The following lines contain the word 'select', 'insert', 'update' or 'delete':
/* this function is used to control the update of the eRecords.
the security rule says that no update is allowed from any
interface other than Oracle applications.
*/
FUNCTION psig_modify (owner VARCHAR2, objname VARCHAR2)
RETURN VARCHAR2 AS
l_predicate VARCHAR2(2000);
FUNCTION psig_delete (owner VARCHAR2, objname VARCHAR2)
RETURN VARCHAR2 AS
BEGIN
return '1=2';
END psig_delete;
select a.event_name, b.index_section_name, upper(a.secure_value) secure_value
from edr_security_rules a, edr_secure_elements_v b
where ((a.user_id = l_user or a.responsibility_id = l_resp) and a.access_code = 'R')
and (a.start_date <= sysdate and (a.end_date >= sysdate or a.end_date is null))
and a.ELEMENT_ID = b.ELEMENT_ID
minus
select a.event_name, b.index_section_name, upper(a.secure_value) secure_value
from edr_security_rules a, edr_secure_elements_v b
where (a.user_id = l_user and a.access_code = 'G')
and (a.start_date <= sysdate and (a.end_date >= sysdate or a.end_date is null))
and a.ELEMENT_ID = b.ELEMENT_ID
order by event_name desc, index_section_name;
select a.event_name, b.index_section_name, upper(a.secure_value) secure_value
from edr_security_rules a, edr_secure_elements_v b
where ((a.user_id = l_user or a.responsibility_id = l_resp) and a.access_code = 'G')
and (a.start_date <= sysdate and (a.end_date >= sysdate or a.end_date is null))
and a.ELEMENT_ID = b.ELEMENT_ID
minus
select a.event_name, b.index_section_name, upper(a.secure_value) secure_value
from edr_security_rules a, edr_secure_elements_v b
where (a.user_id = l_user and a.access_code = 'R')
and (a.start_date <= sysdate and (a.end_date >= sysdate or a.end_date is null))
and a.ELEMENT_ID = b.ELEMENT_ID
order by event_name desc, index_section_name;
/* if the select is coming from a secure context in oracle apps, don't
get into rule deciphering at all.
*/
if (sys_context('edr_secure_ctx','secure') = 'Y') then
l_predicate := '1=1';
/* if the select is coming from a direct source like SQL plus, simply
abort the attempt.
*/
else
--if the query is coming in from direct source like sql plus abort
if (sys_context('userenv','client_info') is null) then
l_predicate := '1=2';
/* if the select is from generic query decipher the security rules */
else
l_user := fnd_global.user_id();