1 PACKAGE gl_access_set_security_pkg AS
2 /* $Header: gluasecs.pls 120.7 2005/08/19 20:34:14 ticheng ship $ */
3 --
4 -- Package
5 -- gl_access_set_security_pkg
6 -- Purpose
7 -- Routines related to access set security for programs.
8 -- History
9 -- 06/25/2001 T Cheng Created
10 --
11
12 -- Exceptions
13 INVALID_PARAM EXCEPTION;
14
15 -- access levels
16 FULL_ACCESS CONSTANT VARCHAR2(15) := 'F';
17 WRITE_ACCESS CONSTANT VARCHAR2(15) := 'B';
18 READ_ONLY_ACCESS CONSTANT VARCHAR2(15) := 'R';
19 NO_ACCESS CONSTANT VARCHAR2(15) := 'N';
20
21 -- ledger check mode
22 NO_LEDGER CONSTANT VARCHAR2(15) := 'NO_LEDGER';
23 CHECK_LEDGER_ID CONSTANT VARCHAR2(15) := 'LEDGER_ID';
24 CHECK_LEDGER_COLUMN CONSTANT VARCHAR2(15) := 'LEDGER_COLUMN';
25
26 -- segment value check mode
27 NO_SEG_VALIDATION CONSTANT VARCHAR2(15) := 'NO_SEG_VAL';
28 CHECK_SEGVALS CONSTANT VARCHAR2(15) := 'SEG_COLUMN';
29
30 --
31 -- Function
32 -- get_security_clause
33 -- Purpose
34 -- Builds the security clause part of a where clause
35 --
36 -- History
37 -- 06-25-2001 T Cheng Created
38 -- Arguments
39 -- access_set_id Access set id.
40 -- access_privilege_code The access level the customer should have.
41 -- Valid values are:
42 -- gl_access_set_security_pkg.FULL_ACCESS (only
43 -- valid for "CHECK_LEDGER_COLUMN" +
44 -- "NO_SEG_VALIDATION")
45 -- gl_access_set_security_pkg.WRITE_ACCESS
46 -- gl_access_set_security_pkg.READ_ONLY_ACCESS
47 -- ledger_check_mode The type of checks available:
48 -- gl_access_set_security_pkg.NO_LEDGER - there
49 -- is no ledger info passed in
50 -- gl_access_set_security_pkg.CHECK_LEDGER_ID -
51 -- ledger id is available, passed in as
52 -- ledger_context
53 -- gl_access_set_security_pkg.CHECK_LEDGER_COLUMN -
54 -- the column that stores ledger id is passed
55 -- in as ledger_context
56 -- ledger_context Ledger id or ledger column name, depending on
57 -- ledger_check_mode.
58 -- ledger_table_alias The alias used for the table which the ledger
59 -- column is in. Only used for CHECK_LEDGER_COLUMN
60 -- mode.
61 -- segval_check_mode The modes available:
62 -- gl_access_set_security_pkg.NO_SEG_VALIDATION -
63 -- no segment value validation
64 -- gl_access_set_security_pkg.CHECK_SEGVALS - check
65 -- security segment values.
66 -- segval_context (Currently not used.)
67 -- segval_table_alias The alias used for the table where segment
68 -- values are stored. The table should have all
69 -- segment1 through segment30.
70 -- edate Date to check against. Pass in null to skip
71 -- date validation.
72 -- Notes
73 -- Do not use 'acc' as table aliases.
74 --
75 FUNCTION get_security_clause( access_set_id NUMBER,
76 access_privilege_code VARCHAR2,
77 ledger_check_mode VARCHAR2,
78 ledger_context VARCHAR2,
79 ledger_table_alias VARCHAR2,
80 segval_check_mode VARCHAR2,
81 segval_context VARCHAR2,
82 segval_table_alias VARCHAR2,
83 edate DATE ) RETURN VARCHAR2;
84
85
86 --
87 -- Function
88 -- get_journal_security_clause
89 -- Purpose
90 -- builds the security clause part of a where clause for journals
91 --
92 -- History
93 -- 05-JUL-2002 D J Ogg Created
94 -- Arguments
95 -- access_set_id Access set id.
96 -- access_privilege_code The access level the customer should have.
97 -- Valid values are:
98 -- gl_access_set_security_pkg.WRITE_ACCESS
99 -- gl_access_set_security_pkg.READ_ONLY_ACCESS
100 -- segval_check_mode The modes available:
101 -- gl_access_set_security_pkg.NO_SEG_VALIDATION -
102 -- no segment value validation
103 -- gl_access_set_security_pkg.CHECK_SEGVALS - check
104 -- security segment values.
105 -- journal_table_alias The alias used for the gl_je_headers table
106 -- check_edate Should the journal effective date be checked
107 -- against the access set?
108 -- Notes
109 -- Do not use 'sv', 'sv2', or 'acc' as table aliases.
110 --
111 FUNCTION get_journal_security_clause( access_set_id NUMBER,
112 access_privilege_code VARCHAR2,
113 segval_check_mode VARCHAR2,
114 journal_table_alias VARCHAR2,
115 check_edate BOOLEAN )
116 RETURN VARCHAR2;
117
118 --
119 -- Function
120 -- get_batch_security_clause
121 -- Purpose
122 -- builds the security clause part of a where clause for batches
123 --
124 -- History
125 -- 05-JUL-2002 D J Ogg Created
126 -- Arguments
127 -- access_set_id Access set id.
128 -- access_privilege_code The access level the customer should have.
129 -- Valid values are:
130 -- gl_access_set_security_pkg.WRITE_ACCESS
131 -- gl_access_set_security_pkg.READ_ONLY_ACCESS
132 -- segval_check_mode The modes available:
133 -- gl_access_set_security_pkg.NO_SEG_VALIDATION -
134 -- no segment value validation
135 -- gl_access_set_security_pkg.CHECK_SEGVALS - check
136 -- security segment values.
137 -- batch_table_alias The alias used for the gl_je_batches table
138 -- check_edate Should the journal effective date be checked
139 -- against the access set?
140 -- Notes
141 -- Do not use 'jeh', 'sv', or 'acc' as table aliases.
142 --
143 FUNCTION get_batch_security_clause( access_set_id NUMBER,
144 access_privilege_code VARCHAR2,
145 segval_check_mode VARCHAR2,
146 batch_table_alias VARCHAR2,
147 check_edate BOOLEAN )
148 RETURN VARCHAR2;
149
150
151 -- NAME
152 -- get_journal_access
153 -- DESCRIPTION
154 -- This routine checks to determine the level of access
155 -- you have to a particular batch.
156 -- Arguments
157 -- access_set_id The current access set id
158 -- header_only Only check privileges on the header.
159 -- Note that to truly have write access,
160 -- you must have write access to the entire
161 -- batch, but this mode is provided for
162 -- write as well as read, since the reverse
163 -- journals program needs it to check
164 -- privileges on the reversing journal before
165 -- the reversal is done.
166 -- check_mode The type of privilege to check. A null value
167 -- for this parameter indicates that all privileges
168 -- should be checked. Valid values are:
169 -- gl_access_set_security_pkg.WRITE_ACCESS
170 -- -- check only write access. Returns
171 -- gl_access_set_security_pkg.WRITE_ACCESS
172 -- if you have write access and
173 -- gl_access_set_security_pkg.NO_ACCESS
174 -- otherwise.
175 -- gl_access_set_security_pkg.READ_ONLY_ACCESS
176 -- -- check only read access. Returns
177 -- gl_access_set_security_pkg.READ_ONLY_ACCESS
178 -- if you have read-only or read/write access and
179 -- gl_access_set_security_pkg.NO_ACCESS
180 -- otherwise.
181 -- je_id If x_header_only is true, then the je_header_id.
182 -- Otherwise, the je_batch_id.
183 FUNCTION get_journal_access ( access_set_id IN NUMBER,
184 header_only IN BOOLEAN,
185 check_mode IN VARCHAR2,
186 je_id IN NUMBER )
187 RETURN VARCHAR2;
188
189 --
190 -- Function
191 -- get_default_ledger
192 -- Purpose
193 -- Get the default ledger for a data access set.
194 -- History
195 -- 20-MAY-2003 T Cheng Created.
196 -- Arguments
197 -- x_access_set_id Access set id.
198 -- x_access_privilege_code The access level the user should have.
199 -- Valid values are:
200 -- gl_access_set_security_pkg.FULL_ACCESS
201 -- gl_access_set_security_pkg.WRITE_ACCESS
202 -- gl_access_set_security_pkg.READ_ONLY_ACCESS
203 -- Notes
204 -- If there is no default ledger, returns NULL.
205 --
206 FUNCTION get_default_ledger_id( x_access_set_id NUMBER,
207 x_access_privilege_code VARCHAR2 )
208 RETURN NUMBER;
209
210 --
211 -- Function
212 -- get_access
213 -- Purpose
214 -- Get the access level for the given ledger and/or account segment in the
215 -- data access set.
216 -- History
217 -- 12-AUG-2005 T Cheng Created.
218 -- Arguments
219 -- x_access_set_id Access set id.
220 -- x_ledger_id Ledger id. Pass in null to skip the check
221 -- on ledger.
222 -- x_seg_qualifier The segment qualifier of the segment whose value
223 -- was passed in.
224 -- x_seg_val The value of the segment.
225 -- x_code_combination_id Code combination id of the account to be checked.
226 -- x_edate Date to check against. Pass in null to skip
227 -- date validation.
228 -- Returns
229 -- One of the access levels.
230 -- (FULL_ACCESS is only valid when only a ledger is provided.)
231 -- Notes
232 -- (x_seg_qualifier + x_seg_val), when both provided, takes precedence
233 -- over x_code_combination_id. If x_seg_qualifier and/or x_seg_val AND
234 -- x_code_combination_id are not provided, then segment value will not
235 -- be checked.
236 --
237 FUNCTION get_access( x_access_set_id NUMBER,
238 x_ledger_id NUMBER DEFAULT NULL,
239 x_seg_qualifier VARCHAR2 DEFAULT NULL,
240 x_seg_val VARCHAR2 DEFAULT NULL,
241 x_code_combination_id NUMBER DEFAULT NULL,
242 x_edate DATE DEFAULT NULL )
243 RETURN VARCHAR2;
244
245 END gl_access_set_security_pkg;