name CONSTANT VARCHAR2(30) := 'GET_SECURITY_PREDICATE';
3355
3356 -- On addition of any Required parameters the major version needs
3357 -- to change i.e. for eg. 1.X to 2.X.
3358 -- On addition of any Optional parameters the minor version needs
3359 -- to change i.e. for eg. X.6 to X.7.
3360 l_api_version CONSTANT NUMBER := 1.0;
3361 l_sysdate DATE := Sysdate;
3362 l_aggregate_predicate VARCHAR2(32767); /* Must match g_pred_buf_size*/
3363 l_instance_flag BOOLEAN DEFAULT TRUE;
3364 l_instance_set_flag BOOLEAN DEFAULT TRUE;
3365 l_set_predicates VARCHAR2(32767); /* Must match g_pred_buf_size*/
3366 l_db_object_name VARCHAR2(30);
3367 l_db_pk1_column VARCHAR2(61);
3368 l_db_pk2_column VARCHAR2(61);
3369 l_db_pk3_column VARCHAR2(61);
3370 l_db_pk4_column VARCHAR2(61);
3371 l_db_pk5_column VARCHAR2(61);
3372 l_pk_column_names VARCHAR2(512);
3376 l_orig_pk2_column VARCHAR2(61);
3373 l_pk_orig_column_names VARCHAR2(512);
3374 l_pk_orig_column_names_t VARCHAR2(513);
3375 l_orig_pk1_column VARCHAR2(61);
3377 l_orig_pk3_column VARCHAR2(61);
3378 l_orig_pk4_column VARCHAR2(61);
3379 l_orig_pk5_column VARCHAR2(61);
3380 l_type_converted_val_cols VARCHAR2(512);
3381 l_user_name VARCHAR2(80);
3382 -- l_orig_system VARCHAR2(48);
3383 l_orig_system_id NUMBER;
3384
3385 l_group_info VARCHAR2(32767); /* Must match g_pred_buf_size*/
3386 l_company_info VARCHAR2(32767); /* Must match g_pred_buf_size*/
3387 l_object_id NUMBER;
3388
3389 instance_set_grants_c DYNAMIC_CUR;
3390 l_dynamic_sql_1 VARCHAR2(32767);
3391 l_set_predicate_segment VARCHAR2(32767);
3392 l_prof_privilege_tbl EGO_VARCHAR_TBL_TYPE;
3393
3394 BEGIN
3395 SetGlobals();
3396 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
3397 ,p_module => l_api_name
3398 ,p_message => 'Started with 13 params '||
3399 ' p_api_version: '|| to_char(p_api_version) ||
3400 ' - p_function: '|| p_function ||
3401 ' - p_object_name: '|| p_object_name ||
3402 ' - p_grant_instance_type: '|| p_grant_instance_type ||
3403 ' - p_statement_type: '|| p_statement_type ||
3404 ' - p_pk1_alias: '|| p_pk1_alias ||
3405 ' - p_pk2_alias: '|| p_pk2_alias ||
3406 ' - p_pk3_alias: '|| p_pk3_alias ||
3407 ' - p_pk4_alias: '|| p_pk4_alias ||
3408 ' - p_pk5_alias: '|| p_pk5_alias
3409 );
3410
3411 -- check for call compatibility.
3412 if TRUNC(l_api_version) <> TRUNC(p_api_version) THEN
3413 fnd_message.set_name('FND', 'GENERIC-INTERNAL ERROR');
3414 fnd_message.set_token('ROUTINE', g_pkg_name || '.'|| l_api_name);
3415 fnd_message.set_token('REASON', 'Unsupported version '|| to_char(p_api_version)||
3416 ' passed to API; expecting version '||
3417 to_char(l_api_version));
3418 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
3419 ,p_module => l_api_name
3420 ,p_message => 'Returning as the call in incompatible '
3421 );
3422 x_return_status := G_RETURN_UNEXP_ERR; /* Unexpected Error */
3423 RETURN;
3424 END IF;
3425
3426 -- Check to make sure we're not using unsupported statement_type
3427 if (p_statement_type NOT IN ('BASE', 'OTHER', 'EXISTS')) then
3428 fnd_message.set_name('FND', 'GENERIC-INTERNAL ERROR');
3429 fnd_message.set_token('ROUTINE', g_pkg_name || '.'|| l_api_name);
3430 fnd_message.set_token('REASON', 'Unsupported p_statement_type: '|| p_statement_type);
3431 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
3432 ,p_module => l_api_name
3433 ,p_message => 'Returning as statement type is not supported'
3434 );
3435 x_return_status := G_RETURN_UNEXP_ERR; /* Unexpected Error */
3436 return;
3437 end if;
3438
3439 /* ### We haven't yet added support for NULL (all) function in arg. */
3440 /* ### Add that support since it is in the API. */
3441 if (p_function is NULL) then
3442 fnd_message.set_name('FND', 'GENERIC-INTERNAL ERROR');
3443 fnd_message.set_token('ROUTINE', g_pkg_name || '.'|| l_api_name);
3444 fnd_message.set_token('REASON', 'Support has not yet been added for passing NULL function.');
3445 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
3446 ,p_module => l_api_name
3447 ,p_message => 'Returning as mand parameter Function is not available '
3448 );
3449 x_return_status := G_RETURN_UNEXP_ERR; /* Unexpected Error */
3450 return;
3451 end if;
3452
3453 -- Check to make sure we're not using unsupported modes
3454 if ((p_grant_instance_type = 'SET')
3455 AND((p_pk1_alias is not NULL)
3456 OR (p_pk2_alias is not NULL)
3457 OR (p_pk3_alias is not NULL)
3458 OR (p_pk4_alias is not NULL)
3459 OR (p_pk5_alias is not NULL))) then
3460
3461 fnd_message.set_name('FND', 'GENERIC-INTERNAL ERROR');
3462 fnd_message.set_token('ROUTINE', g_pkg_name || '.'|| l_api_name);
3463 fnd_message.set_token('REASON', 'Unsupported mode arguments: '||
3464 ' p_grant_instance_type = SET.');
3465 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
3466 ,p_module => l_api_name
3467 ,p_message => 'Returning as incompatible combination for p_grant_instance_type = SET '
3468 );
3469 x_return_status := G_RETURN_UNEXP_ERR; /* Unexpected Error */
3470 return;
3471 end if;
3472
3473 /* We don't currently support BASE mode; we will have to change to */
3474 /* a pure OR statement when VPD becomes important. */
3475 if (p_statement_type = 'BASE') then
3476 fnd_message.set_name('FND', 'GENERIC-INTERNAL ERROR');
3477 fnd_message.set_token('ROUTINE', g_pkg_name || '.'|| l_api_name);
3478 fnd_message.set_token('REASON', 'Support has not yet been added for '|| 'p_statement_type = BASE.');
3479 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
3483 x_return_status := G_RETURN_UNEXP_ERR; /* Unexpected Error */
3480 ,p_module => l_api_name
3481 ,p_message => 'Returning as incompatible statement_type = BASE '
3482 );
3484 return;
3485 end if;
3486
3487 x_return_status := G_RETURN_SUCCESS; /* Assume Success */
3488 l_user_name := p_user_name;
3489 get_orig_key(x_user_name => l_user_name
3490 -- ,x_orig_system => l_orig_system
3491 ,x_orig_system_id => l_orig_system_id);
3492 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
3493 ,p_module => l_api_name
3494 ,p_message => 'l_user_name: '||l_user_name||
3495 -- ' - l_orig_system: '||l_orig_system||
3496 ' - l_orig_system_id: '||l_orig_system_id
3497 );
3498
3499 -----------------------------------------------------------------------------------
3500 --First we see if a profile option is set and if function exists --
3501 -- if so we return and empty predicate here itself without doing further query --
3502 -----------------------------------------------------------------------------------
3503
3504 getPrivilege_for_profileOption(p_api_version => p_api_version,
3505 p_object_name => p_object_name,
3506 p_user_name => p_user_name,
3507 x_privilege_tbl => l_prof_privilege_tbl,
3508 x_return_status => x_return_status);
3509
3510 IF (x_return_status = G_RETURN_SUCCESS) THEN
3511 IF (l_prof_privilege_tbl.COUNT > 0) THEN
3512 FOR i IN l_prof_privilege_tbl.first .. l_prof_privilege_tbl.last LOOP
3513 IF (l_prof_privilege_tbl(i) = p_function) THEN
3514 x_predicate := '';
3515 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
3516 ,p_module => l_api_name
3517 ,p_message => 'No need for predicate as user has privilege through profile '
3518 );
3519 RETURN;
3520 END IF; --if function match, returning empty predicate
3521 END LOOP;
3522 END IF; -- x_prof_privilege_tbl >0
3523 END IF; --return status is T
3524
3525 -- Step 1.
3526 -- check whether there is any grant for this use for any role that
3527 -- includes the given privilege
3528
3529 IF (p_grant_instance_type = G_TYPE_INSTANCE) THEN
3530 l_instance_set_flag:= FALSE;
3531 ELSIF (p_grant_instance_type = G_TYPE_SET) THEN
3532 l_instance_flag:= FALSE;
3533 END IF;
3534
3535 x_return_status := get_pk_information(p_object_name ,
3536 l_db_pk1_column ,
3537 l_db_pk2_column ,
3538 l_db_pk3_column ,
3539 l_db_pk4_column ,
3540 l_db_pk5_column ,
3541 l_pk_column_names ,
3542 l_type_converted_val_cols ,
3543 l_pk_orig_column_names,
3544 l_db_object_name,
3545 p_pk1_alias,
3546 p_pk2_alias,
3547 p_pk3_alias,
3548 p_pk4_alias,
3549 p_pk5_alias );
3550 if (x_return_status <> G_RETURN_SUCCESS) then
3551 /* There will be a message on the msg dict stack. */
3552 return; /* We will return the x_return_status as out param */
3553 end if;
3554
3555 l_object_id := get_object_id(p_object_name => p_object_name);
3556 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
3557 ,p_module => l_api_name
3558 ,p_message => 'l_object_id: '||l_object_id
3559 );
3560 l_company_info := get_company_info (p_party_id => l_orig_system_id);
3561 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
3562 ,p_module => l_api_name
3563 ,p_message => 'l_company_info: '||l_company_info
3564 );
3565 l_group_info := get_group_info(p_party_id => l_orig_system_id);
3566 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
3567 ,p_module => l_api_name
3568 ,p_message => 'l_group_info: '||l_group_info
3569 );
3570
3571 -- Step 2.
3572 l_aggregate_predicate := '';
3573 IF(l_instance_flag = TRUE) THEN
3574 if (p_statement_type = 'EXISTS') then
3575 l_aggregate_predicate := 'EXISTS ( SELECT ''X'' ';
3576 else
3577 l_aggregate_predicate := l_pk_column_names || ' IN ( SELECT ' ||l_type_converted_val_cols;
3578 end if;
3579
3580 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
3581 ,p_module => l_api_name
3582 ,p_message => 'l_aggregate_predicate : '||l_aggregate_predicate
3583 );
3584
3585
3586 if (p_statement_type = 'EXISTS') then
3587 --R12C Security Changes
3588 /* l_aggregate_predicate := l_aggregate_predicate ||
3589 ' FROM fnd_grants grants, fnd_form_functions functions, fnd_menu_entries cmf ' ||
3590 ' WHERE grants.INSTANCE_PK1_VALUE=to_char('||p_pk1_alias||')'; */
3594 ' WHERE grants.INSTANCE_PK1_VALUE=to_char(cathier.parent_catalog_group_id) AND cathier.child_catalog_group_id = to_char('||p_pk1_alias||')';
3591 if (p_object_name = 'EGO_CATALOG_GROUP') THEN
3592 l_aggregate_predicate := l_aggregate_predicate ||
3593 ' FROM fnd_grants grants, fnd_form_functions functions, fnd_menu_entries cmf, ego_item_cat_denorm_hier cathier ' ||
3595 else
3596 l_aggregate_predicate := l_aggregate_predicate ||
3597 ' FROM fnd_grants grants, fnd_form_functions functions, fnd_menu_entries cmf ' ||
3598 ' WHERE grants.INSTANCE_PK1_VALUE=to_char('||p_pk1_alias||')';
3599 end if;
3600 --R12C Security Changes
3601 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
3602 ,p_module => l_api_name
3603 ,p_message => 'l_aggregate_predicate : '||l_aggregate_predicate
3604 );
3605
3606 if(p_pk2_alias is not null) then
3607 l_aggregate_predicate := l_aggregate_predicate || ' AND grants.INSTANCE_PK2_VALUE=to_char('||p_pk2_alias||')';
3608 end if;
3609
3610 if(p_pk3_alias is not null) then
3611 l_aggregate_predicate := l_aggregate_predicate || ' AND grants.INSTANCE_PK3_VALUE=to_char('||p_pk3_alias||')';
3612 end if;
3613
3614 if(p_pk4_alias is not null) then
3615 l_aggregate_predicate := l_aggregate_predicate || ' AND grants.INSTANCE_PK4_VALUE=to_char('||p_pk4_alias||')';
3616 end if;
3617
3618 if(p_pk5_alias is not null) then
3619 l_aggregate_predicate := l_aggregate_predicate || ' AND grants.INSTANCE_PK5_VALUE=to_char('||p_pk5_alias||')';
3620 end if;
3621
3622 l_aggregate_predicate := l_aggregate_predicate ||
3623 ' AND grants.start_date <= sysdate ';
3624
3625 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
3626 ,p_module => l_api_name
3627 ,p_message => 'l_aggregate_predicate : '||l_aggregate_predicate
3628 );
3629 else
3630 l_aggregate_predicate := l_aggregate_predicate ||
3631 ' FROM fnd_grants grants, fnd_form_functions functions, fnd_menu_entries cmf ' ||
3632 ' WHERE grants.start_date <= sysdate ';
3633 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
3634 ,p_module => l_api_name
3635 ,p_message => 'l_aggregate_predicate : '||l_aggregate_predicate
3636 );
3637 end if;
3638
3639 l_aggregate_predicate :=
3640 l_aggregate_predicate ||
3641 ' AND (grants.end_date IS NULL OR grants.end_date >= sysdate) ' ||
3642 ' AND grants.instance_type = ''INSTANCE'' ' ||
3643 ' AND cmf.function_id = functions.function_id ' ||
3644 ' AND cmf.menu_id = grants.menu_id ' ||
3645 ' AND grants.object_id = ' || l_object_id ||
3646 ' AND functions.function_name = ''' || p_function || '''' ||
3647 ' AND ((grants.grantee_type = ''USER'' ' ||
3648 ' AND grants.grantee_key = '''||l_user_name||''')'||
3649 ' OR (grants.grantee_type = ''GROUP'' '||
3650 ' AND grants.grantee_key in ('|| l_group_info || ')) ' ||
3651 ' OR (grants.grantee_type = ''COMPANY'' '||
3652 ' AND grants.grantee_key in ('|| l_company_info || ')) ' ||
3653 ' OR (grants.grantee_type = ''GLOBAL'' ' ||
3654 ' AND grants.grantee_key in (''HZ_GLOBAL:-1000'', ''GLOBAL''))))';
3655 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
3656 ,p_module => l_api_name
3657 ,p_message => 'l_aggregate_predicate: '||l_aggregate_predicate
3658 );
3659 END IF;
3660 -- Step 3.
3661 l_set_predicates := '';
3662 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
3663 ,p_module => l_api_name
3664 ,p_message => 'l_set_predicates : '||l_set_predicates
3665 );
3666 IF (l_instance_set_flag = TRUE) THEN
3667 -------------------------------------------------------------------------------
3668 -- Now we build dynamic SQL using the work we just did to optimize the query --
3669 -------------------------------------------------------------------------------
3670 l_dynamic_sql_1 :=
3671 ' SELECT DISTINCT instance_sets.predicate ' ||
3672 ' FROM fnd_grants grants, fnd_form_functions functions, ' ||
3673 ' fnd_menu_entries cmf, fnd_object_instance_sets instance_sets ' ||
3674 ' WHERE grants.instance_type = :instance_type ' ||
3675 ' AND grants.start_date <= SYSDATE ' ||
3676 ' AND NVL(grants.end_date,SYSDATE) >= SYSDATE ' ||
3677 ' AND cmf.function_id = functions.function_id ' ||
3678 ' AND cmf.menu_id = grants.menu_id ' ||
3679 ' AND grants.instance_set_id = instance_sets.instance_set_id ' ||
3680 ' AND grants.object_id = :object_id ' ||
3681 ' AND functions.function_name = :function ' ||
3682 ' AND ((grants.grantee_type = ''USER'' ' ||
3683 ' AND grants.grantee_key = :grantee_key )' ||
3684 ' OR (grants.grantee_type = ''GROUP'' ' ||
3685 ' AND grants.grantee_key in ('||l_group_info||' ))' ||
3686 ' OR (grants.grantee_type = ''COMPANY'' ' ||
3687 ' AND grants.grantee_key in ( '||l_company_info||' ))' ||
3688 ' OR (grants.grantee_type = ''GLOBAL'' ' ||
3689 ' AND grants.grantee_key in (''HZ_GLOBAL:-1000'', ''GLOBAL''))) ';
3690 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
3694 ' - l_parent_object_id: '||l_object_id||
3691 ,p_module => l_api_name
3692 ,p_message => 'Binds for instance_set_grants_c '||
3693 ' G_TYPE_SET: '||G_TYPE_SET||
3695 ' - p_function: '||p_function||
3696 ' - l_user_name: '||l_user_name
3697 );
3698
3699 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
3700 ,p_module => l_api_name
3701 ,p_message => 'l_dynamic_sql_1 : '||l_dynamic_sql_1
3702 );
3703 OPEN instance_set_grants_c FOR l_dynamic_sql_1
3704 USING IN G_TYPE_SET,
3705 IN l_object_id,
3706 IN p_function,
3707 IN l_user_name;
3708 LOOP
3709 FETCH instance_set_grants_c into l_set_predicate_segment;
3710 EXIT WHEN instance_set_grants_c%NOTFOUND;
3711
3712 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
3713 ,p_module => l_api_name
3714 ,p_message => 'l_set_predicates : '||l_set_predicates
3715 );
3716 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
3717 ,p_module => l_api_name
3718 ,p_message => 'l_set_predicate_segment : '||l_set_predicate_segment
3719 );
3720 l_set_predicates := substrb(l_set_predicates ||
3721 l_set_predicate_segment ||
3722 ' OR ',
3723 1, g_pred_buf_size);
3724 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
3725 ,p_module => l_api_name
3726 ,p_message => 'l_set_predicates : '||l_set_predicates
3727 );
3728 END LOOP;
3729 CLOSE instance_set_grants_c;
3730 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
3731 ,p_module => l_api_name
3732 ,p_message => 'l_set_predicates: '||l_set_predicates
3733 );
3734
3735 IF(length(l_set_predicates) > 0) THEN
3736 -- strip off the trailing 'OR '
3737 l_set_predicates := substr(l_set_predicates, 1,
3738 length(l_set_predicates) - length('OR '));
3739
3740 IF(length(l_aggregate_predicate) > 0) THEN
3741 -- strip off the trailing ')'
3742 l_aggregate_predicate := substr(l_aggregate_predicate, 1,
3743 length(l_aggregate_predicate) - length(')'));
3744 if (p_statement_type = 'EXISTS') then
3745 l_pk_orig_column_names_t := l_pk_orig_column_names||',';
3746 l_orig_pk1_column := SUBSTR(l_pk_orig_column_names_t, 1, INSTR(l_pk_orig_column_names_t,',',1,1)-1);
3747 --R12C Security Changes
3748 /*l_aggregate_predicate := substrb(l_aggregate_predicate ||
3749 ' UNION ALL (SELECT ''X'' ' || ' FROM ' ||
3750 l_db_object_name || ' WHERE ' ||
3751 l_orig_pk1_column || '=' || p_pk1_alias, 1, g_pred_buf_size);*/
3752
3753 IF (p_object_name = 'EGO_ITEM') THEN
3754 l_aggregate_predicate := substrb(l_aggregate_predicate ||
3755 ' UNION ALL (SELECT ''X'' ' || ' FROM ' ||
3756 l_db_object_name ||', ego_item_cat_denorm_hier cathier WHERE item_catalog_group_id = cathier.child_catalog_group_id AND ' ||
3757 l_orig_pk1_column || '=' || p_pk1_alias, 1, g_pred_buf_size);
3758
3759 ELSE
3760 l_aggregate_predicate := substrb(l_aggregate_predicate ||
3761 ' UNION ALL (SELECT ''X'' ' || ' FROM ' ||
3762 l_db_object_name || ' WHERE ' ||
3763 l_orig_pk1_column || '=' || p_pk1_alias, 1, g_pred_buf_size);
3764 END IF;
3765 --R12C Security Changes
3766
3767 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
3768 ,p_module => l_api_name
3769 ,p_message => 'l_set_predicates : '||l_set_predicates
3770 );
3771 if(p_pk2_alias is not null) then
3772 l_orig_pk2_column := SUBSTR(l_pk_orig_column_names_t, INSTR(l_pk_orig_column_names_t,',',1,1)+1, INSTR(l_pk_orig_column_names_t,',',1,2)-INSTR(l_pk_orig_column_names_t,',',1,1)-1 );
3773 l_aggregate_predicate := l_aggregate_predicate || ' AND ' || l_orig_pk2_column || '=' || p_pk2_alias;
3774 end if;
3775 if(p_pk3_alias is not null) then
3776 l_orig_pk3_column := SUBSTR(l_pk_orig_column_names_t, INSTR(l_pk_orig_column_names_t,',',1,2)+1, INSTR(l_pk_orig_column_names_t,',',1,3)-INSTR(l_pk_orig_column_names_t,',',1,2)-1 );
3777 l_aggregate_predicate := l_aggregate_predicate || ' AND ' || l_orig_pk3_column || '=' || p_pk3_alias;
3778 end if;
3779 if(p_pk4_alias is not null) then
3780 l_orig_pk4_column := SUBSTR(l_pk_orig_column_names_t, INSTR(l_pk_orig_column_names_t,',',1,3)+1, INSTR(l_pk_orig_column_names_t,',',1,4)-INSTR(l_pk_orig_column_names_t,',',1,3)-1 );
3781 l_aggregate_predicate := l_aggregate_predicate || ' AND ' || l_orig_pk4_column || '=' || p_pk4_alias;
3782 end if;
3783 if(p_pk5_alias is not null) then
3784 l_orig_pk5_column := SUBSTR(l_pk_orig_column_names, INSTR(l_pk_orig_column_names_t,',',1,4)+1 );
3785 l_aggregate_predicate := l_aggregate_predicate || ' AND ' || l_orig_pk5_column || '=' || p_pk5_alias;
3789 ' AND ( ' ||
3786 end if;
3787
3788 l_aggregate_predicate := substrb(l_aggregate_predicate ||
3790 l_set_predicates || ' ) ' ||
3791 '))',
3792 1, g_pred_buf_size);
3793
3794 else
3795 l_aggregate_predicate := substrb(l_aggregate_predicate ||
3796 ' UNION ALL (SELECT ' ||
3797 l_pk_orig_column_names || ' FROM ' ||
3798 l_db_object_name || ' WHERE ' ||
3799 l_set_predicates || '))',
3800 1, g_pred_buf_size);
3801 end if;
3802 ELSE
3803 l_aggregate_predicate:= l_set_predicates;
3804 END IF;
3805 END IF;
3806 END IF; -- end of if (l_instance_set_flag = TRUE) clause
3807
3808 x_predicate := l_aggregate_predicate;
3809
3810 if ((lengthb(l_aggregate_predicate) > g_vpd_buf_limit)
3811 AND (p_statement_type = 'BASE')) then
3812 FND_MESSAGE.SET_NAME('FND', 'GENERIC-INTERNAL ERROR');
3813 FND_MESSAGE.SET_TOKEN('ROUTINE', 'EGO_DATA_SECURITY.GET_SECURITY_PREDICATE');
3814 FND_MESSAGE.SET_TOKEN('REASON',
3815 'The predicate was longer than the database VPD limit of '||
3816 to_char(g_vpd_buf_limit)||' bytes for the predicate. ');
3817 x_return_status := 'L'; /* Indicate Error */
3818 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
3819 ,p_module => l_api_name
3820 ,p_message => 'Returning Status: '||x_return_status||' as predicate size is more'
3821 );
3822 end if;
3823 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
3824 ,p_module => l_api_name
3825 ,p_message => 'Returning Status: '||x_return_status
3826 );
3827 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
3828 ,p_module => l_api_name
3829 ,p_message => 'Returning Predicate: '||x_predicate
3830 );
3831
3832 EXCEPTION
3833 WHEN OTHERS THEN
3834 fnd_message.set_name('FND', 'SQL_PLSQL_ERROR');
3835 fnd_message.set_token('ROUTINE',G_PKG_NAME||l_api_name);
3836 fnd_message.set_token('ERRNO', SQLCODE);
3837 fnd_message.set_token('REASON', SQLERRM);
3838 code_debug (p_log_level => G_DEBUG_LEVEL_EXCEPTION
3839 ,p_module => l_api_name
3840 ,p_message => 'Returning EXCEPTION '||SQLERRM
3841 );
3842 x_return_status := G_RETURN_UNEXP_ERR;
3843 return;
3844 END get_security_predicate;
3845
3846 --------------------------------------------------------
3847 ---- get_sec_predicate_with_exists
3848 --------------------------------------------------------
3849 PROCEDURE get_sec_predicate_with_exists
3850 (
3851 p_api_version IN NUMBER,
3852 p_function IN VARCHAR2 default null,
3853 p_object_name IN VARCHAR2,
3854 p_grant_instance_type IN VARCHAR2 DEFAULT 'UNIVERSAL',/* SET, INSTANCE*/
3855 p_party_id IN NUMBER,
3856 /* stmnt_type: 'OTHER', 'BASE'=VPD, 'EXISTS'= for checking existence. */
3857 p_statement_type IN VARCHAR2 DEFAULT 'OTHER',
3858 p_pk1_alias IN VARCHAR2 DEFAULT NULL,
3859 p_pk2_alias IN VARCHAR2 DEFAULT NULL,
3860 p_pk3_alias IN VARCHAR2 DEFAULT NULL,
3861 p_pk4_alias IN VARCHAR2 DEFAULT NULL,
3862 p_pk5_alias IN VARCHAR2 DEFAULT NULL,
3863 x_predicate OUT NOCOPY varchar2,
3864 x_return_status OUT NOCOPY varchar2
3865 ) IS
3866 l_api_name CONSTANT VARCHAR2(50) := 'GET_SEC_PREDICATE_WITH_EXISTS';
3867
3868 -- On addition of any Required parameters the major version needs
3869 -- to change i.e. for eg. 1.X to 2.X.
3870 -- On addition of any Optional parameters the minor version needs
3871 -- to change i.e. for eg. X.6 to X.7.
3872 l_api_version CONSTANT NUMBER := 1.0;
3873 l_sysdate DATE := Sysdate;
3874 l_aggregate_predicate VARCHAR2(32767); /* Must match g_pred_buf_size*/
3875 l_instance_flag BOOLEAN DEFAULT TRUE;
3876 l_instance_set_flag BOOLEAN DEFAULT TRUE;
3877 l_set_predicates VARCHAR2(32767); /* Must match g_pred_buf_size*/
3878 l_db_object_name varchar2(30);
3879 l_db_pk1_column varchar2(61);
3880 l_db_pk2_column varchar2(61);
3881 l_db_pk3_column varchar2(61);
3882 l_db_pk4_column varchar2(61);
3883 l_db_pk5_column varchar2(61);
3884 l_pk_column_names varchar2(512);
3885 l_pk_orig_column_names varchar2(512);
3886 l_type_converted_val_cols varchar2(512);
3887 l_user_name varchar2(80);
3888 l_orig_system varchar2(48);
3889 l_orig_system_id NUMBER;
3890 l_sub_pred_clause varchar2(512);
3891
3892 l_group_info VARCHAR2(32767); /* Must match g_pred_buf_size*/
3893 l_company_info VARCHAR2(32767); /* Must match g_pred_buf_size*/
3894
3895 instance_set_grants_c DYNAMIC_CUR;
3896 l_dynamic_sql_1 VARCHAR2(32767);
3897 l_one_set_predicate VARCHAR2(32767);
3898 l_prof_privilege_tbl EGO_VARCHAR_TBL_TYPE;
3899
3903 SELECT party_type
3900 CURSOR get_user_grantee_key (cp_party_id NUMBER)
3901 IS
3902 --SELECT decode (party_type,'PERSON','HZ_PARTY:'||party_id,'GROUP','HZ_GROUP:'||party_id,'ORGANIZATION','HZ_COMPANY:'||party_id) grantee_key
3904 FROM hz_parties
3905 WHERE party_id=cp_party_id;
3906
3907 l_object_id number;
3908 p_user_name FND_GRANTS.grantee_key%TYPE;
3909 l_party_type VARCHAR2(30);
3910 BEGIN
3911 SetGlobals();
3912 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
3913 ,p_module => l_api_name
3914 ,p_message => 'Started with 13 params '||
3915 ' p_api_version: '|| to_char(p_api_version) ||
3916 ' - p_function: '|| p_function ||
3917 ' - p_object_name: '|| p_object_name ||
3918 ' - p_grant_instance_type: '|| p_grant_instance_type ||
3919 ' - p_party_id: '|| p_party_id ||
3920 ' - p_statement_type: '|| p_statement_type ||
3921 ' - p_pk1_alias: '|| p_pk1_alias ||
3922 ' - p_pk2_alias: '|| p_pk2_alias ||
3923 ' - p_pk3_alias: '|| p_pk3_alias ||
3924 ' - p_pk4_alias: '|| p_pk4_alias ||
3925 ' - p_pk5_alias: '|| p_pk5_alias
3926 );
3927
3928 x_return_status := G_RETURN_SUCCESS; /* Assume Success */
3929
3930 -- check for call compatibility.
3931 if TRUNC(l_api_version) <> TRUNC(p_api_version) THEN
3932 fnd_message.set_name('FND', 'GENERIC-INTERNAL ERROR');
3933 fnd_message.set_token('ROUTINE',
3934 g_pkg_name || '.'|| l_api_name);
3935 fnd_message.set_token('REASON',
3936 'Unsupported version '|| to_char(p_api_version)||
3937 ' passed to API; expecting version '||
3938 to_char(l_api_version));
3939 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
3940 ,p_module => l_api_name
3941 ,p_message => 'Returning as the call in incompatible '
3942 );
3943 x_return_status := G_RETURN_UNEXP_ERR; /* Unexpected Error */
3944 return;
3945 END IF;
3946
3947 -- Check to make sure we're not using unsupported statement_type
3948 if ((p_statement_type <> 'BASE') and (p_statement_type <> 'OTHER')
3949 AND (p_statement_type <> 'EXISTS')) then
3950 fnd_message.set_name('FND', 'GENERIC-INTERNAL ERROR');
3951 fnd_message.set_token('ROUTINE',
3952 g_pkg_name || '.'|| l_api_name);
3953 fnd_message.set_token('REASON',
3954 'Unsupported p_statement_type: '|| p_statement_type);
3955 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
3956 ,p_module => l_api_name
3957 ,p_message => 'Returning as statement type is not supported'
3958 );
3959 x_return_status := G_RETURN_UNEXP_ERR; /* Unexpected Error */
3960 return;
3961 end if;
3962
3963 /* ### We haven't yet added support for NULL (all) function in arg. */
3964 /* ### Add that support since it is in the API. */
3965 if (p_function is NULL) then
3966 fnd_message.set_name('FND', 'GENERIC-INTERNAL ERROR');
3967 fnd_message.set_token('ROUTINE',
3968 g_pkg_name || '.'|| l_api_name);
3969 fnd_message.set_token('REASON',
3970 'Support has not yet been added for passing NULL function.');
3971 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
3972 ,p_module => l_api_name
3973 ,p_message => 'Returning as mand parameter Function is not available '
3974 );
3975 x_return_status := G_RETURN_UNEXP_ERR; /* Unexpected Error */
3976 return;
3977 end if;
3978
3979
3980 -- Check to make sure we're not using unsupported modes
3981 if ((p_grant_instance_type = 'SET')
3982 AND((p_pk1_alias is not NULL)
3983 OR (p_pk2_alias is not NULL)
3984 OR (p_pk3_alias is not NULL)
3985 OR (p_pk4_alias is not NULL)
3986 OR (p_pk5_alias is not NULL))) then
3987
3988 fnd_message.set_name('FND', 'GENERIC-INTERNAL ERROR');
3989 fnd_message.set_token('ROUTINE', g_pkg_name || '.'|| l_api_name);
3990 fnd_message.set_token('REASON', 'Unsupported mode arguments: '||
3991 ' p_grant_instance_type = SET.');
3992 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
3993 ,p_module => l_api_name
3994 ,p_message => 'Returning as incompatible combination for p_grant_instance_type = SET '
3995 );
3996 x_return_status := G_RETURN_UNEXP_ERR; /* Unexpected Error */
3997 return;
3998 end if;
3999
4000 /* We don't currently support BASE mode; we will have to change to */
4001 /* a pure OR statement when VPD becomes important. */
4002 if (p_statement_type = 'BASE') then
4003 fnd_message.set_name('FND', 'GENERIC-INTERNAL ERROR');
4004 fnd_message.set_token('ROUTINE', g_pkg_name || '.'|| l_api_name);
4005 fnd_message.set_token('REASON', 'Support has not yet been added for '|| 'p_statement_type = BASE.');
4006 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
4007 ,p_module => l_api_name
4008 ,p_message => 'Returning as incompatible statement_type = BASE '
4009 );
4010 x_return_status := G_RETURN_UNEXP_ERR; /* Unexpected Error */
4011 return;
4012 end if;
4016 l_user_name := G_USER_NAME;
4013
4014 -- Default the user name if not passed in.
4015 if(p_user_name is NULL) then
4017 else
4018 l_user_name := p_user_name;
4019 end if;
4020
4021 -- Get the key columns from the user name
4022 -- We are not checking for NULL returns (meaning user not in wf_roles)
4023 -- because right now we allow checking of grants to users not in
4024 -- wf_roles.
4025
4026 IF(p_party_id=-1000) THEN
4027 l_party_type:='GLOBAL';
4028 ELSE
4029 OPEN get_user_grantee_key (cp_party_id=>p_party_id);
4030 FETCH get_user_grantee_key INTO l_party_type;
4031 CLOSE get_user_grantee_key;
4032 END IF;
4033 l_orig_system_id:=p_party_id;
4034 IF(l_party_type='GLOBAL') THEN
4035 l_orig_system:='HZ_GLOBAL';
4036 ELSIF(l_party_type='GROUP') THEN
4037 l_orig_system:='HZ_GROUP';
4038 ELSIF(l_party_type='ORGANIZATION') THEN
4039 l_orig_system:='HZ_COMPANY';
4040 ELSIF(l_party_type='PERSON') THEN
4041 l_orig_system:='HZ_PARTY';
4042 END IF;
4043 l_user_name:=l_orig_system||':'||l_orig_system_id;
4044
4045 -----------------------------------------------------------------------------------
4046 --First we see if a profile option is set and if function exists --
4047 -- if so we return and empty predicate here itself without doing further query --
4048 -----------------------------------------------------------------------------------
4049
4050 getPrivilege_for_profileOption(p_api_version => p_api_version,
4051 p_object_name => p_object_name,
4052 p_user_name => l_user_name,
4053 x_privilege_tbl => l_prof_privilege_tbl,
4054 x_return_status => x_return_status);
4055
4056 IF (x_return_status = G_RETURN_SUCCESS) THEN
4057 IF (l_prof_privilege_tbl.COUNT > 0) THEN
4058 FOR i IN l_prof_privilege_tbl.first .. l_prof_privilege_tbl.last LOOP
4059 IF (l_prof_privilege_tbl(i) = p_function) THEN
4060 x_predicate := '';
4061 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
4062 ,p_module => l_api_name
4063 ,p_message => 'No need for predicate as user has privilege through profile '
4064 );
4065 return;
4066 END IF; --if function match, returning empty predicate
4067 END LOOP;
4068 END IF; -- x_prof_privilege_tbl >0
4069 END IF; --return status is T
4070
4071 -- Step 1.
4072 -- check whether there is any grant for this use for any role that
4073 -- includes the given privilege
4074
4075 IF (p_grant_instance_type = G_TYPE_INSTANCE) THEN
4076 l_instance_set_flag:= FALSE;
4077 ELSIF (p_grant_instance_type = G_TYPE_SET) THEN
4078 l_instance_flag:= FALSE;
4079 END IF;
4080
4081 x_return_status := get_pk_information(p_object_name ,
4082 l_db_pk1_column ,
4083 l_db_pk2_column ,
4084 l_db_pk3_column ,
4085 l_db_pk4_column ,
4086 l_db_pk5_column ,
4087 l_pk_column_names ,
4088 l_type_converted_val_cols ,
4089 l_pk_orig_column_names,
4090 l_db_object_name,
4091 p_pk1_alias,
4092 p_pk2_alias,
4093 p_pk3_alias,
4094 p_pk4_alias,
4095 p_pk5_alias );
4096 if (x_return_status <> G_RETURN_SUCCESS) then
4097 /* There will be a message on the msg dict stack. */
4098 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
4099 ,p_module => l_api_name
4100 ,p_message => 'Returning FALSE as pk values are not correct'
4101 );
4102 return; /* We will return the x_return_status as out param */
4103 end if;
4104
4105 l_object_id :=get_object_id(p_object_name => p_object_name );
4106 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
4107 ,p_module => l_api_name
4108 ,p_message => 'l_object_id: '||l_object_id
4109 );
4110 l_group_info := get_group_info(p_party_id => l_orig_system_id);
4111 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
4112 ,p_module => l_api_name
4113 ,p_message => 'l_group_info: '||l_group_info
4114 );
4115 l_company_info := get_company_info (p_party_id => l_orig_system_id);
4116 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
4117 ,p_module => l_api_name
4118 ,p_message => 'l_company_info: '||l_company_info
4119 );
4120
4121 -- Step 2.
4122 l_aggregate_predicate := '';
4123 IF(l_instance_flag = TRUE) THEN
4124 if (p_statement_type = 'EXISTS') then
4125 l_aggregate_predicate := 'EXISTS (';
4126 else
4127 l_aggregate_predicate := l_pk_column_names || ' IN (';
4128 end if;
4129 --R12C Security Changes
4130 /*l_aggregate_predicate :=
4131 l_aggregate_predicate ||
4132 ' SELECT INSTANCE_PK1_VALUE' ||
4133 ' FROM fnd_grants grants, ' ||
4134 ' fnd_form_functions functions, ' ||
4138 ' AND grants.instance_type= ''INSTANCE'' ' ||
4135 ' fnd_menu_entries cmf ' ||
4136 ' WHERE grants.INSTANCE_PK1_VALUE=to_char('||p_pk1_alias||')'||
4137 ' AND NVL(grants.end_date,SYSDATE) >= SYSDATE ' ||
4139 ' AND cmf.function_id = functions.function_id ' ||
4140 ' AND cmf.menu_id = grants.menu_id ' ||
4141 ' AND grants.object_id = ' || l_object_id ||
4142 ' AND functions.function_name = ''' || p_function || '''' ||
4143 ' AND ( ( grants.grantee_type = ''USER'' ' ||
4144 ' AND grants.grantee_key = '''||l_user_name||''')'||
4145 ' OR ( grants.grantee_type = ''GROUP'' '||
4146 ' AND grants.grantee_key in '||
4147 ' ( '|| l_group_info || ')) ' ||
4148 ' OR ( grants.grantee_type = ''COMPANY'' '||
4149 ' AND grants.grantee_key in '||
4150 ' ( '|| l_company_info || ')) ' ||
4151 ' OR (grants.grantee_type = ''GLOBAL'' AND grants.grantee_key in (''HZ_GLOBAL:-1000'', ''GLOBAL'') )))';*/
4152 if (p_object_name = 'EGO_CATALOG_GROUP') THEN
4153 l_aggregate_predicate :=
4154 l_aggregate_predicate ||
4155 ' SELECT INSTANCE_PK1_VALUE' ||
4156 ' FROM fnd_grants grants, ' ||
4157 ' fnd_form_functions functions, ' ||
4158 ' fnd_menu_entries cmf, ' ||
4159 ' ego_item_cat_denorm_hier cathier ' ||
4160 ' WHERE grants.INSTANCE_PK1_VALUE=to_char(cathier.parent_catalog_group_id)' ||
4161 ' AND cathier.child_catalog_group_id = to_char('||p_pk1_alias||')' ||
4162 ' AND NVL(grants.end_date,SYSDATE) >= SYSDATE ' ||
4163 ' AND grants.instance_type= ''INSTANCE'' ' ||
4164 ' AND cmf.function_id = functions.function_id ' ||
4165 ' AND cmf.menu_id = grants.menu_id ' ||
4166 ' AND grants.object_id = ' || l_object_id ||
4167 ' AND functions.function_name = ''' || p_function || '''' ||
4168 ' AND ( ( grants.grantee_type = ''USER'' ' ||
4169 ' AND grants.grantee_key = '''||l_user_name||''')'||
4170 ' OR ( grants.grantee_type = ''GROUP'' '||
4171 ' AND grants.grantee_key in '||
4172 ' ( '|| l_group_info || ')) ' ||
4173 ' OR ( grants.grantee_type = ''COMPANY'' '||
4174 ' AND grants.grantee_key in '||
4175 ' ( '|| l_company_info || ')) ' ||
4176 ' OR (grants.grantee_type = ''GLOBAL'' AND grants.grantee_key in (''HZ_GLOBAL:-1000'', ''GLOBAL'') )))';
4177 else
4178 l_aggregate_predicate :=
4179 l_aggregate_predicate ||
4180 ' SELECT INSTANCE_PK1_VALUE' ||
4181 ' FROM fnd_grants grants, ' ||
4182 ' fnd_form_functions functions, ' ||
4183 ' fnd_menu_entries cmf ' ||
4184 ' WHERE grants.INSTANCE_PK1_VALUE=to_char('||p_pk1_alias||')'||
4185 ' AND NVL(grants.end_date,SYSDATE) >= SYSDATE ' ||
4186 ' AND grants.instance_type= ''INSTANCE'' ' ||
4187 ' AND cmf.function_id = functions.function_id ' ||
4188 ' AND cmf.menu_id = grants.menu_id ' ||
4189 ' AND grants.object_id = ' || l_object_id ||
4190 ' AND functions.function_name = ''' || p_function || '''' ||
4191 ' AND ( ( grants.grantee_type = ''USER'' ' ||
4192 ' AND grants.grantee_key = '''||l_user_name||''')'||
4193 ' OR ( grants.grantee_type = ''GROUP'' '||
4194 ' AND grants.grantee_key in '||
4195 ' ( '|| l_group_info || ')) ' ||
4196 ' OR ( grants.grantee_type = ''COMPANY'' '||
4197 ' AND grants.grantee_key in '||
4198 ' ( '|| l_company_info || ')) ' ||
4199 ' OR (grants.grantee_type = ''GLOBAL'' AND grants.grantee_key in (''HZ_GLOBAL:-1000'', ''GLOBAL'') )))';
4200 end if;
4201 --R12C Security Changes
4202 END IF;
4203
4204 -- Step 3.
4205 l_set_predicates:='';
4206 -- R12C Security Changes
4207 /*l_sub_pred_clause:= ' UNION ALL ( SELECT to_char('
4208 ||l_pk_orig_column_names || ') FROM ' ||
4209 l_db_object_name ||
4210 ' WHERE ' || l_pk_orig_column_names||'='||p_pk1_alias ||
4211 ' AND ';*/
4212 IF (p_object_name = 'EGO_ITEM') THEN
4213 l_sub_pred_clause:= ' UNION ALL ( SELECT to_char('
4214 ||l_pk_orig_column_names || ') FROM ' ||
4215 l_db_object_name ||
4216 ' , ego_item_cat_denorm_hier cathier WHERE ' || l_pk_orig_column_names||'='||p_pk1_alias ||
4217 ' AND ';
4218 ELSE
4219 l_sub_pred_clause:= ' UNION ALL ( SELECT to_char('
4220 ||l_pk_orig_column_names || ') FROM ' ||
4221 l_db_object_name ||
4222 ' WHERE ' || l_pk_orig_column_names||'='||p_pk1_alias ||
4223 ' AND ';
4224 END IF;
4225 -- R12C Security Changes
4226
4227 IF(l_instance_set_flag = TRUE) THEN
4228 l_dynamic_sql_1 :=
4229 ' SELECT DISTINCT instance_sets.predicate ' ||
4230 ' FROM fnd_grants grants, fnd_form_functions functions, ' ||
4231 ' fnd_menu_entries cmf, fnd_object_instance_sets instance_sets ' ||
4232 ' WHERE grants.instance_type = :instance_type ' ||
4233 ' AND grants.start_date <= SYSDATE ' ||
4234 ' AND NVL(grants.end_date,SYSDATE) >= SYSDATE ' ||
4235 ' AND cmf.function_id = functions.function_id ' ||
4239 ' AND functions.function_name = :function ' ||
4236 ' AND cmf.menu_id = grants.menu_id ' ||
4237 ' AND grants.instance_set_id = instance_sets.instance_set_id ' ||
4238 ' AND grants.object_id = :object_id ' ||
4240 ' AND ((grants.grantee_type = ''USER'' ' ||
4241 ' AND grants.grantee_key = :grantee_key )' ||
4242 ' OR (grants.grantee_type = ''GROUP'' ' ||
4243 ' AND grants.grantee_key in ( '||l_group_info||' ))' ||
4244 ' OR (grants.grantee_type = ''COMPANY'' ' ||
4245 ' AND grants.grantee_key in ( '||l_company_info||' ))' ||
4246 ' OR (grants.grantee_type = ''GLOBAL'' ' ||
4247 ' AND grants.grantee_key in (''HZ_GLOBAL:-1000'', ''GLOBAL''))) ';
4248 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
4249 ,p_module => l_api_name
4250 ,p_message => 'Binds for instance_set_grants_c '||
4251 ' G_TYPE_SET: '||G_TYPE_SET||
4252 ' - l_parent_object_id: '||l_object_id||
4253 ' - p_function: '||p_function||
4254 ' - l_user_name: '||l_user_name
4255 );
4256
4257 OPEN instance_set_grants_c FOR l_dynamic_sql_1
4258 USING IN G_TYPE_SET,
4259 IN l_object_id,
4260 IN p_function,
4261 IN l_user_name;
4262 LOOP
4263 FETCH instance_set_grants_c INTO l_one_set_predicate;
4264 EXIT WHEN instance_set_grants_c%NOTFOUND;
4265 l_set_predicates := l_set_predicates ||
4266 l_sub_pred_clause ||
4267 l_one_set_predicate ||')';
4268 END LOOP;
4269 CLOSE instance_set_grants_c;
4270 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
4271 ,p_module => l_api_name
4272 ,p_message => 'l_set_predicates: '||l_set_predicates
4273 );
4274
4275 IF( length(l_set_predicates ) >0) THEN
4276 -- strip off the trailing 'OR '
4277 /*l_set_predicates := substr(l_set_predicates, 1,
4278 length(l_set_predicates) - length('OR '));
4279 */
4280
4281 IF(length(l_aggregate_predicate) >0 ) THEN
4282 -- strip off the trailing ')'
4283 l_aggregate_predicate := substr(l_aggregate_predicate, 1,
4284 length(l_aggregate_predicate) - length(')'));
4285
4286 l_aggregate_predicate := substrb(
4287 l_aggregate_predicate ||
4288 l_set_predicates || ')', 1, g_pred_buf_size);
4289 ELSE
4290 l_aggregate_predicate:= l_set_predicates;
4291 END IF;
4292 END IF;
4293 END IF;
4294
4295 x_predicate := l_aggregate_predicate;
4296
4297 if ((lengthb(l_aggregate_predicate) > g_vpd_buf_limit)
4298 AND (p_statement_type = 'BASE'))then
4299 FND_MESSAGE.SET_NAME('FND', 'GENERIC-INTERNAL ERROR');
4300 FND_MESSAGE.SET_TOKEN('ROUTINE',
4301 'EGO_DATA_SECURITY.GET_SECURITY_PREDICATE');
4302 FND_MESSAGE.SET_TOKEN('REASON',
4303 'The predicate was longer than the database VPD limit of '||
4304 to_char(g_vpd_buf_limit)||' bytes for the predicate. ');
4305 x_return_status := 'L'; /* Indicate Error */
4306 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
4307 ,p_module => l_api_name
4308 ,p_message => 'Returning Status: '||x_return_status||' as predicate size is more'
4309 );
4310 end if;
4311 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
4312 ,p_module => l_api_name
4313 ,p_message => 'Returning Status: '||x_return_status
4314 );
4315 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
4316 ,p_module => l_api_name
4317 ,p_message => 'Returning Predicate: '||x_predicate
4318 );
4319
4320 EXCEPTION
4321 WHEN OTHERS THEN
4322 fnd_message.set_name('FND', 'SQL_PLSQL_ERROR');
4323 fnd_message.set_token('ROUTINE',G_PKG_NAME||l_api_name);
4324 fnd_message.set_token('ERRNO', SQLCODE);
4325 fnd_message.set_token('REASON', SQLERRM);
4326 x_return_status := G_RETURN_UNEXP_ERR;
4327 code_debug (p_log_level => G_DEBUG_LEVEL_EXCEPTION
4328 ,p_module => l_api_name
4329 ,p_message => 'Returning EXCEPTION '||SQLERRM
4330 );
4331 return;
4332 END get_sec_predicate_with_exists;
4333
4334 --------------------------------------------------------
4335 ---- get_sec_predicate_with_clause
4336 --------------------------------------------------------
4337 PROCEDURE get_sec_predicate_with_clause
4338 (
4339 p_api_version IN NUMBER,
4340 p_function IN VARCHAR2 default null,
4341 p_object_name IN VARCHAR2,
4342 p_grant_instance_type IN VARCHAR2 DEFAULT 'UNIVERSAL',/* SET, INSTANCE*/
4343 p_party_id IN NUMBER,
4344 p_append_inst_set_predicate IN VARCHAR2 default null,
4345 /* stmnt_type: 'OTHER', 'BASE'=VPD, 'EXISTS'= for checking existence. */
4346 p_statement_type IN VARCHAR2 DEFAULT 'OTHER',
4347 p_pk1_alias IN VARCHAR2 DEFAULT NULL,
4348 p_pk2_alias IN VARCHAR2 DEFAULT NULL,
4349 p_pk3_alias IN VARCHAR2 DEFAULT NULL,
4350 p_pk4_alias IN VARCHAR2 DEFAULT NULL,
4351 p_pk5_alias IN VARCHAR2 DEFAULT NULL,
4355 l_api_name CONSTANT VARCHAR2(50) := 'GET_SEC_PREDICATE_WITH_CLAUSE';
4352 x_predicate OUT NOCOPY varchar2,
4353 x_return_status OUT NOCOPY varchar2
4354 ) IS
4356
4357 -- On addition of any Required parameters the major version needs
4358 -- to change i.e. for eg. 1.X to 2.X.
4359 -- On addition of any Optional parameters the minor version needs
4360 -- to change i.e. for eg. X.6 to X.7.
4361 l_api_version CONSTANT NUMBER := 1.0;
4362 l_sysdate DATE := Sysdate;
4363 l_aggregate_predicate VARCHAR2(32767); /* Must match g_pred_buf_size*/
4364 l_instance_flag BOOLEAN DEFAULT TRUE;
4365 l_instance_set_flag BOOLEAN DEFAULT TRUE;
4366 l_set_predicates VARCHAR2(32767); /* Must match g_pred_buf_size*/
4367 l_db_object_name varchar2(30);
4368 l_db_pk1_column varchar2(61);
4369 l_db_pk2_column varchar2(61);
4370 l_db_pk3_column varchar2(61);
4371 l_db_pk4_column varchar2(61);
4372 l_db_pk5_column varchar2(61);
4373 l_pk_column_names varchar2(512);
4374 l_pk_orig_column_names varchar2(512);
4375 l_type_converted_val_cols varchar2(512);
4376 l_user_name varchar2(80);
4377 l_orig_system varchar2(48);
4378 l_orig_system_id NUMBER;
4379 l_sub_pred_clause varchar2(512);
4380
4381 l_group_info VARCHAR2(32767); /* Must match g_pred_buf_size*/
4382 l_company_info VARCHAR2(32767); /* Must match g_pred_buf_size*/
4383 l_prof_privilege_tbl EGO_VARCHAR_TBL_TYPE;
4384 l_dynamic_sql VARCHAR2(32767);
4385 instance_set_grants_c DYNAMIC_CUR;
4386 l_set_predicate VARCHAR2(32767);
4387
4388 CURSOR get_user_grantee_key (cp_party_id NUMBER) IS
4389 --SELECT decode (party_type,'PERSON','HZ_PARTY:'||party_id,'GROUP','HZ_GROUP:'||party_id,'ORGANIZATION','HZ_COMPANY:'||party_id) grantee_key
4390 SELECT party_type
4391 FROM hz_parties
4392 WHERE party_id=cp_party_id;
4393 l_object_id NUMBER;
4394 p_user_name FND_GRANTS.grantee_key%TYPE;
4395 l_party_type VARCHAR2(30);
4396 l_append_inst_set_predicate VARCHAR2(2000);
4397 BEGIN
4398
4399 SetGlobals();
4400 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
4401 ,p_module => l_api_name
4402 ,p_message => 'Started with 14 params '||
4403 ' p_api_version: '|| to_char(p_api_version) ||
4404 ' - p_function: '|| p_function ||
4405 ' - p_object_name: '|| p_object_name ||
4406 ' - p_grant_instance_type: '|| p_grant_instance_type ||
4407 ' - p_party_id: '|| p_party_id ||
4408 ' - p_append_inst_set_predicate: '|| p_append_inst_set_predicate ||
4409 ' - p_statement_type: '|| p_statement_type ||
4410 ' - p_pk1_alias: '|| p_pk1_alias ||
4411 ' - p_pk2_alias: '|| p_pk2_alias ||
4412 ' - p_pk3_alias: '|| p_pk3_alias ||
4413 ' - p_pk4_alias: '|| p_pk4_alias ||
4414 ' - p_pk5_alias: '|| p_pk5_alias
4415 );
4416
4417 -- check for call compatibility.
4418 if TRUNC(l_api_version) <> TRUNC(p_api_version) THEN
4419 fnd_message.set_name('FND', 'GENERIC-INTERNAL ERROR');
4420 fnd_message.set_token('ROUTINE',
4421 g_pkg_name || '.'|| l_api_name);
4422 fnd_message.set_token('REASON',
4423 'Unsupported version '|| to_char(p_api_version)||
4424 ' passed to API; expecting version '||
4425 to_char(l_api_version));
4426 x_return_status := G_RETURN_UNEXP_ERR; /* Unexpected Error */
4427 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
4428 ,p_module => l_api_name
4429 ,p_message => 'Returning as the call in incompatible '
4430 );
4431 return;
4432 END IF;
4433
4434 -- Check to make sure we're not using unsupported statement_type
4435 if ((p_statement_type <> 'BASE') and (p_statement_type <> 'OTHER')
4436 AND (p_statement_type <> 'EXISTS')) then
4437 fnd_message.set_name('FND', 'GENERIC-INTERNAL ERROR');
4438 fnd_message.set_token('ROUTINE',
4439 g_pkg_name || '.'|| l_api_name);
4440 fnd_message.set_token('REASON',
4441 'Unsupported p_statement_type: '|| p_statement_type);
4442 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
4443 ,p_module => l_api_name
4444 ,p_message => 'Returning as statement type is not supported'
4445 );
4446 x_return_status := G_RETURN_UNEXP_ERR; /* Unexpected Error */
4447 return;
4448 end if;
4449
4450 /* ### We haven't yet added support for NULL (all) function in arg. */
4451 /* ### Add that support since it is in the API. */
4452 if (p_function is NULL) then
4453 fnd_message.set_name('FND', 'GENERIC-INTERNAL ERROR');
4454 fnd_message.set_token('ROUTINE',
4455 g_pkg_name || '.'|| l_api_name);
4456 fnd_message.set_token('REASON',
4457 'Support has not yet been added for passing NULL function.');
4458 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
4459 ,p_module => l_api_name
4460 ,p_message => 'Returning as mand parameter Function is not available '
4461 );
4465
4462 x_return_status := G_RETURN_UNEXP_ERR; /* Unexpected Error */
4463 return;
4464 end if;
4466 -- Check to make sure we're not using unsupported modes
4467 if ((p_grant_instance_type = 'SET')
4468 AND((p_pk1_alias is not NULL)
4469 OR (p_pk2_alias is not NULL)
4470 OR (p_pk3_alias is not NULL)
4471 OR (p_pk4_alias is not NULL)
4472 OR (p_pk5_alias is not NULL))) then
4473 fnd_message.set_name('FND', 'GENERIC-INTERNAL ERROR');
4474 fnd_message.set_token('ROUTINE',
4475 g_pkg_name || '.'|| l_api_name);
4476 fnd_message.set_token('REASON',
4477 'Unsupported mode arguments: '||
4478 'p_statement_type = BASE or p_grant_instance_type = SET.');
4479 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
4480 ,p_module => l_api_name
4481 ,p_message => 'Returning as incompatible combination for p_grant_instance_type = SET '
4482 );
4483 x_return_status := G_RETURN_UNEXP_ERR; /* Unexpected Error */
4484 return;
4485 end if;
4486
4487 /* We don't currently support BASE mode; we will have to change to */
4488 /* a pure OR statement when VPD becomes important. */
4489 if (p_statement_type = 'BASE') then
4490 fnd_message.set_name('FND', 'GENERIC-INTERNAL ERROR');
4491 fnd_message.set_token('ROUTINE',
4492 g_pkg_name || '.'|| l_api_name);
4493 fnd_message.set_token('REASON',
4494 'Support has not yet been added for '||
4495 'p_statement_type = BASE.');
4496 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
4497 ,p_module => l_api_name
4498 ,p_message => 'Returning as incompatible statement_type = BASE '
4499 );
4500 x_return_status := G_RETURN_UNEXP_ERR; /* Unexpected Error */
4501 return;
4502 end if;
4503
4504 x_return_status := G_RETURN_SUCCESS; /* Assume Success */
4505 -- Default the user name if not passed in.
4506 if(p_user_name is NULL) then
4507 l_user_name := FND_GLOBAL.USER_NAME;
4508 else
4509 l_user_name := p_user_name;
4510 end if;
4511
4512 -- Get the key columns from the user name
4513 -- We are not checking for NULL returns (meaning user not in wf_roles)
4514 -- because right now we allow checking of grants to users not in
4515 -- wf_roles.
4516
4517 IF(p_party_id=-1000) THEN
4518 l_party_type:='GLOBAL';
4519 ELSE
4520 OPEN get_user_grantee_key (cp_party_id=>p_party_id);
4521 FETCH get_user_grantee_key INTO l_party_type;
4522 CLOSE get_user_grantee_key;
4523 END IF;
4524 l_orig_system_id:=p_party_id;
4525 IF(l_party_type='GLOBAL') THEN
4526 l_orig_system:='HZ_GLOBAL';
4527 ELSIF(l_party_type='GROUP') THEN
4528 l_orig_system:='HZ_GROUP';
4529 ELSIF(l_party_type='ORGANIZATION') THEN
4530 l_orig_system:='HZ_COMPANY';
4531 ELSIF(l_party_type='PERSON') THEN
4532 l_orig_system:='HZ_PARTY';
4533 END IF;
4534 l_user_name:=l_orig_system||':'||l_orig_system_id;
4535
4536 -----------------------------------------------------------------------------------
4537 --First we see if a profile option is set and if function exists --
4538 -- if so we return and empty predicate here itself without doing further query --
4539 -----------------------------------------------------------------------------------
4540
4541 getPrivilege_for_profileOption(p_api_version => p_api_version,
4542 p_object_name => p_object_name,
4543 p_user_name => l_user_name,
4544 x_privilege_tbl => l_prof_privilege_tbl,
4545 x_return_status => x_return_status);
4546
4547 IF (x_return_status = G_RETURN_SUCCESS) THEN
4548 IF (l_prof_privilege_tbl.COUNT > 0) THEN
4549 FOR i IN l_prof_privilege_tbl.first .. l_prof_privilege_tbl.last LOOP
4550 IF (l_prof_privilege_tbl(i) = p_function) THEN
4551 x_predicate := '';
4552 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
4553 ,p_module => l_api_name
4554 ,p_message => 'No need for predicate as user has privilege through profile '
4555 );
4556 RETURN;
4557 END IF; --if function match, returning empty predicate
4558 END LOOP;
4559 END IF; -- x_prof_privilege_tbl >0
4560 END IF; --return status is T
4561
4562 -- Step 1.
4563 -- check whether there is any grant for this use for any role that
4564 -- includes the given privilege
4565
4566 IF (p_grant_instance_type = G_TYPE_INSTANCE) THEN
4567 l_instance_set_flag:= FALSE;
4568 ELSIF (p_grant_instance_type = G_TYPE_SET) THEN
4569 l_instance_flag:= FALSE;
4570 END IF;
4571
4572 x_return_status := get_pk_information(p_object_name ,
4573 l_db_pk1_column ,
4574 l_db_pk2_column ,
4575 l_db_pk3_column ,
4576 l_db_pk4_column ,
4577 l_db_pk5_column ,
4578 l_pk_column_names ,
4579 l_type_converted_val_cols ,
4580 l_pk_orig_column_names,
4581 l_db_object_name,
4585 p_pk4_alias,
4582 p_pk1_alias,
4583 p_pk2_alias,
4584 p_pk3_alias,
4586 p_pk5_alias );
4587 if (x_return_status <> G_RETURN_SUCCESS) then
4588 /* There will be a message on the msg dict stack. */
4589 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
4590 ,p_module => l_api_name
4591 ,p_message => 'Returning FALSE as pk values are not correct'
4592 );
4593 return; /* We will return the x_return_status as out param */
4594 end if;
4595
4596 l_object_id :=get_object_id(p_object_name => p_object_name );
4597 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
4598 ,p_module => l_api_name
4599 ,p_message => 'l_object_id: '||l_object_id
4600 );
4601 l_group_info := get_group_info(p_party_id => l_orig_system_id);
4602 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
4603 ,p_module => l_api_name
4604 ,p_message => 'l_group_info: '||l_group_info
4605 );
4606 l_company_info := get_company_info (p_party_id => l_orig_system_id);
4607 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
4608 ,p_module => l_api_name
4609 ,p_message => 'l_company_info: '||l_company_info
4610 );
4611
4612 -- Step 2.
4613 l_aggregate_predicate := '';
4614 IF(l_instance_flag = TRUE) THEN
4615 if (p_statement_type = 'EXISTS') then
4616 l_aggregate_predicate := 'EXISTS (';
4617 else
4618 l_aggregate_predicate := 'to_char('||l_pk_column_names || ') IN (';
4619 end if;
4620 -- R12C Security Predicate
4621 /* l_aggregate_predicate :=
4622 l_aggregate_predicate ||
4623 ' SELECT INSTANCE_PK1_VALUE' ||
4624 ' FROM fnd_grants grants, ' ||
4625 ' fnd_form_functions functions, ' ||
4626 ' fnd_menu_entries cmf ' ||
4627 ' WHERE grants.start_date <= sysdate ' ||
4628 ' AND NVL(grants.end_date,SYSDATE) >= SYSDATE ' ||
4629 ' AND grants.instance_type= ''INSTANCE'' ' ||
4630 ' AND cmf.function_id = functions.function_id ' ||
4631 ' AND cmf.menu_id = grants.menu_id ' ||
4632 ' AND grants.object_id = ' || l_object_id ||
4633 ' AND functions.function_name = ''' || p_function || '''' ||
4634 ' AND ( ( grants.grantee_type = ''USER'' ' ||
4635 ' AND grants.grantee_key = '''||l_user_name||''')'||
4636 ' OR ( grants.grantee_type = ''GROUP'' '||
4637 ' AND grants.grantee_key in '||
4638 ' ( '|| l_group_info || ')) ' ||
4639 ' OR ( grants.grantee_type = ''COMPANY'' '||
4640 ' AND grants.grantee_key in '||
4641 ' ( '|| l_company_info || ')) ' ||
4642 ' OR (grants.grantee_type = ''GLOBAL'' AND grants.grantee_key in (''HZ_GLOBAL:-1000'', ''GLOBAL'') )))';*/
4643 if (p_object_name = 'EGO_CATALOG_GROUP') THEN
4644 l_aggregate_predicate := l_aggregate_predicate ||
4645 ' SELECT INSTANCE_PK1_VALUE' ||
4646 ' FROM fnd_grants grants, ' ||
4647 ' fnd_form_functions functions, ' ||
4648 ' fnd_menu_entries cmf, ' ||
4649 'ego_item_cat_denorm_hier cathier ' ||
4650 'WHERE grants.INSTANCE_PK1_VALUE=to_char(cathier.parent_catalog_group_id) '||
4651 'AND cathier.child_catalog_group_id = to_char('||p_pk1_alias||')' ||
4652 ' AND grants.start_date <= sysdate ' ||
4653 ' AND NVL(grants.end_date,SYSDATE) >= SYSDATE ' ||
4654 ' AND grants.instance_type= ''INSTANCE'' ' ||
4655 ' AND cmf.function_id = functions.function_id ' ||
4656 ' AND cmf.menu_id = grants.menu_id ' ||
4657 ' AND grants.object_id = ' || l_object_id ||
4658 ' AND functions.function_name = ''' || p_function || '''' ||
4659 ' AND ( ( grants.grantee_type = ''USER'' ' ||
4660 ' AND grants.grantee_key = '''||l_user_name||''')'||
4661 ' OR ( grants.grantee_type = ''GROUP'' '||
4662 ' AND grants.grantee_key in '||
4663 ' ( '|| l_group_info || ')) ' ||
4664 ' OR ( grants.grantee_type = ''COMPANY'' '||
4665 ' AND grants.grantee_key in '||
4666 ' ( '|| l_company_info || ')) ' ||
4667 ' OR (grants.grantee_type = ''GLOBAL'' AND grants.grantee_key in (''HZ_GLOBAL:-1000'', ''GLOBAL'') )))';
4668 else
4669 l_aggregate_predicate := l_aggregate_predicate ||
4670 ' SELECT INSTANCE_PK1_VALUE' ||
4671 ' FROM fnd_grants grants, ' ||
4672 ' fnd_form_functions functions, ' ||
4673 ' fnd_menu_entries cmf ' ||
4674 ' WHERE grants.start_date <= sysdate ' ||
4675 ' AND NVL(grants.end_date,SYSDATE) >= SYSDATE ' ||
4676 ' AND grants.instance_type= ''INSTANCE'' ' ||
4677 ' AND cmf.function_id = functions.function_id ' ||
4678 ' AND cmf.menu_id = grants.menu_id ' ||
4679 ' AND grants.object_id = ' || l_object_id ||
4680 ' AND functions.function_name = ''' || p_function || '''' ||
4681 ' AND ( ( grants.grantee_type = ''USER'' ' ||
4682 ' AND grants.grantee_key = '''||l_user_name||''')'||
4686 ' OR ( grants.grantee_type = ''COMPANY'' '||
4683 ' OR ( grants.grantee_type = ''GROUP'' '||
4684 ' AND grants.grantee_key in '||
4685 ' ( '|| l_group_info || ')) ' ||
4687 ' AND grants.grantee_key in '||
4688 ' ( '|| l_company_info || ')) ' ||
4689 ' OR (grants.grantee_type = ''GLOBAL'' AND grants.grantee_key in (''HZ_GLOBAL:-1000'', ''GLOBAL'') )))';
4690 end if;
4691 -- R12C Security Predicate
4692 END IF;
4693
4694 -- Step 3.
4695 l_set_predicates:='';
4696 -- R12C Security Changes
4697 /*l_sub_pred_clause:=' UNION ALL ( SELECT to_char(' ||
4698 l_pk_orig_column_names || ') FROM ' ||
4699 l_db_object_name || ' WHERE ';*/
4700 IF (p_object_name = 'EGO_ITEM') THEN
4701 l_sub_pred_clause:=' UNION ALL ( SELECT to_char(' ||
4702 l_pk_orig_column_names || ') FROM ' ||
4703 l_db_object_name || ', ego_item_cat_denorm_hier cathier WHERE item_catalog_group_id = cathier.child_catalog_group_id AND ';
4704 ELSE
4705 l_sub_pred_clause:=' UNION ALL ( SELECT to_char(' ||
4706 l_pk_orig_column_names || ') FROM ' ||
4707 l_db_object_name || ' WHERE ';
4708 END IF;
4709
4710 -- R12C Security Changes
4711 IF(p_append_inst_set_predicate IS NULL) THEN
4712 l_append_inst_set_predicate:='';
4713 ELSE
4714 l_append_inst_set_predicate:=' AND '||p_append_inst_set_predicate;
4715 END IF;
4716
4717 IF(l_instance_set_flag = TRUE) THEN
4718 l_dynamic_sql :=
4719 ' SELECT DISTINCT instance_sets.predicate ' ||
4720 ' FROM fnd_grants grants, fnd_form_functions functions, ' ||
4721 ' fnd_menu_entries cmf, fnd_object_instance_sets instance_sets ' ||
4722 ' WHERE grants.instance_type = :instance_type ' ||
4723 ' AND grants.start_date <= SYSDATE ' ||
4724 ' AND NVL(grants.end_date,SYSDATE) >= SYSDATE ' ||
4725 ' AND cmf.function_id = functions.function_id ' ||
4726 ' AND cmf.menu_id = grants.menu_id ' ||
4727 ' AND grants.instance_set_id = instance_sets.instance_set_id ' ||
4728 ' AND grants.object_id = :object_id ' ||
4729 ' AND functions.function_name = :function ' ||
4730 ' AND ((grants.grantee_type = ''USER'' ' ||
4731 ' AND grants.grantee_key = :grantee_key )' ||
4732 ' OR (grants.grantee_type = ''GROUP'' ' ||
4733 ' AND grants.grantee_key in ( '||l_group_info||' ))' ||
4734 ' OR (grants.grantee_type = ''COMPANY'' ' ||
4735 ' AND grants.grantee_key in ( '||l_company_info||' ))' ||
4736 ' OR (grants.grantee_type = ''GLOBAL'' ' ||
4737 ' AND grants.grantee_key in (''HZ_GLOBAL:-1000'', ''GLOBAL''))) ';
4738
4739 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
4740 ,p_module => l_api_name
4741 ,p_message => 'Binds for instance_set_grants_c '||
4742 ' G_TYPE_SET: '||G_TYPE_SET||
4743 ' - l_parent_object_id: '||l_object_id||
4744 ' - p_function: '||p_function||
4745 ' - l_user_name: '||l_user_name
4746 );
4747
4748 OPEN instance_set_grants_c FOR l_dynamic_sql
4749 USING IN G_TYPE_SET,
4750 IN l_object_id,
4751 IN p_function,
4752 IN l_user_name;
4753 LOOP
4754 FETCH instance_set_grants_c into l_set_predicate;
4755 EXIT WHEN instance_set_grants_c%NOTFOUND;
4756 l_set_predicates := l_set_predicates ||l_sub_pred_clause||
4757 l_set_predicate ||
4758 l_append_inst_set_predicate||')';
4759 END LOOP;
4760 CLOSE instance_set_grants_c;
4761 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
4762 ,p_module => l_api_name
4763 ,p_message => 'l_set_predicates: '||l_set_predicates
4764 );
4765
4766 IF( length(l_set_predicates ) >0) THEN
4767 -- strip off the trailing 'OR '
4768 IF(length(l_aggregate_predicate) >0 ) THEN
4769 -- strip off the trailing ')'
4770 l_aggregate_predicate := substr(l_aggregate_predicate, 1,
4771 length(l_aggregate_predicate) - length(')'));
4772 l_aggregate_predicate := substrb(
4773 l_aggregate_predicate ||
4774 l_set_predicates || ')', 1, g_pred_buf_size);
4775 ELSE
4776 l_aggregate_predicate:= l_set_predicates;
4777 END IF;
4778 END IF;
4779 END IF;
4780
4781 x_predicate :=l_aggregate_predicate;
4782
4783 if ( (lengthb(l_aggregate_predicate) > g_vpd_buf_limit)
4784 AND (p_statement_type = 'BASE'))then
4785 FND_MESSAGE.SET_NAME('FND', 'GENERIC-INTERNAL ERROR');
4786 FND_MESSAGE.SET_TOKEN('ROUTINE','EGO_DATA_SECURITY.GET_SECURITY_PREDICATE');
4787 FND_MESSAGE.SET_TOKEN('REASON',
4788 'The predicate was longer than the database VPD limit of '||
4789 to_char(g_vpd_buf_limit)||' bytes for the predicate. ');
4790 x_return_status := 'L'; /* Indicate Error */
4791 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
4792 ,p_module => l_api_name
4793 ,p_message => 'Returning Status: '||x_return_status||' as predicate size is more'
4794 );
4798 ,p_module => l_api_name
4795 end if;
4796
4797 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
4799 ,p_message => 'Returning Status: '||x_return_status
4800 );
4801 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
4802 ,p_module => l_api_name
4803 ,p_message => 'Returning Predicate: '||x_predicate
4804 );
4805
4806 EXCEPTION
4807 WHEN OTHERS THEN
4808 fnd_message.set_name('FND', 'SQL_PLSQL_ERROR');
4809 fnd_message.set_token('ROUTINE',G_PKG_NAME||l_api_name);
4810 fnd_message.set_token('ERRNO', SQLCODE);
4811 fnd_message.set_token('REASON', SQLERRM);
4812 x_return_status := G_RETURN_UNEXP_ERR;
4813 code_debug (p_log_level => G_DEBUG_LEVEL_EXCEPTION
4814 ,p_module => l_api_name
4815 ,p_message => 'Returning EXCEPTION '||SQLERRM
4816 );
4817 return;
4818 END get_sec_predicate_with_clause;
4819
4820 --------------------------------------------------------
4821 ---- get_inherited_predicate
4822 --------------------------------------------------------
4823 PROCEDURE get_inherited_predicate
4824 (
4825 p_api_version IN NUMBER,
4826 p_function IN VARCHAR2 default null,
4827 p_object_name IN VARCHAR2,
4828 p_grant_instance_type IN VARCHAR2 DEFAULT 'UNIVERSAL',/* SET, INSTANCE*/
4829 p_user_name IN VARCHAR2 default null,
4830 /* statement_type: 'OTHER', 'BASE'=VPD, 'EXISTS'= to check existence*/
4831 p_statement_type IN VARCHAR2 DEFAULT 'OTHER',
4832 p_pk1_alias IN VARCHAR2 DEFAULT NULL,
4833 p_pk2_alias IN VARCHAR2 DEFAULT NULL,
4834 p_pk3_alias IN VARCHAR2 DEFAULT NULL,
4835 p_pk4_alias IN VARCHAR2 DEFAULT NULL,
4836 p_pk5_alias IN VARCHAR2 DEFAULT NULL,
4837 p_object_type IN VARCHAR2 default null,
4838 p_parent_object_tbl IN EGO_VARCHAR_TBL_TYPE,
4839 p_relationship_sql_tbl IN EGO_VARCHAR_TBL_TYPE,
4840 p_parent_obj_alias_tbl IN EGO_VARCHAR_TBL_TYPE,
4841 x_predicate OUT NOCOPY varchar2,
4842 x_return_status OUT NOCOPY varchar2
4843 )
4844 IS
4845 BEGIN
4846 --null;
4847
4848 EGO_DATA_SECURITY.get_inherited_predicate
4849 (
4850 p_api_version => p_api_version,
4851 p_function => p_function,
4852 p_object_name => p_object_name,
4853 p_grant_instance_type => p_grant_instance_type,
4854 p_user_name => p_user_name,
4855 p_statement_type => p_statement_type,
4856 p_pk1_alias => p_pk1_alias,
4857 p_pk2_alias => p_pk2_alias,
4858 p_pk3_alias => p_pk3_alias,
4859 p_pk4_alias => p_pk4_alias,
4860 p_pk5_alias => p_pk5_alias,
4861 p_object_type => p_object_type,
4862 p_parent_object_tbl => p_parent_object_tbl,
4863 p_relationship_sql_tbl => p_relationship_sql_tbl,
4864 p_parent_obj_pk1alias_tbl => p_parent_obj_alias_tbl,
4865 p_parent_obj_pk2alias_tbl => null,
4866 x_predicate => x_predicate,
4867 x_return_status => x_return_status
4868 );
4869
4870 END get_inherited_predicate;
4871
4872 --------------------------------------------------------
4873 ---- get_inherited_predicate
4874 --------------------------------------------------------
4875 PROCEDURE get_inherited_predicate
4876 (
4877 p_api_version IN NUMBER,
4878 p_function IN VARCHAR2 default null,
4879 p_object_name IN VARCHAR2,
4880 p_grant_instance_type IN VARCHAR2 DEFAULT 'UNIVERSAL',/* SET, INSTANCE*/
4881 p_user_name IN VARCHAR2 default null,
4882 /* statement_type: 'OTHER', 'BASE'=VPD, 'EXISTS'= to check existence*/
4883 p_statement_type IN VARCHAR2 DEFAULT 'OTHER',
4884 p_pk1_alias IN VARCHAR2 DEFAULT NULL,
4885 p_pk2_alias IN VARCHAR2 DEFAULT NULL,
4886 p_pk3_alias IN VARCHAR2 DEFAULT NULL,
4887 p_pk4_alias IN VARCHAR2 DEFAULT NULL,
4888 p_pk5_alias IN VARCHAR2 DEFAULT NULL,
4889 p_object_type IN VARCHAR2 default null,
4890 p_parent_object_tbl IN EGO_VARCHAR_TBL_TYPE,
4891 p_relationship_sql_tbl IN EGO_VARCHAR_TBL_TYPE,
4892 p_parent_obj_pk1alias_tbl IN EGO_VARCHAR_TBL_TYPE,
4893 p_parent_obj_pk2alias_tbl IN EGO_VARCHAR_TBL_TYPE,
4894 x_predicate OUT NOCOPY varchar2,
4895 x_return_status OUT NOCOPY varchar2
4896 ) IS
4897 l_clob_predicate CLOB;
4898 BEGIN
4899
4900 EGO_DATA_SECURITY.get_inherited_predicate
4901 (
4902 p_api_version => p_api_version,
4903 p_function => p_function,
4904 p_object_name => p_object_name,
4905 p_grant_instance_type => p_grant_instance_type,
4906 p_user_name => p_user_name,
4907 p_statement_type => p_statement_type,
4908 p_pk1_alias => p_pk1_alias,
4909 p_pk2_alias => p_pk2_alias,
4910 p_pk3_alias => p_pk3_alias,
4911 p_pk4_alias => p_pk4_alias,
4912 p_pk5_alias => p_pk5_alias,
4916 p_parent_obj_pk1alias_tbl => p_parent_obj_pk1alias_tbl,
4913 p_object_type => p_object_type,
4914 p_parent_object_tbl => p_parent_object_tbl,
4915 p_relationship_sql_tbl => p_relationship_sql_tbl,
4917 p_parent_obj_pk2alias_tbl => p_parent_obj_pk2alias_tbl,
4918 x_predicate => x_predicate,
4919 x_clob_predicate => l_clob_predicate,
4920 x_return_status => x_return_status
4921 );
4922
4923 END;
4924
4925 --------------------------------------------------------
4926 ---- get_inherited_predicate
4927 --------------------------------------------------------
4928 PROCEDURE get_inherited_predicate
4929 (
4930 p_api_version IN NUMBER,
4931 p_function IN VARCHAR2 default null,
4932 p_object_name IN VARCHAR2,
4933 p_grant_instance_type IN VARCHAR2 DEFAULT 'UNIVERSAL',/* SET, INSTANCE*/
4934 p_user_name IN VARCHAR2 default null,
4935 /* statement_type: 'OTHER', 'BASE'=VPD, 'EXISTS'= to check existence*/
4936 p_statement_type IN VARCHAR2 DEFAULT 'OTHER',
4937 p_pk1_alias IN VARCHAR2 DEFAULT NULL,
4938 p_pk2_alias IN VARCHAR2 DEFAULT NULL,
4939 p_pk3_alias IN VARCHAR2 DEFAULT NULL,
4940 p_pk4_alias IN VARCHAR2 DEFAULT NULL,
4941 p_pk5_alias IN VARCHAR2 DEFAULT NULL,
4942 p_object_type IN VARCHAR2 default null,
4943 p_parent_object_tbl IN EGO_VARCHAR_TBL_TYPE,
4944 p_relationship_sql_tbl IN EGO_VARCHAR_TBL_TYPE,
4945 p_parent_obj_pk1alias_tbl IN EGO_VARCHAR_TBL_TYPE,
4946 p_parent_obj_pk2alias_tbl IN EGO_VARCHAR_TBL_TYPE,
4947 x_predicate OUT NOCOPY varchar2,
4948 x_clob_predicate OUT NOCOPY CLOB, --gnanda:Added for Bug 4756970.
4949 x_return_status OUT NOCOPY varchar2
4950 ) IS
4951 l_api_name CONSTANT VARCHAR2(30) := 'GET_INHERITED_PREDICATE';
4952
4953 -- On addition of any Required parameters the major version needs
4954 -- to change i.e. for eg. 1.X to 2.X.
4955 -- On addition of any Optional parameters the minor version needs
4956 -- to change i.e. for eg. X.6 to X.7.
4957 l_api_version CONSTANT NUMBER := 1.0;
4958 l_sysdate DATE := Sysdate;
4959 l_aggregate_predicate VARCHAR2(32767); /* Must match g_pred_buf_size*/
4960 l_instance_flag BOOLEAN DEFAULT TRUE;
4961 l_instance_set_flag BOOLEAN DEFAULT TRUE;
4962 l_set_predicates VARCHAR2(32767); /* Must match g_pred_buf_size*/
4963 l_db_object_name VARCHAR2(30);
4964 l_db_pk1_column VARCHAR2(61);
4965 l_db_pk2_column VARCHAR2(61);
4966 l_db_pk3_column VARCHAR2(61);
4967 l_db_pk4_column VARCHAR2(61);
4968 l_db_pk5_column VARCHAR2(61);
4969
4970 l_orig_pk5_column VARCHAR2(61);
4971 l_pk_column_names VARCHAR2(512);
4972 l_pk_orig_column_names VARCHAR2(512);
4973 l_type_converted_val_cols VARCHAR2(512);
4974 l_user_name VARCHAR2(80);
4975 -- l_orig_system VARCHAR2(48);
4976 l_orig_system_id NUMBER;
4977 l_parent_object_table_count NUMBER;
4978 l_table_index NUMBER;
4979 l_parent_predicate VARCHAR2(32767); /* Must match g_pred_buf_size*/
4980 l_parent_object_id NUMBER;
4981 l_group_info VARCHAR2(32767); /* Must match g_pred_buf_size*/
4982 l_company_info VARCHAR2(32767); /* Must match g_pred_buf_size*/
4983 l_parent_role_info VARCHAR2(32767); /* Must match g_pred_buf_size*/
4984 l_child_role VARCHAR2(32767);
4985 l_profile_role VARCHAR2(32767);
4986 l_pk_alias_index NUMBER;
4987
4988 l_pk_orig_column_names_t VARCHAR2(513);
4989 l_orig_pk_column VARCHAR2(61);
4990
4991 l_one_set_predicate VARCHAR2(32767);
4992 l_sub_pred_clause VARCHAR2(32767);
4993 instance_set_grants_c DYNAMIC_CUR;
4994 l_dynamic_sql_1 VARCHAR2(32767);
4995
4996 parent_instance_set_grants_c DYNAMIC_CUR;
4997 l_dynamic_sql_2 VARCHAR2(32767);
4998
4999 l_profile_optionFound BOOLEAN DEFAULT FALSE;
5000 l_prof_privilege_tbl EGO_VARCHAR_TBL_TYPE;
5001
5002 l_parent_object_name VARCHAR2(100);
5003
5004 CURSOR parent_instance_set_grants_c2 (
5005 cp_user_name varchar2,
5006 cp_parent_object_id VARCHAR2,
5007 cp_group_info VARCHAR2,
5008 cp_company_info VARCHAR2,
5009 cp_function VARCHAR2,
5010 cp_object_id VARCHAR2
5011 )
5012 IS
5013 SELECT DISTINCT instance_sets.predicate
5014 FROM fnd_grants grants,
5015 fnd_object_instance_sets instance_sets
5016 WHERE grants.instance_type = 'SET'
5017 AND grants.start_date <= SYSDATE
5018 AND ( grants.end_date IS NULL
5019 OR grants.end_date >= SYSDATE )
5020 AND grants.instance_set_id = instance_sets.instance_set_id
5021 AND grants.object_id = cp_parent_object_id
5022 AND ( grants.menu_id in
5023 ( SELECT p.parent_role_id
5024 FROM fnd_menu_entries r, fnd_form_functions f,
5028 AND f.function_name = cp_function
5025 fnd_menus m, ego_obj_role_mappings p
5026 WHERE r.function_id = f.function_id
5027 AND r.menu_id = m.menu_id
5029 AND m.menu_id = p.child_role_id
5030 AND p.child_object_id = cp_object_id
5031 AND P.parent_object_id = cp_parent_object_id ))
5032 AND ( ( grants.grantee_type = 'USER'
5033 AND grants.grantee_key = cp_user_name)
5034 OR ( grants.grantee_type = 'GROUP'
5035 AND grants.grantee_key in
5036 ( cp_group_info ))
5037 OR ( grants.grantee_type = 'COMPANY'
5038 AND grants.grantee_key in
5039 ( cp_company_info ))
5040 OR (grants.grantee_type = 'GLOBAL'
5041 AND grants.grantee_key in ('HZ_GLOBAL:-1000', 'GLOBAL') ));
5042
5043 CURSOR parent_role_c (
5044 cp_function VARCHAR2,
5045 cp_object_id VARCHAR2,
5046 cp_parent_object_id VARCHAR2,
5047 cp_object_type VARCHAR2
5048 )
5049 IS
5050 SELECT DISTINCT p.parent_role_id
5051 FROM fnd_menu_entries r, fnd_form_functions f,
5052 fnd_menus m, ego_obj_role_mappings p
5053 WHERE r.function_id = f.function_id
5054 AND r.menu_id = m.menu_id
5055 AND f.function_name = cp_function
5056 AND m.menu_id = p.child_role_id
5057 AND p.child_object_id = cp_object_id
5058 AND P.parent_object_id = cp_parent_object_id
5059 AND p.child_object_type = cp_object_type;
5060
5061 CURSOR parent_role_c2 (
5062 cp_function VARCHAR2,
5063 cp_object_id VARCHAR2,
5064 cp_parent_object_id VARCHAR2
5065 )
5066 IS
5067 SELECT DISTINCT p.parent_role_id
5068 FROM fnd_menu_entries r, fnd_form_functions f,
5069 fnd_menus m, ego_obj_role_mappings p
5070 WHERE r.function_id = f.function_id
5071 AND r.menu_id = m.menu_id
5072 AND f.function_name = cp_function
5073 AND m.menu_id = p.child_role_id
5074 AND p.child_object_id = cp_object_id
5075 AND P.parent_object_id = cp_parent_object_id;
5076
5077 CURSOR mapped_role_c (cp_parent_role VARCHAR2,
5078 cp_parent_object_id VARCHAR2,
5079 cp_child_object_id VARCHAR2,
5080 cp_child_object_type VARCHAR2
5081 )
5082 IS
5083 select cm.menu_name from
5084 fnd_menus m, ego_obj_role_mappings r, fnd_menus cm
5085 where r.parent_role_id = m.menu_id and
5086 m.menu_name = cp_parent_role
5087 and r.parent_object_id = cp_parent_object_id
5088 and r.child_object_id = cp_child_object_id
5089 and r.child_object_type = cp_child_object_type
5090 and cm.MENU_ID = r.CHILD_ROLE_ID;
5091
5092 l_object_id number;
5093 BEGIN
5094 SetGlobals();
5095
5096 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
5097 ,p_module => l_api_name
5098 ,p_message => 'Started with 19 params '||
5099 ' p_api_version: '|| to_char(p_api_version) ||
5100 ' - p_function: '|| p_function ||
5101 ' - p_object_name: '|| p_object_name ||
5102 ' - p_grant_instance_type: '|| p_grant_instance_type ||
5103 ' - p_user_name: '|| p_user_name ||
5104 ' - p_statement_type: '|| p_statement_type ||
5105 ' - p_pk1_alias: '|| p_pk1_alias ||
5106 ' - p_pk2_alias: '|| p_pk2_alias ||
5107 ' - p_pk3_alias: '|| p_pk3_alias ||
5108 ' - p_pk4_alias: '|| p_pk4_alias ||
5109 ' - p_pk5_alias: '|| p_pk5_alias ||
5110 ' - p_object_type: '|| p_object_type
5111 );
5112 IF (p_parent_object_tbl.COUNT > 0) THEN
5113 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
5114 ,p_module => l_api_name
5115 ,p_message => 'Values from p_parent_object_tbl '
5116 );
5117 FOR i IN p_parent_object_tbl.first .. p_parent_object_tbl.last LOOP
5118 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
5119 ,p_module => l_api_name
5120 ,p_message => 'Value at '||i||' = '||p_parent_object_tbl(i)
5121 );
5122 END LOOP;
5123 ELSE
5124 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
5125 ,p_module => l_api_name
5126 ,p_message => 'No Values from p_parent_object_tbl '
5127 );
5128 END IF;
5129
5130 IF (p_relationship_sql_tbl.COUNT > 0) THEN
5131 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
5132 ,p_module => l_api_name
5133 ,p_message => 'Values from p_relationship_sql_tbl '
5134 );
5135 FOR i IN p_relationship_sql_tbl.first .. p_relationship_sql_tbl.last LOOP
5136 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
5137 ,p_module => l_api_name
5138 ,p_message => 'Value at '||i||' = '||p_relationship_sql_tbl(i)
5139 );
5140 END LOOP;
5141 ELSE
5145 );
5142 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
5143 ,p_module => l_api_name
5144 ,p_message => 'No Values from p_relationship_sql_tbl '
5146 END IF;
5147
5148 IF (p_parent_obj_pk1alias_tbl.COUNT > 0) THEN
5149 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
5150 ,p_module => l_api_name
5151 ,p_message => 'Values from p_parent_obj_pk1alias_tbl '
5152 );
5153 FOR i IN p_parent_obj_pk1alias_tbl.first .. p_parent_obj_pk1alias_tbl.last LOOP
5154 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
5155 ,p_module => l_api_name
5156 ,p_message => 'Value at '||i||' = '||p_parent_obj_pk1alias_tbl(i)
5157 );
5158 END LOOP;
5159 ELSE
5160 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
5161 ,p_module => l_api_name
5162 ,p_message => 'No Values from p_parent_obj_pk1alias_tbl '
5163 );
5164 END IF;
5165
5166 IF (p_parent_obj_pk2alias_tbl.COUNT > 0) THEN
5167 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
5168 ,p_module => l_api_name
5169 ,p_message => 'Values from p_parent_obj_pk2alias_tbl '
5170 );
5171 FOR i IN p_parent_obj_pk2alias_tbl.first .. p_parent_obj_pk2alias_tbl.last LOOP
5172 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
5173 ,p_module => l_api_name
5174 ,p_message => 'Value at '||i||' = '||p_parent_obj_pk2alias_tbl(i)
5175 );
5176 END LOOP;
5177 ELSE
5178 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
5179 ,p_module => l_api_name
5180 ,p_message => 'No Values from p_parent_obj_pk2alias_tbl '
5181 );
5182 END IF;
5183
5184 -- check for call compatibility.
5185 if TRUNC(l_api_version) <> TRUNC(p_api_version) THEN
5186 fnd_message.set_name('FND', 'GENERIC-INTERNAL ERROR');
5187 fnd_message.set_token('ROUTINE',
5188 g_pkg_name || '.'|| l_api_name);
5189 fnd_message.set_token('REASON',
5190 'Unsupported version '|| to_char(p_api_version)||
5191 ' passed to API; expecting version '||
5192 to_char(l_api_version));
5193 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
5194 ,p_module => l_api_name
5195 ,p_message => 'Returning as the call in incompatible '
5196 );
5197 x_return_status := G_RETURN_UNEXP_ERR; /* Unexpected Error */
5198 return;
5199 END IF;
5200
5201 -- Check to make sure we're not using unsupported statement_type
5202 if ((p_statement_type <> 'BASE') and (p_statement_type <> 'OTHER')
5203 AND (p_statement_type <> 'EXISTS')) then
5204 fnd_message.set_name('FND', 'GENERIC-INTERNAL ERROR');
5205 fnd_message.set_token('ROUTINE',
5206 g_pkg_name || '.'|| l_api_name);
5207 fnd_message.set_token('REASON',
5208 'Unsupported p_statement_type: '|| p_statement_type);
5209 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
5210 ,p_module => l_api_name
5211 ,p_message => 'Returning as statement type is not supported'
5212 );
5213 x_return_status := G_RETURN_UNEXP_ERR; /* Unexpected Error */
5214 return;
5215 end if;
5216
5217 /* ### We haven't yet added support for NULL (all) function in arg. */
5218 /* ### Add that support since it is in the API. */
5219 if (p_function is NULL) then
5220 fnd_message.set_name('FND', 'GENERIC-INTERNAL ERROR');
5221 fnd_message.set_token('ROUTINE',
5222 g_pkg_name || '.'|| l_api_name);
5223 fnd_message.set_token('REASON',
5224 'Support has not yet been added for passing NULL function.');
5225 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
5226 ,p_module => l_api_name
5227 ,p_message => 'Returning as mand parameter Function is not available '
5228 );
5229 x_return_status := G_RETURN_UNEXP_ERR; /* Unexpected Error */
5230 return;
5231 end if;
5232
5233 -- Check to make sure we're not using unsupported modes
5234 if ((p_grant_instance_type = 'SET')
5235 AND((p_pk1_alias is not NULL)
5236 OR (p_pk2_alias is not NULL)
5237 OR (p_pk3_alias is not NULL)
5238 OR (p_pk4_alias is not NULL)
5239 OR (p_pk5_alias is not NULL))) then
5240
5241 fnd_message.set_name('FND', 'GENERIC-INTERNAL ERROR');
5242 fnd_message.set_token('ROUTINE',
5243 g_pkg_name || '.'|| l_api_name);
5244 fnd_message.set_token('REASON',
5245 'Unsupported mode arguments: '||
5246 'p_statement_type = BASE or p_grant_instance_type = SET.');
5247 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
5248 ,p_module => l_api_name
5249 ,p_message => 'Returning as incompatible combination for p_grant_instance_type = SET '
5250 );
5251 x_return_status := G_RETURN_UNEXP_ERR; /* Unexpected Error */
5252 return;
5253 end if;
5254
5255 /* We don't currently support BASE mode; we will have to change to */
5256 /* a pure OR statement when VPD becomes important. */
5257 if (p_statement_type = 'BASE') then
5261 fnd_message.set_token('REASON',
5258 fnd_message.set_name('FND', 'GENERIC-INTERNAL ERROR');
5259 fnd_message.set_token('ROUTINE',
5260 g_pkg_name || '.'|| l_api_name);
5262 'Support has not yet been added for '||
5263 'p_statement_type = BASE.');
5264 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
5265 ,p_module => l_api_name
5266 ,p_message => 'Returning as incompatible statement_type = BASE '
5267 );
5268 x_return_status := G_RETURN_UNEXP_ERR; /* Unexpected Error */
5269 return;
5270 end if;
5271
5272 x_return_status := G_RETURN_SUCCESS; /* Assume Success */
5273 l_user_name := p_user_name;
5274 get_orig_key(x_user_name => l_user_name
5275 -- ,x_orig_system => l_orig_system
5276 ,x_orig_system_id => l_orig_system_id);
5277 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
5278 ,p_module => l_api_name
5279 ,p_message => 'l_user_name: '||l_user_name||
5280 -- ' - l_orig_system: '||l_orig_system||
5281 ' - l_orig_system_id: '||l_orig_system_id
5282 );
5283 -----------------------------------------------------------------------------------
5284 --First we see if a profile option is set and if function exists --
5285 -- if so we return and empty predicate here itself without doing further query --
5286 -----------------------------------------------------------------------------------
5287
5288 getPrivilege_for_profileOption(p_api_version => p_api_version,
5289 p_object_name => p_object_name,
5290 p_user_name => l_user_name,
5291 x_privilege_tbl => l_prof_privilege_tbl,
5292 x_return_status => x_return_status);
5293
5294 If (X_Return_Status = G_RETURN_SUCCESS) Then
5295 If (l_prof_privilege_tbl.Count > 0) Then
5296 For I In l_prof_privilege_tbl.First .. l_prof_privilege_tbl.Last Loop
5297 If (l_prof_privilege_tbl(I) = p_function) Then
5298 X_predicate := '';
5299 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
5300 ,p_module => l_api_name
5301 ,p_message => 'No need for predicate as user has privilege through profile '
5302 );
5303 return;
5304 End If; --If Function Match, Returning Empty Predicate
5305 End Loop;
5306 End If; -- X_Prof_Privilege_Tbl >0
5307 End If; --Return Status Is T
5308
5309 -- Step 1.
5310 -- check whether there is any grant for this use for any role that
5311 -- includes the given privilege
5312
5313 IF (p_grant_instance_type = G_TYPE_INSTANCE) THEN
5314 l_instance_set_flag:= FALSE;
5315 ELSIF (p_grant_instance_type = G_TYPE_SET) THEN
5316 l_instance_flag:= FALSE;
5317 END IF;
5318
5319 x_return_status := get_pk_information(p_object_name ,
5320 l_db_pk1_column ,
5321 l_db_pk2_column ,
5322 l_db_pk3_column ,
5323 l_db_pk4_column ,
5324 l_db_pk5_column ,
5325 l_pk_column_names ,
5326 l_type_converted_val_cols ,
5327 l_pk_orig_column_names,
5328 l_db_object_name,
5329 p_pk1_alias,
5330 p_pk2_alias,
5331 p_pk3_alias,
5332 p_pk4_alias,
5333 p_pk5_alias );
5334 if (x_return_status <> G_RETURN_SUCCESS) then
5335 /* There will be a message on the msg dict stack. */
5336 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
5337 ,p_module => l_api_name
5338 ,p_message => 'Returning FALSE as pk values are not correct'
5339 );
5340 return; /* We will return the x_return_status as out param */
5341 end if;
5342
5343 l_object_id :=get_object_id(p_object_name => p_object_name );
5344 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
5345 ,p_module => l_api_name
5346 ,p_message => 'l_object_id: '||l_object_id
5347 );
5348 l_group_info := get_group_info(p_party_id => l_orig_system_id);
5349 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
5350 ,p_module => l_api_name
5351 ,p_message => 'l_group_info: '||l_group_info
5352 );
5353 l_company_info := get_company_info (p_party_id => l_orig_system_id);
5354 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
5355 ,p_module => l_api_name
5356 ,p_message => 'l_company_info: '||l_company_info
5357 );
5358
5359 -- Step 2.
5360 l_aggregate_predicate := '';
5361 IF(l_instance_flag = TRUE) THEN
5362 if (p_statement_type = 'EXISTS') then
5363 l_aggregate_predicate := 'EXISTS (';
5364 else
5365 l_aggregate_predicate := l_pk_column_names || ' IN (';
5366 end if;
5367 l_aggregate_predicate :=
5368 l_aggregate_predicate ||
5369 ' SELECT '||l_type_converted_val_cols ||
5373
5370 ' FROM fnd_grants grants, ' ||
5371 ' fnd_form_functions functions, ' ||
5372 ' fnd_menu_entries cmf ';
5374 if (p_statement_type = 'EXISTS') then
5375 -- R12C Security Changes
5376 /* l_aggregate_predicate := l_aggregate_predicate ||
5377 ' WHERE grants.INSTANCE_PK1_VALUE=to_char('||p_pk1_alias||')'||
5378 ' AND grants.start_date <= sysdate '; */
5379 if (p_object_name = 'EGO_CATALOG_GROUP') THEN
5380 l_aggregate_predicate := l_aggregate_predicate || ' , ego_item_cat_denorm_hier cathier ' ||
5381 ' WHERE grants.INSTANCE_PK1_VALUE = to_char(cathier.parent_catalog_group_id)' ||
5382 ' AND cathier.child_catalog_group_id = to_char('||p_pk1_alias||')' ||
5383 ' AND grants.start_date <= sysdate ';
5384 else
5385 l_aggregate_predicate := l_aggregate_predicate ||
5386 ' WHERE grants.INSTANCE_PK1_VALUE=to_char('||p_pk1_alias||')'||
5387 ' AND grants.start_date <= sysdate ';
5388 end if;
5389 -- R12C Security Changes
5390 else
5391 l_aggregate_predicate := l_aggregate_predicate ||
5392 ' WHERE grants.start_date <= sysdate ';
5393 end if;
5394
5395 l_aggregate_predicate := l_aggregate_predicate ||
5396 ' AND ( grants.end_date IS NULL ' ||
5397 ' OR grants.end_date >= sysdate ) ' ||
5398 ' AND grants.instance_type= ''INSTANCE'' ' ||
5399 ' AND cmf.function_id = functions.function_id ' ||
5400 ' AND cmf.menu_id = grants.menu_id ' ||
5401 ' AND grants.object_id = ' || l_object_id ||
5402 ' AND functions.function_name = ''' || p_function || '''' ||
5403 ' AND ( ( grants.grantee_type = ''USER'' ' ||
5404 ' AND grants.grantee_key = '''||l_user_name||''')'||
5405 ' OR ( grants.grantee_type = ''GROUP'' '||
5406 ' AND grants.grantee_key in '||
5407 ' ( '|| l_group_info || ')) ' ||
5408 ' OR ( grants.grantee_type = ''COMPANY'' '||
5409 ' AND grants.grantee_key in '||
5410 ' ( '|| l_company_info || ')) ' ||
5411 ' OR (grants.grantee_type = ''GLOBAL'' AND grants.grantee_key in (''HZ_GLOBAL:-1000'', ''GLOBAL'') )))';
5412 END IF;
5413
5414 -- Step 3.
5415 l_set_predicates:='';
5416 l_sub_pred_clause:= ' UNION ALL ( SELECT '
5417 ||l_pk_orig_column_names || ' FROM ' ||
5418 l_db_object_name ||
5419 ' WHERE ' || l_pk_orig_column_names||'='||p_pk1_alias ||
5420 ' and ';
5421
5422 IF(l_instance_set_flag = TRUE) THEN
5423 l_dynamic_sql_1 :=
5424 ' SELECT DISTINCT instance_sets.predicate ' ||
5425 ' FROM fnd_grants grants, fnd_form_functions functions, ' ||
5426 ' fnd_menu_entries cmf, fnd_object_instance_sets instance_sets ' ||
5427 ' WHERE grants.instance_type = :instance_type ' ||
5428 ' AND grants.start_date <= SYSDATE ' ||
5429 ' AND NVL(grants.end_date,SYSDATE) >= SYSDATE ' ||
5430 ' AND cmf.function_id = functions.function_id ' ||
5431 ' AND cmf.menu_id = grants.menu_id ' ||
5432 ' AND grants.instance_set_id = instance_sets.instance_set_id ' ||
5433 ' AND grants.object_id = :object_id ' ||
5434 ' AND functions.function_name = :function ' ||
5435 ' AND ((grants.grantee_type = ''USER'' ' ||
5436 ' AND grants.grantee_key = :grantee_key )' ||
5437 ' OR (grants.grantee_type = ''GROUP'' ' ||
5438 ' AND grants.grantee_key in ( '||l_group_info||' ))' ||
5439 ' OR (grants.grantee_type = ''COMPANY'' ' ||
5440 ' AND grants.grantee_key in ( '||l_company_info||' ))' ||
5441 ' OR (grants.grantee_type = ''GLOBAL'' ' ||
5442 ' AND grants.grantee_key in (''HZ_GLOBAL:-1000'', ''GLOBAL''))) ';
5443 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
5444 ,p_module => l_api_name
5445 ,p_message => 'Binds for instance_set_grants_c '||
5446 ' G_TYPE_SET: '||G_TYPE_SET||
5447 ' - l_parent_object_id: '||l_object_id||
5448 ' - p_function: '||p_function||
5449 ' - l_user_name: '||l_user_name
5450 );
5451
5452 OPEN instance_set_grants_c FOR l_dynamic_sql_1
5453 USING IN G_TYPE_SET,
5454 IN l_object_id,
5455 IN p_function,
5456 IN l_user_name;
5457 LOOP
5458 FETCH instance_set_grants_c INTO l_one_set_predicate;
5459 EXIT WHEN instance_set_grants_c%NOTFOUND;
5460 l_set_predicates := l_set_predicates ||
5461 l_sub_pred_clause ||
5462 l_one_set_predicate ||')';
5463 END LOOP;
5464 CLOSE instance_set_grants_c;
5465
5466 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
5467 ,p_module => l_api_name
5468 ,p_message => 'l_set_predicates: '||l_set_predicates
5469 );
5470 IF( length(l_set_predicates ) >0) THEN
5471 IF(length(l_aggregate_predicate) >0 ) THEN
5472 -- strip off the trailing ')'
5473 l_aggregate_predicate := substr(l_aggregate_predicate, 1,
5474 length(l_aggregate_predicate) - length(')'));
5475 l_aggregate_predicate := substrb(
5476 l_aggregate_predicate ||
5480 END IF;
5477 l_set_predicates || ')', 1, g_pred_buf_size);
5478 ELSE
5479 l_aggregate_predicate:= l_set_predicates;
5481 END IF;
5482 END IF;
5483
5484 l_dynamic_sql_2 :=
5485 ' SELECT DISTINCT instance_sets.predicate '||
5486 ' FROM fnd_grants grants, '||
5487 ' fnd_object_instance_sets instance_sets,' ||
5488 ' fnd_form_functions F, fnd_menu_entries R, '||
5489 ' fnd_menus M, ego_obj_role_mappings P '||
5490 ' WHERE grants.instance_type = ''SET'' '||
5491 ' AND grants.start_date <= SYSDATE ' ||
5492 ' AND NVL(grants.end_date,SYSDATE) >= SYSDATE '||
5493 ' AND grants.instance_set_id = instance_sets.instance_set_id '||
5494 ' AND instance_sets.object_id = :parent_object_id ' ||
5495 ' AND grants.object_id = :parent_object_id1 ' ||
5496 ' AND grants.menu_id = p.parent_role_id ' ||
5497 ' AND r.function_id = f.function_id '||
5498 ' AND r.menu_id = m.menu_id ' ||
5499 ' AND f.function_name = :function_id '||
5500 ' AND m.menu_id = p.child_role_id ' ||
5501 ' AND p.child_object_id = :child_object_id '||
5502 ' AND p.parent_object_id = :parent_object_id2 '||
5503 ' AND p.child_object_type = :child_object_type ' ||
5504 ' AND ( ( grants.grantee_type = ''USER'' AND ' ||
5505 ' grants.grantee_key = :user_name ) '||
5506 ' OR (grants.grantee_type = ''GROUP'' AND '||
5507 ' grants.grantee_key in ( '||l_group_info||' ))' ||
5508 ' OR (grants.grantee_type = ''COMPANY'' AND '||
5509 ' grants.grantee_key in ( '||l_company_info||' ))' ||
5510 ' OR (grants.grantee_type = ''GLOBAL'' AND '||
5511 ' grants.grantee_key in (''HZ_GLOBAL:-1000'', ''GLOBAL'') ))';
5512
5513 l_aggregate_predicate := substr(l_aggregate_predicate, 1,
5514 length(l_aggregate_predicate) - length(')'));
5515
5516 l_parent_object_table_count := p_parent_object_tbl.COUNT;
5517
5518 FOR l_table_index IN 1..l_parent_object_table_count
5519 LOOP
5520
5521 x_return_status := get_pk_information(p_parent_object_tbl(l_table_index),
5522 l_db_pk1_column ,
5523 l_db_pk2_column ,
5524 l_db_pk3_column ,
5525 l_db_pk4_column ,
5526 l_db_pk5_column ,
5527 l_pk_column_names ,
5528 l_type_converted_val_cols ,
5529 l_pk_orig_column_names,
5530 l_db_object_name);
5531
5532 if (x_return_status <> G_RETURN_SUCCESS) then
5533 /* There will be a message on the msg dict stack. */
5534 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
5535 ,p_module => l_api_name
5536 ,p_message => 'Returning FALSE as pk values are not correct'
5537 );
5538 return; /* We will return the x_return_status as out param */
5539 end if;
5540
5541 l_parent_object_id :=get_object_id(
5542 p_object_name => p_parent_object_tbl(l_table_index)
5543 );
5544
5545 l_parent_object_name := p_parent_object_tbl(l_table_index); -- Bug 6143355
5546
5547
5548 l_parent_predicate := '';
5549 l_parent_predicate := 'UNION ALL( ' || p_relationship_sql_tbl(l_table_index) || '(';
5550 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
5551 ,p_module => l_api_name
5552 ,p_message => 'profile role for '||p_parent_object_tbl(l_table_index)||
5553 ' is: '||l_profile_role
5554 );
5555
5556 -----------------------------------------------------------------------------------
5557 --First we see if a profile option is set and if function exists --
5558 -- if so we return and predicate (select pkColumns from base table --
5559 -- eg: select inventory_item_id, organization_id from mtl_sys_items_b_ext --
5560 -----------------------------------------------------------------------------------
5561 l_profile_role := getRole_mappedTo_profileOption(p_parent_object_tbl(l_table_index), l_user_name);
5562
5563 l_profile_optionFound := FALSE;
5564 FOR mapped_roles_rec IN mapped_role_c (l_profile_role, l_parent_object_id, l_object_id, p_object_type)
5565 LOOP
5566 IF (l_profile_optionFound = FALSE) THEN
5567 l_child_role :=mapped_roles_rec.menu_name;
5568 get_role_functions
5569 (p_api_version => p_api_version
5570 ,p_role_name => l_child_role
5571 ,x_return_status => x_return_status
5572 ,x_privilege_tbl => l_prof_privilege_tbl
5573 );
5574
5575 IF (x_return_status = G_RETURN_SUCCESS) THEN
5576 IF (l_prof_privilege_tbl.COUNT > 0) THEN
5577 FOR i IN l_prof_privilege_tbl.first .. l_prof_privilege_tbl.last LOOP
5578 IF (l_prof_privilege_tbl(i) = p_function) THEN
5579 l_parent_predicate := l_parent_predicate || 'Select ' || l_pk_orig_column_names;
5580 l_parent_predicate := l_parent_predicate || ' FROM ' || l_db_object_name;
5581 l_parent_predicate := l_parent_predicate || ' )';
5582
5583 l_profile_optionFound := TRUE;
5587 END IF; --return status is T
5584 END IF; --if function match, returning empty predicate
5585 END LOOP;
5586 END IF; -- x_prof_privilege_tbl >0
5588 --ELSE
5589 -- how do we come out
5590 END IF; --if profile option is false
5591 END LOOP;
5592 -----------------------------------------------------------------------------------
5593 --END check of profile option --
5594 -----------------------------------------------------------------------------------
5595
5596 IF (l_profile_optionFound = FALSE) THEN
5597 -- start get parent role info
5598 l_parent_role_info := '';
5599 if( p_object_type is null) then
5600 FOR role_rec IN parent_role_c2 (p_function,
5601 l_object_id,
5602 l_parent_object_id)
5603 LOOP
5604 l_parent_role_info := l_parent_role_info ||
5605 role_rec.parent_role_id ||
5606 ' , ';
5607 END LOOP;
5608 else
5609 FOR role_rec IN parent_role_c (p_function,
5610 l_object_id,
5611 l_parent_object_id,
5612 p_object_type )
5613 LOOP
5614 l_parent_role_info := l_parent_role_info ||
5615 role_rec.parent_role_id ||
5616 ' , ';
5617 END LOOP;
5618 end if;
5619
5620 IF( length( l_parent_role_info ) >0) THEN
5621 -- strip off the trailing ', '
5622 l_parent_role_info := substr(l_parent_role_info, 1,
5623 length(l_parent_role_info) - length(', '));
5624 ELSE
5625 l_parent_role_info := 'NULL';
5626 END IF;
5627
5628 -- end get parent role info
5629 -- Step 2.
5630 IF(l_instance_flag = TRUE) THEN
5631 l_parent_predicate :=
5632 l_parent_predicate ||
5633 ' SELECT '||l_type_converted_val_cols ||
5634 ' FROM fnd_grants grants ';
5635
5636 if (p_statement_type = 'EXISTS') then
5637 l_parent_predicate := l_parent_predicate ||
5638 ' WHERE grants.INSTANCE_PK1_VALUE=to_char('|| p_parent_obj_pk1alias_tbl(l_table_index)||')';
5639
5640 --dbms_output.put_line('EGO_DATA_SECURITY: l_table_index ' || l_table_index);
5641
5642 --dbms_output.put_line('EGO_DATA_SECURITY: p_parent_obj_pk2alias_tbl ' || p_parent_obj_pk2alias_tbl(l_table_index));
5643 IF (p_parent_obj_pk2alias_tbl IS NOT NULL AND
5644 p_parent_obj_pk2alias_tbl.exists(l_table_index)) THEN
5645 --dbms_output.put_line('EGO_DATA_SECURITY: p_parent_obj_pk2alias_tbl in if statement');
5646 l_parent_predicate := l_parent_predicate ||
5647 ' AND grants.INSTANCE_PK2_VALUE= to_char('|| p_parent_obj_pk2alias_tbl(l_table_index)||')';
5648 END IF;
5649
5650 l_parent_predicate := l_parent_predicate || ' AND grants.start_date <= sysdate ';
5651
5652 else
5653 l_parent_predicate := l_parent_predicate ||' WHERE grants.start_date <= sysdate ';
5654
5655 end if;
5656
5657 l_parent_predicate := l_parent_predicate ||
5658 ' AND NVL(grants.end_date,SYSDATE) >= SYSDATE ' ||
5659 ' AND grants.instance_type= ''INSTANCE'' ' ||
5660 ' AND grants.object_id = ' || l_parent_object_id ||
5661 ' AND grants.menu_id in ( ' || l_parent_role_info || ') '||
5662 ' AND ( ( grants.grantee_type = ''USER'' AND ' ||
5663 ' grants.grantee_key = '''||l_user_name||''')'||
5664 ' OR ( grants.grantee_type = ''GROUP'' AND '||
5665 ' grants.grantee_key in ( '|| l_group_info || ')) ' ||
5666 ' OR ( grants.grantee_type = ''COMPANY'' AND '||
5667 ' grants.grantee_key in ( '|| l_company_info || ')) ' ||
5668 ' OR (grants.grantee_type = ''GLOBAL'' AND '||
5669 ' grants.grantee_key in (''HZ_GLOBAL:-1000'', ''GLOBAL'') )))';
5670 END IF;
5671
5672 -- Step 3.
5673 l_set_predicates:='';
5674 IF(l_instance_set_flag = TRUE) THEN
5675 if(p_object_type is null) then
5676 FOR instance_set_grants_rec IN parent_instance_set_grants_c2 (l_user_name,
5677 l_parent_object_id,
5678 l_group_info,
5679 l_company_info,
5680 p_function,
5681 l_object_id
5682 )
5683 LOOP
5684 l_set_predicates := substrb( l_set_predicates ||
5685 instance_set_grants_rec.predicate ||
5686 ' OR ',
5687 1, g_pred_buf_size);
5688 END LOOP;
5689 else
5690 OPEN parent_instance_set_grants_c FOR
5691 l_dynamic_sql_2 USING l_parent_object_id,
5692 l_parent_object_id,
5693 p_function,
5697 l_user_name;
5694 l_object_id,
5695 l_parent_object_id,
5696 p_object_type,
5698 LOOP
5699 FETCH parent_instance_set_grants_c INTO l_one_set_predicate;
5700 EXIT WHEN parent_instance_set_grants_c%NOTFOUND;
5701 l_set_predicates := substrb( l_set_predicates ||
5702 l_one_set_predicate ||
5703 ' OR ',
5704 1, g_pred_buf_size);
5705
5706 END LOOP;
5707 CLOSE parent_instance_set_grants_c;
5708
5709 end if;
5710
5711 IF( length(l_set_predicates ) >0) THEN
5712 -- strip off the trailing 'OR '
5713 l_set_predicates := substr(l_set_predicates, 1,
5714 length(l_set_predicates) - length('OR '));
5715
5716
5717 IF(length(l_parent_predicate) >0 ) THEN
5718
5719 -- strip off the trailing ')'
5720 l_parent_predicate := substr(l_parent_predicate, 1,
5721 length(l_parent_predicate) - length(')'));
5722
5723 if (p_statement_type = 'EXISTS') then
5724 l_pk_orig_column_names_t := l_pk_orig_column_names||',';
5725 l_orig_pk_column := SUBSTR(l_pk_orig_column_names_t, 1, INSTR(l_pk_orig_column_names_t,',',1,1)-1);
5726
5727 -- R12C Security Changes
5728 /*l_parent_predicate := substrb(
5729 l_parent_predicate ||
5730 ' UNION ALL ( SELECT ' ||l_pk_orig_column_names ||
5731 ' FROM ' || l_db_object_name ||
5732 ' WHERE ' || l_orig_pk_column || ' = ' || p_parent_obj_pk1alias_tbl(l_table_index)
5733 , 1, g_pred_buf_size); */
5734 IF (l_parent_object_name = 'EGO_ITEM') THEN
5735 l_parent_predicate := substrb(
5736 l_parent_predicate ||
5737 ' UNION ALL ( SELECT ' ||l_pk_orig_column_names ||
5738 ' FROM ' || l_db_object_name || ' , ego_item_cat_denorm_hier cathier '||
5739 ' WHERE item_catalog_group_id = cathier.child_catalog_group_id AND ' || l_orig_pk_column || ' = ' || p_parent_obj_pk1alias_tbl(l_table_index)
5740 , 1, g_pred_buf_size);
5741 ELSE
5742 l_parent_predicate := substrb(
5743 l_parent_predicate ||
5744 ' UNION ALL ( SELECT ' ||l_pk_orig_column_names ||
5745 ' FROM ' || l_db_object_name ||
5746 ' WHERE ' || l_orig_pk_column || ' = ' || p_parent_obj_pk1alias_tbl(l_table_index)
5747 , 1, g_pred_buf_size);
5748 END IF;
5749
5750 -- R12C Security Changes
5751
5752
5753 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
5754 ,p_module => l_api_name
5755 ,p_message => 'Check the predicate' ||
5756 ' l_parent_predicate: ' || l_parent_predicate
5757 );
5758
5759 IF (p_parent_obj_pk2alias_tbl IS NOT NULL AND
5760 p_parent_obj_pk2alias_tbl.exists(l_table_index)) THEN
5761 l_orig_pk_column := SUBSTR(l_pk_orig_column_names_t, INSTR(l_pk_orig_column_names_t,',',1,2-1)+1, INSTR(l_pk_orig_column_names_t,',',1,2)-INSTR(l_pk_orig_column_names_t,',',1,2-1)-1 );
5762 l_parent_predicate := l_parent_predicate || ' AND ' || l_orig_pk_column || '=' || p_parent_obj_pk2alias_tbl(l_table_index);
5763
5764 END IF;
5765
5766 l_parent_predicate := substrb(l_parent_predicate ||
5767 ' AND ( ' ||
5768 l_set_predicates || ' ) ' ||
5769 '))',
5770 1, g_pred_buf_size);
5771
5772 else
5773 l_parent_predicate := substrb(l_parent_predicate ||
5774 ' UNION ALL ( SELECT '
5775 ||l_pk_orig_column_names || ' FROM ' ||
5776 l_db_object_name || ' WHERE '
5777 || l_set_predicates || '))',
5778 1, g_pred_buf_size);
5779
5780 end if;
5781 ELSE
5782 -- won't be here see l_parent_preidcate>0 anyway
5783 l_parent_predicate:= l_set_predicates;
5784
5785 END IF;
5786 END IF;
5787 END IF;
5788 END IF; -- if profile option not found
5789
5790 l_parent_predicate := l_parent_predicate ||')';
5791 l_aggregate_predicate := l_aggregate_predicate || l_parent_predicate;
5792
5793 END LOOP;
5794
5795 --finally
5796 l_aggregate_predicate := l_aggregate_predicate || ' )';
5797
5798 ------ ending new part
5799
5800 x_predicate :=l_aggregate_predicate;
5801 x_clob_predicate := l_aggregate_predicate;
5802
5803 if ( (lengthb(l_aggregate_predicate) > g_vpd_buf_limit)
5804 AND (p_statement_type = 'BASE'))then
5805 FND_MESSAGE.SET_NAME('FND', 'GENERIC-INTERNAL ERROR');
5806 FND_MESSAGE.SET_TOKEN('ROUTINE',
5810 to_char(g_vpd_buf_limit)||' bytes for the predicate. ');
5807 'EGO_DATA_SECURITY.GET_SECURITY_PREDICATE');
5808 FND_MESSAGE.SET_TOKEN('REASON',
5809 'The predicate was longer than the database VPD limit of '||
5811 x_return_status := 'L'; /* Indicate Error */
5812 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
5813 ,p_module => l_api_name
5814 ,p_message => 'Returning Status: '||x_return_status||' as predicate size is more'
5815 );
5816 end if;
5817
5818 EXCEPTION
5819 WHEN OTHERS THEN
5820 fnd_message.set_name('FND', 'SQL_PLSQL_ERROR');
5821 fnd_message.set_token('ROUTINE',G_PKG_NAME||l_api_name);
5822 fnd_message.set_token('ERRNO', SQLCODE);
5823 fnd_message.set_token('REASON', SQLERRM);
5824 x_return_status := G_RETURN_UNEXP_ERR;
5825 code_debug (p_log_level => G_DEBUG_LEVEL_EXCEPTION
5826 ,p_module => l_api_name
5827 ,p_message => 'Returning EXCEPTION '||SQLERRM
5828 );
5829 return;
5830 END get_inherited_predicate;
5831
5832
5833 --------------------------------------------------------
5834 ---- get_instances
5835 --------------------------------------------------------
5836 PROCEDURE get_instances
5837 (
5838 p_api_version IN NUMBER,
5839 p_function IN VARCHAR2 DEFAULT NULL,
5840 p_object_name IN VARCHAR2,
5841 p_user_name IN VARCHAR2 DEFAULT NULL,
5842 x_return_status OUT NOCOPY VARCHAR2,
5843 x_object_key_tbl OUT NOCOPY EGO_INSTANCE_TABLE_TYPE
5844 ) is
5845 l_api_name CONSTANT VARCHAR2(30) := 'GET_INSTANCES';
5846 l_predicate VARCHAR2(32767);
5847 l_dynamic_sql VARCHAR2(32767);
5848 l_db_object_name varchar2(30);
5849 l_db_pk1_column varchar2(30);
5850 l_db_pk2_column varchar2(30);
5851 l_db_pk3_column varchar2(30);
5852 l_db_pk4_column varchar2(30);
5853 l_db_pk5_column varchar2(30);
5854 l_pk_column_names varchar2(512);
5855 l_pk_orig_column_names varchar2(512);
5856 l_type_converted_val_cols varchar2(512);
5857 l_pk1_val varchar2(512);
5858 l_pk2_val varchar2(512);
5859 l_pk3_val varchar2(512);
5860 l_pk4_val varchar2(512);
5861 l_pk5_val varchar2(512);
5862 l_index number;
5863
5864 instances_cur DYNAMIC_CUR;
5865 BEGIN
5866 SetGlobals();
5867 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
5868 ,p_module => l_api_name
5869 ,p_message => 'Started with 6 params '||
5870 ' p_api_version: '|| to_char(p_api_version) ||
5871 ' - p_function: '|| p_function ||
5872 ' - p_object_name: '|| p_object_name ||
5873 ' - p_user_name: '|| p_user_name
5874 );
5875
5876 get_security_predicate(p_api_version => 1.0,
5877 p_function => p_function,
5878 p_object_name => p_object_name,
5879 p_grant_instance_type => G_TYPE_UNIVERSAL,
5880 p_user_name => p_user_name,
5881 x_predicate => l_predicate,
5882 x_return_status => x_return_status);
5883 if(x_return_status NOT IN (G_RETURN_SUCCESS, G_RETURN_FAILURE))then
5884 /* There will be a message on the msg dict stack. */
5885 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
5886 ,p_module => l_api_name
5887 ,p_message => 'Returning status as returned from get_security_predicate '||x_return_status
5888 );
5889 return; /* We will return the x_return_status as an out param */
5890 end if;
5891
5892 -- Get names and list of primary keys for this object.
5893 x_return_status := get_pk_information(p_object_name ,
5894 l_db_pk1_column ,
5895 l_db_pk2_column ,
5896 l_db_pk3_column ,
5897 l_db_pk4_column ,
5898 l_db_pk5_column ,
5899 l_pk_column_names ,
5900 l_type_converted_val_cols ,
5901 l_pk_orig_column_names,
5902 l_db_object_name );
5903 if (x_return_status <> G_RETURN_SUCCESS) then
5904 /* There will be a message on the msg dict stack. */
5905 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
5906 ,p_module => l_api_name
5907 ,p_message => 'PK informatino not available returning: '||x_return_status
5908 );
5909 return; /* We will return the x_return_status as out param */
5910 end if;
5911
5912 if (l_predicate is not NULL) then
5913 l_dynamic_sql :=
5914 'SELECT '|| l_pk_column_names ||
5915 ' FROM '|| l_db_object_name ||
5916 ' WHERE '||l_predicate||' ';
5917 else
5918 x_return_status := G_RETURN_FAILURE;
5919 return;
5920 end if;
5921
5922 l_index:=0;
5923 -- Run the statement,
5924 OPEN instances_cur FOR l_dynamic_sql;
5925 LOOP
5926 if(l_db_pk5_column is NOT NULL) then
5930 l_pk4_val,
5927 FETCH instances_cur INTO l_pk1_val,
5928 l_pk2_val,
5929 l_pk3_val,
5931 l_pk5_val;
5932 elsif(l_db_pk4_column is NOT NULL) then
5933 FETCH instances_cur INTO l_pk1_val,
5934 l_pk2_val,
5935 l_pk3_val,
5936 l_pk4_val;
5937 elsif(l_db_pk3_column is NOT NULL) then
5938 FETCH instances_cur INTO l_pk1_val,
5939 l_pk2_val,
5940 l_pk3_val;
5941 elsif(l_db_pk2_column is NOT NULL) then
5942 FETCH instances_cur INTO l_pk1_val,
5943 l_pk2_val;
5944 elsif(l_db_pk1_column is NOT NULL) then
5945 FETCH instances_cur INTO l_pk1_val;
5946 else
5947 x_return_status := G_RETURN_UNEXP_ERR;
5948 return; /* This will never happen since pk1 is reqd*/
5949 end if;
5950
5951 EXIT WHEN instances_cur%NOTFOUND;
5952 x_object_key_tbl(l_index).pk1_value := l_pk1_val;
5953 x_object_key_tbl(l_index).pk2_value := l_pk2_val;
5954 x_object_key_tbl(l_index).pk3_value := l_pk3_val;
5955 x_object_key_tbl(l_index).pk4_value := l_pk4_val;
5956 x_object_key_tbl(l_index).pk5_value := l_pk5_val;
5957 l_index:=l_index+1;
5958 END LOOP;
5959 CLOSE instances_cur;
5960 if(l_index > 0) then
5961 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
5962 ,p_module => l_api_name
5963 ,p_message => 'Returning success as instances found '
5964 );
5965 x_return_status := G_RETURN_SUCCESS; /* Success */
5966 else
5967 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
5968 ,p_module => l_api_name
5969 ,p_message => 'Returning failure as instances are not found '
5970 );
5971 x_return_status := G_RETURN_FAILURE; /* No instances */
5972 end if;
5973
5974 return;
5975
5976 EXCEPTION
5977 WHEN OTHERS THEN
5978 fnd_message.set_name('FND', 'SQL_PLSQL_ERROR');
5979 fnd_message.set_token('ROUTINE',G_PKG_NAME||l_api_name);
5980 fnd_message.set_token('ERRNO', SQLCODE);
5981 fnd_message.set_token('REASON', SQLERRM);
5982 code_debug (p_log_level => G_DEBUG_LEVEL_EXCEPTION
5983 ,p_module => l_api_name
5984 ,p_message => 'Returning EXCEPTION '||SQLERRM
5985 );
5986 x_return_status := G_RETURN_UNEXP_ERR;
5987 RETURN;
5988 end get_instances;
5989
5990
5991 --------------------------------------------------------
5992 ---- check_instance_in_set
5993 --------------------------------------------------------
5994 FUNCTION check_instance_in_set
5995 (
5996 p_api_version IN NUMBER,
5997 p_instance_set_name IN VARCHAR2,
5998 p_instance_pk1_value IN VARCHAR2,
5999 p_instance_pk2_value IN VARCHAR2 DEFAULT NULL,
6000 p_instance_pk3_value IN VARCHAR2 DEFAULT NULL,
6001 p_instance_pk4_value IN VARCHAR2 DEFAULT NULL,
6002 p_instance_pk5_value IN VARCHAR2 DEFAULT NULL
6003 ) return VARCHAR2 is
6004 l_api_name CONSTANT VARCHAR2(30) := 'CHECK_INSTANCE_IN_SET';
6005
6006 -- On addition of any Required parameters the major version needs
6007 -- to change i.e. for eg. 1.X to 2.X.
6008 -- On addition of any Optional parameters the minor version needs
6009 -- to change i.e. for eg. X.6 to X.7.
6010 l_api_version CONSTANT NUMBER := 1.0;
6011 l_dynamic_sql VARCHAR2(32767);
6012 l_predicate VARCHAR2(32767);
6013 l_object_name varchar2(30);
6014 l_pk1_vc_val varchar2(80);
6015 l_pk2_vc_val varchar2(80);
6016 l_pk3_vc_val varchar2(80);
6017 l_pk4_vc_val varchar2(80);
6018 l_pk5_vc_val varchar2(80);
6019 l_pk1_col_name varchar2(30);
6020 l_pk2_col_name varchar2(30);
6021 l_pk3_col_name varchar2(30);
6022 l_pk4_col_name varchar2(30);
6023 l_pk5_col_name varchar2(30);
6024 l_pk1_col_type varchar2(8);
6025 l_pk2_col_type varchar2(8);
6026 l_pk3_col_type varchar2(8);
6027 l_pk4_col_type varchar2(8);
6028 l_pk5_col_type varchar2(8);
6029 l_dummy_val varchar2(30);
6030
6031 instance_sets_cur DYNAMIC_CUR;
6032 begin
6033 SetGlobals();
6034 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
6035 ,p_module => l_api_name
6036 ,p_message => 'Started with 7 params '||
6037 ' p_api_version: '|| to_char(p_api_version) ||
6038 ' - p_instance_set_name: '|| p_instance_set_name ||
6039 ' - p_instance_pk1_value: '|| p_instance_pk1_value ||
6040 ' - p_instance_pk2_value: '|| p_instance_pk2_value ||
6041 ' - p_instance_pk3_value: '|| p_instance_pk3_value ||
6042 ' - p_instance_pk4_value: '|| p_instance_pk4_value ||
6043 ' - p_instance_pk5_value: '|| p_instance_pk5_value
6044 );
6045
6046 -- check for call compatibility.
6047 if TRUNC(l_api_version) <> TRUNC(p_api_version) THEN
6051 'Unsupported version '|| to_char(p_api_version)||
6048 fnd_message.set_name('FND', 'GENERIC-INTERNAL ERROR');
6049 fnd_message.set_token('ROUTINE', g_pkg_name || '.'|| l_api_name);
6050 fnd_message.set_token('REASON',
6052 ' passed to API; expecting version '||
6053 to_char(l_api_version));
6054 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
6055 ,p_module => l_api_name
6056 ,p_message => 'Returning as the call in incompatible '
6057 );
6058 return G_RETURN_UNEXP_ERR;/* Unexpected Error */
6059 END IF;
6060
6061 begin
6062 -- select predicate from fnd_grant_instances
6063 select s.predicate,
6064 o.database_object_name,
6065 o.pk1_column_name,
6066 o.pk2_column_name,
6067 o.pk3_column_name,
6068 o.pk4_column_name,
6069 o.pk5_column_name,
6070 o.pk1_column_type,
6071 o.pk2_column_type,
6072 o.pk3_column_type,
6073 o.pk4_column_type,
6074 o.pk5_column_type
6075 into l_predicate,
6076 l_object_name,
6077 l_pk1_col_name,
6078 l_pk2_col_name,
6079 l_pk3_col_name,
6080 l_pk4_col_name,
6081 l_pk5_col_name,
6082 l_pk1_col_type,
6083 l_pk2_col_type,
6084 l_pk3_col_type,
6085 l_pk4_col_type,
6086 l_pk5_col_type
6087 from fnd_objects o, fnd_object_instance_sets s
6088 where s.instance_set_name = p_instance_set_name
6089 and s.object_id = o.object_id;
6090 exception
6091 when no_data_found then
6092 fnd_message.set_name('FND', 'GENERIC-INTERNAL ERROR');
6093 fnd_message.set_token('ROUTINE', g_pkg_name || '.'|| l_api_name);
6094 fnd_message.set_token('REASON',
6095 'Data Error- couldn''t get predicate and/or object_name from '||
6096 'fnd_objects and fnd_object_instance_sets for instance set '||
6097 '"'||p_instance_set_name||'"');
6098 code_debug (p_log_level => G_DEBUG_LEVEL_EXCEPTION
6099 ,p_module => l_api_name
6100 ,p_message => 'The given data is not sufficient to find a valid instance set '
6101 );
6102 return G_RETURN_UNEXP_ERR;
6103 end;
6104
6105 -- Convert e.g. from ':n' to 'TO_NUMBER(:n)'
6106 l_pk1_vc_val := get_conv_from_char(':col1_value', l_pk1_col_type);
6107 l_pk2_vc_val := get_conv_from_char(':col2_value', l_pk2_col_type);
6108 l_pk3_vc_val := get_conv_from_char(':col3_value', l_pk3_col_type);
6109 l_pk4_vc_val := get_conv_from_char(':col4_value', l_pk4_col_type);
6110 l_pk5_vc_val := get_conv_from_char(':col5_value', l_pk5_col_type);
6111
6112 -- Construct dynamic sql statement that will return a row if
6113 -- there is a row in the base object table in the instance set,
6114 -- with the PK passed in.
6115 l_dynamic_sql :=
6116 'SELECT ''X'' FROM sys.dual WHERE EXISTS (' ||
6117 'SELECT ''X'''||
6118 ' FROM '|| l_object_name ||
6119 ' WHERE ';
6120 if (l_pk1_col_name is not NULL) then
6121 l_dynamic_sql := l_dynamic_sql ||
6122 ' ( ('||l_pk1_col_name||' = '||l_pk1_vc_val||')'||
6123 ' OR ( ('||l_pk1_col_name||' is NULL) '||
6124 ' AND ( :col1_value is NULL)))';
6125 end if;
6126 if (l_pk2_col_name is not NULL) then
6127 l_dynamic_sql := l_dynamic_sql ||
6128 ' AND ( ('||l_pk2_col_name||' = '||l_pk2_vc_val||')'||
6129 ' OR ( ('||l_pk2_col_name||' is NULL) '||
6130 ' AND ( :col2_value is NULL)))';
6131 end if;
6132 if (l_pk3_col_name is not NULL) then
6133 l_dynamic_sql := l_dynamic_sql ||
6134 ' AND ( ('||l_pk3_col_name||' = '||l_pk3_vc_val||')'||
6135 ' OR ( ('||l_pk3_col_name||' is NULL) '||
6136 ' AND ( :col3_value is NULL)))';
6137 end if;
6138 if (l_pk4_col_name is not NULL) then
6139 l_dynamic_sql := l_dynamic_sql ||
6140 ' AND ( ('||l_pk4_col_name||' = '||l_pk4_vc_val||')'||
6141 ' OR ( ('||l_pk4_col_name||' is NULL) '||
6142 ' AND ( :col4_value is NULL)))';
6143 end if;
6144 if (l_pk5_col_name is not NULL) then
6145 l_dynamic_sql := l_dynamic_sql ||
6146 ' AND ( ('||l_pk5_col_name||' = '||l_pk5_vc_val||')'||
6147 ' OR ( ('||l_pk5_col_name||' is NULL) '||
6148 ' AND ( :col5_value is NULL)))';
6149 end if;
6150 l_dynamic_sql := l_dynamic_sql ||
6151 ' AND '|| l_predicate ||')';
6152
6153 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
6154 ,p_module => l_api_name
6155 ,p_message => 'l_dynamic_sql '||l_dynamic_sql
6156 );
6157 -- Run the statement, binding in the pk column names and pk values.
6158 if (l_pk5_col_name is not NULL) then
6159 OPEN instance_sets_cur FOR l_dynamic_sql USING
6160 p_instance_pk1_value, p_instance_pk1_value,
6161 p_instance_pk2_value, p_instance_pk2_value,
6162 p_instance_pk3_value, p_instance_pk3_value,
6163 p_instance_pk4_value, p_instance_pk4_value,
6164 p_instance_pk5_value, p_instance_pk5_value;
6168 p_instance_pk2_value, p_instance_pk2_value,
6165 elsif (l_pk4_col_name is not NULL) then
6166 OPEN instance_sets_cur FOR l_dynamic_sql USING
6167 p_instance_pk1_value, p_instance_pk1_value,
6169 p_instance_pk3_value, p_instance_pk3_value,
6170 p_instance_pk4_value, p_instance_pk4_value;
6171 elsif (l_pk3_col_name is not NULL) then
6172 OPEN instance_sets_cur FOR l_dynamic_sql USING
6173 p_instance_pk1_value, p_instance_pk1_value,
6174 p_instance_pk2_value, p_instance_pk2_value,
6175 p_instance_pk3_value, p_instance_pk3_value;
6176 elsif (l_pk2_col_name is not NULL) then
6177 OPEN instance_sets_cur FOR l_dynamic_sql USING
6178 p_instance_pk1_value, p_instance_pk1_value,
6179 p_instance_pk2_value, p_instance_pk2_value;
6180 elsif (l_pk1_col_name is not NULL) then
6181 OPEN instance_sets_cur FOR l_dynamic_sql USING
6182 p_instance_pk1_value, p_instance_pk1_value;
6183 else
6184 return G_RETURN_UNEXP_ERR; /* This will never happen since pk1 is reqd*/
6185 end if;
6186
6187
6188 FETCH instance_sets_cur INTO l_dummy_val;
6189 IF(instance_sets_cur%NOTFOUND) THEN
6190 CLOSE instance_sets_cur;
6191 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
6192 ,p_module => l_api_name
6193 ,p_message => 'Returning failure as instance does not have the reqd function '
6194 );
6195 RETURN G_RETURN_FAILURE;
6196 ELSE
6197 CLOSE instance_sets_cur;
6198 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
6199 ,p_module => l_api_name
6200 ,p_message => 'Returning success as instance set has the reqd function '
6201 );
6202 RETURN G_RETURN_SUCCESS;
6203 END IF;
6204
6205 EXCEPTION
6206 WHEN OTHERS THEN
6207 fnd_message.set_name('FND', 'SQL_PLSQL_ERROR');
6208 fnd_message.set_token('ROUTINE',G_PKG_NAME||l_api_name);
6209 fnd_message.set_token('ERRNO', SQLCODE);
6210 fnd_message.set_token('REASON', SQLERRM);
6211 code_debug (p_log_level => G_DEBUG_LEVEL_UNEXPECTED
6212 ,p_module => l_api_name
6213 ,p_message => 'Ending: Returning OTHER ERROR '||SQLERRM
6214 );
6215 RETURN G_RETURN_UNEXP_ERR;
6216
6217 end check_instance_in_set;
6218
6219
6220 --------------------------------------------------------
6221 ---- Create_Role_Mapping
6222 --------------------------------------------------------
6223 PROCEDURE Create_Role_Mapping(
6224 p_api_version IN NUMBER
6225 ,p_parent_obj_name IN VARCHAR2
6226 ,p_parent_role_name IN VARCHAR2
6227 ,p_child_obj_name IN VARCHAR2
6228 ,p_child_object_type IN VARCHAR2
6229 ,p_child_role_name IN VARCHAR2
6230 ,p_owner IN NUMBER
6231 ,p_init_msg_list IN VARCHAR2 := fnd_api.g_FALSE
6232 ,p_commit IN VARCHAR2 := fnd_api.g_FALSE
6233 ,x_return_status OUT NOCOPY VARCHAR2
6234 ,x_errorcode OUT NOCOPY NUMBER
6235 ,x_msg_count OUT NOCOPY NUMBER
6236 ,x_msg_data OUT NOCOPY VARCHAR2
6237 ) IS
6238
6239 l_api_name CONSTANT VARCHAR2(30) := 'Create_Role_Mapping';
6240 --we don't use this yet, but eventually we might:
6241 --if we change required parameters, version goes from n.x to (n+1).x
6242 --if we change optional parameters, version goes from x.n to x.(n+1)
6243
6244 l_api_version CONSTANT NUMBER := 1.0;
6245
6246 -- General variables
6247 l_parent_obj_id fnd_objects.object_id%type;
6248 l_parent_role_id fnd_menus.menu_id%type;
6249 l_child_obj_id fnd_objects.object_id%type;
6250 l_child_role_id fnd_menus.menu_id%type;
6251
6252 l_Sysdate DATE := Sysdate;
6253 l_owner NUMBER;
6254
6255 BEGIN
6256 SetGlobals();
6257 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
6258 ,p_module => l_api_name
6259 ,p_message => 'Started with 13 params '||
6260 ' p_api_version: '|| p_api_version||
6261 ' - p_parent_obj_name: '||p_parent_obj_name||
6262 ' - p_parent_role_name: '||p_parent_role_name||
6263 ' - p_child_obj_name: '||p_child_obj_name||
6264 ' - p_child_object_type: '||p_child_object_type||
6265 ' - p_child_role_name: '||p_child_role_name||
6266 ' - p_owner: '||p_owner||
6267 ' - p_init_msg_list: '||p_init_msg_list||
6268 ' - p_commit: '||p_commit
6269 );
6270
6271 IF FND_API.TO_BOOLEAN(p_commit) THEN
6272 -- Standard Start of API savepoint
6273 SAVEPOINT Create_Role_Mapping_PUB;
6274 END IF;
6275
6276 IF NOT FND_API.Compatible_API_Call (l_api_version,
6277 p_api_version,
6278 l_api_name,
6279 G_PKG_NAME)
6280 THEN
6281 RAISE FND_API.G_EXC_UNEXPECTED_ERROR;
6282 END IF;
6286 FND_MSG_PUB.initialize;
6283 -- Initialize API message list if necessary.
6284 -- Initialize message list if p_init_msg_list is set to TRUE.
6285 IF FND_API.to_Boolean( p_init_msg_list ) THEN
6287 END IF;
6288
6289 IF (p_owner IS NULL OR p_owner = -1) THEN
6290 l_owner := EGO_SCTX.get_user_id();
6291 ELSE
6292 l_owner := p_owner;
6293 END IF;
6294
6295 l_parent_obj_id := get_object_id(p_object_name => p_parent_obj_name);
6296 l_child_obj_id := get_object_id(p_object_name => p_child_obj_name);
6297 l_parent_role_id := get_role_id(p_role_name => p_parent_role_name);
6298 l_child_role_id := get_role_id(p_role_name => p_child_role_name);
6299
6300 INSERT INTO EGO_OBJ_ROLE_MAPPINGS
6301 (
6302 PARENT_OBJECT_ID
6303 , PARENT_ROLE_ID
6304 , CHILD_OBJECT_ID
6305 , CHILD_OBJECT_TYPE
6306 , CHILD_ROLE_ID
6307 , LAST_UPDATE_DATE
6308 , LAST_UPDATED_BY
6309 , CREATION_DATE
6310 , CREATED_BY
6311 , LAST_UPDATE_LOGIN
6312 )
6313 VALUES
6314 (
6315 l_parent_obj_id
6316 , l_parent_role_id
6317 , l_child_obj_id
6318 , p_child_object_type
6319 , l_child_role_id
6320 , l_Sysdate
6321 , l_owner
6322 , l_Sysdate
6323 , l_owner
6324 , FND_GLOBAL.Login_id
6325 );
6326
6327 -- Standard check of p_commit.
6328 IF FND_API.To_Boolean( p_commit ) THEN
6329 COMMIT WORK;
6330 END IF;
6331
6332 x_return_status := FND_API.G_RET_STS_SUCCESS;
6333
6334 -----------------------------------
6335 -- Make a standard call to get message count
6336 -- and if count is 1, get message info.
6337 -- The client will directly display the x_msg_data (which is already
6338 -- translated) if the x_msg_count = 1;
6339 -- Else, i.e. if x_msg_count > 1, client will call the FND_MSG_PUB.Get
6340 -- Server-side procedure to access the messages, and consolidate them
6341 -- and display them all at once or display one message after another.
6342
6343 FND_MSG_PUB.Count_And_Get
6344 ( p_count => x_msg_count,
6345 p_data => x_msg_data
6346 );
6347 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
6348 ,p_module => l_api_name
6349 ,p_message => 'Returning 13 with params '||
6350 ' x_return_status: '|| x_return_status||
6351 ' - x_errorcode: '||x_errorcode||
6352 ' - x_msg_count: '||x_msg_count||
6353 ' - x_msg_data: '||x_msg_data
6354 );
6355
6356 EXCEPTION
6357 WHEN FND_API.G_EXC_ERROR THEN
6358 IF FND_API.TO_BOOLEAN(p_commit) THEN
6359 ROLLBACK TO Create_Role_Mapping_PUB;
6360 END IF;
6361 x_return_status := FND_API.G_RET_STS_ERROR;
6362 FND_MSG_PUB.Count_And_Get
6363 ( p_count => x_msg_count,
6364 p_data => x_msg_data
6365 );
6366 x_msg_data := 'Executing - '||G_PKG_NAME||'.'||l_api_name||' '||SQLERRM;
6367 code_debug (p_log_level => G_DEBUG_LEVEL_ERROR
6368 ,p_module => l_api_name
6369 ,p_message => 'Ending: Returning ERROR '||
6370 ' x_return_status: '|| x_return_status||
6371 ' - x_errorcode: '||x_errorcode||
6372 ' - x_msg_count: '||x_msg_count||
6373 ' - x_msg_data: '||x_msg_data
6374 );
6375 WHEN FND_API.G_EXC_UNEXPECTED_ERROR THEN
6376 IF FND_API.TO_BOOLEAN(p_commit) THEN
6377 ROLLBACK TO Create_Function_PUB;
6378 END IF;
6379 x_return_status := FND_API.G_RET_STS_UNEXP_ERROR;
6380 FND_MSG_PUB.Count_And_Get
6381 ( p_count => x_msg_count,
6382 p_data => x_msg_data
6383 );
6384 x_msg_data := 'Executing - '||G_PKG_NAME||'.'||l_api_name||' '||SQLERRM;
6385 code_debug (p_log_level => G_DEBUG_LEVEL_UNEXPECTED
6386 ,p_module => l_api_name
6387 ,p_message => 'Ending: Returning UNEXPECTED ERROR '||
6388 ' x_return_status: '|| x_return_status||
6389 ' - x_errorcode: '||x_errorcode||
6390 ' - x_msg_count: '||x_msg_count||
6391 ' - x_msg_data: '||x_msg_data
6392 );
6393 WHEN OTHERS THEN
6394 IF FND_API.TO_BOOLEAN(p_commit) THEN
6395 ROLLBACK TO Create_Function_PUB;
6396 END IF;
6397 x_return_status := FND_API.G_RET_STS_UNEXP_ERROR;
6398 IF FND_MSG_PUB.Check_Msg_Level
6399 (FND_MSG_PUB.G_MSG_LVL_UNEXP_ERROR)
6400 THEN
6401 FND_MSG_PUB.Add_Exc_Msg
6402 ( G_PKG_NAME,
6403 l_api_name
6404 );
6405 END IF;
6406 FND_MSG_PUB.Count_And_Get
6407 ( p_count => x_msg_count,
6408 p_data => x_msg_data
6409 );
6410 x_msg_data := 'Executing - '||G_PKG_NAME||'.'||l_api_name||' '||SQLERRM;
6411 code_debug (p_log_level => G_DEBUG_LEVEL_UNEXPECTED
6412 ,p_module => l_api_name
6416 ' - x_msg_count: '||x_msg_count||
6413 ,p_message => 'Ending: Returning UNEXPECTED ERROR '||
6414 ' x_return_status: '|| x_return_status||
6415 ' - x_errorcode: '||x_errorcode||
6417 ' - x_msg_data: '||x_msg_data
6418 );
6419
6420 END Create_Role_Mapping;
6421
6422
6423 --------------------------------------------------------
6424 ---- Create_Role_Mapping
6425 --------------------------------------------------------
6426 PROCEDURE Create_Role_Mapping(
6427 p_api_version IN NUMBER
6428 ,p_parent_obj_name IN VARCHAR2
6429 ,p_parent_role_name IN VARCHAR2
6430 ,p_child_obj_name IN VARCHAR2
6431 ,p_child_object_type IN VARCHAR2
6432 ,p_child_role_name IN VARCHAR2
6433 ,p_init_msg_list IN VARCHAR2 := fnd_api.g_FALSE
6434 ,p_commit IN VARCHAR2 := fnd_api.g_FALSE
6435 ,x_return_status OUT NOCOPY VARCHAR2
6436 ,x_errorcode OUT NOCOPY NUMBER
6437 ,x_msg_count OUT NOCOPY NUMBER
6438 ,x_msg_data OUT NOCOPY VARCHAR2
6439 ) IS
6440
6441 BEGIN
6442 SetGlobals();
6443 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
6444 ,p_module => 'Create_Role_Mapping 12'
6445 ,p_message => 'Started with 12 params '||
6446 ' p_api_version: '|| p_api_version||
6447 ' - p_parent_obj_name: '||p_parent_obj_name||
6448 ' - p_parent_role_name: '||p_parent_role_name||
6449 ' - p_child_obj_name: '||p_child_obj_name||
6450 ' - p_child_object_type: '||p_child_object_type||
6451 ' - p_child_role_name: '||p_child_role_name||
6452 ' - p_init_msg_list: '||p_init_msg_list||
6453 ' - p_commit: '||p_commit
6454 );
6455
6456 Create_Role_Mapping(
6457 p_api_version => p_api_version
6458 ,p_parent_obj_name => p_parent_obj_name
6459 ,p_parent_role_name => p_parent_role_name
6460 ,p_child_obj_name => p_child_obj_name
6461 ,p_child_object_type => p_child_object_type
6462 ,p_child_role_name => p_child_role_name
6463 ,p_owner => NULL
6464 ,p_init_msg_list => p_init_msg_list
6465 ,p_commit => p_commit
6466 ,x_return_status => x_return_status
6467 ,x_errorcode => x_errorcode
6468 ,x_msg_count => x_msg_count
6469 ,x_msg_data => x_msg_data
6470 );
6471 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
6472 ,p_module => 'Create_Role_Mapping'
6473 ,p_message => 'Returning 12 with params '||
6474 ' x_return_status: '|| x_return_status||
6475 ' - x_errorcode: '||x_errorcode||
6476 ' - x_msg_count: '||x_msg_count||
6477 ' - x_msg_data: '||x_msg_data
6478 );
6479
6480 END Create_Role_Mapping;
6481
6482 --------------------------------------------------------
6483 ---- Update_Role_Mapping
6484 --------------------------------------------------------
6485 PROCEDURE Update_Role_Mapping(
6486 p_api_version IN NUMBER
6487 ,p_parent_obj_name IN VARCHAR2
6488 ,p_parent_role_name IN VARCHAR2
6489 ,p_child_obj_name IN VARCHAR2
6490 ,p_child_object_type IN VARCHAR2
6491 ,p_child_role_name IN VARCHAR2
6492 ,p_owner IN NUMBER
6493 ,p_init_msg_list IN VARCHAR2 := fnd_api.g_FALSE
6494 ,p_commit IN VARCHAR2 := fnd_api.g_FALSE
6495 ,x_return_status OUT NOCOPY VARCHAR2
6496 ,x_errorcode OUT NOCOPY NUMBER
6497 ,x_msg_count OUT NOCOPY NUMBER
6498 ,x_msg_data OUT NOCOPY VARCHAR2
6499 ) IS
6500
6501 l_api_name CONSTANT VARCHAR2(30) := 'Update_Role_Mapping';
6502 --we don't use this yet, but eventually we might:
6503 --if we change required parameters, version goes from n.x to (n+1).x
6504 --if we change optional parameters, version goes from x.n to x.(n+1)
6505
6506 l_api_version CONSTANT NUMBER := 1.0;
6507 l_row_count NUMBER;
6508 l_curr_login_id NUMBER;
6509
6510 -- General variables
6511
6512 l_parent_obj_id fnd_objects.object_id%type;
6513 l_parent_role_id fnd_menus.menu_id%type;
6514 l_child_obj_id fnd_objects.object_id%type;
6515 l_child_role_id fnd_menus.menu_id%type;
6516 l_Sysdate DATE := Sysdate;
6517 l_owner NUMBER;
6518
6519 BEGIN
6520 SetGlobals();
6521 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
6522 ,p_module => l_api_name
6526 ' - p_parent_role_name: '||p_parent_role_name||
6523 ,p_message => 'Started with 13 params '||
6524 ' p_api_version: '|| p_api_version||
6525 ' - p_parent_obj_name: '||p_parent_obj_name||
6527 ' - p_child_obj_name: '||p_child_obj_name||
6528 ' - p_child_object_type: '||p_child_object_type||
6529 ' - p_child_role_name: '||p_child_role_name||
6530 ' - p_owner: '||p_owner||
6531 ' - p_init_msg_list: '||p_init_msg_list||
6532 ' - p_commit: '||p_commit
6533 );
6534 IF FND_API.TO_BOOLEAN(p_commit) THEN
6535 -- Standard Start of API savepoint
6536 SAVEPOINT Update_Role_Mapping_PUB;
6537 END IF;
6538
6539 -- Initialize API message list if necessary.
6540 -- Initialize message list if p_init_msg_list is set to TRUE.
6541 IF FND_API.to_Boolean( p_init_msg_list ) THEN
6542 FND_MSG_PUB.initialize;
6543 END IF;
6544
6545 IF NOT FND_API.Compatible_API_Call (l_api_version,
6546 p_api_version,
6547 l_api_name,
6548 G_PKG_NAME)
6549 THEN
6550 RAISE FND_API.G_EXC_UNEXPECTED_ERROR;
6551 END IF;
6552
6553 IF (p_owner IS NULL OR p_owner = -1) THEN
6554 l_owner := EGO_SCTX.get_user_id();
6555 ELSE
6556 l_owner := p_owner;
6557 END IF;
6558
6559 l_parent_obj_id := get_object_id(p_object_name => p_parent_obj_name);
6560 l_child_obj_id := get_object_id(p_object_name => p_child_obj_name);
6561 l_parent_role_id := get_role_id(p_role_name => p_parent_role_name);
6562 l_child_role_id := get_role_id(p_role_name => p_child_role_name);
6563 l_curr_login_id := FND_GLOBAL.Login_id;
6564 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
6565 ,p_module => l_api_name
6566 ,p_message => 'After obtaining parent and child ids '||
6567 ' l_parent_obj_id: '||l_parent_obj_id||
6568 ' - l_child_obj_id: '||l_child_obj_id||
6569 ' - l_parent_role_id: '||l_parent_role_id||
6570 ' - l_child_role_id: '||l_child_role_id
6571 );
6572
6573 IF (p_child_object_type is not null) THEN
6574 UPDATE EGO_OBJ_ROLE_MAPPINGS
6575 SET
6576 CHILD_ROLE_ID = l_child_role_id
6577 , LAST_UPDATE_DATE = l_Sysdate
6578 , LAST_UPDATED_BY = l_owner
6579 , LAST_UPDATE_LOGIN = l_curr_login_id
6580 WHERE
6581 PARENT_OBJECT_ID = l_parent_obj_id AND
6582 PARENT_ROLE_ID = l_parent_role_id AND
6583 CHILD_OBJECT_ID = l_child_obj_id AND
6584 CHILD_OBJECT_TYPE = p_child_object_type;
6585 ELSE
6586 UPDATE EGO_OBJ_ROLE_MAPPINGS
6587 SET
6588 CHILD_ROLE_ID = l_child_role_id
6589 , LAST_UPDATE_DATE = l_Sysdate
6590 , LAST_UPDATED_BY = l_owner
6591 , LAST_UPDATE_LOGIN = l_curr_login_id
6592 WHERE
6593 PARENT_OBJECT_ID = l_parent_obj_id AND
6594 PARENT_ROLE_ID = l_parent_role_id AND
6595 CHILD_OBJECT_ID = l_child_obj_id AND
6596 CHILD_OBJECT_TYPE is null;
6597 END IF;
6598
6599 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
6600 ,p_module => l_api_name
6601 ,p_message => 'After updating role mappings'
6602 );
6603
6604 -- Standard check of p_commit.
6605 IF FND_API.To_Boolean( p_commit ) THEN
6606 COMMIT WORK;
6607 END IF;
6608
6609 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
6610 ,p_module => l_api_name
6611 ,p_message => 'After committing the data'
6612 );
6613 x_return_status := FND_API.G_RET_STS_SUCCESS;
6614
6615 -- Make a standard call to get message count
6616 -- and if count is 1, get message info.
6617 -- The client will directly display the x_msg_data (which is already
6618 -- translated) if the x_msg_count = 1;
6619 -- Else, i.e. if x_msg_count > 1, client will call the FND_MSG_PUB.Get
6620 -- Server-side procedure to access the messages, and consolidate them
6621 -- and display them all at once or display one message after another.
6622
6623 FND_MSG_PUB.Count_And_Get
6624 ( p_count => x_msg_count,
6625 p_data => x_msg_data
6626 );
6627
6628 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
6629 ,p_module => 'Update_Role_Mapping '
6630 ,p_message => 'Returning 13 with params '||
6631 ' x_return_status: '|| x_return_status||
6632 ' - x_errorcode: '||x_errorcode||
6633 ' - x_msg_count: '||x_msg_count||
6634 ' - x_msg_data: '||x_msg_data
6635 );
6636
6637 EXCEPTION
6638 WHEN FND_API.G_EXC_ERROR THEN
6639 IF FND_API.TO_BOOLEAN(p_commit) THEN
6640 ROLLBACK TO Update_Role_Mapping_PUB;
6641 END IF;
6642 x_return_status := FND_API.G_RET_STS_ERROR;
6643 FND_MSG_PUB.Count_And_Get
6644 ( p_count => x_msg_count,
6648 code_debug (p_log_level => G_DEBUG_LEVEL_ERROR
6645 p_data => x_msg_data
6646 );
6647 x_msg_data :='Executing - '||G_PKG_NAME||'.'||l_api_name||' '||SQLERRM;
6649 ,p_module => l_api_name
6650 ,p_message => 'Ending: Returning UNEXPECTED ERROR '||
6651 ' x_return_status: '|| x_return_status||
6652 ' - x_errorcode: '||x_errorcode||
6653 ' - x_msg_count: '||x_msg_count||
6654 ' - x_msg_data: '||x_msg_data
6655 );
6656 WHEN FND_API.G_EXC_UNEXPECTED_ERROR THEN
6657 IF FND_API.TO_BOOLEAN(p_commit) THEN
6658 ROLLBACK TO Update_Role_Mapping_PUB;
6659 END IF;
6660 x_return_status := FND_API.G_RET_STS_UNEXP_ERROR;
6661 FND_MSG_PUB.Count_And_Get
6662 ( p_count => x_msg_count,
6663 p_data => x_msg_data
6664 );
6665 x_msg_data :='Executing - '||G_PKG_NAME||'.'||l_api_name||' '||SQLERRM;
6666 code_debug (p_log_level => G_DEBUG_LEVEL_UNEXPECTED
6667 ,p_module => l_api_name
6668 ,p_message => 'Ending: Returning UNEXPECTED ERROR '||
6669 ' x_return_status: '|| x_return_status||
6670 ' - x_errorcode: '||x_errorcode||
6671 ' - x_msg_count: '||x_msg_count||
6672 ' - x_msg_data: '||x_msg_data
6673 );
6674 WHEN OTHERS THEN
6675 IF FND_API.TO_BOOLEAN(p_commit) THEN
6676 ROLLBACK TO Update_Role_Mapping_PUB;
6677 END IF;
6678 x_return_status := FND_API.G_RET_STS_UNEXP_ERROR;
6679 IF FND_MSG_PUB.Check_Msg_Level
6680 (FND_MSG_PUB.G_MSG_LVL_UNEXP_ERROR)
6681 THEN
6682 FND_MSG_PUB.Add_Exc_Msg
6683 ( G_PKG_NAME,
6684 l_api_name
6685 );
6686 END IF;
6687 FND_MSG_PUB.Count_And_Get
6688 ( p_count => x_msg_count,
6689 p_data => x_msg_data
6690 );
6691 x_msg_data :='Executing - '||G_PKG_NAME||'.'||l_api_name||' '||SQLERRM;
6692 code_debug (p_log_level => G_DEBUG_LEVEL_UNEXPECTED
6693 ,p_module => l_api_name
6694 ,p_message => 'Ending: Returning OTHER ERROR '||
6695 ' x_return_status: '|| x_return_status||
6696 ' - x_errorcode: '||x_errorcode||
6697 ' - x_msg_count: '||x_msg_count||
6698 ' - x_msg_data: '||x_msg_data
6699 );
6700
6701 END Update_Role_Mapping;
6702
6703 --------------------------------------------------------
6704 ---- Update_Role_Mapping
6705 --------------------------------------------------------
6706 PROCEDURE Update_Role_Mapping(
6707 p_api_version IN NUMBER
6708 ,p_parent_obj_name IN VARCHAR2
6709 ,p_parent_role_name IN VARCHAR2
6710 ,p_child_obj_name IN VARCHAR2
6711 ,p_child_object_type IN VARCHAR2
6712 ,p_child_role_name IN VARCHAR2
6713 ,p_init_msg_list IN VARCHAR2 := fnd_api.g_FALSE
6714 ,p_commit IN VARCHAR2 := fnd_api.g_FALSE
6715 ,x_return_status OUT NOCOPY VARCHAR2
6716 ,x_errorcode OUT NOCOPY NUMBER
6717 ,x_msg_count OUT NOCOPY NUMBER
6718 ,x_msg_data OUT NOCOPY VARCHAR2
6719 ) IS
6720
6721 BEGIN
6722 SetGlobals();
6723 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
6724 ,p_module => 'Update_Role_Mapping'
6725 ,p_message => 'Started with 12 params '||
6726 ' p_api_version: '|| p_api_version||
6727 ' - p_parent_obj_name: '||p_parent_obj_name||
6728 ' - p_parent_role_name: '||p_parent_role_name||
6729 ' - p_child_obj_name: '||p_child_obj_name||
6730 ' - p_child_object_type: '||p_child_object_type||
6731 ' - p_child_role_name: '||p_child_role_name||
6732 ' - p_init_msg_list: '||p_init_msg_list||
6733 ' - p_commit: '||p_commit
6734 );
6735
6736 Update_Role_Mapping(
6737 p_api_version => p_api_version
6738 ,p_parent_obj_name => p_parent_obj_name
6739 ,p_parent_role_name => p_parent_role_name
6740 ,p_child_obj_name => p_child_obj_name
6741 ,p_child_object_type => p_child_object_type
6742 ,p_child_role_name => p_child_role_name
6743 ,p_owner => NULL
6744 ,p_init_msg_list => p_init_msg_list
6745 ,p_commit => p_commit
6746 ,x_return_status => x_return_status
6747 ,x_errorcode => x_errorcode
6748 ,x_msg_count => x_msg_count
6749 ,x_msg_data => x_msg_data
6750 );
6751 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
6752 ,p_module => 'Update_Role_Mapping'
6756 ' - x_msg_count: '||x_msg_count||
6753 ,p_message => 'Returning 12 with params '||
6754 ' x_return_status: '|| x_return_status||
6755 ' - x_errorcode: '||x_errorcode||
6757 ' - x_msg_data: '||x_msg_data
6758 );
6759
6760 END Update_Role_Mapping;
6761
6762 --------------------------------------------------------
6763 ---- Delete_Role_Mapping
6764 --------------------------------------------------------
6765 PROCEDURE Delete_Role_Mapping(
6766 p_api_version IN NUMBER
6767 ,p_parent_obj_name IN VARCHAR2
6768 ,p_parent_role_name IN VARCHAR2
6769 ,p_child_obj_name IN VARCHAR2
6770 ,p_child_object_type IN VARCHAR2
6771 ,p_init_msg_list IN VARCHAR2 := fnd_api.g_FALSE
6772 ,p_commit IN VARCHAR2 := fnd_api.g_FALSE
6773 ,x_return_status OUT NOCOPY VARCHAR2
6774 ,x_errorcode OUT NOCOPY NUMBER
6775 ,x_msg_count OUT NOCOPY NUMBER
6776 ,x_msg_data OUT NOCOPY VARCHAR2
6777 ) IS
6778
6779 l_api_name CONSTANT VARCHAR2(30) := 'Delete_Role_Mapping';
6780 --we don't use this yet, but eventually we might:
6781 --if we change required parameters, version goes from n.x to (n+1).x
6782 --if we change optional parameters, version goes from x.n to x.(n+1)
6783
6784 l_api_version CONSTANT NUMBER := 1.0;
6785 l_row_count NUMBER;
6786
6787 -- General variables
6788
6789 l_parent_obj_id fnd_objects.object_id%type;
6790 l_parent_role_id fnd_menus.menu_id%type;
6791 l_child_obj_id fnd_objects.object_id%type;
6792
6793 l_Sysdate DATE := Sysdate;
6794
6795 BEGIN
6796 SetGlobals();
6797 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
6798 ,p_module => l_api_name
6799 ,p_message => 'Started with 11 params '||
6800 ' p_api_version: '|| p_api_version||
6801 ' - p_parent_obj_name: '||p_parent_obj_name||
6802 ' - p_parent_role_name: '||p_parent_role_name||
6803 ' - p_child_obj_name: '||p_child_obj_name||
6804 ' - p_child_object_type: '||p_child_object_type||
6805 ' - p_init_msg_list: '||p_init_msg_list||
6806 ' - p_commit: '||p_commit
6807 );
6808
6809 IF FND_API.TO_BOOLEAN(p_commit) THEN
6810 -- Standard Start of API savepoint
6811 SAVEPOINT Delete_Role_Mapping_PUB;
6812 END IF;
6813
6814 -- Initialize API message list if necessary.
6815 -- Initialize message list if p_init_msg_list is set to TRUE.
6816 IF FND_API.to_Boolean( p_init_msg_list ) THEN
6817 FND_MSG_PUB.initialize;
6818 END IF;
6819
6820 IF NOT FND_API.Compatible_API_Call (l_api_version,
6821 p_api_version,
6822 l_api_name,
6823 G_PKG_NAME)
6824 THEN
6825 RAISE FND_API.G_EXC_UNEXPECTED_ERROR;
6826 END IF;
6827
6828 l_parent_obj_id := get_object_id(p_object_name => p_parent_obj_name);
6829 l_child_obj_id := get_object_id(p_object_name => p_child_obj_name);
6830 l_parent_role_id := get_role_id(p_role_name => p_parent_role_name);
6831
6832 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
6833 ,p_module => l_api_name
6834 ,p_message => 'After obtaining parent and child ids '||
6835 ' l_parent_obj_id: '||l_parent_obj_id||
6836 ' - l_child_obj_id: '||l_child_obj_id||
6837 ' - l_parent_role_id: '||l_parent_role_id
6838 );
6839
6840 IF (p_child_object_type is not null) THEN
6841 DELETE FROM EGO_OBJ_ROLE_MAPPINGS
6842 WHERE
6843 PARENT_OBJECT_ID = l_parent_obj_id AND
6844 PARENT_ROLE_ID = l_parent_role_id AND
6845 CHILD_OBJECT_ID = l_child_obj_id AND
6846 CHILD_OBJECT_TYPE = p_child_object_type;
6847 ELSE
6848 DELETE FROM EGO_OBJ_ROLE_MAPPINGS
6849 WHERE
6850 PARENT_OBJECT_ID = l_parent_obj_id AND
6851 PARENT_ROLE_ID = l_parent_role_id AND
6852 CHILD_OBJECT_ID = l_child_obj_id AND
6853 CHILD_OBJECT_TYPE is null;
6854 END IF;
6855
6856 -- Standard check of p_commit.
6857 IF FND_API.To_Boolean( p_commit ) THEN
6858 COMMIT WORK;
6859 END IF;
6860
6861 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
6862 ,p_module => l_api_name
6863 ,p_message => 'After committing the data'
6864 );
6865
6866 x_return_status := FND_API.G_RET_STS_SUCCESS;
6867
6868 -- Make a standard call to get message count and if count is 1,
6869 -- get message info.
6870
6871 FND_MSG_PUB.Count_And_Get
6872 ( p_count => x_msg_count,
6873 p_data => x_msg_data
6874 );
6875 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
6876 ,p_module => l_api_name
6880 ' - x_msg_count: '||x_msg_count||
6877 ,p_message => 'Returning 11 with params '||
6878 ' x_return_status: '|| x_return_status||
6879 ' - x_errorcode: '||x_errorcode||
6881 ' - x_msg_data: '||x_msg_data
6882 );
6883
6884 EXCEPTION
6885 WHEN FND_API.G_EXC_ERROR THEN
6886 IF FND_API.TO_BOOLEAN(p_commit) THEN
6887 ROLLBACK TO Delete_Role_Mapping_PUB;
6888 END IF;
6889 x_return_status := FND_API.G_RET_STS_ERROR;
6890 FND_MSG_PUB.Count_And_Get
6891 ( p_count => x_msg_count,
6892 p_data => x_msg_data
6893 );
6894 x_msg_data := 'Executing - '||G_PKG_NAME||'.'||l_api_name||' '||SQLERRM;
6895 code_debug (p_log_level => G_DEBUG_LEVEL_ERROR
6896 ,p_module => l_api_name
6897 ,p_message => 'Ending: Returning ERROR '||
6898 ' x_return_status: '|| x_return_status||
6899 ' - x_errorcode: '||x_errorcode||
6900 ' - x_msg_count: '||x_msg_count||
6901 ' - x_msg_data: '||x_msg_data
6902 );
6903 WHEN FND_API.G_EXC_UNEXPECTED_ERROR THEN
6904 IF FND_API.TO_BOOLEAN(p_commit) THEN
6905 ROLLBACK TO Delete_Role_Mapping_PUB;
6906 END IF;
6907 x_return_status := FND_API.G_RET_STS_UNEXP_ERROR;
6908 FND_MSG_PUB.Count_And_Get
6909 ( p_count => x_msg_count,
6910 p_data => x_msg_data
6911 );
6912 x_msg_data := 'Executing - '||G_PKG_NAME||'.'||l_api_name||' '||SQLERRM;
6913 code_debug (p_log_level => G_DEBUG_LEVEL_UNEXPECTED
6914 ,p_module => l_api_name
6915 ,p_message => 'Ending: Returning UNEXPECTED ERROR '||
6916 ' x_return_status: '|| x_return_status||
6917 ' - x_errorcode: '||x_errorcode||
6918 ' - x_msg_count: '||x_msg_count||
6919 ' - x_msg_data: '||x_msg_data
6920 );
6921 WHEN OTHERS THEN
6922 IF FND_API.TO_BOOLEAN(p_commit) THEN
6923 ROLLBACK TO Delete_Role_Mapping_PUB;
6924 END IF;
6925 x_return_status := FND_API.G_RET_STS_UNEXP_ERROR;
6926 IF FND_MSG_PUB.Check_Msg_Level
6927 (FND_MSG_PUB.G_MSG_LVL_UNEXP_ERROR)
6928 THEN
6929 FND_MSG_PUB.Add_Exc_Msg
6930 ( G_PKG_NAME,
6931 l_api_name
6932 );
6933 END IF;
6934 FND_MSG_PUB.Count_And_Get
6935 ( p_count => x_msg_count,
6936 p_data => x_msg_data
6937 );
6938 x_msg_data := 'Executing - '||G_PKG_NAME||'.'||l_api_name||' '||SQLERRM;
6939 code_debug (p_log_level => G_DEBUG_LEVEL_UNEXPECTED
6940 ,p_module => l_api_name
6941 ,p_message => 'Ending: Returning OTHER ERROR '||
6942 ' x_return_status: '|| x_return_status||
6943 ' - x_errorcode: '||x_errorcode||
6944 ' - x_msg_count: '||x_msg_count||
6945 ' - x_msg_data: '||x_msg_data
6946 );
6947
6948 END Delete_Role_Mapping;
6949
6950 --------------------------------------------------------
6951 ---- get_role_functions
6952 --------------------------------------------------------
6953 PROCEDURE get_role_functions
6954 (
6955 p_api_version IN NUMBER,
6956 p_role_name IN VARCHAR2,
6957 x_return_status OUT NOCOPY VARCHAR2,
6958 x_privilege_tbl OUT NOCOPY EGO_VARCHAR_TBL_TYPE
6959 )
6960 IS
6961
6962 l_api_name CONSTANT VARCHAR2(30) := 'GET_ROLE_FUNCTIONS';
6963
6964 -- On addition of any Required parameters the major version needs
6965 -- to change i.e. for eg. 1.X to 2.X.
6966 -- On addition of any Optional parameters the minor version needs
6967 -- to change i.e. for eg. X.6 to X.7.
6968 l_api_version CONSTANT NUMBER := 1.0;
6969
6970 l_index NUMBER;
6971
6972 l_privilege_tbl EGO_PRIVILEGE_NAME_TABLE_TYPE;
6973
6974 CURSOR role_function_c (cp_role_name VARCHAR2)
6975 IS
6976 SELECT functions.function_name
6977 FROM fnd_form_functions functions,
6978 fnd_menu_entries cmf,
6979 fnd_menus menus
6980 WHERE functions.function_id = cmf.function_id
6981 AND menus.menu_id = cmf.menu_id
6982 AND menus.menu_name = cp_role_name;
6983
6984
6985 BEGIN
6986 SetGlobals();
6987 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
6988 ,p_module => l_api_name
6989 ,p_message => 'Started with 4 params '||
6990 ' p_api_version: '|| p_api_version||
6991 ' - p_role_name: '||p_role_name
6992 );
6993 x_return_status := G_RETURN_SUCCESS; /* Assume Success */
6994
6995 x_privilege_tbl := EGO_VARCHAR_TBL_TYPE();
6996
6997 l_index := 0;
6998
6999 FOR privileges_rec IN role_function_c (p_role_name)
7000 LOOP
7001 l_privilege_tbl(l_index) := privileges_rec.function_name;
7002 l_index := l_index+1;
7003 END LOOP;
7004
7008
7005 x_privilege_tbl.extend(l_privilege_tbl.COUNT);
7006
7007 if (l_privilege_tbl.COUNT > 0) then
7009 FOR i IN l_privilege_tbl.first .. l_privilege_tbl.last LOOP
7010 x_privilege_tbl(i+1) := l_privilege_tbl(i);
7011
7012 END LOOP;
7013 end if;
7014
7015
7016 EXCEPTION
7017 WHEN OTHERS THEN
7018 fnd_message.set_name('FND', 'SQL_PLSQL_ERROR');
7019 fnd_message.set_token('ROUTINE',G_PKG_NAME||l_api_name);
7020 fnd_message.set_token('ERRNO', SQLCODE);
7021 fnd_message.set_token('REASON', SQLERRM);
7022 x_return_status := G_RETURN_UNEXP_ERR;
7023 code_debug (p_log_level => G_DEBUG_LEVEL_UNEXPECTED
7024 ,p_module => l_api_name
7025 ,p_message => 'Ending: Returning OTHER ERROR '||SQLERRM
7026 );
7027
7028 END get_role_functions;
7029
7030 --------------------------------------------------------
7031 ---- get_inherited_functions
7032 --------------------------------------------------------
7033 PROCEDURE get_inherited_functions
7034 (
7035 p_api_version IN NUMBER,
7036 p_object_name IN VARCHAR2,
7037 p_instance_pk1_value IN VARCHAR2,
7038 p_instance_pk2_value IN VARCHAR2 DEFAULT NULL,
7039 p_instance_pk3_value IN VARCHAR2 DEFAULT NULL,
7040 p_instance_pk4_value IN VARCHAR2 DEFAULT NULL,
7041 p_instance_pk5_value IN VARCHAR2 DEFAULT NULL,
7042 p_user_name IN VARCHAR2 DEFAULT NULL,
7043 p_object_type IN VARCHAR2 DEFAULT NULL,
7044 p_parent_object_name_tbl IN EGO_VARCHAR_TBL_TYPE,
7045 p_parent_object_sql_tbl IN EGO_VARCHAR_TBL_TYPE,
7046 x_return_status OUT NOCOPY VARCHAR2,
7047 x_privilege_tbl OUT NOCOPY EGO_VARCHAR_TBL_TYPE
7048 )
7049 IS
7050
7051 l_api_name CONSTANT VARCHAR2(30) := 'GET_INHERITED_FUNCTIONS';
7052
7053 -- On addition of any Required parameters the major version needs
7054 -- to change i.e. for eg. 1.X to 2.X.
7055 -- On addition of any Optional parameters the minor version needs
7056 -- to change i.e. for eg. X.6 to X.7.
7057 l_api_version CONSTANT NUMBER := 1.0;
7058 l_sysdate DATE := Sysdate;
7059
7060 l_index NUMBER;
7061 l_dynamic_sql VARCHAR2(32767);
7062 l_common_dyn_sql VARCHAR2(32767);
7063 l_set_dyn_sql VARCHAR2(32767);
7064 l_inst_dyn_sql VARCHAR2(32767);
7065
7066 l_instance_sets_list VARCHAR2(10000);
7067 l_privilege VARCHAR2(480);
7068 l_select_query_part VARCHAR2(3000);
7069 l_group_info VARCHAR2(32767); /* Must match g_pred_buf_size*/
7070 l_company_info VARCHAR2(32767); /* Must match g_pred_buf_size*/
7071
7072 l_db_object_name VARCHAR2(200);
7073 l_db_pk1_column VARCHAR2(200);
7074 l_db_pk2_column VARCHAR2(200);
7075 l_db_pk3_column VARCHAR2(200);
7076 l_db_pk4_column VARCHAR2(200);
7077 l_db_pk5_column VARCHAR2(200);
7078
7079 l_pk_column_names VARCHAR2(512);
7080 l_pk_orig_column_names VARCHAR2(512);
7081 l_type_converted_val_cols VARCHAR2(512);
7082 l_parent_object_id NUMBER;
7083 l_object_id NUMBER;
7084 l_user_name VARCHAR2(80);
7085 -- l_orig_system VARCHAR2(48);
7086 l_orig_system_id NUMBER;
7087
7088 l_return_status VARCHAR2(1);
7089 l_privilege_tbl EGO_PRIVILEGE_NAME_TABLE_TYPE;
7090 l_privilege_tbl_count NUMBER;
7091 l_privilege_tbl_index NUMBER;
7092 m_privilege_tbl EGO_PRIVILEGE_NAME_TABLE_TYPE;
7093 m_privilege_tbl_count NUMBER;
7094 m_privilege_tbl_index NUMBER;
7095 x_index NUMBER;
7096
7097 l_prof_privilege_tbl EGO_VARCHAR_TBL_TYPE;
7098 l_profile_role VARCHAR2(80);
7099
7100 l_parent_object_count NUMBER; /** ADDING A VARIABLE FOR COUNT ***/
7101
7102 instance_set DYNAMIC_CUR;
7103 candidate_sets_c DYNAMIC_CUR;
7104 l_dynamic_sql_1 VARCHAR2(32767);
7105 l_one_set_predicate VARCHAR2(32767);
7106 l_one_set_id NUMBER;
7107
7108 BEGIN
7109 SetGlobals();
7110 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
7111 ,p_module => l_api_name
7112 ,p_message => 'Started with 13 params '||
7113 ' p_api_version: '|| to_char(p_api_version) ||
7114 ' - p_object_name: '|| p_object_name ||
7115 ' - p_instance_pk1_value: '|| p_instance_pk1_value ||
7116 ' - p_instance_pk2_value: '|| p_instance_pk2_value ||
7117 ' - p_instance_pk3_value: '|| p_instance_pk3_value ||
7118 ' - p_instance_pk4_value: '|| p_instance_pk4_value ||
7119 ' - p_instance_pk5_value: '|| p_instance_pk5_value ||
7120 ' - p_user_name: '|| p_user_name ||
7121 ' - p_object_type: '|| p_object_type
7122 );
7123 FOR l_table_index IN 1..p_parent_object_name_tbl.COUNT LOOP
7124 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
7125 ,p_module => l_api_name
7129 '): '||p_parent_object_sql_tbl(l_table_index)
7126 ,p_message => ' p_parent_object_name_tbl('||l_table_index||
7127 '): '||p_parent_object_name_tbl(l_table_index)||
7128 ' - p_parent_object_sql_tbl('||l_table_index||
7130 );
7131 END LOOP;
7132
7133 -- check for call compatibility.
7134 IF TRUNC(l_api_version) <> TRUNC(p_api_version) THEN
7135 fnd_message.set_name('FND', 'GENERIC-INTERNAL ERROR');
7136 fnd_message.set_token('ROUTINE', g_pkg_name || '.'|| l_api_name);
7137 fnd_message.set_token('REASON', 'Unsupported version '||
7138 to_char(p_api_version)||
7139 ' passed to API; expecting version '||
7140 to_char(l_api_version));
7141 x_return_status := G_RETURN_UNEXP_ERR;
7142 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
7143 ,p_module => l_api_name
7144 ,p_message => 'Returning as the call in incompatible '
7145 );
7146 RETURN;
7147 END IF;
7148
7149 x_return_status := G_RETURN_SUCCESS; /* Assume Success */
7150 l_user_name := p_user_name;
7151 get_orig_key(x_user_name => l_user_name
7152 -- ,x_orig_system => l_orig_system
7153 ,x_orig_system_id => l_orig_system_id);
7154 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
7155 ,p_module => l_api_name
7156 ,p_message => 'l_user_name: '||l_user_name||
7157 -- ' - l_orig_system: '||l_orig_system||
7158 ' - l_orig_system_id: '||l_orig_system_id
7159 );
7160
7161 -- get All privileges of a user on a given object
7162
7163 --Step 1.
7164 -- get database object name and column
7165 -- cache the PK column name
7166 l_object_id := get_object_id(p_object_name => p_object_name);
7167 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
7168 ,p_module => l_api_name
7169 ,p_message => 'l_object_id: '||l_object_id
7170 );
7171 l_group_info := get_group_info(p_party_id => l_orig_system_id);
7172 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
7173 ,p_module => l_api_name
7174 ,p_message => 'l_group_info: '||l_group_info
7175 );
7176 l_company_info := get_company_info (p_party_id => l_orig_system_id);
7177 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
7178 ,p_module => l_api_name
7179 ,p_message => 'l_company_info: '||l_company_info
7180 );
7181
7182 -- GETTING THE COUNT OF PARENT OBJECTS HERE
7183 -- BEGINNING OF THE LOOP
7184 l_index:=0;
7185 FOR l_table_index IN 1..p_parent_object_name_tbl.COUNT LOOP
7186 -- Please clear all the variables in the start of the loop.
7187 -- For eg: pk2 columns may not exist for project..
7188 -- but the value may be retained from the before loop for items
7189 l_db_pk1_column := null;
7190 l_db_pk2_column := null;
7191 l_db_pk3_column := null;
7192 l_db_pk4_column := null;
7193 l_db_pk5_column := null;
7194 l_pk_column_names := null;
7195 l_type_converted_val_cols := null;
7196 l_pk_orig_column_names := null;
7197 l_db_object_name := null;
7198 x_return_status := get_pk_information
7199 (p_parent_object_name_tbl(l_table_index),
7200 l_db_pk1_column,
7201 l_db_pk2_column,
7202 l_db_pk3_column,
7203 l_db_pk4_column,
7204 l_db_pk5_column,
7205 l_pk_column_names,
7206 l_type_converted_val_cols,
7207 l_pk_orig_column_names,
7208 l_db_object_name);
7209
7210 IF (x_return_status <> G_RETURN_SUCCESS) THEN
7211 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
7212 ,p_module => l_api_name
7213 ,p_message => 'Error in obtaining PK information exiting'
7214 );
7215 /* There will be a message on the msg dict stack. */
7216 RETURN; /* We will return the x_return_status as out param */
7217 END IF;
7218
7219 -- Step 2.
7220 -- get instance set ids in which the given object_key exists
7221 -- as a set into l_instance_set
7222 -- R12C Security Changes
7223 /*l_select_query_part:= 'SELECT '|| l_pk_column_names ||
7224 ' FROM '|| l_db_object_name ||
7225 ' WHERE ('; */
7226 IF (p_object_name = 'EGO_ITEM') THEN
7227 l_select_query_part:= 'SELECT '|| l_pk_column_names ||
7228 ' FROM '|| l_db_object_name ||', ego_item_cat_denorm_hier cathier'||
7229 ' WHERE (';
7230 ELSE
7231 l_select_query_part:= 'SELECT '|| l_pk_column_names ||
7232 ' FROM '|| l_db_object_name ||
7233 ' WHERE (';
7234 END IF;
7235 -- R12C Security Changes
7236 if (l_db_pk1_column is not NULL) then
7237 l_select_query_part := l_select_query_part || l_db_pk1_column;
7238 end if;
7242 if (l_db_pk3_column is not NULL) then
7239 if (l_db_pk2_column is not NULL) then
7240 l_select_query_part := l_select_query_part || ',' || l_db_pk2_column;
7241 end if;
7243 l_select_query_part := l_select_query_part || ',' || l_db_pk3_column;
7244 end if;
7245 if (l_db_pk4_column is not NULL) then
7246 l_select_query_part := l_select_query_part || ',' || l_db_pk4_column;
7247 end if;
7248 if (l_db_pk5_column is not NULL) then
7249 l_select_query_part := l_select_query_part || ',' || l_db_pk5_column;
7250 end if;
7251
7252 /*** THIS IS WHERE THE QUERY IS APPENDED ***/
7253
7254 l_select_query_part := l_select_query_part || ') ';
7255 l_select_query_part := l_select_query_part ||' IN ' ||
7256 ' (' || p_parent_object_sql_tbl (l_table_index) || ') ';
7257
7258 -- R12C Secuirty Changes
7259 /*l_select_query_part := l_select_query_part || ' AND ';*/
7260 IF (p_object_name = 'EGO_ITEM') THEN
7261 l_select_query_part := l_select_query_part || ' AND item_catalog_group_id = cathier.child_catalog_group_id AND ';
7262 ELSE
7263 l_select_query_part := l_select_query_part || ' AND ';
7264 END IF;
7265 -- R12C Secuirty Changes
7266
7267 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
7268 ,p_module => l_api_name
7269 ,p_message => l_select_query_part
7270 );
7271 l_parent_object_id := get_object_id(
7272 p_object_name => p_parent_object_name_tbl(l_table_index)
7273 );
7274 -------------------------------------------------------------------------------
7275 -- Now we build dynamic SQL using the work we just did to optimize the query --
7276 -------------------------------------------------------------------------------
7277 l_dynamic_sql_1 :=
7278 ' SELECT DISTINCT sets.instance_set_id, sets.predicate ' ||
7279 ' FROM fnd_grants grants, fnd_object_instance_sets sets' ||
7280 ' WHERE grants.object_id = :object_id ' ||
7281 ' AND grants.start_date <= SYSDATE ' ||
7282 ' AND NVL(grants.end_date, SYSDATE) >= SYSDATE ' ||
7283 ' AND grants.instance_type = :instance_type ' ||
7284 ' AND ( ( grants.grantee_type = ''USER'' AND ' ||
7285 ' grants.grantee_key = :user_name ) '||
7286 ' OR (grants.grantee_type = ''GROUP'' AND '||
7287 ' grants.grantee_key in ( '||l_group_info||' ))' ||
7288 ' OR (grants.grantee_type = ''COMPANY'' AND '||
7289 ' grants.grantee_key in ( '||l_company_info||' ))' ||
7290 ' OR (grants.grantee_type = ''GLOBAL'' AND '||
7291 ' grants.grantee_key in (''HZ_GLOBAL:-1000'', ''GLOBAL'') )) '||
7292 ' AND sets.instance_set_id = grants.instance_set_id ' ||
7293 ' AND sets.object_id = grants.object_id ';
7294 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
7295 ,p_module => l_api_name
7296 ,p_message => 'Binds for get the candidate sets '||
7297 ' l_parent_object_id: '||l_parent_object_id||
7298 ' - G_TYPE_SET: '||G_TYPE_SET||
7299 ' - l_user_name: '||l_user_name
7300 );
7301 l_instance_sets_list := '';
7302 OPEN candidate_sets_c FOR l_dynamic_sql_1
7303 USING IN l_parent_object_id,
7304 IN G_TYPE_SET,
7305 IN l_user_name;
7306 LOOP
7307 FETCH candidate_sets_c INTO l_one_set_id, l_one_set_predicate;
7308 EXIT WHEN candidate_sets_c%NOTFOUND;
7309
7310 l_dynamic_sql := l_select_query_part ||
7311 ' (' || l_one_set_predicate || ') ';
7312
7313 OPEN instance_set FOR l_dynamic_sql;
7314 IF (instance_set % FOUND ) THEN
7315 l_instance_sets_list := l_instance_sets_list || l_one_set_id || ',';
7316 END IF;
7317 END LOOP;
7318
7319 IF( length( l_instance_sets_list ) > 0) THEN
7320 -- strip off the trailing ', '
7321 l_instance_sets_list := SUBSTR(l_instance_sets_list, 1,
7322 length(l_instance_sets_list) - length(','));
7323 END IF;
7324
7325 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
7326 ,p_module => l_api_name
7327 ,p_message => ' Instance Sets List: '||l_instance_sets_list
7328 );
7329 -- Step 3.
7330 -- Form sql using the inst Ids
7331 l_common_dyn_sql := '';
7332 l_set_dyn_sql := '';
7333 l_inst_dyn_sql := '';
7334
7335 l_common_dyn_sql:=
7336 'SELECT DISTINCT fnd_functions.function_name ' ||
7337 ' FROM fnd_grants grants, ' ||
7338 ' fnd_form_functions fnd_functions, ' ||
7339 ' fnd_menu_entries cmf, '||
7340 ' ego_obj_role_mappings mapping '||
7341 ' WHERE grants.object_id = :object_id '||
7342 ' AND grants.start_date <= SYSDATE '||
7343 ' AND NVL(grants.end_date,SYSDATE) >= SYSDATE ' ||
7344 ' AND ( ( grants.grantee_type = ''USER'' AND ' ||
7345 ' grants.grantee_key = :user_name ) '||
7346 ' OR (grants.grantee_type = ''GROUP'' AND ' ||
7347 ' grants.grantee_key in ( '||l_group_info||' )) ' ||
7348 ' OR (grants.grantee_type = ''COMPANY'' AND ' ||
7352 ' AND mapping.child_role_id = cmf.menu_id ' ||
7349 ' grants.grantee_key in ( '||l_company_info||' )) ' ||
7350 ' OR (grants.grantee_type = ''GLOBAL'' AND ' ||
7351 ' grants.grantee_key in (''HZ_GLOBAL:-1000'', ''GLOBAL'') ))'||
7353 ' AND mapping.parent_role_id = grants.menu_id ' ||
7354 ' AND mapping.child_object_id = :child_object_id ' ||
7355 ' AND mapping.parent_object_id = :parent_object_id ' ||
7356 ' AND mapping.child_object_type = :object_type ' ||
7357 ' AND cmf.function_id = fnd_functions.function_id ';
7358
7359 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
7360 ,p_module => l_api_name
7361 ,p_message => 'Binds for common dyn sql '||
7362 ' l_parent_object_id: '||l_parent_object_id||
7363 ' - l_user_name: '||l_user_name||
7364 ' - l_object_id: '||l_object_id||
7365 ' - l_parent_object_id: '||l_parent_object_id||
7366 ' - p_object_type: '||p_object_type
7367 );
7368
7369 l_inst_dyn_sql := ' AND (grants.instance_type = :instanace_type AND (';
7370
7371 if (l_db_pk1_column is not NULL) then
7372 l_inst_dyn_sql := l_inst_dyn_sql ||' grants.instance_pk1_value';
7373 end if;
7374
7375 if (l_db_pk2_column is not NULL) then
7376 l_inst_dyn_sql := l_inst_dyn_sql || ',' ||'grants.instance_pk2_value';
7377 end if;
7378
7379 if (l_db_pk3_column is not NULL) then
7380 l_inst_dyn_sql := l_inst_dyn_sql || ',' ||'grants.instance_pk3_value';
7381 end if;
7382
7383 if (l_db_pk4_column is not NULL) then
7384 l_inst_dyn_sql := l_inst_dyn_sql || ',' ||'grants.instance_pk4_value';
7385 end if;
7386
7387 if (l_db_pk5_column is not NULL) then
7388 l_inst_dyn_sql := l_inst_dyn_sql || ',' ||'grants.instance_pk5_value';
7389 end if;
7390 l_inst_dyn_sql := l_inst_dyn_sql || ')';
7391 l_inst_dyn_sql := l_inst_dyn_sql || ' IN ('||p_parent_object_sql_tbl (l_table_index) ||')) ';
7392
7393 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
7394 ,p_module => l_api_name
7395 ,p_message => 'Binds for inst dyn sql '||
7396 ' G_TYPE_INSTANCE: '||G_TYPE_INSTANCE ||
7397 ' - p_parent_object_sql: '||p_parent_object_sql_tbl (l_table_index)
7398 );
7399
7400 l_dynamic_sql := l_common_dyn_sql || l_inst_dyn_sql;
7401 -- check whether it is empty set
7402 IF( LENGTH(l_instance_sets_list) > 0) THEN
7403 l_set_dyn_sql:=l_set_dyn_sql || ' AND ( ' ||
7404 ' grants.instance_type = :instance_type_set ' ||
7405 ' AND grants.instance_set_id IN ( '||l_instance_sets_list||' ) )';
7406 l_dynamic_sql:= l_dynamic_sql || ' UNION ' ||
7407 l_common_dyn_sql || l_set_dyn_sql;
7408 END IF;
7409 -------------------------------------------------
7410 -- we see if a profile option is set and if so --
7411 -- we add it to the other list of menus --
7412 -------------------------------------------------
7413 l_profile_role := getRole_mappedTo_profileOption
7414 (p_parent_object_name_tbl(l_table_index)
7415 ,p_user_name
7416 );
7417 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
7418 ,p_module => l_api_name
7419 ,p_message => 'profile role for '||p_parent_object_name_tbl(l_table_index)||
7420 ' is: '||l_profile_role
7421 );
7422
7423 IF (l_profile_role is not null) THEN
7424 l_dynamic_sql:= l_dynamic_sql ||' UNION ' ||
7425 ' SELECT DISTINCT fnd_functions.function_name ' ||
7426 ' FROM fnd_form_functions fnd_functions, ' ||
7427 ' fnd_menu_entries cmf, ' ||
7428 ' ego_obj_role_mappings mapping, ' ||
7429 ' fnd_menus menus ' ||
7430 ' WHERE menus.menu_name = :profile_role ' ||
7431 ' AND mapping.parent_role_id = menus.menu_id ' ||
7432 ' AND mapping.child_role_id = cmf.menu_id ' ||
7433 ' AND mapping.child_object_id = :profile_object_id ' ||
7434 ' AND mapping.parent_object_id = :profile_parent_object_id ' ||
7435 ' AND mapping.child_object_type = :profile_object_type ' ||
7436 ' AND cmf.function_id = fnd_functions.function_id ';
7437 END IF;
7438
7439 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
7440 ,p_module => l_api_name
7441 ,p_message => 'Final dynamic sql: '||l_dynamic_sql
7442 );
7443 -- Step 4.
7444 -- execute the dynamic SQL and Collect all privileges
7445 IF( LENGTH(l_instance_sets_list) > 0) THEN
7446 IF l_profile_role IS NOT NULL THEN
7447 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
7448 ,p_module => l_api_name
7449 ,p_message => 'Binds for Final dynamic sql '||
7450 ' l_parent_object_id: '||l_parent_object_id||
7451 ' - l_user_name: '||l_user_name||
7452 ' - l_object_id: '||l_object_id||
7456 ' - p_parent_object_sql: '||p_parent_object_sql_tbl (l_table_index)||
7453 ' - l_parent_object_id: '||l_parent_object_id||
7454 ' - p_object_type: '||p_object_type||
7455 ' - G_TYPE_INSTANCE: '||G_TYPE_INSTANCE ||
7457 ' - l_parent_object_id: '||l_parent_object_id||
7458 ' - l_user_name: '||l_user_name||
7459 ' - l_object_id: '||l_object_id||
7460 ' - l_parent_object_id: '||l_parent_object_id||
7461 ' - p_object_type: '||p_object_type||
7462 ' - G_TYPE_SET: '||G_TYPE_SET||
7463 ' - l_profile_role: '||l_profile_role||
7464 ' - l_object_id: '||l_object_id||
7465 ' - l_parent_object_id: '||l_parent_object_id||
7466 ' - p_object_type: '||p_object_type
7467 );
7468 OPEN instance_set FOR l_dynamic_sql
7469 USING IN l_parent_object_id,
7470 IN l_user_name,
7471 IN l_object_id,
7472 IN l_parent_object_id,
7473 IN p_object_type,
7474 IN G_TYPE_INSTANCE,
7475 IN l_parent_object_id,
7476 IN l_user_name,
7477 IN l_object_id,
7478 IN l_parent_object_id,
7479 IN p_object_type,
7480 IN G_TYPE_SET,
7481 IN l_profile_role,
7482 IN l_object_id,
7483 IN l_parent_object_id,
7484 IN p_object_type;
7485 ELSE
7486 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
7487 ,p_module => l_api_name
7488 ,p_message => 'Binds for Final dynamic sql '||
7489 ' l_parent_object_id: '||l_parent_object_id||
7490 ' - l_user_name: '||l_user_name||
7491 ' - l_object_id: '||l_object_id||
7492 ' - l_parent_object_id: '||l_parent_object_id||
7493 ' - p_object_type: '||p_object_type||
7494 ' - G_TYPE_INSTANCE: '||G_TYPE_INSTANCE ||
7495 ' - p_parent_object_sql: '||p_parent_object_sql_tbl (l_table_index)||
7496 ' - l_parent_object_id: '||l_parent_object_id||
7497 ' - l_user_name: '||l_user_name||
7498 ' - l_object_id: '||l_object_id||
7499 ' - l_parent_object_id: '||l_parent_object_id||
7500 ' - p_object_type: '||p_object_type||
7501 ' - G_TYPE_SET: '||G_TYPE_SET
7502 );
7503 OPEN instance_set FOR l_dynamic_sql
7504 USING IN l_parent_object_id,
7505 IN l_user_name,
7506 IN l_object_id,
7507 IN l_parent_object_id,
7508 IN p_object_type,
7509 IN G_TYPE_INSTANCE,
7510 -- IN p_parent_object_sql_tbl (l_table_index),
7511 IN l_parent_object_id,
7512 IN l_user_name,
7513 IN l_object_id,
7514 IN l_parent_object_id,
7515 IN p_object_type,
7516 IN G_TYPE_SET;
7517 END IF;
7518 ELSE
7519 IF l_profile_role IS NOT NULL THEN
7520 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
7521 ,p_module => l_api_name
7522 ,p_message => 'Binds for Final dynamic sql '||
7523 ' l_parent_object_id: '||l_parent_object_id||
7524 ' - l_user_name: '||l_user_name||
7525 ' - l_object_id: '||l_object_id||
7526 ' - l_parent_object_id: '||l_parent_object_id||
7527 ' - p_object_type: '||p_object_type||
7528 ' - G_TYPE_INSTANCE: '||G_TYPE_INSTANCE ||
7529 ' - p_parent_object_sql: '||p_parent_object_sql_tbl (l_table_index)||
7530 ' - l_profile_role: '||l_profile_role||
7531 ' - l_object_id: '||l_object_id||
7532 ' - l_parent_object_id: '||l_parent_object_id||
7533 ' - p_object_type: '||p_object_type
7534 );
7535 OPEN instance_set FOR l_dynamic_sql
7536 USING IN l_parent_object_id,
7537 IN l_user_name,
7538 IN l_object_id,
7539 IN l_parent_object_id,
7540 IN p_object_type,
7541 IN G_TYPE_INSTANCE,
7542 -- IN p_parent_object_sql_tbl (l_table_index),
7543 IN l_profile_role,
7544 IN l_object_id,
7545 IN l_parent_object_id,
7546 IN p_object_type;
7547 ELSE
7548 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
7549 ,p_module => l_api_name
7550 ,p_message => 'Binds for Final dynamic sql '||
7551 ' l_parent_object_id: '||l_parent_object_id||
7552 ' - l_user_name: '||l_user_name||
7553 ' - l_object_id: '||l_object_id||
7554 ' - l_parent_object_id: '||l_parent_object_id||
7555 ' - p_object_type: '||p_object_type||
7556 ' - G_TYPE_INSTANCE: '||G_TYPE_INSTANCE ||
7557 ' - p_parent_object_sql: '||p_parent_object_sql_tbl (l_table_index)
7561 IN l_user_name,
7558 );
7559 OPEN instance_set FOR l_dynamic_sql
7560 USING IN l_parent_object_id,
7562 IN l_object_id,
7563 IN l_parent_object_id,
7564 IN p_object_type,
7565 IN G_TYPE_INSTANCE;
7566 -- IN p_parent_object_sql_tbl (l_table_index);
7567 END IF;
7568 END IF;
7569
7570 LOOP
7571 FETCH instance_set INTO l_privilege;
7572 EXIT WHEN instance_set%NOTFOUND;
7573 m_privilege_tbl (l_index):=l_privilege;
7574 l_index:=l_index+1;
7575 END LOOP;
7576 CLOSE instance_set;
7577 END LOOP;
7578
7579 /********** ENDING THE LOOP STARTED WITH THE OBJECT COUNT ***************/
7580
7581
7582 -- Step 5.
7583 -- get all the profile option privileges for the parent object type
7584 --and add to m_privilege_tbl
7585 get_role_functions
7586 (p_api_version => p_api_version
7587 ,p_role_name => l_profile_role
7588 ,x_return_status => x_return_status
7589 ,x_privilege_tbl => l_prof_privilege_tbl
7590 );
7591 IF (x_return_status = G_RETURN_SUCCESS) THEN
7592 IF (l_prof_privilege_tbl.COUNT > 0) THEN
7593 FOR i IN l_prof_privilege_tbl.first .. l_prof_privilege_tbl.last LOOP
7594 m_privilege_tbl(l_index) := l_prof_privilege_tbl(i);
7595 l_index:=l_index+1;
7596 END LOOP;
7597 END IF; -- x_prof_privilege_tbl >0
7598 END IF; --return status is T
7599 --end of getting privileges from profile option
7600
7601 -- last step, get object function list itself to append
7602 get_functions(p_api_version => 1.0,
7603 p_object_name => p_object_name,
7604 p_instance_pk1_value => p_instance_pk1_value,
7605 p_instance_pk2_value => p_instance_pk2_value,
7606 p_instance_pk3_value => p_instance_pk3_value,
7607 p_instance_pk4_value => p_instance_pk4_value,
7608 p_instance_pk5_value => p_instance_pk5_value,
7609 p_user_name => l_user_name,
7610 x_return_status => l_return_status,
7611 x_privilege_tbl => l_privilege_tbl);
7612
7613 l_privilege_tbl_count := l_privilege_tbl.COUNT;
7614 if (l_privilege_tbl_count > 0) then
7615 FOR i IN l_privilege_tbl.first .. l_privilege_tbl.last LOOP
7616 m_privilege_tbl(l_index):=l_privilege_tbl(i);
7617 l_index:=l_index+1;
7618 END LOOP;
7619 END IF;
7620 m_privilege_tbl_count := m_privilege_tbl.COUNT;
7621 x_privilege_tbl := EGO_VARCHAR_TBL_TYPE();
7622 x_index := 0;
7623 if (m_privilege_tbl_count > 0) then
7624 x_privilege_tbl.extend(m_privilege_tbl_count);
7625 FOR i IN m_privilege_tbl.first .. m_privilege_tbl.last LOOP
7626 x_privilege_tbl(i+1) := m_privilege_tbl(i);
7627 --x_index := x_index+1;
7628 END LOOP;
7629 end if;
7630 -- last step done
7631
7632 if (l_index > 0) then
7633 x_return_status := G_RETURN_SUCCESS; /* Success */
7634 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
7635 ,p_module => l_api_name
7636 ,p_message => 'Returning previleges '
7637 );
7638 FOR i in x_privilege_tbl.first .. x_privilege_tbl.last LOOP
7639 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
7640 ,p_module => l_api_name
7641 ,p_message => 'Index : '||i||' - privilege: '||x_privilege_tbl(i)
7642 );
7643 END LOOP;
7644 else
7645 x_return_status := G_RETURN_FAILURE; /* No functions */
7646 end if;
7647 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
7648 ,p_module => l_api_name
7649 ,p_message => 'Completing with status '||x_return_status
7650 );
7651
7652 EXCEPTION
7653 WHEN OTHERS THEN
7654 fnd_message.set_name('FND', 'SQL_PLSQL_ERROR');
7655 fnd_message.set_token('ROUTINE',G_PKG_NAME||l_api_name);
7656 fnd_message.set_token('ERRNO', SQLCODE);
7657 fnd_message.set_token('REASON', SQLERRM);
7658 x_return_status := G_RETURN_UNEXP_ERR;
7659 code_debug (p_log_level => G_DEBUG_LEVEL_UNEXPECTED
7660 ,p_module => l_api_name
7661 ,p_message => 'Ending: Returning OTHER ERROR '||SQLERRM
7662 );
7663 END get_inherited_functions;
7664
7665 --------------------------------------------------------
7666 ---- check_inherited_function
7667 --------------------------------------------------------
7668 FUNCTION check_inherited_function
7669 (
7670 p_api_version IN NUMBER,
7671 p_function IN VARCHAR2,
7672 p_object_name IN VARCHAR2,
7673 p_instance_pk1_value IN VARCHAR2,
7674 p_instance_pk2_value IN VARCHAR2 DEFAULT NULL,
7675 p_instance_pk3_value IN VARCHAR2 DEFAULT NULL,
7676 p_instance_pk4_value IN VARCHAR2 DEFAULT NULL,
7677 p_instance_pk5_value IN VARCHAR2 DEFAULT NULL,
7678 p_parent_object_name_tbl IN EGO_VARCHAR_TBL_TYPE,
7679 p_parent_object_sql_tbl IN EGO_VARCHAR_TBL_TYPE,
7683 RETURN VARCHAR2 IS
7680 p_user_name IN VARCHAR2 DEFAULT NULL,
7681 p_object_type IN VARCHAR2 DEFAULT NULL
7682 )
7684
7685 l_api_version CONSTANT NUMBER := 1.0;
7686 l_api_name CONSTANT VARCHAR2(30) := 'CHECK_INHERITED_FUNCTION';
7687 l_sysdate DATE := Sysdate;
7688 l_predicate VARCHAR2(32767);
7689 -- l_orig_system VARCHAR2(48);
7690 l_orig_system_id NUMBER;
7691 l_dummy_id NUMBER;
7692 l_db_object_name VARCHAR2(30);
7693 l_db_pk1_column VARCHAR2(30);
7694 l_db_pk2_column VARCHAR2(30);
7695 l_db_pk3_column VARCHAR2(30);
7696 l_db_pk4_column VARCHAR2(30);
7697 l_db_pk5_column VARCHAR2(30);
7698 l_pk_column_names VARCHAR2(512);
7699 l_pk_orig_column_names VARCHAR2(512);
7700 l_type_converted_val_cols VARCHAR2(512);
7701 l_result VARCHAR2(1);
7702 l_return_status VARCHAR2(1);
7703 result VARCHAR2(30);
7704 l_own_result VARCHAR2(1);
7705 l_parent_object_table_count NUMBER;
7706 l_set_predicates VARCHAR2(32767);
7707 l_set_predicate_segment VARCHAR2(32767);
7708 l_group_info VARCHAR2(32767); /* Must match g_pred_buf_size*/
7709 l_company_info VARCHAR2(32767); /* Must match g_pred_buf_size*/
7710 l_menu_info VARCHAR2(32767); /* Must match g_pred_buf_size*/
7711 l_pk_values_string VARCHAR2(2000);
7712 l_pk2_value_query_string VARCHAR2(200);
7713 l_pk3_value_query_string VARCHAR2(200);
7714 l_pk4_value_query_string VARCHAR2(200);
7715 l_pk5_value_query_string VARCHAR2(200);
7716 l_parent_object_count NUMBER;
7717
7718 instance_sets_cur DYNAMIC_CUR;
7719 dynamic_sql VARCHAR2(32767);
7720 parent_instance_grants_c DYNAMIC_CUR;
7721 parent_instance_set_grants_c DYNAMIC_CUR;
7722 l_dynamic_sql_1 VARCHAR2(32767);
7723
7724 CURSOR menu_id_c (cp_function VARCHAR2, cp_object_id NUMBER,
7725 cp_object_type VARCHAR2, cp_parent_object_id NUMBER)
7726 IS
7727 select p.parent_role_id parent_role_id
7728 from fnd_menu_entries r, fnd_form_functions f,
7729 fnd_menus m, ego_obj_role_mappings p
7730 where r.function_id = f.function_id
7731 and r.menu_id = m.menu_id
7732 and f.function_name = cp_function
7733 and m.menu_id = p.child_role_id
7734 and p.child_object_id = cp_object_id
7735 and p.parent_object_id = cp_parent_object_id
7736 and p.child_object_type = cp_object_type;
7737
7738 l_object_id number;
7739 l_parent_object_id number;
7740 l_user_name varchar2(80);
7741
7742 l_profile_role VARCHAR2(30);
7743 BEGIN
7744 SetGlobals();
7745 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
7746 ,p_module => l_api_name
7747 ,p_message => 'Started with 12 params '||
7748 ' p_api_version: '|| to_char(p_api_version) ||
7749 ' - p_function: '|| p_function ||
7750 ' - p_object_name: '|| p_object_name ||
7751 ' - p_instance_pk1_value: '|| p_instance_pk1_value ||
7752 ' - p_instance_pk2_value: '|| p_instance_pk2_value ||
7753 ' - p_instance_pk3_value: '|| p_instance_pk3_value ||
7754 ' - p_instance_pk4_value: '|| p_instance_pk4_value ||
7755 ' - p_instance_pk5_value: '|| p_instance_pk5_value ||
7756 ' - p_user_name: '|| p_user_name ||
7757 ' - p_object_type: '|| p_object_type
7758 );
7759
7760 FOR l_table_index IN 1..p_parent_object_name_tbl.COUNT LOOP
7761 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
7762 ,p_module => l_api_name
7763 ,p_message => ' p_parent_object_name_tbl('||l_table_index||
7764 '): '||p_parent_object_name_tbl(l_table_index)||
7765 ' - p_parent_object_sql_tbl('||l_table_index||
7766 '): '||p_parent_object_sql_tbl(l_table_index)
7767 );
7768 END LOOP;
7769
7770 -- check for call compatibility.
7771 if TRUNC(l_api_version) <> TRUNC(p_api_version) THEN
7772 fnd_message.set_name('FND', 'GENERIC-INTERNAL ERROR');
7773 fnd_message.set_token('ROUTINE',
7774 g_pkg_name || '.'|| l_api_name);
7775 fnd_message.set_token('REASON',
7776 'Unsupported version '|| to_char(p_api_version)||
7777 ' passed to API; expecting version '||
7778 to_char(l_api_version));
7779 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
7780 ,p_module => l_api_name
7781 ,p_message => 'Returning as the call in incompatible '
7782 );
7783 return G_RETURN_UNEXP_ERR;
7784 end if;
7785
7786 l_user_name := p_user_name;
7787 get_orig_key(x_user_name => l_user_name
7788 -- ,x_orig_system => l_orig_system
7789 ,x_orig_system_id => l_orig_system_id);
7793 -- ' - l_orig_system: '||l_orig_system||
7790 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
7791 ,p_module => l_api_name
7792 ,p_message => 'l_user_name: '||l_user_name||
7794 ' - l_orig_system_id: '||l_orig_system_id
7795 );
7796
7797 --call check_function first to check its own security
7798 --won't check it if object_instance is -1
7799
7800 if (p_instance_pk1_value<>-1) then
7801 l_own_result := check_function(p_api_version=>1.0,
7802 p_function =>p_function,
7803 p_object_name =>p_object_name,
7804 p_instance_pk1_value => p_instance_pk1_value,
7805 p_instance_pk2_value => p_instance_pk2_value,
7806 p_instance_pk3_value => p_instance_pk3_value,
7807 p_instance_pk4_value => p_instance_pk4_value,
7808 p_instance_pk5_value => p_instance_pk5_value,
7809 p_user_name =>l_user_name);
7810
7811 if (l_own_result = G_RETURN_SUCCESS) then
7812 RETURN l_own_result;
7813 end if;
7814 end if;
7815
7816 l_object_id := get_object_id(p_object_name => p_object_name);
7817 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
7818 ,p_module => l_api_name
7819 ,p_message => 'l_object_id: '||l_object_id
7820 );
7821 l_group_info := get_group_info(p_party_id => l_orig_system_id);
7822 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
7823 ,p_module => l_api_name
7824 ,p_message => 'l_group_info: '||l_group_info
7825 );
7826 l_company_info := get_company_info (p_party_id => l_orig_system_id);
7827 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
7828 ,p_module => l_api_name
7829 ,p_message => 'l_company_info: '||l_company_info
7830 );
7831 /** BEGINNING OF THE LOOP ***/
7832 FOR l_table_index IN 1..p_parent_object_name_tbl.COUNT
7833 LOOP
7834
7835 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
7836 ,p_module => l_api_name
7837 ,p_message => 'processing loop '||l_table_index||
7838 ' for object '||p_parent_object_name_tbl(l_table_index)
7839 );
7840 l_parent_object_id := get_object_id(
7841 p_object_name => p_parent_object_name_tbl(l_table_index)
7842 );
7843 ---------------
7844 -- Menu Info --
7845 ---------------
7846 l_menu_info := '';
7847 FOR menu_rec IN menu_id_c(p_function, l_object_id,
7848 p_object_type,
7849 l_parent_object_id)
7850 LOOP
7851 l_menu_info := l_menu_info || menu_rec.parent_role_id || ' , ';
7852 END LOOP;
7853
7854 IF (length(l_menu_info) > 0) THEN
7855 -- strip off the trailing ', '
7856 l_menu_info := substr(l_menu_info, 1, length(l_menu_info) - length(', '));
7857 ELSE
7858 l_menu_info := 'NULL';
7859 END IF;
7860
7861 ------------------------------------------------------------------
7862 -- we see if a profile option is set and if so we add it to --
7863 -- the other list of menus --
7864 ------------------------------------------------------------------
7865 l_profile_role := getRole_mappedTo_profileOption
7866 (p_parent_object_name_tbl(l_table_index),
7867 p_user_name);
7868 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
7869 ,p_module => l_api_name
7870 ,p_message => 'profile role for '||p_parent_object_name_tbl(l_table_index)||
7871 ' is: '||l_profile_role
7872 );
7873
7874 IF (l_profile_role <> '') THEN
7875 l_dummy_id := get_role_id(l_profile_role);
7876 IF l_dummy_id IS NOT NULL THEN
7877 IF(l_menu_info = 'NULL') THEN
7878 l_menu_info := l_dummy_id;
7879 ELSE
7880 l_menu_info := l_menu_info || ', ' || l_dummy_id;
7881 END IF;
7882 END IF;
7883 END IF;
7884 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
7885 ,p_module => l_api_name
7886 ,p_message => 'l_menu_info: '||l_menu_info
7887 );
7888
7889 -------------------------------------------------------
7890 -- We set PK query strings based on values passed in --
7891 -- (NOTE: following bug 2865553, FND_GRANTS will not --
7892 -- have null PK column values, so I'm changing this --
7893 -- code to check for '*NULL*' instead of null. -Dylan--
7894 -------------------------------------------------------
7895 l_db_pk1_column := null;
7896 l_db_pk2_column := null;
7897 l_db_pk3_column := null;
7898 l_db_pk4_column := null;
7899 l_db_pk5_column := null;
7900 l_pk_column_names := null;
7901 l_type_converted_val_cols := null;
7902 l_pk_orig_column_names := null;
7903 l_db_object_name := null;
7904
7905 result := get_pk_information(p_parent_object_name_tbl(l_table_index),
7906 l_db_pk1_column,
7907 l_db_pk2_column, l_db_pk3_column,
7908 l_db_pk4_column, l_db_pk5_column,
7909 l_pk_column_names, l_type_converted_val_cols,
7910 l_pk_orig_column_names, l_db_object_name);
7911 l_pk_values_string := '(';
7912
7913 if (l_db_pk1_column is not NULL) then
7914 l_pk_values_string := l_pk_values_string || 'grants.instance_pk1_value';
7915 end if;
7916
7917 if (l_db_pk2_column is not NULL) then
7918 l_pk_values_string := l_pk_values_string || ',' || 'grants.instance_pk2_value';
7919 end if;
7920
7921 if (l_db_pk3_column is not NULL) then
7922 l_pk_values_string := l_pk_values_string || ',' || 'grants.instance_pk3_value';
7923 end if;
7924
7925 if (l_db_pk4_column is not NULL) then
7926 l_pk_values_string := l_pk_values_string || ',' || 'grants.instance_pk4_value';
7927 end if;
7928
7929 if (l_db_pk5_column is not NULL) then
7930 l_pk_values_string := l_pk_values_string || ',' || 'grants.instance_pk5_value';
7931 end if;
7932
7933 l_pk_values_string := l_pk_values_string || ')';
7934 l_pk_values_string := l_pk_values_string || ' IN ' || '(' || p_parent_object_sql_tbl(l_table_index) || ')';
7935 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
7936 ,p_module => l_api_name
7937 ,p_message => 'l_pk_values_string: '||l_pk_values_string
7938 );
7939
7940 -------------------------------------------------------------------------------
7941 -- Now we build dynamic SQL using the work we just did to optimize the query --
7942 -------------------------------------------------------------------------------
7943
7944 l_dynamic_sql_1 :=
7945 'SELECT ''X'' ' ||
7946 ' FROM fnd_grants grants ' ||
7947 ' WHERE grants.object_id = :object_id ' ||
7948 ' AND grants.start_date <= SYSDATE '||
7949 ' AND NVL(grants.end_date, SYSDATE) >= SYSDATE ' ||
7950 ' AND grants.instance_type = :instance_type ' ||
7951 ' AND ' || l_pk_values_string ||
7952 ' AND ( ( grants.grantee_type = ''USER'' AND ' ||
7953 ' grants.grantee_key = :user_name ) '||
7954 ' OR ( grants.grantee_type = ''GROUP'' AND '||
7955 ' grants.grantee_key in ( '||l_group_info||' ))' ||
7956 ' OR ( grants.grantee_type = ''COMPANY'' AND '||
7957 ' grants.grantee_key in ( '||l_company_info||' ))' ||
7958 ' OR (grants.grantee_type = ''GLOBAL'' AND '||
7959 ' grants.grantee_key in (''HZ_GLOBAL:-1000'', ''GLOBAL'') )) '||
7960 ' AND grants.menu_id IN (' || l_menu_info ||') ';
7961 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
7962 ,p_module => l_api_name
7963 ,p_message => 'l_dynamic_sql_1: '||l_dynamic_sql_1
7964 );
7965 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
7966 ,p_module => l_api_name
7967 ,p_message => 'Binds for get parent_direct_grants : '||
7968 'l_parent_object_id: '||l_parent_object_id||
7969 ' - G_TYPE_INSTANCE: '||G_TYPE_INSTANCE||
7970 ' - l_user_name: '||l_user_name
7971 );
7972
7973 OPEN parent_instance_grants_c
7974 FOR l_dynamic_sql_1
7975 USING IN l_parent_object_id,
7976 IN G_TYPE_INSTANCE,
7977 IN l_user_name;
7978 FETCH parent_instance_grants_c INTO l_result;
7979 CLOSE parent_instance_grants_c;
7980
7981 IF (l_result = 'X') THEN
7982 RETURN G_RETURN_SUCCESS;
7983 ELSE
7987 l_set_predicates := '';
7984 ---------------------------------------------------------------------------------
7985 -- Now we build a second dynamic SQL to check instance sets (still optimizing) --
7986 ---------------------------------------------------------------------------------
7988 l_set_predicate_segment := '';
7989
7990 l_dynamic_sql_1 :=
7991 ' SELECT DISTINCT instance_sets.predicate ' ||
7992 ' FROM fnd_grants grants, fnd_object_instance_sets instance_sets ' ||
7993 ' WHERE grants.instance_type = :instance_type '||
7994 ' AND grants.start_date <= SYSDATE ' ||
7995 ' AND (grants.end_date IS NULL OR grants.end_date >= SYSDATE) ' ||
7996 ' AND grants.instance_set_id = instance_sets.instance_set_id ' ||
7997 ' AND grants.object_id = :parent_object_id '||
7998 ' AND ( ( grants.grantee_type = ''USER'' AND ' ||
7999 ' grants.grantee_key = :user_name ) '||
8000 ' OR ( grants.grantee_type = ''GROUP'' AND '||
8001 ' grants.grantee_key in ( '||l_group_info||' ))' ||
8002 ' OR ( grants.grantee_type = ''COMPANY'' AND '||
8003 ' grants.grantee_key in ( '||l_company_info||' ))' ||
8004 ' OR (grants.grantee_type = ''GLOBAL'' AND '||
8005 ' grants.grantee_key in (''HZ_GLOBAL:-1000'', ''GLOBAL'') )) '||
8006 ' AND grants.menu_id in (' || l_menu_info || ')';
8007
8008 ----------------------------------------------------------------------
8009 -- Loop through the result set adding each segment to the predicate --
8010 ----------------------------------------------------------------------
8011
8012 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
8013 ,p_module => l_api_name
8014 ,p_message => 'l_dynamic_sql_1: '||l_dynamic_sql_1
8015 );
8016 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
8017 ,p_module => l_api_name
8018 ,p_message => 'Binds for get parent_instance_set_grants_c : '||
8019 'G_TYPE_SET: '||G_TYPE_SET||
8020 ' - l_parent_object_id: '||l_parent_object_id||
8021 ' - l_user_name: '||l_user_name
8022 );
8023
8024 OPEN parent_instance_set_grants_c
8025 FOR l_dynamic_sql_1
8026 USING IN G_TYPE_SET,
8027 IN l_parent_object_id,
8028 IN l_user_name;
8029 LOOP
8030 FETCH parent_instance_set_grants_c into l_set_predicate_segment;
8031 EXIT WHEN parent_instance_set_grants_c%NOTFOUND;
8032
8033 l_set_predicates := substrb(l_set_predicates ||
8034 l_set_predicate_segment ||
8035 ' OR ',
8036 1, g_pred_buf_size);
8037 END LOOP;
8038 CLOSE parent_instance_set_grants_c;
8039
8040 IF (length(l_set_predicates) > 0) THEN
8041 -- strip off the trailing 'OR'
8042 l_set_predicates := substr(l_set_predicates, 1,
8043 length(l_set_predicates) - length('OR '));
8044 END IF;
8045 -- finished by.a
8046 l_predicate := l_set_predicates;
8047
8048 IF (length(l_predicate) > 1) THEN
8049 dynamic_sql :=
8050 'SELECT ''X'' '||
8051 ' FROM '|| l_db_object_name ||
8052 ' WHERE (';
8053
8054 if (l_db_pk1_column is not NULL) then
8055 dynamic_sql := dynamic_sql ||
8056 l_db_pk1_column;
8057 end if;
8058
8059 if (l_db_pk2_column is not NULL) then
8060 dynamic_sql := dynamic_sql || ',' ||
8061 l_db_pk2_column ; /** db_pk2_column||' ,'; **/
8062 end if;
8063
8064 if (l_db_pk3_column is not NULL) then
8065 dynamic_sql := dynamic_sql || ',' ||
8066 l_db_pk3_column;
8067 end if;
8068
8069 if (l_db_pk4_column is not NULL) then
8070 dynamic_sql := dynamic_sql || ',' ||
8071 l_db_pk4_column;
8072 end if;
8073
8074 if (l_db_pk5_column is not NULL) then
8075 dynamic_sql := dynamic_sql || ',' ||
8076 l_db_pk5_column;
8077 end if;
8078
8079 dynamic_sql := dynamic_sql || ')' || 'IN' || '(';
8080 dynamic_sql := dynamic_sql || p_parent_object_sql_tbl (l_table_index) || ')';
8081 dynamic_sql := dynamic_sql || ' AND ('||l_predicate||') ';
8082
8083 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
8084 ,p_module => l_api_name
8085 ,p_message => 'Final dynamic Sql '||dynamic_sql
8086 );
8087 OPEN instance_sets_cur FOR dynamic_sql;
8088 FETCH instance_sets_cur INTO l_own_result;
8089 IF(instance_sets_cur%NOTFOUND) THEN
8090 CLOSE instance_sets_cur;
8091 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
8092 ,p_module => l_api_name
8093 ,p_message => 'Returning FAILURE as object not found in sets '
8094 );
8095 RETURN G_RETURN_FAILURE;
8096 ELSE
8097 CLOSE instance_sets_cur;
8098 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
8099 ,p_module => l_api_name
8100 ,p_message => 'Returning SUCCESS as object found in sets '
8101 );
8102 RETURN G_RETURN_SUCCESS;
8103 END IF;
8104 ELSE
8105 -- No predicate
8106 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
8107 ,p_module => l_api_name
8108 ,p_message => 'Returning FAILURE as no predicate is found '
8109 );
8110 RETURN G_RETURN_FAILURE;
8111 END IF; -- End of if l_predicate length is greater than 0 else clause
8112 END IF; -- End of if l_result is 'X' else clause
8113 END LOOP;
8114
8115 EXCEPTION
8116 WHEN OTHERS THEN
8117 fnd_message.set_name('FND', 'SQL_PLSQL_ERROR');
8118 fnd_message.set_token('ROUTINE',G_PKG_NAME||l_api_name);
8119 fnd_message.set_token('ERRNO', SQLCODE);
8120 fnd_message.set_token('REASON', SQLERRM);
8121 code_debug (p_log_level => G_DEBUG_LEVEL_UNEXPECTED
8122 ,p_module => l_api_name
8123 ,p_message => 'Ending: Returning OTHER ERROR '||SQLERRM
8124 );
8125 RETURN G_RETURN_UNEXP_ERR;
8126 END check_inherited_function;
8127
8128 ----------------------------------------------------------------
8129 END EGO_DATA_SECURITY;