1 Package Body HR_SECURITY_INTERNAL as
2 /* $Header: pesecbsi.pkb 120.19.12010000.1 2008/07/28 05:56:13 appldev ship $ */
3
4 --
5 -- Stores details of what security permission have been cached for a
6 -- particular person.
7 --
8 TYPE g_access_known_r IS RECORD
9 (person_id NUMBER
10 ,user_id NUMBER
11 ,effective_date DATE
12 ,security_profile_id NUMBER
13 ,org BOOLEAN DEFAULT FALSE
14 ,pos BOOLEAN DEFAULT FALSE
15 ,pay BOOLEAN DEFAULT FALSE
16 ,per BOOLEAN DEFAULT FALSE);
17
18 --
19 -- Package Private Constants
20 --
21 g_PACKAGE CONSTANT VARCHAR2(23) := 'hr_security_internal.';
22
23 --
24 -- Package Private Variables
25 --
26 g_access_known_rec g_access_known_r;
27 g_assignments_tbl g_assignments_t;
28 g_debug BOOLEAN := hr_utility.debug_enabled;
29 g_session_context NUMBER;
30
31 --
32 -- Proprietory debugging. Allows for concurrent request output, etc.
33 -- (see procedures "op").
34 --
35 g_dbg_type NUMBER := g_NO_DEBUG;
36 g_dbg BOOLEAN := g_debug;
37
38 --
39 -- ----------------------------------------------------------------------------
40 -- |------------------------< populate_new_payroll >--------------------------|
41 -- ----------------------------------------------------------------------------
42 --
43 procedure populate_new_payroll
44 (p_business_group_id in number
45 ,p_payroll_id in number) is
46 --
47 l_proc varchar2(72) := g_package||'populate_new_payroll';
48 --
49 begin
50 hr_utility.set_location('Entering:'|| l_proc, 10);
51 --
52 -- Insert new payroll into all payroll lists for all profiles which
53 -- Restrict access to payrolls.
54 --
55 insert into pay_payroll_list (payroll_id, security_profile_id)
56 select p_payroll_id, psp.security_profile_id
57 from per_security_profiles psp
58 where psp.view_all_flag <> 'Y'
59 and (( psp.view_all_payrolls_flag <> 'Y'
60 and business_group_id = p_business_group_id)
61 or ( psp.view_all_payrolls_flag <> 'Y'
62 and business_group_id is null))
63 and not exists
64 (select 1
65 from pay_payroll_list ppl
66 where ppl.security_profile_id = psp.security_profile_id
67 and ppl.payroll_id = p_payroll_id);
68
69 hr_utility.set_location('Leaving:'|| l_proc, 30);
70 end;
71 --
72 -- ----------------------------------------------------------------------------
73 -- |-------------------------< populate_new_contact>--------------------------|
74 -- ----------------------------------------------------------------------------
75 --
76 procedure populate_new_contact(
77 p_business_group_id in number
78 ,p_person_id in number
79 ) is
80 --
81 l_proc varchar2(72) := g_package||'populate_new_contact';
82 l_prog_id number(15) := fnd_profile.value('CONC_PROGRAM_ID');
83 l_req_id number(15) := fnd_profile.value('CONC_REQUEST_ID');
84 l_appl_id number(15) := fnd_profile.value('CONC_PROGRAM_APPLICATION_ID');
85 l_upd_date date := trunc(sysdate);
86 --
87 begin
88 --
89 hr_utility.set_location('Entering:'|| l_proc, 10);
90 --
91 -- Insert new contact into all person lists for all profiles which:
92 -- a) Restrict access to contacts
93 -- b) No restriction for contacts but candidates are restricted.
94 insert into per_person_list(person_id, security_profile_id, request_id
95 ,program_application_id, program_id
96 ,program_update_date)
97 select p_person_id, psp.security_profile_id, l_req_id, l_appl_id,
98 l_prog_id, l_upd_date
99 from per_security_profiles psp
100 where psp.view_all_flag <> 'Y'
101 and (((psp.view_all_contacts_flag <> 'Y' or
102 (psp.view_all_contacts_flag = 'Y' and
103 psp.view_all_candidates_flag = 'X')) and
104 business_group_id = p_business_group_id) or
105 ((psp.view_all_contacts_flag <> 'Y' or
106 (psp.view_all_contacts_flag = 'Y' and
107 psp.view_all_candidates_flag = 'X')) and
108 business_group_id is null))
109 and not exists
110 (select 1
111 from per_person_list ppl
112 where ppl.security_profile_id = psp.security_profile_id
113 and ppl.person_id = p_person_id);
114 --
115 hr_utility.set_location(l_proc, 20);
116 --
117 hr_security.add_person(p_person_id);
118 --
119 hr_utility.set_location('Leaving:'|| l_proc, 30);
120 --
121 end;
122 --
123 -- ----------------------------------------------------------------------------
124 -- |-------------------------< populate_new_person >--------------------------|
125 -- ----------------------------------------------------------------------------
126 --
127 procedure populate_new_person
128 (p_business_group_id in number
129 ,p_person_id in number) is
130 --
131 l_proc varchar2(72) := g_package||'populate_new_person';
132 l_program_id number(15) := fnd_profile.value('CONC_PROGRAM_ID');
133 l_request_id number(15) := fnd_profile.value('CONC_REQUEST_ID');
134 l_program_application_id number(15) := fnd_profile.value('CONC_PROGRAM_APPLICATION_ID');
135 l_update_date date := trunc(sysdate);
136 --
137 begin
138 hr_utility.set_location('Entering:'|| l_proc, 10);
139 --
140 -- insert the new person in to all person lists for all profiles
141 -- for the business group and all global profiles which are restricted
142 -- in someway but not if there are user-based restrictions because in this
143 -- case there are no static lists maintained.
144 --
145 -- This is a change in behaviour arising from bug 2237407. Previously we only
146 -- gave access to profiles which could see the business group. This caused
147 -- problems where :
148 -- a) profile is restrict by payroll but view all orgs(no records in org
149 -- list so no match on the BG in the org list although that does not
150 -- mean the BG is not visible)
151 -- b) profile explicitly does not have access to BG(record goes out of scope
152 -- immediately without giving the creator a chance to move person
153 -- to correct org. This one is in the twilight zone, as the person will go
154 -- invisible to the current user at the next LISTGEN run anyway)
155 --
156 INSERT INTO PER_PERSON_LIST
157 (PERSON_ID
158 ,SECURITY_PROFILE_ID
159 ,REQUEST_ID
160 ,PROGRAM_APPLICATION_ID
161 ,PROGRAM_ID
162 ,PROGRAM_UPDATE_DATE)
163 select p_person_id, psp.security_profile_id, l_request_id,
164 l_program_application_id, l_program_id, l_update_date
165 from per_security_profiles psp
166 where psp.view_all_flag <> 'Y'
167 and ((
168 ( (psp.view_all_organizations_flag <> 'Y' and
169 nvl(psp.top_organization_method, 'S') <> 'U')
170 or psp.view_all_payrolls_flag <> 'Y'
171 or (psp.view_all_positions_flag <> 'Y' and
172 nvl(psp.top_position_method, 'S') <> 'U')
173 or nvl(psp.custom_restriction_flag, 'N') = 'Y')
174 and business_group_id = p_business_group_id)
175 or
176 ( ( psp.view_all_organizations_flag <> 'Y'
177 or NVL(psp.custom_restriction_flag, 'N') = 'Y')
178 and business_group_id is null))
179 and not exists
180 (select 1
181 from per_person_list ppl
182 where ppl.security_profile_id = psp.security_profile_id
183 and ppl.granted_user_id is null
184 and ppl.person_id = p_person_id);
185 --
186 hr_utility.set_location(l_proc, 20);
187 --
188 hr_security.add_person(p_person_id);
189 --
190 hr_utility.set_location(' Leaving:'||l_proc, 30);
191 exception
192 when NO_DATA_FOUND then
193 hr_utility.set_location(l_proc, 30);
194 end populate_new_person;
195
196 -- ----------------------------------------------------------------------------
197 -- |-----------------------< clear_from_person_list >-------------------------|
198 -- ----------------------------------------------------------------------------
199 --
200 procedure clear_from_person_list
201 (p_person_id in number) is
202 --
203 l_proc varchar2(72) := g_package||'clear_person_list';
204 --
205 begin
206 hr_utility.set_location('Entering:'|| l_proc, 10);
207 -- remove the person from the list
208 delete from per_person_list
209 where person_id=p_person_id
210 and security_profile_id is not null;
211 --
212 hr_utility.set_location(l_proc, 20);
213 --
214 hr_security.remove_person(p_person_id);
215 --
216 hr_utility.set_location(' Leaving:'||l_proc, 30);
217 exception
218 when NO_DATA_FOUND then
219 hr_utility.set_location(l_proc, 30);
220 end clear_from_person_list;
221 --
222 -- ----------------------------------------------------------------------------
223 -- |---------------------------< evaluate_custom >----------------------------|
224 -- ----------------------------------------------------------------------------
225 --
226 function evaluate_custom
227 (p_assignment_id in number,
228 p_restriction_text in varchar2,
229 p_effective_date in date) return varchar2
230 is
231 TYPE seccurtyp IS REF CURSOR;
232 cursor_cv seccurtyp;
233 l_execution_stmt varchar2(5000);
234 l_exec_str_print varchar2(5000);
235 l_dummy number;
236 --
237 l_proc varchar2(72) := g_package||'evaluate_custom';
238 --
239 begin
240 --
241 --
242 l_execution_stmt :=
243 'select 1
244 from per_all_assignments_f ASSIGNMENT,
245 per_all_people_f PERSON,
246 per_person_type_usages_f PERSON_TYPE
247 where ASSIGNMENT.assignment_id = :asg_id
248 and to_date(:asg_eff_date,''dd-mon-yyyy'')
249 between ASSIGNMENT.effective_start_date
250 and ASSIGNMENT.effective_end_date
251 and PERSON.person_id = ASSIGNMENT.person_id
252 and to_date(:per_eff_date,''dd-mon-yyyy'')
253 between PERSON.effective_start_date
254 and PERSON.effective_end_date
255 and PERSON.person_id = PERSON_TYPE.person_id
256 and to_date(:ptu_eff_date,''dd-mon-yyyy'')
257 between PERSON_TYPE.effective_start_date
258 and PERSON_TYPE.effective_end_date';
259 --
260 -- Added as part of fix for bug 2506541
261 --
262 IF p_restriction_text IS NOT NULL THEN
263 --
264 --
265 l_execution_stmt := l_execution_stmt||' and '||p_restriction_text;
266 hr_utility.trace('Custom security is in use.');
267 --
268 END IF;
269 --
270 if g_debug then
271 hr_utility.trace(P_restriction_text);
272 l_exec_str_print:=l_execution_stmt;
273 while length(l_exec_str_print)>0 loop
274 hr_utility.trace(substr(l_exec_str_print,1,70));
275 l_exec_str_print:=substr(l_exec_str_print,71);
276 end loop;
277 end if;
278
279 open cursor_cv for l_execution_stmt
280 using p_assignment_id, to_char(p_effective_date,'dd-mon-yyyy'),
281 to_char(p_effective_date,'dd-mon-yyyy'),
282 to_char(p_effective_date,'dd-mon-yyyy');
283 fetch cursor_cv into l_dummy;
284 if cursor_cv%notfound then
285 close cursor_cv;
286 return 'FALSE';
287 end if;
288 close cursor_cv;
289 --
290 return 'TRUE';
291 end;
292 --
293 -- ----------------------------------------------------------------------------
294 -- |--------------------------< add_to_person_list > --OVERLOAD---------------|
295 -- ----------------------------------------------------------------------------
296 --
297 procedure add_to_person_list(
298 p_effective_date in date
299 ,p_assignment_id in number
300 ) is
301 --
302 begin
303 --
304 -- Call main version of routine to define access for all profiles.
305 add_to_person_list(p_effective_date => p_effective_date,
306 p_assignment_id => p_assignment_id,
307 p_business_group_id => null,
308 p_generation_scope => 'ALL_PROFILES');
309 --
310 end;
311 --
312 -- ----------------------------------------------------------------------------
313 -- |--------------------------< add_to_person_list >--------------------------|
314 -- ----------------------------------------------------------------------------
315 --
316 procedure add_to_person_list(
317 p_effective_date in date
318 ,p_assignment_id in number
319 ,p_business_group_id in number default null
320 ,p_generation_scope in varchar2 default 'ALL_PROFILES') is
321 --
322 cursor asg_details is
323 select paf.person_id,
324 paf.organization_id,
325 paf.position_id,
326 paf.payroll_id,
327 paf.business_group_id,
328 paf.assignment_type,
329 ppf.current_employee_flag,
330 ppf.current_npw_flag
331 from per_all_assignments_f paf,
332 per_all_people_f ppf
333 where paf.assignment_id = p_assignment_id
334 and p_effective_date between paf.effective_start_date
335 and paf.effective_end_date
336 and paf.person_id = ppf.person_id
337 and p_effective_date between ppf.effective_start_date
338 and ppf.effective_end_date;
339 --
340 l_person_id per_all_assignments_f.person_id%type;
341 l_organization_id per_all_assignments_f.organization_id%type;
342 l_position_id per_all_assignments_f.position_id%type;
343 l_payroll_id per_all_assignments_f.payroll_id%type;
344 l_business_group_id per_all_assignments_f.business_group_id%type;
345 l_assignment_type per_all_assignments_f.assignment_type%type;
346 l_current_employee_flag per_all_people_f.current_employee_flag%type;
347 l_current_npw_flag per_all_people_f.current_npw_flag%type;
348 --
349 l_program_id number(15) := fnd_profile.value('CONC_PROGRAM_ID');
350 l_request_id number(15) := fnd_profile.value('CONC_REQUEST_ID');
351 l_prog_appl_id number(15) := fnd_profile.value('CONC_PROGRAM_APPLICATION_ID');
352 l_update_date date := trunc(sysdate);
353 --
354 l_proc varchar2(72) := g_package||'add_to_person_list';
355 --
356 l_bggr_str varchar2(1000);
357 l_asgt_str varchar2(2000);
358 l_from_str varchar2(2000);
359 l_inst_str varchar2(3000);
360 l_comm_str varchar2(5000);
361 l_cond_str varchar2(5000);
362 l_exec_str varchar2(18000);
363 l_exec_str_print varchar2(18000);
364 -- Declare the variables for the literal( for performance bug 5580144)
365 l_all varchar2(1) := 'Y';
366 l_Restrict varchar2(1) := 'N';
367 l_none varchar2(1) := 'X';
368 l_U varchar2(1) := 'U';
369 l_S varchar2(1) := 'S';
370 l_true varchar2(4) := 'TRUE';
371 l_false varchar2(5) := 'FALSE';
372 --
373 l_collection_index number:=0;
374
375 -- This is used as a temp variable to collect the values for each Select Sql.
376 TYPE l_security_profie_type_temp IS TABLE OF per_security_profiles.security_profile_id%TYPE INDEX BY BINARY_INTEGER;
377 l_security_profie_table_temp l_security_profie_type_temp;
378
379 -- This is used to store all the Records which need to be inserted after the
380 -- completion of the bulk select.
381 TYPE l_security_profie_type IS TABLE OF per_security_profiles.security_profile_id%TYPE INDEX BY BINARY_INTEGER;
382 l_security_profie_table l_security_profie_type;
383
384 -- This procedure is used to populate the final copy of the PL/Sql table
385 -- before inserting the records in the table.
386
387 PROCEDURE add_to_cache IS
388 l_proc varchar2(100):= 'add_to_person_list.add_to_cache';
389 Begin
390 if g_debug then
391 hr_utility.set_location('Entering '||l_proc, 10);
392 End if;
393 If l_security_profie_table_temp.count > 0 then
394 if g_debug then
395 hr_utility.set_location(l_proc, 20);
396 End if;
397 for I in l_security_profie_table_temp.first .. l_security_profie_table_temp.last
398 loop
399 -- l_security_profie_table.extend;
400 l_security_profie_table(l_collection_index + i):= l_security_profie_table_temp(i);
401 end loop;
402 l_collection_index := l_security_profie_table.last;
403 End if;
404 if g_debug then
405 hr_utility.set_location('Leaveing '||l_proc, 30);
406 End if;
407 End;
408
409
410 PROCEDURE INSERT_CACHE_TO_LIST IS
411 errors Number;
412 l_cnt Number;
413 dml_errors EXCEPTION;
414 PRAGMA exception_init(dml_errors, -24381);
415 l_proc varchar2(100):= 'add_to_person_list.insert_cache_to_list';
416 Begin
417 if g_debug then
418 hr_utility.set_location('Entering '||l_proc, 10);
419 End if;
420 If l_security_profie_table.count > 0 then
421 if g_debug then
422 hr_utility.set_location(l_proc, 20);
423 End if;
424 forall per_rec in l_security_profie_table.first .. l_security_profie_table.last
425 SAVE EXCEPTIONS
426 Insert into per_person_list(security_profile_id,
427 person_id,request_id,
428 program_application_id,
429 program_id,
430 program_update_date)
431 values(l_security_profie_table(per_rec),
432 l_person_id,
433 nvl(l_request_id, ''),
434 nvl(l_prog_appl_id, ''),
435 nvl(l_program_id, ''),
436 to_date(to_char(l_update_date,'dd/mm/yyyy'), 'dd/mm/yyyy')
437 );
438 End if;
439 if g_debug then
440 hr_utility.set_location('Leaveing '||l_proc, 30);
441 End if;
442 Exception
443 WHEN dml_errors THEN
444 errors := SQL%BULK_EXCEPTIONS.COUNT;
445 l_cnt := l_cnt + errors;
446 FOR i IN 1..errors LOOP
447 If g_debug then
448 hr_utility.trace ('Error occurred during iteration ' ||
449 SQL%BULK_EXCEPTIONS(i).ERROR_INDEX ||' Oracle error is ' ||
450 SQL%BULK_EXCEPTIONS(i).ERROR_CODE );
451 End if;
452 If SQL%BULK_EXCEPTIONS(i).ERROR_CODE <> 1 then
453 raise;
454 End if;
455 End loop;
456 WHEN OTHERS THEN
457 raise;
458 End;
459
460 Begin
461 --
462 if g_debug then
463 hr_utility.set_location('Entering:'|| l_proc, 10);
464 end if;
465 --
466 open asg_details;
467 fetch asg_details into
468 l_person_id,
469 l_organization_id,
470 l_position_id,
471 l_payroll_id,
472 l_business_group_id,
473 l_assignment_type,
474 l_current_employee_flag,
475 l_current_npw_flag;
476 --
477 if g_debug then
478 hr_utility.set_location(l_proc, 30);
479 hr_utility.set_location('Program ID '|| to_char(l_program_id), 35);
480 end if;
481 --
482 if(asg_details%found) then
483 --
484 close asg_details;
485 --
486 if p_generation_scope = 'ALL_BUS_GRP' then
487 hr_utility.set_location(l_proc, 31);
488 l_bggr_str := ' sec.business_group_id = :l_business_group_id and ';
489 end if;
490 if p_generation_scope = 'ALL_GLOBAL' then
491 hr_utility.set_location(l_proc, 32);
492 l_bggr_str := ' sec.business_group_id is null and ';
493 end if;
494 if p_generation_scope = 'ALL_PROFILES' then
495 hr_utility.set_location(l_proc, 33);
496 l_bggr_str := ' (sec.business_group_id = :l_business_group_id
497 or sec.business_group_id is null) and ';
498 end if;
499 --
500 if l_assignment_type = 'E' then
501 hr_utility.set_location(l_proc, 34);
502 l_asgt_str := ' (sec.view_all_employees_flag = :l_Restrict or
503 (sec.view_all_employees_flag = :l_all and
504 (sec.view_all_contacts_flag = :l_Restrict or
505 (sec.view_all_contacts_flag = :l_all and
506 sec.view_all_candidates_flag = :l_None)))) and ';
507 end if;
508 if l_assignment_type = 'C' then
509 hr_utility.set_location(l_proc, 35);
510 l_asgt_str := ' (sec.view_all_cwk_flag = :l_Restrict or
511 (sec.view_all_cwk_flag = :l_all and
512 (sec.view_all_contacts_flag = :l_Restrict or
513 (sec.view_all_contacts_flag = :l_all and
514 sec.view_all_candidates_flag = :l_None)))) and ';
515 end if;
516 if l_assignment_type = 'A' then
517 hr_utility.set_location(l_proc, 36);
518 l_asgt_str := ' (sec.view_all_applicants_flag = :l_Restrict or
519 (sec.view_all_applicants_flag = :l_all and
520 (sec.view_all_contacts_flag = :l_Restrict or
521 (sec.view_all_contacts_flag = :l_all and
522 sec.view_all_candidates_flag = :l_None)))) and ';
523 end if;
524 --
525 l_inst_str := ' select sec.security_profile_id '; --
526 l_comm_str := ' decode(sec.custom_restriction_flag,:l_Restrict,:l_true,:l_U,:l_FALSE,
527 null,:l_true,hr_security_internal.evaluate_custom(
528 :p_assignment_id , sec.restriction_text,
529 to_date(to_char(:p_effective_date, ''dd/mm/yyyy'')
530 , ''dd/mm/yyyy''))) = :l_true and not exists (
531 select 1 from per_person_list ppl
532 where ppl.person_id = :l_person_id
533 and ppl.granted_user_id is null
534 and ppl.security_profile_id = sec.security_profile_id) ';
535 -- if position is null
536 if l_position_id is null then
537 -- if position and payroll are null
538 if l_payroll_id is null then
539 --
540 -- add to all lists with matching organization id - A
541 --
542 -- The basic structure of all the select's in this procedure
543 -- is indentical. The following comments apply to all statements.
544 begin
545 --
546 if g_debug then
547 hr_utility.set_location(l_proc, 40);
548 end if;
549 --
550 l_from_str := ' from per_security_profiles sec,
551 per_organization_list org ';
552 --
553 l_cond_str := ' org.security_profile_id = sec.security_profile_id
554 and org.organization_id = :l_organization_id
555 and sec.view_all_organizations_flag = :l_Restrict
556 and nvl(sec.top_organization_method, :l_S) <> :l_U
557 and ';
558 --
559 l_exec_str := l_inst_str||l_from_str||' where '||
560 l_bggr_str||l_asgt_str||l_cond_str||l_comm_str;
561
562 if g_debug then
563 l_exec_str_print:= l_exec_str;
564 while length(l_exec_str_print)>0 loop
565 hr_utility.trace(substr(l_exec_str_print,1,70));
566 l_exec_str_print:=substr(l_exec_str_print,71);
567 end loop;
568 End if;
569 if p_generation_scope = 'ALL_GLOBAL' then
570 execute immediate l_exec_str
571 bulk collect into l_security_profie_table_temp
572 using
573 l_Restrict, --l_asgt_str
574 l_all, --l_asgt_str
575 l_Restrict, --l_asgt_str
576 l_all, --l_asgt_str
577 l_None, --l_asgt_str
578 l_organization_id, --l_cond_str
579 l_Restrict, --l_cond_str
580 l_S, --l_cond_str
581 l_U, --l_cond_str
582 l_Restrict, --l_comm_str
583 l_true, --l_comm_str
584 l_U, --l_comm_str
585 l_FALSE, --l_comm_str
586 l_true, --l_comm_str
587 p_assignment_id, --l_comm_str
588 p_effective_date, --l_comm_str
589 l_true, --l_comm_str
590 l_person_id; --l_comm_str
591 else
592 execute immediate l_exec_str
593 bulk collect into l_security_profie_table_temp
594 using
595 l_business_group_id,--l_bggr_str
596 l_Restrict, --l_asgt_str
597 l_all, --l_asgt_str
598 l_Restrict, --l_asgt_str
599 l_all, --l_asgt_str
600 l_None, --l_asgt_str
601 l_organization_id, --l_cond_str
602 l_Restrict, --l_cond_str
603 l_S, --l_cond_str
604 l_U, --l_cond_str
605 l_Restrict, --l_comm_str
606 l_true, --l_comm_str
607 l_U, --l_comm_str
608 l_FALSE, --l_comm_str
609 l_true, --l_comm_str
610 p_assignment_id, --l_comm_str
611 p_effective_date, --l_comm_str
612 l_true, --l_comm_str
613 l_person_id; --l_comm_str
614 end if;
615 add_to_cache;
616 exception
617 --
618 -- If no data found handle exception so that other
619 -- inserts can go ahead.
620 --
621 when no_data_found then
622 if g_debug then
623 hr_utility.set_location(l_proc, 50);
624 end if;
625 null;
626 when others then
627 if g_debug then
628 hr_utility.set_location(l_proc, 60);
629 end if;
630 raise;
631 end;
632 --
633 -- add to all lists which don't care about organization - B
634 -- but do have restrictions on Position or Payroll
635 begin
636 --
637 if g_debug then
638 hr_utility.set_location(l_proc, 70);
639 end if;
640 --
641 l_from_str := ' from per_security_profiles sec ';
642 --
643 l_cond_str := ' sec.view_all_organizations_flag = :l_all
644 and ((sec.view_all_positions_flag = :l_Restrict
645 and nvl(sec.top_position_method, :l_S) <> :l_U)
646 or sec.view_all_payrolls_flag = :l_Restrict)
647 and sec.view_all_flag = :l_Restrict and ';
648 --
649 l_exec_str := l_inst_str||l_from_str||' where '||
650 l_bggr_str||l_asgt_str||l_cond_str||l_comm_str;
651 --
652 if g_debug then
653 l_exec_str_print:= l_exec_str;
654 while length(l_exec_str_print)>0 loop
655 hr_utility.trace(substr(l_exec_str_print,1,70));
656 l_exec_str_print:=substr(l_exec_str_print,71);
657 end loop;
658 End if;
659 -- execute immediate l_exec_str;
660 if p_generation_scope = 'ALL_GLOBAL' then
661 execute immediate l_exec_str bulk collect into l_security_profie_table_temp
662 using
663 l_Restrict, --l_asgt_str
664 l_all, --l_asgt_str
665 l_Restrict, --l_asgt_str
666 l_all, --l_asgt_str
667 l_None, --l_asgt_str
668 l_all, --l_cond_str
669 l_Restrict, --l_cond_str
670 l_S, --l_cond_str
671 l_U, --l_cond_str
672 l_Restrict, --l_cond_str
673 l_Restrict, --l_cond_str
674 l_Restrict, --l_comm_str
675 l_true, --l_comm_str
676 l_U, --l_comm_str
677 l_FALSE, --l_comm_str
678 l_true, --l_comm_str
679 p_assignment_id, --l_comm_str
680 p_effective_date, --l_comm_str
681 l_true, --l_comm_str
682 l_person_id; --l_comm_str
683 else
684 execute immediate l_exec_str bulk collect into l_security_profie_table_temp
685 using
686 l_business_group_id,--l_bggr_str
687 l_Restrict, --l_asgt_str
688 l_all, --l_asgt_str
689 l_Restrict, --l_asgt_str
690 l_all, --l_asgt_str
691 l_None, --l_asgt_str
692 l_all, --l_cond_str
693 l_Restrict, --l_cond_str
694 l_S, --l_cond_str
695 l_U, --l_cond_str
696 l_Restrict, --l_cond_str
697 l_Restrict, --l_cond_str
698 l_Restrict, --l_comm_str
699 l_true, --l_comm_str
700 l_U, --l_comm_str
701 l_FALSE, --l_comm_str
702 l_true, --l_comm_str
703 p_assignment_id, --l_comm_str
704 p_effective_date, --l_comm_str
705 l_true, --l_comm_str
706 l_person_id; --l_comm_str
707 end if;
708 add_to_cache;
709 --
710 exception
711 --
712 -- If no data found handle exception so that other
713 -- inserts can go ahead.
714 --
715 when no_data_found then
716 if g_debug then
717 hr_utility.set_location(l_proc, 80);
718 end if;
719 null;
720 when others then
721 if g_debug then
722 hr_utility.set_location(l_proc, 90);
723 end if;
724 raise;
725 end;
726 --
727 -- add to all lists which don't care about organization, - B1
728 -- Position or Payroll but which do have a custom restriction.
729 begin
730 --
731 if g_debug then
732 hr_utility.set_location(l_proc, 100);
733 end if;
734 --
735 l_from_str := ' from per_security_profiles sec ';
736 --
737 l_cond_str := ' sec.view_all_organizations_flag = :l_all
738 and sec.view_all_positions_flag = :l_all
739 and sec.view_all_payrolls_flag = :l_all
740 and sec.custom_restriction_flag = :l_all
741 and sec.view_all_flag = :l_Restrict and ';
742 --
743 l_exec_str := l_inst_str||l_from_str||' where '||
744 l_bggr_str||l_asgt_str||l_cond_str||l_comm_str;
745 --
746 if g_debug then
747 l_exec_str_print:= l_exec_str;
748 while length(l_exec_str_print)>0 loop
749 hr_utility.trace(substr(l_exec_str_print,1,70));
750 l_exec_str_print:=substr(l_exec_str_print,71);
751 end loop;
752 End if;
753 if p_generation_scope = 'ALL_GLOBAL' then
754 execute immediate l_exec_str bulk collect into l_security_profie_table_temp
755 using
756 l_Restrict, --l_asgt_str
757 l_all, --l_asgt_str
758 l_Restrict, --l_asgt_str
759 l_all, --l_asgt_str
760 l_None, --l_asgt_str
761 l_all, --l_cond_str
762 l_all, --l_cond_str
763 l_all, --l_cond_str
764 l_all, --l_cond_str
765 l_Restrict, --l_cond_str
766 l_Restrict, --l_comm_str
767 l_true, --l_comm_str
768 l_U, --l_comm_str
769 l_FALSE, --l_comm_str
770 l_true, --l_comm_str
771 p_assignment_id, --l_comm_str
772 p_effective_date, --l_comm_str
773 l_true, --l_comm_str
774 l_person_id; --l_comm_str
775 else
776 execute immediate l_exec_str bulk collect into l_security_profie_table_temp
777 using
778 l_business_group_id, --l_bggr_str
779 l_Restrict, --l_asgt_str
780 l_all, --l_asgt_str
781 l_Restrict, --l_asgt_str
782 l_all, --l_asgt_str
783 l_None, --l_asgt_str
784 l_all, --l_cond_str
785 l_all, --l_cond_str
786 l_all, --l_cond_str
787 l_all, --l_cond_str
788 l_Restrict, --l_cond_str
789 l_Restrict, --l_comm_str
790 l_true, --l_comm_str
791 l_U, --l_comm_str
792 l_FALSE, --l_comm_str
793 l_true, --l_comm_str
794 p_assignment_id, --l_comm_str
795 p_effective_date, --l_comm_str
796 l_true, --l_comm_str
797 l_person_id; --l_comm_str
798 end if;
799 add_to_cache;
800 --
801 exception
802 --
803 -- If no data found handle exception so that other
804 -- inserts can go ahead.
805 --
806 when no_data_found then
807 if g_debug then
808 hr_utility.set_location(l_proc, 110);
809 end if;
810 null;
811 when others then
812 if g_debug then
813 hr_utility.set_location(l_proc, 120);
814 end if;
815 raise;
816 end;
817 --
818 else -- position is null but payroll is not
819 --
820 -- add to all lists which have a matching org and payroll - C
821 -- regardless of position restriction.
822 --
823 begin
824 --
825 if g_debug then
826 hr_utility.set_location(l_proc, 130);
827 end if;
828 --
829 l_from_str := ' from per_security_profiles sec,
830 pay_payroll_list pay,
831 per_organization_list org ';
832 --
833 l_cond_str := ' org.security_profile_id = sec.security_profile_id
834 and pay.security_profile_id = sec.security_profile_id
835 and pay.security_profile_id = org.security_profile_id
836 and org.organization_id = :l_organization_id
837 and pay.payroll_id = :l_payroll_id
838 and sec.view_all_organizations_flag = :l_Restrict
839 and nvl(sec.top_organization_method, :l_S) <> :l_U
840 and sec.view_all_payrolls_flag = :l_Restrict and ';
841 --
842 l_exec_str := l_inst_str||l_from_str||' where '||
843 l_bggr_str||l_asgt_str||l_cond_str||l_comm_str;
844 --
845 if g_debug then
846 l_exec_str_print:= l_exec_str;
847 while length(l_exec_str_print)>0 loop
848 hr_utility.trace(substr(l_exec_str_print,1,70));
849 l_exec_str_print:=substr(l_exec_str_print,71);
850 end loop;
851 End if;
852 if p_generation_scope = 'ALL_GLOBAL' then
853 execute immediate l_exec_str bulk collect into l_security_profie_table_temp
854 using
855 l_Restrict, --l_asgt_str
856 l_all, --l_asgt_str
857 l_Restrict, --l_asgt_str
858 l_all, --l_asgt_str
859 l_None, --l_asgt_str
860 l_organization_id, --l_cond_str
861 l_payroll_id, --l_cond_str
862 l_Restrict, --l_cond_str
863 l_S, --l_cond_str
864 l_U, --l_cond_str
865 l_Restrict, --l_cond_str
866 l_Restrict, --l_comm_str
867 l_true, --l_comm_str
868 l_U, --l_comm_str
869 l_FALSE, --l_comm_str
870 l_true, --l_comm_str
871 p_assignment_id, --l_comm_str
872 p_effective_date, --l_comm_str
873 l_true, --l_comm_str
874 l_person_id; --l_comm_str
875 else
876 execute immediate l_exec_str bulk collect into l_security_profie_table_temp
877 using
878 l_business_group_id, --l_bggr_str
879 l_Restrict, --l_asgt_str
880 l_all, --l_asgt_str
881 l_Restrict, --l_asgt_str
882 l_all, --l_asgt_str
883 l_None, --l_asgt_str
884 l_organization_id, --l_cond_str
885 l_payroll_id, --l_cond_str
886 l_Restrict, --l_cond_str
887 l_S, --l_cond_str
888 l_U, --l_cond_str
889 l_Restrict, --l_cond_str
890 l_Restrict, --l_comm_str
891 l_true, --l_comm_str
892 l_U, --l_comm_str
893 l_FALSE, --l_comm_str
894 l_true, --l_comm_str
895 p_assignment_id, --l_comm_str
896 p_effective_date, --l_comm_str
897 l_true, --l_comm_str
898 l_person_id; --l_comm_str
899 end if;
900 add_to_cache;
901 --
902 exception
903 --
904 -- If no data found handle exception so that other
905 -- inserts can go ahead.
906 --
907 when no_data_found then
908 if g_debug then
909 hr_utility.set_location(l_proc, 140);
910 end if;
911 null;
912 when others then
913 if g_debug then
914 hr_utility.set_location(l_proc, 150);
915 end if;
916 raise;
917 end;
918 --
919 -- add to lists which restrict by org and view all - D
920 -- payroll regardless of position restriction
921 begin
922 --
923 if g_debug then
924 hr_utility.set_location(l_proc, 160);
925 end if;
926 --
927 l_from_str := ' from per_security_profiles sec,
928 per_organization_list org ';
929 --
930 l_cond_str := ' org.security_profile_id = sec.security_profile_id
931 and org.organization_id = :l_organization_id
932 and sec.view_all_organizations_flag = :l_Restrict
933 and nvl(sec.top_organization_method, :l_S) <> :l_U
934 and sec.view_all_payrolls_flag = :l_all and ';
935 --
936 l_exec_str := l_inst_str||l_from_str||' where '||
937 l_bggr_str||l_asgt_str||l_cond_str||l_comm_str;
938 --
939 if g_debug then
940 l_exec_str_print:= l_exec_str;
941 while length(l_exec_str_print)>0 loop
942 hr_utility.trace(substr(l_exec_str_print,1,70));
943 l_exec_str_print:=substr(l_exec_str_print,71);
944 end loop;
945 End if;
946 if p_generation_scope = 'ALL_GLOBAL' then
947 execute immediate l_exec_str bulk collect into l_security_profie_table_temp
948 using
949 l_Restrict, --l_asgt_str
950 l_all, --l_asgt_str
951 l_Restrict, --l_asgt_str
952 l_all, --l_asgt_str
953 l_None, --l_asgt_str
954 l_organization_id, --l_cond_str
955 l_Restrict, --l_cond_str
956 l_S, --l_cond_str
957 l_U, --l_cond_str
958 l_all, --l_cond_str
959 l_Restrict, --l_comm_str
960 l_true, --l_comm_str
961 l_U, --l_comm_str
962 l_FALSE, --l_comm_str
963 l_true, --l_comm_str
964 p_assignment_id, --l_comm_str
965 p_effective_date, --l_comm_str
966 l_true, --l_comm_str
967 l_person_id; --l_comm_str
968 else
969 execute immediate l_exec_str bulk collect into l_security_profie_table_temp
970 using
971 l_business_group_id, --l_bggr_str
972 l_Restrict, --l_asgt_str
973 l_all, --l_asgt_str
974 l_Restrict, --l_asgt_str
975 l_all, --l_asgt_str
976 l_None, --l_asgt_str
977 l_organization_id, --l_cond_str
978 l_Restrict, --l_cond_str
979 l_S, --l_cond_str
980 l_U, --l_cond_str
981 l_all, --l_cond_str
982 l_Restrict, --l_comm_str
983 l_true, --l_comm_str
984 l_U, --l_comm_str
985 l_FALSE, --l_comm_str
986 l_true, --l_comm_str
987 p_assignment_id, --l_comm_str
988 p_effective_date, --l_comm_str
989 l_true, --l_comm_str
990 l_person_id; --l_comm_str
991 end if;
992 add_to_cache;
993 --
994 exception
995 --
996 -- If no data found handle exception so that other
997 -- inserts can go ahead.
998 --
999 when no_data_found then
1000 if g_debug then
1001 hr_utility.set_location(l_proc, 170);
1002 end if;
1003 null;
1004 when others then
1005 if g_debug then
1006 hr_utility.set_location(l_proc, 180);
1007 end if;
1008 raise;
1009 end;
1010 --
1011 -- add to lists which restrict by payroll and view all - F
1012 -- org regardless of position.
1013 --
1014 begin
1015 --
1016 if g_debug then
1017 hr_utility.set_location(l_proc, 190);
1018 end if;
1019 --
1020 l_from_str := ' from per_security_profiles sec,
1021 pay_payroll_list pay ';
1022 --
1023 l_cond_str := ' pay.security_profile_id = sec.security_profile_id
1024 and pay.payroll_id = :l_payroll_id
1025 and sec.view_all_organizations_flag = :l_all
1026 and sec.view_all_payrolls_flag = :l_Restrict and ';
1027 --
1028 l_exec_str := l_inst_str||l_from_str||' where '||
1029 l_bggr_str||l_asgt_str||l_cond_str||l_comm_str;
1030 --
1031 if g_debug then
1032 l_exec_str_print:= l_exec_str;
1033 while length(l_exec_str_print)>0 loop
1034 hr_utility.trace(substr(l_exec_str_print,1,70));
1035 l_exec_str_print:=substr(l_exec_str_print,71);
1036 end loop;
1037 End if;
1038 if p_generation_scope = 'ALL_GLOBAL' then
1039 execute immediate l_exec_str bulk collect into l_security_profie_table_temp
1040 using
1041 l_Restrict, --l_asgt_str
1042 l_all, --l_asgt_str
1043 l_Restrict, --l_asgt_str
1044 l_all, --l_asgt_str
1045 l_None, --l_asgt_str
1046 l_payroll_id, --l_cond_str
1047 l_all, --l_cond_str
1048 l_Restrict, --l_cond_str
1049 l_Restrict, --l_comm_str
1050 l_true, --l_comm_str
1051 l_U, --l_comm_str
1052 l_FALSE, --l_comm_str
1053 l_true, --l_comm_str
1054 p_assignment_id, --l_comm_str
1055 p_effective_date, --l_comm_str
1056 l_true, --l_comm_str
1057 l_person_id; --l_comm_str
1058 else
1059 execute immediate l_exec_str bulk collect into l_security_profie_table_temp
1060 using
1061 l_business_group_id, --l_bggr_str
1062 l_Restrict, --l_asgt_str
1063 l_all, --l_asgt_str
1064 l_Restrict, --l_asgt_str
1065 l_all, --l_asgt_str
1066 l_None, --l_asgt_str
1067 l_payroll_id, --l_cond_str
1068 l_all, --l_cond_str
1069 l_Restrict, --l_cond_str
1070 l_Restrict, --l_comm_str
1071 l_true, --l_comm_str
1072 l_U, --l_comm_str
1073 l_FALSE, --l_comm_str
1074 l_true, --l_comm_str
1075 p_assignment_id, --l_comm_str
1076 p_effective_date, --l_comm_str
1077 l_true, --l_comm_str
1078 l_person_id; --l_comm_str
1079 end if;
1080 add_to_cache;
1081 --
1082 exception
1083 --
1084 -- If no data found handle exception so that other
1085 -- inserts can go ahead.
1086 --
1087 when no_data_found then
1088 if g_debug then
1089 hr_utility.set_location(l_proc, 200);
1090 end if;
1091 null;
1092 when others then
1093 if g_debug then
1094 hr_utility.set_location(l_proc, 210);
1095 end if;
1096 raise;
1097 end;
1098 --
1099 -- add to lists which view all organization or payroll - E
1100 -- and restrict by position
1101 begin
1102 --
1103 if g_debug then
1104 hr_utility.set_location(l_proc, 220);
1105 end if;
1106 --
1107 l_from_str := ' from per_security_profiles sec ';
1108 --
1109 l_cond_str := ' sec.view_all_organizations_flag = :l_all
1110 and sec.view_all_payrolls_flag = :l_all
1111 and sec.view_all_positions_flag = :l_Restrict
1112 and nvl(sec.top_position_method, :l_S) <> :l_U
1113 and sec.view_all_flag = :l_Restrict and ';
1114 --
1115 l_exec_str := l_inst_str||l_from_str||' where '||
1116 l_bggr_str||l_asgt_str||l_cond_str||l_comm_str;
1117 --
1118 if g_debug then
1119 l_exec_str_print:= l_exec_str;
1120 while length(l_exec_str_print)>0 loop
1121 hr_utility.trace(substr(l_exec_str_print,1,70));
1122 l_exec_str_print:=substr(l_exec_str_print,71);
1123 end loop;
1124 End if;
1125 if p_generation_scope = 'ALL_GLOBAL' then
1126 execute immediate l_exec_str bulk collect into l_security_profie_table_temp
1127 using
1128 l_Restrict, --l_asgt_str
1129 l_all, --l_asgt_str
1130 l_Restrict, --l_asgt_str
1131 l_all, --l_asgt_str
1132 l_None, --l_asgt_str
1133
1134 l_all, --l_cond_str
1135 l_all, --l_cond_str
1136 l_Restrict, --l_cond_str
1137 l_S, --l_cond_str
1138 l_U, --l_cond_str
1139 l_Restrict, --l_comm_str
1140
1141 l_Restrict, --l_comm_str
1142 l_true, --l_comm_str
1143 l_U, --l_comm_str
1144 l_FALSE, --l_comm_str
1145 l_true, --l_comm_str
1146 p_assignment_id, --l_comm_str
1147 p_effective_date, --l_comm_str
1148 l_true, --l_comm_str
1149 l_person_id --l_comm_str
1150 ;
1151 else
1152 execute immediate l_exec_str bulk collect into l_security_profie_table_temp
1153 using
1154 l_business_group_id, --l_bggr_str
1155 l_Restrict, --l_asgt_str
1156 l_all, --l_asgt_str
1157 l_Restrict, --l_asgt_str
1158 l_all, --l_asgt_str
1159 l_None, --l_asgt_str
1160
1161 l_all, --l_cond_str
1162 l_all, --l_cond_str
1163 l_Restrict, --l_cond_str
1164 l_S, --l_cond_str
1165 l_U, --l_cond_str
1166 l_Restrict, --l_comm_str
1167
1168 l_Restrict, --l_comm_str
1169 l_true, --l_comm_str
1170 l_U, --l_comm_str
1171 l_FALSE, --l_comm_str
1172 l_true, --l_comm_str
1173 p_assignment_id, --l_comm_str
1174 p_effective_date, --l_comm_str
1175 l_true, --l_comm_str
1176 l_person_id --l_comm_str
1177 ;
1178 end if;
1179 add_to_cache;
1180
1181 --add_to_cache (l_exec_str => l_exec_str);
1182 --
1183 exception
1184 --
1185 -- If no data found handle exception so that other
1186 -- inserts can go ahead.
1187 --
1188 when no_data_found then
1189 if g_debug then
1190 hr_utility.set_location(l_proc, 230);
1191 end if;
1192 null;
1193 when others then
1194 if g_debug then
1195 hr_utility.set_location(l_proc, 240);
1196 end if;
1197 raise;
1198 end;
1199 --
1200 end if;
1201 --
1202 -- add to all lists which don't care about organization, - E1
1203 -- Position or Payroll but which do have a custom restriction.
1204 begin
1205 --
1206 if g_debug then
1207 hr_utility.set_location(l_proc, 250);
1208 end if;
1209 --
1210 l_from_str := ' from per_security_profiles sec ';
1211 --
1212 l_cond_str := ' sec.view_all_organizations_flag = :l_all
1213 and sec.view_all_positions_flag = :l_all
1214 and sec.view_all_payrolls_flag = :l_all
1215 and sec.custom_restriction_flag = :l_all
1216 and sec.view_all_flag = :l_Restrict and ';
1217 --
1218 l_exec_str := l_inst_str||l_from_str||' where '||
1219 l_bggr_str||l_asgt_str||l_cond_str||l_comm_str;
1220 --
1221 if g_debug then
1222 l_exec_str_print:= l_exec_str;
1223 while length(l_exec_str_print)>0 loop
1224 hr_utility.trace(substr(l_exec_str_print,1,70));
1225 l_exec_str_print:=substr(l_exec_str_print,71);
1226 end loop;
1227 End if;
1228 if p_generation_scope = 'ALL_GLOBAL' then
1229 execute immediate l_exec_str bulk collect into l_security_profie_table_temp
1230 using
1231 l_Restrict, --l_asgt_str
1232 l_all, --l_asgt_str
1233 l_Restrict, --l_asgt_str
1234 l_all, --l_asgt_str
1235 l_None, --l_asgt_str
1236
1237 l_all, --l_cond_str
1238 l_all, --l_cond_str
1239 l_all, --l_cond_str
1240 l_all, --l_cond_str
1241 l_Restrict, --l_cond_str
1242
1243 l_Restrict, --l_comm_str
1244 l_true, --l_comm_str
1245 l_U, --l_comm_str
1246 l_FALSE, --l_comm_str
1247 l_true, --l_comm_str
1248 p_assignment_id, --l_comm_str
1249 p_effective_date, --l_comm_str
1250 l_true, --l_comm_str
1251 l_person_id --l_comm_str
1252 ;
1253 else
1254 execute immediate l_exec_str bulk collect into l_security_profie_table_temp
1255 using
1256 l_business_group_id, --l_bggr_str
1257 l_Restrict, --l_asgt_str
1258 l_all, --l_asgt_str
1259 l_Restrict, --l_asgt_str
1260 l_all, --l_asgt_str
1261 l_None, --l_asgt_str
1262
1263 l_all, --l_cond_str
1264 l_all, --l_cond_str
1265 l_all, --l_cond_str
1266 l_all, --l_cond_str
1267 l_Restrict, --l_cond_str
1268
1269 l_Restrict, --l_comm_str
1270 l_true, --l_comm_str
1271 l_U, --l_comm_str
1272 l_FALSE, --l_comm_str
1273 l_true, --l_comm_str
1274 p_assignment_id, --l_comm_str
1275 p_effective_date, --l_comm_str
1276 l_true, --l_comm_str
1277 l_person_id --l_comm_str
1278 ;
1279 end if;
1280 add_to_cache;
1281 --
1282 exception
1283 --
1284 -- If no data found handle exception so that other
1285 -- inserts can go ahead.
1286 --
1287 when no_data_found then
1288 if g_debug then
1289 hr_utility.set_location(l_proc, 260);
1290 end if;
1291 null;
1292 when others then
1293 if g_debug then
1294 hr_utility.set_location(l_proc, 270);
1295 end if;
1296 raise;
1297 end;
1298 --
1299 else -- position is not null
1300 --
1301 if l_payroll_id is null then
1302 -- position is not null but payroll is
1303 --
1304 -- add to lists which restrict by position and organization - G
1305 -- regardless of payroll restriction
1306 --
1307 begin
1308 --
1309 if g_debug then
1310 hr_utility.set_location(l_proc, 280);
1311 end if;
1312 --
1313 l_from_str := ' from per_security_profiles sec,
1314 per_position_list posl,
1315 per_organization_list org ';
1316 --
1317 l_cond_str := ' org.security_profile_id = sec.security_profile_id
1318 and posl.security_profile_id = sec.security_profile_id
1319 and posl.security_profile_id = org.security_profile_id
1320 and org.organization_id = :l_organization_id
1321 and posl.position_id = :l_position_id
1322 and sec.view_all_organizations_flag = :l_Restrict
1323 and nvl(sec.top_organization_method, :l_S) <> :l_U
1324 and sec.view_all_positions_flag = :l_Restrict
1325 and nvl(sec.top_position_method, :l_S) <> :l_U
1326 and ';
1327 --
1328 l_exec_str := l_inst_str||l_from_str||' where '||
1329 l_bggr_str||l_asgt_str||l_cond_str||l_comm_str;
1330 --
1331 if g_debug then
1332 l_exec_str_print:= l_exec_str;
1333 while length(l_exec_str_print)>0 loop
1334 hr_utility.trace(substr(l_exec_str_print,1,70));
1335 l_exec_str_print:=substr(l_exec_str_print,71);
1336 end loop;
1337 End if;
1338 if p_generation_scope = 'ALL_GLOBAL' then
1339 execute immediate l_exec_str bulk collect into l_security_profie_table_temp
1340 using
1341 l_Restrict, --l_asgt_str
1342 l_all, --l_asgt_str
1343 l_Restrict, --l_asgt_str
1344 l_all, --l_asgt_str
1345 l_None, --l_asgt_str
1346
1347 l_organization_id, --l_cond_str
1348 l_position_id, --l_cond_str
1349 l_Restrict, --l_cond_str
1350 l_S, --l_cond_str
1351 l_U, --l_cond_str
1352 l_Restrict, --l_cond_str
1353 l_S, --l_cond_str
1354 l_U, --l_cond_str
1355
1356 l_Restrict, --l_comm_str
1357 l_true, --l_comm_str
1358 l_U, --l_comm_str
1359 l_FALSE, --l_comm_str
1360 l_true, --l_comm_str
1361 p_assignment_id, --l_comm_str
1362 p_effective_date, --l_comm_str
1363 l_true, --l_comm_str
1364 l_person_id --l_comm_str
1365 ;
1366 else
1367 execute immediate l_exec_str bulk collect into l_security_profie_table_temp
1368 using
1369 l_business_group_id, --l_bggr_str
1370 l_Restrict, --l_asgt_str
1371 l_all, --l_asgt_str
1372 l_Restrict, --l_asgt_str
1373 l_all, --l_asgt_str
1374 l_None, --l_asgt_str
1375
1376 l_organization_id, --l_cond_str
1377 l_position_id, --l_cond_str
1378 l_Restrict, --l_cond_str
1379 l_S, --l_cond_str
1380 l_U, --l_cond_str
1381 l_Restrict, --l_cond_str
1382 l_S, --l_cond_str
1383 l_U, --l_cond_str
1384
1385 l_Restrict, --l_comm_str
1386 l_true, --l_comm_str
1387 l_U, --l_comm_str
1388 l_FALSE, --l_comm_str
1389 l_true, --l_comm_str
1390 p_assignment_id, --l_comm_str
1391 p_effective_date, --l_comm_str
1392 l_true, --l_comm_str
1393 l_person_id --l_comm_str
1394 ;
1395 end if;
1396 add_to_cache;
1397 --
1398 exception
1399 --
1400 -- If no data found handle exception so that other
1401 -- inserts can go ahead.
1402 --
1403 when no_data_found then
1404 if g_debug then
1405 hr_utility.set_location(l_proc, 290);
1406 end if;
1407 null;
1408 when others then
1409 if g_debug then
1410 hr_utility.set_location(l_proc, 300);
1411 end if;
1412 raise;
1413 end;
1414 --
1415 -- add to lists which restrict by org and view all - H
1416 -- pos regardless of payroll
1417 --
1418 begin
1419 --
1420 if g_debug then
1421 hr_utility.set_location(l_proc, 310);
1422 end if;
1423 --
1424 l_from_str := ' from per_security_profiles sec,
1425 per_organization_list org ';
1426 --
1427 l_cond_str := ' org.security_profile_id = sec.security_profile_id
1428 and org.organization_id = :l_organization_id
1429 and sec.view_all_organizations_flag = :l_Restrict
1430 and nvl(sec.top_organization_method, :l_S) <> :l_U
1431 and sec.view_all_positions_flag = :l_all and ';
1432 --
1433 l_exec_str := l_inst_str||l_from_str||' where '||
1434 l_bggr_str||l_asgt_str||l_cond_str||l_comm_str;
1435 --
1436 if g_debug then
1437 l_exec_str_print:= l_exec_str;
1438 while length(l_exec_str_print)>0 loop
1439 hr_utility.trace(substr(l_exec_str_print,1,70));
1440 l_exec_str_print:=substr(l_exec_str_print,71);
1441 end loop;
1442 End if;
1443 if p_generation_scope = 'ALL_GLOBAL' then
1444 execute immediate l_exec_str bulk collect into l_security_profie_table_temp
1445 using
1446 l_Restrict, --l_asgt_str
1447 l_all, --l_asgt_str
1448 l_Restrict, --l_asgt_str
1449 l_all, --l_asgt_str
1450 l_None, --l_asgt_str
1451
1452 l_organization_id, --l_cond_str
1453 l_Restrict, --l_cond_str
1454 l_S, --l_cond_str
1455 l_U, --l_cond_str
1456 l_all, ----l_cond_str
1457
1458 l_Restrict, --l_comm_str
1459 l_true, --l_comm_str
1460 l_U, --l_comm_str
1461 l_FALSE, --l_comm_str
1462 l_true, --l_comm_str
1463 p_assignment_id, --l_comm_str
1464 p_effective_date, --l_comm_str
1465 l_true, --l_comm_str
1466 l_person_id --l_comm_str
1467 ;
1468 else
1469 execute immediate l_exec_str bulk collect into l_security_profie_table_temp
1470 using
1471 l_business_group_id, --l_bggr_str
1472 l_Restrict, --l_asgt_str
1473 l_all, --l_asgt_str
1474 l_Restrict, --l_asgt_str
1475 l_all, --l_asgt_str
1476 l_None, --l_asgt_str
1477
1478 l_organization_id, --l_cond_str
1479 l_Restrict, --l_cond_str
1480 l_S, --l_cond_str
1481 l_U, --l_cond_str
1482 l_all, ----l_cond_str
1483
1484 l_Restrict, --l_comm_str
1485 l_true, --l_comm_str
1486 l_U, --l_comm_str
1487 l_FALSE, --l_comm_str
1488 l_true, --l_comm_str
1489 p_assignment_id, --l_comm_str
1490 p_effective_date, --l_comm_str
1491 l_true, --l_comm_str
1492 l_person_id --l_comm_str
1493 ;
1494 end if;
1495 add_to_cache;
1496 --
1497 exception
1498 --
1499 -- If no data found handle exception so that other
1500 -- inserts can go ahead.
1501 --
1502 when no_data_found then
1503 if g_debug then
1504 hr_utility.set_location(l_proc, 320);
1505 end if;
1506 null;
1507 when others then
1508 if g_debug then
1509 hr_utility.set_location(l_proc, 330);
1510 end if;
1511 raise;
1512 end;
1513 --
1514 -- add to lists which view all org and view all - I
1515 -- pos and restrict by payroll
1516 begin
1517 --
1518 if g_debug then
1519 hr_utility.set_location(l_proc, 340);
1520 end if;
1521 --
1522 l_from_str := ' from per_security_profiles sec ';
1523 --
1524 l_cond_str := ' sec.view_all_organizations_flag = :l_all
1525 and sec.view_all_positions_flag = :l_all
1526 and sec.view_all_payrolls_flag = :l_Restrict and ';
1527 --
1528 l_exec_str := l_inst_str||l_from_str||' where '||
1529 l_bggr_str||l_asgt_str||l_cond_str||l_comm_str;
1530 --
1531 if g_debug then
1532 l_exec_str_print:= l_exec_str;
1533 while length(l_exec_str_print)>0 loop
1534 hr_utility.trace(substr(l_exec_str_print,1,70));
1535 l_exec_str_print:=substr(l_exec_str_print,71);
1536 end loop;
1537 End if;
1538 if p_generation_scope = 'ALL_GLOBAL' then
1539 execute immediate l_exec_str bulk collect into l_security_profie_table_temp
1540 using
1541 l_Restrict, --l_asgt_str
1542 l_all, --l_asgt_str
1543 l_Restrict, --l_asgt_str
1544 l_all, --l_asgt_str
1545 l_None, --l_asgt_str
1546
1547 l_all, ----l_cond_str
1548 l_all, ----l_cond_str
1549 l_Restrict, --l_cond_str
1550
1551 l_Restrict, --l_comm_str
1552 l_true, --l_comm_str
1553 l_U, --l_comm_str
1554 l_FALSE, --l_comm_str
1555 l_true, --l_comm_str
1556 p_assignment_id, --l_comm_str
1557 p_effective_date, --l_comm_str
1558 l_true, --l_comm_str
1559 l_person_id --l_comm_str
1560 ;
1561 else
1562 execute immediate l_exec_str bulk collect into l_security_profie_table_temp
1563 using
1564 l_business_group_id, --l_bggr_str
1565 l_Restrict, --l_asgt_str
1566 l_all, --l_asgt_str
1567 l_Restrict, --l_asgt_str
1568 l_all, --l_asgt_str
1569 l_None, --l_asgt_str
1570
1571 l_all, ----l_cond_str
1572 l_all, ----l_cond_str
1573 l_Restrict, --l_cond_str
1574
1575 l_Restrict, --l_comm_str
1576 l_true, --l_comm_str
1577 l_U, --l_comm_str
1578 l_FALSE, --l_comm_str
1579 l_true, --l_comm_str
1580 p_assignment_id, --l_comm_str
1581 p_effective_date, --l_comm_str
1582 l_true, --l_comm_str
1583 l_person_id --l_comm_str
1584 ;
1585 end if;
1586 add_to_cache;
1587 --
1588 exception
1589 --
1590 -- If no data found handle exception so that other
1591 -- inserts can go ahead.
1592 --
1593 when no_data_found then
1594 if g_debug then
1595 hr_utility.set_location(l_proc, 350);
1596 end if;
1597 null;
1598 when others then
1599 if g_debug then
1600 hr_utility.set_location(l_proc, 360);
1601 end if;
1602 raise;
1603 end;
1604 --
1605 -- add to lists which view all org, restrict by pos - J
1606 -- regardless of payroll
1607 begin
1608 --
1609 if g_debug then
1610 hr_utility.set_location(l_proc, 370);
1611 end if;
1612 --
1613 l_from_str := ' from per_security_profiles sec,
1614 per_position_list posl ';
1615 --
1616 l_cond_str := ' posl.security_profile_id = sec.security_profile_id
1617 and posl.position_id = :l_position_id
1618 and sec.view_all_organizations_flag = :l_all
1619 and sec.view_all_positions_flag = :l_Restrict
1620 and nvl(sec.top_position_method, :l_S) <> :l_U
1621 and sec.view_all_flag = :l_Restrict
1622 and sec.business_group_id = :l_business_group_id
1623 and ';
1624 --
1625 l_exec_str := l_inst_str||l_from_str||' where '||
1626 l_bggr_str||l_asgt_str||l_cond_str||l_comm_str;
1627 --
1628 if g_debug then
1629 l_exec_str_print:= l_exec_str;
1630 while length(l_exec_str_print)>0 loop
1631 hr_utility.trace(substr(l_exec_str_print,1,70));
1632 l_exec_str_print:=substr(l_exec_str_print,71);
1633 end loop;
1634 End if;
1635 if p_generation_scope = 'ALL_GLOBAL' then
1636 execute immediate l_exec_str bulk collect into l_security_profie_table_temp
1637 using
1638 l_Restrict, --l_asgt_str
1639 l_all, --l_asgt_str
1640 l_Restrict, --l_asgt_str
1641 l_all, --l_asgt_str
1642 l_None, --l_asgt_str
1643
1644 l_position_id, ----l_cond_str
1645 l_all, ----l_cond_str
1646 l_Restrict, --l_cond_str
1647 l_S, --l_cond_str
1648 l_U, --l_cond_str
1649 l_Restrict, --l_cond_str
1650 l_business_group_id, --l_cond_str
1651
1652
1653 l_Restrict, --l_comm_str
1654 l_true, --l_comm_str
1655 l_U, --l_comm_str
1656 l_FALSE, --l_comm_str
1657 l_true, --l_comm_str
1658 p_assignment_id, --l_comm_str
1659 p_effective_date, --l_comm_str
1660 l_true, --l_comm_str
1661 l_person_id --l_comm_str
1662 ;
1663 else
1664 execute immediate l_exec_str bulk collect into l_security_profie_table_temp
1665 using
1666 l_business_group_id, --l_bggr_str
1667 l_Restrict, --l_asgt_str
1668 l_all, --l_asgt_str
1669 l_Restrict, --l_asgt_str
1670 l_all, --l_asgt_str
1671 l_None, --l_asgt_str
1672
1673 l_position_id, ----l_cond_str
1674 l_all, ----l_cond_str
1675 l_Restrict, --l_cond_str
1676 l_S, --l_cond_str
1677 l_U, --l_cond_str
1678 l_Restrict, --l_cond_str
1679 l_business_group_id, --l_cond_str
1680
1681 l_Restrict, --l_comm_str
1682 l_true, --l_comm_str
1683 l_U, --l_comm_str
1684 l_FALSE, --l_comm_str
1685 l_true, --l_comm_str
1686 p_assignment_id, --l_comm_str
1687 p_effective_date, --l_comm_str
1688 l_true, --l_comm_str
1689 l_person_id --l_comm_str
1690 ;
1691 end if;
1692 add_to_cache;
1693 --
1694 exception
1695 --
1696 -- If no data found handle exception so that other
1697 -- inserts can go ahead.
1698 --
1699 when no_data_found then
1700 if g_debug then
1701 hr_utility.set_location(l_proc, 380);
1702 end if;
1703 null;
1704 when others then
1705 if g_debug then
1706 hr_utility.set_location(l_proc, 390);
1707 end if;
1708 raise;
1709 end;
1710 --
1711 -- add to all lists which don't care about organization, - J1
1712 -- Position or Payroll but which do have a custom restriction.
1713 begin
1714 --
1715 if g_debug then
1716 hr_utility.set_location(l_proc, 400);
1717 end if;
1718 --
1719 l_from_str := ' from per_security_profiles sec ';
1720 --
1721 l_cond_str := ' sec.view_all_organizations_flag = :l_all
1722 and sec.view_all_positions_flag = :l_all
1723 and sec.view_all_payrolls_flag = :l_all
1724 and sec.custom_restriction_flag = :l_all
1725 and sec.view_all_flag = :l_Restrict and ';
1726 --
1727 l_exec_str := l_inst_str||l_from_str||' where '||
1728 l_bggr_str||l_asgt_str||l_cond_str||l_comm_str;
1729 --
1730 if g_debug then
1731 l_exec_str_print:= l_exec_str;
1732 while length(l_exec_str_print)>0 loop
1733 hr_utility.trace(substr(l_exec_str_print,1,70));
1734 l_exec_str_print:=substr(l_exec_str_print,71);
1735 end loop;
1736 End if;
1737 if p_generation_scope = 'ALL_GLOBAL' then
1738 execute immediate l_exec_str bulk collect into l_security_profie_table_temp
1739 using
1740 l_Restrict, --l_asgt_str
1741 l_all, --l_asgt_str
1742 l_Restrict, --l_asgt_str
1743 l_all, --l_asgt_str
1744 l_None, --l_asgt_str
1745
1746 l_all, ----l_cond_str
1747 l_all, ----l_cond_str
1748 l_all, ----l_cond_str
1749 l_all, ----l_cond_str
1750 l_Restrict, --l_cond_str
1751
1752 l_Restrict, --l_comm_str
1753 l_true, --l_comm_str
1754 l_U, --l_comm_str
1755 l_FALSE, --l_comm_str
1756 l_true, --l_comm_str
1757 p_assignment_id, --l_comm_str
1758 p_effective_date, --l_comm_str
1759 l_true, --l_comm_str
1760 l_person_id --l_comm_str
1761 ;
1762 else
1763 execute immediate l_exec_str bulk collect into l_security_profie_table_temp
1764 using
1765 l_business_group_id, --l_bggr_str
1766 l_Restrict, --l_asgt_str
1767 l_all, --l_asgt_str
1768 l_Restrict, --l_asgt_str
1769 l_all, --l_asgt_str
1770 l_None, --l_asgt_str
1771
1772 l_all, ----l_cond_str
1773 l_all, ----l_cond_str
1774 l_all, ----l_cond_str
1775 l_all, ----l_cond_str
1776 l_Restrict, --l_cond_str
1777
1778 l_Restrict, --l_comm_str
1779 l_true, --l_comm_str
1780 l_U, --l_comm_str
1781 l_FALSE, --l_comm_str
1782 l_true, --l_comm_str
1783 p_assignment_id, --l_comm_str
1784 p_effective_date, --l_comm_str
1785 l_true, --l_comm_str
1786 l_person_id --l_comm_str
1787 ;
1788 end if;
1789 add_to_cache;
1790 --
1791 exception
1792 --
1793 -- If no data found handle exception so that other
1794 -- inserts can go ahead.
1795 --
1796 when no_data_found then
1797 if g_debug then
1798 hr_utility.set_location(l_proc, 410);
1799 end if;
1800 null;
1801 when others then
1802 if g_debug then
1803 hr_utility.set_location(l_proc, 420);
1804 end if;
1805 raise;
1806 end;
1807 --
1808 else -- position and payroll are not null
1809 --
1810 -- add to lists which restrict by Org, Pos and Payroll - K
1811 --
1812 begin
1813 --
1814 if g_debug then
1815 hr_utility.set_location(l_proc, 430);
1816 end if;
1817 --
1818 l_from_str := ' from per_security_profiles sec,
1819 pay_payroll_list pay,
1820 per_position_list posl,
1821 per_organization_list org ';
1822 --
1823 l_cond_str := ' org.security_profile_id = sec.security_profile_id
1824 and posl.security_profile_id = sec.security_profile_id
1825 and pay.security_profile_id = sec.security_profile_id
1826 and pay.security_profile_id = posl.security_profile_id
1827 and pay.security_profile_id = org.security_profile_id
1828 and org.security_profile_id = posl.security_profile_id
1829 and org.organization_id = :l_organization_id
1830 and posl.position_id = :l_position_id
1831 and pay.payroll_id = :l_payroll_id
1832 and sec.view_all_organizations_flag = :l_Restrict
1833 and nvl(sec.top_organization_method, :l_S) <> :l_U
1834 and sec.view_all_positions_flag = :l_Restrict
1835 and nvl(sec.top_position_method, :l_S) <> :l_U
1836 and sec.view_all_payrolls_flag = :l_Restrict and ';
1837 --
1838 l_exec_str := l_inst_str||l_from_str||' where '||
1839 l_bggr_str||l_asgt_str||l_cond_str||l_comm_str;
1840 --
1841 if g_debug then
1842 l_exec_str_print:= l_exec_str;
1843 while length(l_exec_str_print)>0 loop
1844 hr_utility.trace(substr(l_exec_str_print,1,70));
1845 l_exec_str_print:=substr(l_exec_str_print,71);
1846 end loop;
1847 End if;
1848 if p_generation_scope = 'ALL_GLOBAL' then
1849 execute immediate l_exec_str bulk collect into l_security_profie_table_temp
1850 using
1851 l_Restrict, --l_asgt_str
1852 l_all, --l_asgt_str
1853 l_Restrict, --l_asgt_str
1854 l_all, --l_asgt_str
1855 l_None, --l_asgt_str
1856
1857 l_organization_id, ----l_cond_str
1858 l_position_id, ----l_cond_str
1859 l_payroll_id, ----l_cond_str
1860 l_Restrict, ----l_cond_str
1861 l_S, --l_cond_str
1862 l_U, --l_cond_str
1863 l_Restrict,
1864 l_S, --l_cond_str
1865 l_U, --l_cond_str
1866 l_Restrict, --l_cond_str
1867
1868 l_Restrict, --l_comm_str
1869 l_true, --l_comm_str
1870 l_U, --l_comm_str
1871 l_FALSE, --l_comm_str
1872 l_true, --l_comm_str
1873 p_assignment_id, --l_comm_str
1874 p_effective_date, --l_comm_str
1875 l_true, --l_comm_str
1876 l_person_id --l_comm_str
1877 ;
1878 else
1879 execute immediate l_exec_str bulk collect into l_security_profie_table_temp
1880 using
1881 l_business_group_id, --l_bggr_str
1882 l_Restrict, --l_asgt_str
1883 l_all, --l_asgt_str
1884 l_Restrict, --l_asgt_str
1885 l_all, --l_asgt_str
1886 l_None, --l_asgt_str
1887
1888 l_organization_id, ----l_cond_str
1889 l_position_id, ----l_cond_str
1890 l_payroll_id, ----l_cond_str
1891 l_Restrict, ----l_cond_str
1892 l_S, --l_cond_str
1893 l_U, --l_cond_str
1894 l_Restrict,
1895 l_S, --l_cond_str
1896 l_U, --l_cond_str
1897 l_Restrict, --l_cond_str
1898
1899 l_Restrict, --l_comm_str
1900 l_true, --l_comm_str
1901 l_U, --l_comm_str
1902 l_FALSE, --l_comm_str
1903 l_true, --l_comm_str
1904 p_assignment_id, --l_comm_str
1905 p_effective_date, --l_comm_str
1906 l_true, --l_comm_str
1907 l_person_id --l_comm_str
1908 ;
1909 end if;
1910 add_to_cache;
1911 --
1912 exception
1913 --
1914 -- If no data found handle exception so that other
1915 -- inserts can go ahead.
1916 --
1917 when no_data_found then
1918 if g_debug then
1919 hr_utility.set_location(l_proc, 440);
1920 end if;
1921 null;
1922 when others then
1923 if g_debug then
1924 hr_utility.set_location(l_proc, 450);
1925 end if;
1926 raise;
1927 end;
1928 --
1929 -- add to lists which restrict by Org and Pos and view all - L
1930 -- payroll
1931 --
1932 begin
1933 --
1934 if g_debug then
1935 hr_utility.set_location(l_proc, 460);
1936 end if;
1937 --
1938 l_from_str := ' from per_security_profiles sec,
1939 per_position_list posl,
1940 per_organization_list org ';
1941 --
1942 l_cond_str := ' org.security_profile_id = sec.security_profile_id
1943 and posl.security_profile_id = sec.security_profile_id
1944 and posl.security_profile_id = org.security_profile_id
1945 and org.organization_id = :l_organization_id
1946 and posl.position_id = :l_position_id
1947 and sec.view_all_organizations_flag = :l_Restrict
1948 and nvl(sec.top_organization_method, :l_S) <> :l_U
1949 and sec.view_all_positions_flag = :l_Restrict
1950 and nvl(sec.top_position_method, :l_S) <> :l_U
1951 and sec.view_all_payrolls_flag = :l_all and ';
1952 --
1953 l_exec_str := l_inst_str||l_from_str||' where '||
1954 l_bggr_str||l_asgt_str||l_cond_str||l_comm_str;
1955 --
1956 if g_debug then
1957 l_exec_str_print:= l_exec_str;
1958 while length(l_exec_str_print)>0 loop
1959 hr_utility.trace(substr(l_exec_str_print,1,70));
1960 l_exec_str_print:=substr(l_exec_str_print,71);
1961 end loop;
1962 End if;
1963 if p_generation_scope = 'ALL_GLOBAL' then
1964 execute immediate l_exec_str bulk collect into l_security_profie_table_temp
1965 using
1966 l_Restrict, --l_asgt_str
1967 l_all, --l_asgt_str
1968 l_Restrict, --l_asgt_str
1969 l_all, --l_asgt_str
1970 l_None, --l_asgt_str
1971
1972 l_organization_id, ----l_cond_str
1973 l_position_id, ----l_cond_str
1974 l_Restrict, ----l_cond_str
1975 l_S, --l_cond_str
1976 l_U, --l_cond_str
1977 l_Restrict,
1978 l_S, --l_cond_str
1979 l_U, --l_cond_str
1980 l_all, --l_cond_str
1981
1982 l_Restrict, --l_comm_str
1983 l_true, --l_comm_str
1984 l_U, --l_comm_str
1985 l_FALSE, --l_comm_str
1986 l_true, --l_comm_str
1987 p_assignment_id, --l_comm_str
1988 p_effective_date, --l_comm_str
1989 l_true, --l_comm_str
1990 l_person_id --l_comm_str
1991 ;
1992 else
1993 execute immediate l_exec_str bulk collect into l_security_profie_table_temp
1994 using
1995 l_business_group_id, --l_bggr_str
1996 l_Restrict, --l_asgt_str
1997 l_all, --l_asgt_str
1998 l_Restrict, --l_asgt_str
1999 l_all, --l_asgt_str
2000 l_None, --l_asgt_str
2001
2002 l_organization_id, ----l_cond_str
2003 l_position_id, ----l_cond_str
2004 l_Restrict, ----l_cond_str
2005 l_S, --l_cond_str
2006 l_U, --l_cond_str
2007 l_Restrict,
2008 l_S, --l_cond_str
2009 l_U, --l_cond_str
2010 l_all, --l_cond_str
2011
2012 l_Restrict, --l_comm_str
2013 l_true, --l_comm_str
2014 l_U, --l_comm_str
2015 l_FALSE, --l_comm_str
2016 l_true, --l_comm_str
2017 p_assignment_id, --l_comm_str
2018 p_effective_date, --l_comm_str
2019 l_true, --l_comm_str
2020 l_person_id --l_comm_str
2021 ;
2022 end if;
2023 add_to_cache;
2024 --
2025 exception
2026 --
2027 -- If no data found handle exception so that other
2028 -- inserts can go ahead.
2029 --
2030 when no_data_found then
2031 if g_debug then
2032 hr_utility.set_location(l_proc, 470);
2033 end if;
2034 null;
2035 when others then
2036 if g_debug then
2037 hr_utility.set_location(l_proc, 480);
2038 end if;
2039 raise;
2040 end;
2041 --
2042 -- add to lists which restrict by org and payroll and view all - M
2043 -- positions
2044 --
2045 begin
2046 --
2047 if g_debug then
2048 hr_utility.set_location(l_proc, 490);
2049 end if;
2050 --
2051 l_from_str := ' from per_security_profiles sec,
2052 pay_payroll_list pay,
2053 per_organization_list org ';
2054 --
2055 l_cond_str := ' org.security_profile_id = sec.security_profile_id
2056 and pay.security_profile_id = sec.security_profile_id
2057 and org.organization_id = :l_organization_id
2058 and pay.payroll_id = :l_payroll_id
2059 and sec.view_all_organizations_flag = :l_Restrict
2060 and nvl(sec.top_organization_method, :l_S) <> :l_U
2061 and sec.view_all_positions_flag = :l_all
2062 and sec.view_all_payrolls_flag = :l_Restrict and ';
2063 --
2064 l_exec_str := l_inst_str||l_from_str||' where '||
2065 l_bggr_str||l_asgt_str||l_cond_str||l_comm_str;
2066 --
2067 if g_debug then
2068 l_exec_str_print:= l_exec_str;
2069 while length(l_exec_str_print)>0 loop
2070 hr_utility.trace(substr(l_exec_str_print,1,70));
2071 l_exec_str_print:=substr(l_exec_str_print,71);
2072 end loop;
2073 End if;
2074 if p_generation_scope = 'ALL_GLOBAL' then
2075 execute immediate l_exec_str bulk collect into l_security_profie_table_temp
2076 using
2077 l_Restrict, --l_asgt_str
2078 l_all, --l_asgt_str
2079 l_Restrict, --l_asgt_str
2080 l_all, --l_asgt_str
2081 l_None, --l_asgt_str
2082
2083 l_organization_id, ----l_cond_str
2084 l_payroll_id, ----l_cond_str
2085 l_Restrict, ----l_cond_str
2086 l_S, --l_cond_str
2087 l_U, --l_cond_str
2088 l_all,
2089 l_Restrict, --l_cond_str
2090
2091 l_Restrict, --l_comm_str
2092 l_true, --l_comm_str
2093 l_U, --l_comm_str
2094 l_FALSE, --l_comm_str
2095 l_true, --l_comm_str
2096 p_assignment_id, --l_comm_str
2097 p_effective_date, --l_comm_str
2098 l_true, --l_comm_str
2099 l_person_id --l_comm_str
2100 ;
2101 else
2102 execute immediate l_exec_str bulk collect into l_security_profie_table_temp
2103 using
2104 l_business_group_id, --l_bggr_str
2105 l_Restrict, --l_asgt_str
2106 l_all, --l_asgt_str
2107 l_Restrict, --l_asgt_str
2108 l_all, --l_asgt_str
2109 l_None, --l_asgt_str
2110
2111 l_organization_id, ----l_cond_str
2112 l_payroll_id, ----l_cond_str
2113 l_Restrict, ----l_cond_str
2114 l_S, --l_cond_str
2115 l_U, --l_cond_str
2116 l_all,
2117 l_Restrict, --l_cond_str
2118
2119 l_Restrict, --l_comm_str
2120 l_true, --l_comm_str
2121 l_U, --l_comm_str
2122 l_FALSE, --l_comm_str
2123 l_true, --l_comm_str
2124 p_assignment_id, --l_comm_str
2125 p_effective_date, --l_comm_str
2126 l_true, --l_comm_str
2127 l_person_id --l_comm_str
2128 ;
2129 end if;
2130 add_to_cache;
2131 --
2132 exception
2133 --
2134 -- If no data found handle exception so that other
2135 -- inserts can go ahead.
2136 --
2137 when no_data_found then
2138 if g_debug then
2139 hr_utility.set_location(l_proc, 500);
2140 end if;
2141 null;
2142 when others then
2143 if g_debug then
2144 hr_utility.set_location(l_proc, 510);
2145 end if;
2146 raise;
2147 end;
2148 --
2149 -- add to lists which restrict by pos and pay and view all - O
2150 -- org
2151 --
2152 begin
2153 --
2154 if g_debug then
2155 hr_utility.set_location(l_proc, 520);
2156 end if;
2157 --
2158 l_from_str := ' from per_security_profiles sec,
2159 pay_payroll_list pay,
2160 per_position_list posl ';
2161 --
2162 l_cond_str := ' posl.security_profile_id = sec.security_profile_id
2163 and pay.security_profile_id = sec.security_profile_id
2164 and pay.security_profile_id = posl.security_profile_id
2165 and posl.position_id = :l_position_id
2166 and pay.payroll_id = :l_payroll_id
2167 and sec.view_all_organizations_flag = :l_all
2168 and sec.view_all_positions_flag = :l_Restrict
2169 and nvl(sec.top_position_method, :l_S) <> :l_U
2170 and sec.view_all_payrolls_flag = :l_Restrict and ';
2171 --
2172 l_exec_str := l_inst_str||l_from_str||' where '||
2173 l_bggr_str||l_asgt_str||l_cond_str||l_comm_str;
2174 --
2175 if g_debug then
2176 l_exec_str_print:= l_exec_str;
2177 while length(l_exec_str_print)>0 loop
2178 hr_utility.trace(substr(l_exec_str_print,1,70));
2179 l_exec_str_print:=substr(l_exec_str_print,71);
2180 end loop;
2181 End if;
2182 if p_generation_scope = 'ALL_GLOBAL' then
2183 execute immediate l_exec_str bulk collect into l_security_profie_table_temp
2184 using
2185 l_Restrict, --l_asgt_str
2186 l_all, --l_asgt_str
2187 l_Restrict, --l_asgt_str
2188 l_all, --l_asgt_str
2189 l_None, --l_asgt_str
2190
2191 l_position_id, ----l_cond_str
2192 l_payroll_id, ----l_cond_str
2193 l_all,
2194 l_Restrict, ----l_cond_str
2195 l_S, --l_cond_str
2196 l_U, --l_cond_str
2197 l_Restrict, --l_cond_str
2198
2199 l_Restrict, --l_comm_str
2200 l_true, --l_comm_str
2201 l_U, --l_comm_str
2202 l_FALSE, --l_comm_str
2203 l_true, --l_comm_str
2204 p_assignment_id, --l_comm_str
2205 p_effective_date, --l_comm_str
2206 l_true, --l_comm_str
2207 l_person_id --l_comm_str
2208 ;
2209 else
2210 execute immediate l_exec_str bulk collect into l_security_profie_table_temp
2211 using
2212 l_business_group_id, --l_bggr_str
2213 l_Restrict, --l_asgt_str
2214 l_all, --l_asgt_str
2215 l_Restrict, --l_asgt_str
2216 l_all, --l_asgt_str
2217 l_None, --l_asgt_str
2218
2219 l_position_id, ----l_cond_str
2220 l_payroll_id, ----l_cond_str
2221 l_all,
2222 l_Restrict, ----l_cond_str
2223 l_S, --l_cond_str
2224 l_U, --l_cond_str
2225 l_Restrict, --l_cond_str
2226
2227 l_Restrict, --l_comm_str
2228 l_true, --l_comm_str
2229 l_U, --l_comm_str
2230 l_FALSE, --l_comm_str
2231 l_true, --l_comm_str
2232 p_assignment_id, --l_comm_str
2233 p_effective_date, --l_comm_str
2234 l_true, --l_comm_str
2235 l_person_id --l_comm_str
2236 ;
2237 end if;
2238 add_to_cache;
2239 --
2240 exception
2241 --
2242 -- If no data found handle exception so that other
2243 -- inserts can go ahead.
2244 --
2245 when no_data_found then
2246 if g_debug then
2247 hr_utility.set_location(l_proc, 530);
2248 end if;
2249 null;
2250 when others then
2251 if g_debug then
2252 hr_utility.set_location(l_proc, 540);
2253 end if;
2254 raise;
2255 end;
2256 --
2257 -- add to lists which restrict by org and view all - P
2258 -- position or payroll
2259 --
2260 begin
2261 --
2262 if g_debug then
2263 hr_utility.set_location(l_proc, 550);
2264 end if;
2265 --
2266 l_from_str := ' from per_security_profiles sec,
2267 per_organization_list org ';
2268 --
2269 l_cond_str := ' org.security_profile_id = sec.security_profile_id
2270 and org.organization_id = :l_organization_id
2271 and sec.view_all_organizations_flag = :l_Restrict
2272 and nvl(sec.top_organization_method, :l_S) <> :l_U
2273 and sec.view_all_positions_flag = :l_all
2274 and sec.view_all_payrolls_flag = :l_all and ';
2275 --
2276 l_exec_str := l_inst_str||l_from_str||' where '||
2277 l_bggr_str||l_asgt_str||l_cond_str||l_comm_str;
2278 --
2279 if g_debug then
2280 l_exec_str_print:= l_exec_str;
2281 while length(l_exec_str_print)>0 loop
2282 hr_utility.trace(substr(l_exec_str_print,1,70));
2283 l_exec_str_print:=substr(l_exec_str_print,71);
2284 end loop;
2285 End if;
2286 if p_generation_scope = 'ALL_GLOBAL' then
2287 -- execute immediate l_exec_str
2288 execute immediate l_exec_str bulk collect into l_security_profie_table_temp -- 6368698
2289 using
2290 l_Restrict, --l_asgt_str
2291 l_all, --l_asgt_str
2292 l_Restrict, --l_asgt_str
2293 l_all, --l_asgt_str
2294 l_None, --l_asgt_str
2295
2296 l_organization_id, ----l_cond_str
2297 l_Restrict, ----l_cond_str
2298 l_S, --l_cond_str
2299 l_U, --l_cond_str
2300 l_all, --l_cond_str
2301 l_all, --l_cond_str
2302
2303
2304 l_Restrict, --l_comm_str
2305 l_true, --l_comm_str
2306 l_U, --l_comm_str
2307 l_FALSE, --l_comm_str
2308 l_true, --l_comm_str
2309 p_assignment_id, --l_comm_str
2310 p_effective_date, --l_comm_str
2311 l_true, --l_comm_str
2312 l_person_id --l_comm_str
2313 ;
2314 else
2315 execute immediate l_exec_str bulk collect into l_security_profie_table_temp -- 6368698
2316 using
2317 l_business_group_id, --l_bggr_str
2318 l_Restrict, --l_asgt_str
2319 l_all, --l_asgt_str
2320 l_Restrict, --l_asgt_str
2321 l_all, --l_asgt_str
2322 l_None, --l_asgt_str
2323
2324 l_organization_id, ----l_cond_str
2325 l_Restrict, ----l_cond_str
2326 l_S, --l_cond_str
2327 l_U, --l_cond_str
2328 l_all, --l_cond_str
2329 l_all, --l_cond_str
2330
2331 l_Restrict, --l_comm_str
2332 l_true, --l_comm_str
2333 l_U, --l_comm_str
2334 l_FALSE, --l_comm_str
2335 l_true, --l_comm_str
2336 p_assignment_id, --l_comm_str
2337 p_effective_date, --l_comm_str
2338 l_true, --l_comm_str
2339 l_person_id --l_comm_str
2340 ;
2341 end if;
2342 add_to_cache;
2343 --
2344 exception
2345 --
2346 -- If no data found handle exception so that other
2347 -- inserts can go ahead.
2348 --
2349 when no_data_found then
2350 if g_debug then
2351 hr_utility.set_location(l_proc, 560);
2352 end if;
2353 null;
2354 when others then
2355 if g_debug then
2356 hr_utility.set_location(l_proc, 570);
2357 end if;
2358 raise;
2359 end;
2360 --
2361 -- add to lists which restrict by pos and view all - Q
2362 -- organization and payroll
2363 begin
2364 --
2365 if g_debug then
2366 hr_utility.set_location(l_proc, 580);
2367 end if;
2368 --
2369 l_from_str := ' from per_security_profiles sec,
2370 per_position_list posl ';
2371 --
2372 l_cond_str := ' posl.security_profile_id = sec.security_profile_id
2373 and posl.position_id = :l_position_id
2374 and sec.view_all_organizations_flag = :l_all
2375 and sec.view_all_positions_flag = :l_Restrict
2376 and nvl(sec.top_position_method, :l_S) <> :l_U
2377 and sec.view_all_payrolls_flag = :l_all and ';
2378 --
2379 l_exec_str := l_inst_str||l_from_str||' where '||
2380 l_bggr_str||l_asgt_str||l_cond_str||l_comm_str;
2381 --
2382 if g_debug then
2383 l_exec_str_print:= l_exec_str;
2384 while length(l_exec_str_print)>0 loop
2385 hr_utility.trace(substr(l_exec_str_print,1,70));
2386 l_exec_str_print:=substr(l_exec_str_print,71);
2387 end loop;
2388 End if;
2389 if p_generation_scope = 'ALL_GLOBAL' then
2390 execute immediate l_exec_str bulk collect into l_security_profie_table_temp -- 6368698
2391 using
2392 l_Restrict, --l_asgt_str
2393 l_all, --l_asgt_str
2394 l_Restrict, --l_asgt_str
2395 l_all, --l_asgt_str
2396 l_None, --l_asgt_str
2397
2398 l_position_id, ----l_cond_str
2399 l_all, --l_cond_str
2400 l_Restrict, ----l_cond_str
2401 l_S, --l_cond_str
2402 l_U, --l_cond_str
2403 l_all, --l_cond_str
2404
2405 l_Restrict, --l_comm_str
2406 l_true, --l_comm_str
2407 l_U, --l_comm_str
2408 l_FALSE, --l_comm_str
2409 l_true, --l_comm_str
2410 p_assignment_id, --l_comm_str
2411 p_effective_date, --l_comm_str
2412 l_true, --l_comm_str
2413 l_person_id --l_comm_str
2414 ;
2415 else
2416 execute immediate l_exec_str bulk collect into l_security_profie_table_temp
2417 using
2418 l_business_group_id, --l_bggr_str
2419 l_Restrict, --l_asgt_str
2420 l_all, --l_asgt_str
2421 l_Restrict, --l_asgt_str
2422 l_all, --l_asgt_str
2423 l_None, --l_asgt_str
2424
2425 l_position_id, ----l_cond_str
2426 l_all, --l_cond_str
2427 l_Restrict, ----l_cond_str
2428 l_S, --l_cond_str
2429 l_U, --l_cond_str
2430 l_all, --l_cond_str
2431
2432 l_Restrict, --l_comm_str
2433 l_true, --l_comm_str
2434 l_U, --l_comm_str
2435 l_FALSE, --l_comm_str
2436 l_true, --l_comm_str
2437 p_assignment_id, --l_comm_str
2438 p_effective_date, --l_comm_str
2439 l_true, --l_comm_str
2440 l_person_id --l_comm_str
2441 ;
2442 end if;
2443 add_to_cache;
2444 --
2445 exception
2446 --
2447 -- If no data found handle exception so that other
2448 -- inserts can go ahead.
2449 --
2450 when no_data_found then
2451 if g_debug then
2452 hr_utility.set_location(l_proc, 590);
2453 end if;
2454 null;
2455 when others then
2456 if g_debug then
2457 hr_utility.set_location(l_proc, 600);
2458 end if;
2459 raise;
2460 end;
2461 --
2462 -- add to lists which restrict bypayroll and view all - R
2463 -- organization and position
2464 --
2465 begin
2466 --
2467 if g_debug then
2468 hr_utility.set_location(l_proc, 610);
2469 end if;
2470 --
2471 l_from_str := ' from per_security_profiles sec,
2472 pay_payroll_list pay ';
2473 --
2474 l_cond_str := ' pay.security_profile_id = sec.security_profile_id
2475 and pay.payroll_id = :l_payroll_id
2476 and sec.view_all_organizations_flag = :l_all
2477 and sec.view_all_positions_flag = :l_all
2478 and sec.view_all_payrolls_flag = :l_Restrict and ';
2479 --
2480 l_exec_str := l_inst_str||l_from_str||' where '||
2481 l_bggr_str||l_asgt_str||l_cond_str||l_comm_str;
2482 --
2483 if g_debug then
2484 l_exec_str_print:= l_exec_str;
2485 while length(l_exec_str_print)>0 loop
2486 hr_utility.trace(substr(l_exec_str_print,1,70));
2487 l_exec_str_print:=substr(l_exec_str_print,71);
2488 end loop;
2489 End if;
2490 if p_generation_scope = 'ALL_GLOBAL' then
2491 execute immediate l_exec_str bulk collect into l_security_profie_table_temp
2492 using
2493 l_Restrict, --l_asgt_str
2494 l_all, --l_asgt_str
2495 l_Restrict, --l_asgt_str
2496 l_all, --l_asgt_str
2497 l_None, --l_asgt_str
2498
2499 l_payroll_id, ----l_cond_str
2500 l_all, --l_cond_str
2501 l_all, --l_cond_str
2502 l_Restrict, ----l_cond_str
2503
2504 l_Restrict, --l_comm_str
2505 l_true, --l_comm_str
2506 l_U, --l_comm_str
2507 l_FALSE, --l_comm_str
2508 l_true, --l_comm_str
2509 p_assignment_id, --l_comm_str
2510 p_effective_date, --l_comm_str
2511 l_true, --l_comm_str
2512 l_person_id --l_comm_str
2513 ;
2514 else
2515 execute immediate l_exec_str bulk collect into l_security_profie_table_temp
2516 using
2517 l_business_group_id, --l_bggr_str
2518 l_Restrict, --l_asgt_str
2519 l_all, --l_asgt_str
2520 l_Restrict, --l_asgt_str
2521 l_all, --l_asgt_str
2522 l_None, --l_asgt_str
2523
2524 l_payroll_id, ----l_cond_str
2525 l_all, --l_cond_str
2526 l_all, --l_cond_str
2527 l_Restrict, ----l_cond_str
2528
2529 l_Restrict, --l_comm_str
2530 l_true, --l_comm_str
2531 l_U, --l_comm_str
2532 l_FALSE, --l_comm_str
2533 l_true, --l_comm_str
2534 p_assignment_id, --l_comm_str
2535 p_effective_date, --l_comm_str
2536 l_true, --l_comm_str
2537 l_person_id --l_comm_str
2538 ;
2539 end if;
2540 add_to_cache;
2541 --
2542 exception
2543 --
2544 -- If no data found handle exception so that other
2545 -- inserts can go ahead.
2546 --
2547 when no_data_found then
2548 if g_debug then
2549 hr_utility.set_location(l_proc, 620);
2550 end if;
2551 null;
2552 when others then
2553 if g_debug then
2554 hr_utility.set_location(l_proc, 630);
2555 end if;
2556 raise;
2557 end;
2558 --
2559 -- add to any profiles which don't care about org/pos/pay and
2560 -- which have a custom restriction. - N
2561 --
2562 -- Those view alls without a custom restriction are handled
2563 -- by the secure view and so don't need a person list. This with
2564 -- a custom restriction do however need person list data
2565 --
2566 begin
2567 --
2568 if g_debug then
2569 hr_utility.set_location(l_proc, 640);
2570 end if;
2571 --
2572 l_from_str := ' from per_security_profiles sec ';
2573 --
2574 l_cond_str := ' sec.view_all_organizations_flag = :l_all
2575 and sec.view_all_positions_flag = :l_all
2576 and sec.view_all_payrolls_flag = :l_all
2577 and sec.custom_restriction_flag = :l_all
2578 and sec.view_all_flag = :l_Restrict and ';
2579 --
2580 l_exec_str := l_inst_str||l_from_str||' where '||
2581 l_bggr_str||l_asgt_str||l_cond_str||
2582 ' hr_security_internal.evaluate_custom(
2583 :p_assignment_id,sec.restriction_text,
2584 to_date(to_char(:p_effective_date, ''dd/mm/yyyy'')
2585 , ''dd/mm/yyyy'')) = :l_true and not exists (
2586 select 1 from per_person_list ppl
2587 where ppl.person_id =:l_person_id
2588 and ppl.security_profile_id = sec.security_profile_id)';
2589 --
2590 if g_debug then
2591 l_exec_str_print:= l_exec_str;
2592 while length(l_exec_str_print)>0 loop
2593 hr_utility.trace(substr(l_exec_str_print,1,70));
2594 l_exec_str_print:=substr(l_exec_str_print,71);
2595 end loop;
2596 End if;
2597 if p_generation_scope = 'ALL_GLOBAL' then
2598 execute immediate l_exec_str bulk collect into l_security_profie_table_temp
2599 using
2600 l_Restrict, --l_asgt_str
2601 l_all, --l_asgt_str
2602 l_Restrict, --l_asgt_str
2603 l_all, --l_asgt_str
2604 l_None, --l_asgt_str
2605
2606 l_all, --l_cond_str
2607 l_all, --l_cond_str
2608 l_all, --l_cond_str
2609 l_all, --l_cond_str
2610 l_Restrict, ----l_cond_str
2611 p_assignment_id,
2612 p_effective_date,
2613 l_true,
2614 l_person_id
2615 ;
2616 else
2617 execute immediate l_exec_str bulk collect into l_security_profie_table_temp
2618 using
2619 l_business_group_id, --l_bggr_str
2620 l_Restrict, --l_asgt_str
2621 l_all, --l_asgt_str
2622 l_Restrict, --l_asgt_str
2623 l_all, --l_asgt_str
2624 l_None, --l_asgt_str
2625
2626 l_all, --l_cond_str
2627 l_all, --l_cond_str
2628 l_all, --l_cond_str
2629 l_all, --l_cond_str
2630 l_Restrict, ----l_cond_str
2631 p_assignment_id,
2632 p_effective_date,
2633 l_true,
2634 l_person_id
2635 ;
2636 end if;
2637 add_to_cache;
2638 --
2639 exception
2640 --
2641 -- If no data found handle exception so that other
2642 -- inserts can go ahead.
2643 --
2644 when no_data_found then
2645 if g_debug then
2646 hr_utility.set_location(l_proc, 650);
2647 end if;
2648 null;
2649 when others then
2650 if g_debug then
2651 hr_utility.set_location(l_proc, 660);
2652 end if;
2653 raise;
2654 end;
2655 --
2656 -- add to all lists which don't care about organization, - N1
2657 -- Position or Payroll but which do have a custom restriction.
2658 begin
2659 --
2660 if g_debug then
2661 hr_utility.set_location(l_proc, 670);
2662 end if;
2663 --
2664 l_from_str := ' from per_security_profiles sec ';
2665 --
2666 l_cond_str := ' sec.view_all_organizations_flag = :l_all
2667 and sec.view_all_positions_flag = :l_all
2668 and sec.view_all_payrolls_flag = :l_all
2669 and sec.custom_restriction_flag = :l_all
2670 and sec.view_all_flag = :l_Restrict and ';
2671 --
2672 l_exec_str := l_inst_str||l_from_str||' where '||
2673 l_bggr_str||l_asgt_str||l_cond_str||l_comm_str;
2674 --
2675 if g_debug then
2676 l_exec_str_print:= l_exec_str;
2677 while length(l_exec_str_print)>0 loop
2678 hr_utility.trace(substr(l_exec_str_print,1,70));
2679 l_exec_str_print:=substr(l_exec_str_print,71);
2680 end loop;
2681 End if;
2682 if p_generation_scope = 'ALL_GLOBAL' then
2683 execute immediate l_exec_str bulk collect into l_security_profie_table_temp
2684 using
2685 l_Restrict, --l_asgt_str
2686 l_all, --l_asgt_str
2687 l_Restrict, --l_asgt_str
2688 l_all, --l_asgt_str
2689 l_None, --l_asgt_str
2690
2691 l_all, --l_cond_str
2692 l_all, --l_cond_str
2693 l_all, --l_cond_str
2694 l_all, --l_cond_str
2695 l_Restrict, ----l_cond_str
2696
2697 l_Restrict, --l_comm_str
2698 l_true, --l_comm_str
2699 l_U, --l_comm_str
2700 l_FALSE, --l_comm_str
2701 l_true, --l_comm_str
2702 p_assignment_id, --l_comm_str
2703 p_effective_date, --l_comm_str
2704 l_true, --l_comm_str
2705 l_person_id --l_comm_str
2706 ;
2707 else
2708 execute immediate l_exec_str bulk collect into l_security_profie_table_temp
2709 using
2710 l_business_group_id, --l_bggr_str
2711 l_Restrict, --l_asgt_str
2712 l_all, --l_asgt_str
2713 l_Restrict, --l_asgt_str
2714 l_all, --l_asgt_str
2715 l_None, --l_asgt_str
2716
2717 l_all, --l_cond_str
2718 l_all, --l_cond_str
2719 l_all, --l_cond_str
2720 l_all, --l_cond_str
2721 l_Restrict, ----l_cond_str
2722
2723 l_Restrict, --l_comm_str
2724 l_true, --l_comm_str
2725 l_U, --l_comm_str
2726 l_FALSE, --l_comm_str
2727 l_true, --l_comm_str
2728 p_assignment_id, --l_comm_str
2729 p_effective_date, --l_comm_str
2730 l_true, --l_comm_str
2731 l_person_id --l_comm_str
2732 ;
2733 end if;
2734 add_to_cache;
2735 --
2736 exception
2737 --
2738 -- If no data found handle exception so that other
2739 -- inserts can go ahead.
2740 --
2741 when no_data_found then
2742 if g_debug then
2743 hr_utility.set_location(l_proc, 680);
2744 end if;
2745 null;
2746 when others then
2747 if g_debug then
2748 hr_utility.set_location(l_proc, 690);
2749 end if;
2750 raise;
2751 end;
2752 --
2753 end if;
2754 --
2755 end if;
2756 --
2757 if g_debug then
2758 hr_utility.set_location(l_proc, 700);
2759 end if;
2760 --
2761 else
2762 close asg_details;
2763 end if;
2764
2765 if g_debug then
2766 hr_utility.set_location(l_proc, 705);
2767 end if;
2768 insert_cache_to_list;
2769 --
2770 if g_debug then
2771 hr_utility.set_location(l_proc, 710);
2772 end if;
2773 --
2774 hr_security.add_person(l_person_id);
2775 --
2776 if g_debug then
2777 hr_utility.set_location(' Leaving:'||l_proc, 720);
2778 end if;
2779 --
2780 exception
2781 when no_data_found then
2782 if g_debug then
2783 hr_utility.set_location(l_proc, 730);
2784 end if;
2785 --
2786 end add_to_person_list;
2787 --
2788 --
2789 -- ----------------------------------------------------------------------------
2790 -- |--------------------< clear_from_person_list_changes >--------------------|
2791 -- ----------------------------------------------------------------------------
2792 --
2793 procedure clear_from_person_list_changes
2794 (p_person_id in number) is
2795 --
2796 l_proc varchar2(72) := g_package||'clear_from_person_list_changes';
2797 begin
2798 hr_utility.set_location('Entering:'|| l_proc, 10);
2799 --
2800 -- Stubbed out as part of Ex-Person security enhancements.
2801 --
2802 hr_utility.set_location(' Leaving:'||l_proc, 20);
2803 end clear_from_person_list_changes;
2804 --
2805 -- ----------------------------------------------------------------------------
2806 -- |-------------------< re_enter_person_list_changes >-----------------------|
2807 -- ----------------------------------------------------------------------------
2808 --
2809 procedure re_enter_person_list_changes
2810 (p_person_id in number) is
2811 --
2812 l_proc varchar2(72) := g_package||'re_enter_person_list_changes';
2813 --
2814 cursor asg_details is
2815 select asg.person_id
2816 , asg.organization_id
2817 , asg.position_id
2818 , asg.payroll_id
2819 , asg.business_group_id
2820 from per_all_assignments_f asg
2821 where asg.person_id=p_person_id
2822 and ( (asg.assignment_type='E'
2823 and asg.effective_end_date = (select max(p.actual_termination_date)
2824 from per_periods_of_service p
2825 where p.person_id = p_person_id)
2826 ) or
2827 (asg.assignment_type='A'
2828 and asg.effective_end_date = (select max(ap.date_end)
2829 from per_applications ap
2830 where ap.person_id = p_person_id)
2831 ) );
2832 --
2833 l_person_id per_assignments_f.person_id%TYPE;
2834 l_organization_id per_assignments_f.organization_id%TYPE;
2835 l_position_id per_assignments_f.position_id%TYPE;
2836 l_payroll_id per_assignments_f.payroll_id%TYPE;
2837 l_business_group_id per_assignments_f.business_group_id%TYPE;
2838 --
2839 begin
2840 hr_utility.set_location('Entering:'|| l_proc, 10);
2841 --
2842 -- Stubbed out as part of Ex-Person security enhancements.
2843 --
2844 hr_utility.set_location(' Leaving:'||l_proc, 20);
2845 --
2846 end re_enter_person_list_changes;
2847 --
2848 -- ----------------------------------------------------------------------------
2849 -- |----------------------< copy_to_person_list_changes >---------------------|
2850 -- ----------------------------------------------------------------------------
2851 --
2852 procedure copy_to_person_list_changes
2853 (p_person_id in number) is
2854 --
2855 l_proc varchar2(72) := g_package||'copy_to_person_list_changes';
2856 --
2857 begin
2858 hr_utility.set_location('Entering:'|| l_proc, 10);
2859 --
2860 --
2861 -- Stubbed out as part of Ex-Person security enhancements.
2862 --
2863 hr_utility.set_location(' Leaving:'||l_proc, 20);
2864 exception
2865 when NO_DATA_FOUND then
2866 hr_utility.set_location(l_proc, 30);
2867 end copy_to_person_list_changes;
2868 --
2869 -- ----------------------------------------------------------------------------
2870 -- |------------------------< grant_access_to_person >------------------------|
2871 -- ----------------------------------------------------------------------------
2872 --
2873 procedure grant_access_to_person
2874 (p_person_id in number
2875 ,p_granted_user_id in number) is
2876 --
2877 l_proc varchar2(72) := g_package||'grant_access_to_person';
2878 --
2879 cursor chk_person_id is
2880 select 1
2881 from per_all_people_f
2882 where person_id=p_person_id;
2883 --
2884 cursor chk_user_id is
2885 select 1
2886 from fnd_user
2887 where user_id=p_granted_user_id;
2888 --
2889 -- Bug 3770018
2890 -- Now that user based security profiles use the granted_user_id
2891 -- column, the security_profile_id value should be checked.
2892 -- Interestingly revoke_access_from_person was taken care of
2893 -- presumably as part of the user based security changes.
2894 --
2895 cursor chk_person_list is
2896 select 1
2897 from per_person_list
2898 where person_id = p_person_id
2899 and granted_user_id = p_granted_user_id
2900 and security_profile_id is null;
2901 --
2902 l_dummy number;
2903 --
2904 begin
2905 hr_utility.set_location('Entering:'|| l_proc, 10);
2906 --
2907 open chk_person_id;
2908 fetch chk_person_id into l_dummy;
2909 if chk_person_id%notfound then
2910 close chk_person_id;
2911 hr_utility.set_message(800, 'PER_52656_INVALID_PERSON_ID');
2912 hr_utility.raise_error;
2913 else
2914 close chk_person_id;
2915 end if;
2916 --
2917 hr_utility.set_location(l_proc, 20);
2918 --
2919 open chk_user_id;
2920 fetch chk_user_id into l_dummy;
2921 if chk_user_id%notfound then
2922 close chk_user_id;
2923 hr_utility.set_message(800, 'PER_52672_INVALID_USER_ID');
2924 hr_utility.raise_error;
2925 else
2926 close chk_user_id;
2927 end if;
2928 --
2929 hr_utility.set_location(l_proc, 30);
2930 --
2931 -- Bug fix 1680524
2932 --
2933 open chk_person_list;
2934 fetch chk_person_list into l_dummy;
2935 if chk_person_list%notfound then
2936 close chk_person_list;
2937 INSERT INTO PER_PERSON_LIST
2938 (PERSON_ID
2939 ,GRANTED_USER_ID)
2940 values
2941 (p_person_id
2942 ,p_granted_user_id);
2943 else
2944 close chk_person_list;
2945 end if;
2946 --
2947 hr_utility.set_location('Leaving: '||l_proc, 40);
2948 --
2949 end grant_access_to_person;
2950 --
2951 -- ----------------------------------------------------------------------------
2952 -- |----------------------< revoke_access_from_person >-----------------------|
2953 -- ----------------------------------------------------------------------------
2954 --
2955 procedure revoke_access_from_person
2956 (p_person_id in number
2957 ,p_granted_user_id in number default NULL) is
2958 --
2959 l_proc varchar2(72) := g_package||'revoke_access_from_person';
2960 --
2961 begin
2962 hr_utility.set_location('Entering:'|| l_proc, 10);
2963
2964 if p_granted_user_id is not null
2965 then
2966 --
2967 -- If a user id is passed then revoke access for just that user
2968 --
2969 delete from per_person_list
2970 where person_id=p_person_id
2971 and granted_user_id =p_granted_user_id
2972 and security_profile_id is null;
2973 else
2974 --
2975 -- else revoke access for all users.
2976 --
2977 delete from per_person_list
2978 where person_id = p_person_id
2979 and granted_user_id is not null
2980 and security_profile_id is null;
2981 end if;
2982 --
2983 hr_utility.set_location(' Leaving:'||l_proc, 20);
2984 --
2985 end revoke_access_from_person;
2986 --
2987 -- ----------------------------------------------------------------------------
2988 -- |----------------------< op >----------------------------------------------|
2989 -- ----------------------------------------------------------------------------
2990 --
2991 PROCEDURE op
2992 (p_msg IN VARCHAR2)
2993 IS
2994
2995 l_msg VARCHAR2(32000) := p_msg;
2996
2997 BEGIN
2998
2999 IF g_dbg_type IS NOT NULL AND l_msg IS NOT NULL THEN
3000
3001 --
3002 -- Break the output into chunks of 70 characters.
3003 --
3004 WHILE LENGTH(l_msg) > 0 LOOP
3005
3006 IF g_dbg_type = g_PIPE OR g_debug THEN
3007 hr_utility.trace(SUBSTR(l_msg, 1, 70));
3008 ELSIF g_dbg_type = g_FND_LOG THEN
3009 fnd_file.put_line(FND_FILE.log, SUBSTR(l_msg, 1, 70));
3010 END IF;
3011
3012 l_msg := SUBSTR(l_msg, 71);
3013
3014 END LOOP;
3015
3016 END IF;
3017
3018 END op;
3019 --
3020 -- ----------------------------------------------------------------------------
3021 -- |----------------------< op >----------------------------------------------|
3022 -- ----------------------------------------------------------------------------
3023 --
3024 PROCEDURE op
3025 (p_msg IN VARCHAR2
3026 ,p_location IN NUMBER)
3027 IS
3028
3029 l_msg VARCHAR2(32000) := p_msg;
3030
3031 BEGIN
3032
3033 IF g_dbg_type IS NOT NULL AND p_msg IS NOT NULL AND
3034 p_location IS NOT NULL THEN
3035 --
3036 -- Break the output into chunks of 70 characters.
3037 --
3038 WHILE LENGTH(l_msg) > 0 LOOP
3039
3040 IF g_dbg_type = g_PIPE OR g_debug THEN
3041 hr_utility.set_location(SUBSTR(l_msg, 1, 70), p_location);
3042 ELSIF g_dbg_type = g_FND_LOG THEN
3043 fnd_file.put_line(FND_FILE.log, SUBSTR(l_msg, 1, 70)
3044 ||', '||to_char(p_location));
3045 END IF;
3046
3047 l_msg := SUBSTR(l_msg, 71);
3048
3049 END LOOP;
3050
3051 END IF;
3052
3053 END op;
3054 --
3055 -- ----------------------------------------------------------------------------
3056 -- |----------------------< session_context_changed >-------------------------|
3057 -- ----------------------------------------------------------------------------
3058 --
3059 FUNCTION session_context_changed
3060 RETURN BOOLEAN IS
3061
3062 BEGIN
3063
3064 --
3065 -- Check whether the local cached version of the session context
3066 -- differs to the AOL session context.
3067 -- This is the most aggressive form of session change identification
3068 -- as the session_context should increment for each
3069 -- fnd_global.apps_initialise call.
3070 --
3071 -- This procedure is used primarily for ADF applications, where database
3072 -- sessions (and therefore cached PL/SQL values) are pooled and can
3073 -- be reused by a user that may have entirely different security permissions
3074 -- and contexts (such as fnd profile options).
3075 --
3076 -- This is not relevant for PUI applications and new database sessions are
3077 -- always created, not reused.
3078 --
3079 -- No debug output is added here because this is called in each
3080 -- iteration of the secure view.
3081 --
3082 IF g_session_context IS NULL OR
3083 fnd_global.session_context IS NULL OR
3084 g_session_context <> fnd_global.session_context THEN
3085 RETURN TRUE;
3086 ELSE
3087 RETURN FALSE;
3088 END IF;
3089
3090 END session_context_changed;
3091 --
3092 -- ----------------------------------------------------------------------------
3093 -- |----------------------< sync_session_context >----------------------------|
3094 -- ----------------------------------------------------------------------------
3095 --
3096 PROCEDURE sync_session_context
3097 IS
3098
3099 BEGIN
3100
3101 --
3102 -- Cache the AOL session context locally.
3103 --
3104 g_session_context := fnd_global.session_context;
3105
3106 END sync_session_context;
3107 --
3108 -- ----------------------------------------------------------------------------
3109 -- |----------------------< restricted_orgs >---------------------------------|
3110 -- ----------------------------------------------------------------------------
3111 --
3112 FUNCTION restricted_orgs
3113 (p_sec_prof_rec IN g_sec_prof_r)
3114 RETURN BOOLEAN IS
3115
3116 BEGIN
3117
3118 --
3119 -- Protect against null parameters.
3120 --
3121 IF p_sec_prof_rec.security_profile_id IS NOT NULL THEN
3122
3123 IF p_sec_prof_rec.view_all_flag = 'N' AND
3124 p_sec_prof_rec.view_all_organizations_flag = 'N' AND
3125 p_sec_prof_rec.org_security_mode = 'HIER' THEN
3126 RETURN TRUE;
3127 END IF;
3128
3129 END IF;
3130
3131 RETURN FALSE;
3132
3133 END restricted_orgs;
3134 --
3135 -- ----------------------------------------------------------------------------
3136 -- |----------------------< restricted_pos >----------------------------------|
3137 -- ----------------------------------------------------------------------------
3138 --
3139 FUNCTION restricted_pos
3140 (p_sec_prof_rec IN g_sec_prof_r)
3141 RETURN BOOLEAN IS
3142
3143 BEGIN
3144
3145 --
3146 -- Protect against null parameters.
3147 --
3148 IF p_sec_prof_rec.security_profile_id IS NOT NULL THEN
3149
3150 IF p_sec_prof_rec.view_all_flag = 'N' AND
3151 p_sec_prof_rec.view_all_positions_flag = 'N' THEN
3152 RETURN TRUE;
3153 END IF;
3154
3155 END IF;
3156
3157 RETURN FALSE;
3158
3159 END restricted_pos;
3160 --
3161 -- ----------------------------------------------------------------------------
3162 -- |----------------------< restricted_pays >---------------------------------|
3163 -- ----------------------------------------------------------------------------
3164 --
3165 FUNCTION restricted_pays
3166 (p_sec_prof_rec IN g_sec_prof_r)
3167 RETURN BOOLEAN IS
3168
3169 BEGIN
3170
3171 --
3172 -- Protect against null parameters.
3173 --
3174 IF p_sec_prof_rec.security_profile_id IS NOT NULL THEN
3175
3176 IF p_sec_prof_rec.view_all_flag = 'N' AND
3177 p_sec_prof_rec.view_all_payrolls_flag = 'N' THEN
3178 RETURN TRUE;
3179 END IF;
3180
3181 END IF;
3182
3183 RETURN FALSE;
3184
3185 END restricted_pays;
3186 --
3187 -- ----------------------------------------------------------------------------
3188 -- |----------------------< restricted_pers >---------------------------------|
3189 -- ----------------------------------------------------------------------------
3190 --
3191 function restricted_pers(p_sec_prof_rec in g_sec_prof_r)
3192 return boolean is
3193 --
3194 begin
3195 -- Protect against null parameters.
3196 if p_sec_prof_rec.security_profile_id is not null then
3197 -- Determine whether this security profile can see everyone
3198 -- without needing to evaluate permissions person by person.
3199 if p_sec_prof_rec.view_all_flag = 'N' and
3200 (p_sec_prof_rec.view_all_employees_flag <> 'Y' or
3201 p_sec_prof_rec.view_all_cwk_flag <> 'Y' or
3202 p_sec_prof_rec.view_all_applicants_flag <> 'Y' or
3203 p_sec_prof_rec.view_all_contacts_flag <> 'Y' or
3204 p_sec_prof_rec.view_all_candidates_flag <> 'Y') and
3205 (restricted_orgs(p_sec_prof_rec) or
3206 restricted_pos (p_sec_prof_rec) or
3207 restricted_pays(p_sec_prof_rec) or
3208 p_sec_prof_rec.restrict_by_supervisor_flag <> 'N' or
3209 p_sec_prof_rec.custom_restriction_flag <> 'N' or
3210 p_sec_prof_rec.exclude_person_flag <> 'N' or
3211 p_sec_prof_rec.named_person_id is not null) then
3212 --
3213 return true;
3214 --
3215 end if;
3216 --
3217 end if;
3218 --
3219 return false;
3220 --
3221 end restricted_pers;
3222 --
3223 -- ----------------------------------------------------------------------------
3224 -- |----------------------< show_organization >-------------------------------|
3225 -- ----------------------------------------------------------------------------
3226 --
3227 FUNCTION show_organization
3228 (p_organization_id IN NUMBER)
3229 RETURN VARCHAR2 IS
3230
3231 BEGIN
3232
3233 --
3234 -- Protect against incorrect passed parameters.
3235 --
3236 IF p_organization_id IS NOT NULL THEN
3237 --
3238 -- Check the org is in the cache. Note that this function assumes
3239 -- that this is a restricted profile and assumes the relevant
3240 -- view all flags have been checked as a pre-requisite.
3241 --
3242 IF g_org_tbl.EXISTS(p_organization_id) THEN
3243 RETURN 'TRUE';
3244 END IF;
3245 END IF;
3246
3247 RETURN 'FALSE';
3248
3249 END show_organization;
3250 --
3251 -- ----------------------------------------------------------------------------
3252 -- |----------------------< show_position >-----------------------------------|
3253 -- ----------------------------------------------------------------------------
3254 --
3255 FUNCTION show_position
3256 (p_position_id IN NUMBER)
3257 RETURN VARCHAR2 IS
3258
3259 BEGIN
3260
3261 --
3262 -- Protect against incorrect passed parameters.
3263 --
3264 IF p_position_id IS NOT NULL THEN
3265 --
3266 -- Check the pos is in the cache. Note that this function assumes
3267 -- that this is a restricted profile and assumes the relevant
3268 -- view all flags have been checked as a pre-requisite.
3269 --
3270 IF g_pos_tbl.EXISTS(p_position_id) THEN
3271 RETURN 'TRUE';
3272 END IF;
3273 END IF;
3274
3275 RETURN 'FALSE';
3276
3277 END show_position;
3278 --
3279 -- ----------------------------------------------------------------------------
3280 -- |----------------------< show_payroll >------------------------------------|
3281 -- ----------------------------------------------------------------------------
3282 --
3283 FUNCTION show_payroll
3284 (p_payroll_id IN NUMBER)
3285 RETURN VARCHAR2 IS
3286
3287 BEGIN
3288
3289 --
3290 -- Protect against incorrect passed parameters.
3291 --
3292 IF p_payroll_id IS NOT NULL THEN
3293 --
3294 -- Check the pay is in the cache. Note that this function assumes
3295 -- that this is a restricted profile and assumes the relevant
3296 -- view all flags have been checked as a pre-requisite.
3297 --
3298 IF g_pay_tbl.EXISTS(p_payroll_id) THEN
3299 RETURN 'TRUE';
3300 END IF;
3301 END IF;
3302
3303 RETURN 'FALSE';
3304
3305 END show_payroll;
3306 --
3307 -- ----------------------------------------------------------------------------
3308 -- |----------------------< get_assignments >---------------------------------|
3309 -- ----------------------------------------------------------------------------
3310 --
3311 FUNCTION get_assignments
3312 (p_person_id IN NUMBER
3313 ,p_effective_date IN DATE)
3314 RETURN g_assignments_t IS
3315
3316 --
3317 -- Local variable declarations.
3318 --
3319 l_assignments_tbl g_assignments_t;
3320 l_already_cached BOOLEAN := FALSE;
3321 l_proc VARCHAR2(72) := g_package||'get_assignments';
3322 j NUMBER := 1;
3323
3324 --
3325 -- Fetches the assignments for the given person.
3326 -- Applicant and Benefits assignments are excluded
3327 -- as these types of assignments do not have any
3328 -- user permissions.
3329 --
3330 CURSOR csr_assignments_for_per IS
3331 SELECT *
3332 FROM per_all_assignments_f paaf
3333 WHERE paaf.person_id = p_person_id
3334 AND p_effective_date BETWEEN
3335 paaf.effective_start_date AND paaf.effective_end_date
3336 AND paaf.assignment_type NOT IN ('A','B');
3337
3338 BEGIN
3339
3340 IF g_dbg THEN op('Entering: '||l_proc, 1); END IF;
3341
3342 --
3343 -- Protect against the in parameters being null.
3344 --
3345 IF p_person_id IS NOT NULL AND p_effective_date IS NOT NULL THEN
3346 --
3347 -- Look for the person in the existing cache. If they exist
3348 -- get the assignment details from the cache, otherwise
3349 -- fetch the details and cache them.
3350 --
3351 IF g_dbg THEN op(l_proc, 20); END IF;
3352
3353 IF g_assignments_tbl.COUNT > 0 THEN
3354 --
3355 -- Enumerate through the varray to see if this person's
3356 -- details are already cached.
3357 --
3358 -- An Oracle 9i feature that could be used here (but cannot
3359 -- at the time of writing this because 8i is supported in 11i)
3360 -- is nested PL/SQL collections: nesting a table of assignments
3361 -- within a table of people. This would enhance performance
3362 -- if the index was the assignment_id for the assignment
3363 -- collection and the person_id for the person collection
3364 -- because the person_id is known, so it would be possible
3365 -- to directly access all assignments for a person without
3366 -- running through the table of people.
3367 --
3368 IF g_dbg THEN op(l_proc, 30); END IF;
3369
3370 FOR i IN g_assignments_tbl.FIRST..g_assignments_tbl.LAST LOOP
3371 IF p_person_id = g_assignments_tbl(i).person_id THEN
3372 l_assignments_tbl(j) := g_assignments_tbl(i);
3373 j := j + 1;
3374 l_already_cached := TRUE;
3375 END IF;
3376 END LOOP;
3377 END IF;
3378
3379 IF g_dbg THEN op(l_proc, 40); END IF;
3380
3381 IF NOT l_already_cached THEN
3382 --
3383 -- Fetch the assignments. Bulk collect would not perform better
3384 -- considering the number of assignments a person will typically
3385 -- have: few. As Oracle 8i is still supported at the time of
3386 -- writing, it is not possible to bulk collect into a collection
3387 -- so instead it would be necessary to fetch into individual
3388 -- collections of scalars if bulk collect was to be used.
3389 --
3390 IF g_dbg THEN op(l_proc, 50); END IF;
3391 j := 1;
3392 FOR asg_rec IN csr_assignments_for_per LOOP
3393 l_assignments_tbl(j) := asg_rec;
3394 g_assignments_tbl(g_assignments_tbl.COUNT + 1) := asg_rec;
3395 j := j + 1;
3396 END LOOP;
3397 END IF;
3398 END IF;
3399
3400 IF g_dbg THEN op('Leaving: '||l_proc, 999); END IF;
3401
3402 RETURN l_assignments_tbl;
3403
3404 END get_assignments;
3405 --
3406 -- ----------------------------------------------------------------------------
3407 -- |----------------------< org_access_known >--------------------------------|
3408 -- ----------------------------------------------------------------------------
3409 --
3410 FUNCTION org_access_known
3411 RETURN BOOLEAN IS
3412
3413 BEGIN
3414
3415 --
3416 -- In a session pooling environment, database sessions are re-used and
3417 -- session cache is not necessarily flushed out of memory, so if the
3418 -- apps_initialise session has changed this should trigger a re-evaluation
3419 -- of security permissions and this should return FALSE.
3420 --
3421 IF session_context_changed THEN
3422 RETURN FALSE;
3423 END IF;
3424
3425 --
3426 -- The session is current, so return the global flag that indicates whether
3427 -- organization security permissions are known for the user currently cached
3428 -- in memory.
3429 --
3430 -- No debug output is added here because this is called in each
3431 -- iteration of the secure view.
3432 --
3433 RETURN g_access_known_rec.org;
3434
3435 END org_access_known;
3436 --
3437 -- ----------------------------------------------------------------------------
3438 -- |----------------------< pos_access_known >--------------------------------|
3439 -- ----------------------------------------------------------------------------
3440 --
3441 FUNCTION pos_access_known
3442 RETURN BOOLEAN IS
3443
3444 BEGIN
3445
3446 --
3447 -- In a session pooling environment, database sessions are re-used and
3448 -- session cache is not necessarily flushed out of memory, so if the
3449 -- apps_initialise session has changed this should trigger a re-evaluation
3450 -- of security permissions and this should return FALSE.
3451 --
3452 IF session_context_changed THEN
3453 RETURN FALSE;
3454 END IF;
3455
3456 --
3457 -- The session is current, so return the global flag that indicates
3458 -- whether position security permissions are known for the user
3459 -- currently cached in memory.
3460 --
3461 -- No debug output is added here because this is called in each
3462 -- iteration of the secure view.
3463 --
3464 RETURN g_access_known_rec.pos;
3465
3466 END pos_access_known;
3467 --
3468 -- ----------------------------------------------------------------------------
3469 -- |----------------------< pay_access_known >--------------------------------|
3470 -- ----------------------------------------------------------------------------
3471 --
3472 FUNCTION pay_access_known
3473 RETURN BOOLEAN IS
3474
3475 BEGIN
3476
3477 --
3478 -- In a session pooling environment, database sessions are re-used and
3479 -- session cache is not necessarily flushed out of memory, so if the
3480 -- apps_initialise session has changed this should trigger a re-evaluation
3481 -- of security permissions and this should return FALSE.
3482 --
3483 IF session_context_changed THEN
3484 RETURN FALSE;
3485 END IF;
3486
3487 --
3488 -- The session is current, so return the global flag that indicates
3489 -- whether payroll security permissions are known for the user
3490 -- currently cached in memory.
3491 --
3492 -- No debug output is added here because this is called in each
3493 -- iteration of the secure view.
3494 --
3495 RETURN g_access_known_rec.pay;
3496
3497 END pay_access_known;
3498 --
3499 -- ----------------------------------------------------------------------------
3500 -- |----------------------< per_access_known >--------------------------------|
3501 -- ----------------------------------------------------------------------------
3502 --
3503 FUNCTION per_access_known
3504 RETURN BOOLEAN IS
3505
3506 BEGIN
3507
3508 --
3509 -- In a session pooling environment, database sessions are re-used and
3510 -- session cache is not necessarily flushed out of memory, so if the
3511 -- apps_initialise session has changed this should trigger a re-evaluation
3512 -- of security permissions and this should return FALSE.
3513 --
3514 IF session_context_changed THEN
3515 RETURN FALSE;
3516 END IF;
3517
3518 --
3519 -- The session is current, so return the global flag that indicates whether
3520 -- person security permissions are known for the user currently cached
3521 -- in memory.
3522 --
3523 -- No debug output is added here because this is called in each
3524 -- iteration of the secure view.
3525 --
3526 RETURN g_access_known_rec.per;
3527
3528 END per_access_known;
3529 --
3530 -- ----------------------------------------------------------------------------
3531 -- |----------------------< get_org_structure_version >-----------------------|
3532 -- ----------------------------------------------------------------------------
3533 --
3534 FUNCTION get_org_structure_version
3535 (p_organization_structure_id IN NUMBER
3536 ,p_effective_date IN DATE)
3537 RETURN NUMBER IS
3538
3539 --
3540 -- Local variables.
3541 --
3542 l_org_structure_version_id NUMBER;
3543 l_proc VARCHAR2(72) := g_package||'get_org_structure_version';
3544
3545 --
3546 -- Get the effective hierarchy version for the given hierarchy
3547 -- structure.
3548 --
3549 CURSOR csr_get_hier_ver IS
3550 SELECT posv.org_structure_version_id
3551 FROM per_org_structure_versions posv
3552 WHERE posv.organization_structure_id = p_organization_structure_id
3553 AND p_effective_date BETWEEN
3554 posv.date_from AND NVL(posv.date_to, hr_general.end_of_time);
3555
3556 BEGIN
3557
3558 IF g_dbg THEN op('Entering: '||l_proc, 1); END IF;
3559
3560 IF p_organization_structure_id IS NOT NULL AND
3561 p_effective_date IS NOT NULL THEN
3562 --
3563 -- Fetch the hierarchy version. This will not return a row
3564 -- if there is no effective hierarchy version.
3565 --
3566 IF g_dbg THEN op(l_proc, 20); END IF;
3567
3568 OPEN csr_get_hier_ver;
3569 FETCH csr_get_hier_ver INTO l_org_structure_version_id;
3570 CLOSE csr_get_hier_ver;
3571
3572 END IF;
3573
3574 IF g_dbg THEN op('Leaving: '||l_proc, 999); END IF;
3575
3576 RETURN l_org_structure_version_id;
3577
3578 END get_org_structure_version;
3579 --
3580 -- ----------------------------------------------------------------------------
3581 -- |----------------------< get_pos_structure_version >-----------------------|
3582 -- ----------------------------------------------------------------------------
3583 --
3584 FUNCTION get_pos_structure_version
3585 (p_position_structure_id IN NUMBER
3586 ,p_effective_date IN DATE)
3587 RETURN NUMBER IS
3588
3589 --
3590 -- Local variables.
3591 --
3592 l_pos_structure_version_id NUMBER;
3593 l_proc VARCHAR2(72) := g_package||'get_pos_structure_version';
3594
3595 --
3596 -- Get the effective hierarchy version for the given hierarchy
3597 -- structure.
3598 --
3599 CURSOR csr_get_hier_ver IS
3600 SELECT ppsv.pos_structure_version_id
3601 FROM per_pos_structure_versions ppsv
3602 WHERE ppsv.position_structure_id = p_position_structure_id
3603 AND p_effective_date BETWEEN
3604 ppsv.date_from AND NVL(ppsv.date_to, hr_general.end_of_time);
3605
3606 BEGIN
3607
3608 IF g_dbg THEN op('Entering: '||l_proc, 1); END IF;
3609
3610 IF p_position_structure_id IS NOT NULL AND
3611 p_effective_date IS NOT NULL THEN
3612 --
3613 -- Fetch the hierarchy version. This will not return a row
3614 -- if there is no effective hierarchy version.
3615 --
3616 IF g_dbg THEN op(l_proc, 20); END IF;
3617
3618 OPEN csr_get_hier_ver;
3619 FETCH csr_get_hier_ver INTO l_pos_structure_version_id;
3620 CLOSE csr_get_hier_ver;
3621
3622 END IF;
3623
3624 IF g_dbg THEN op('Leaving: '||l_proc, 999); END IF;
3625
3626 RETURN l_pos_structure_version_id;
3627
3628 END get_pos_structure_version;
3629 --
3630 -- ----------------------------------------------------------------------------
3631 -- |----------------------< add_hier_orgs_to_cache >--------------------------|
3632 -- ----------------------------------------------------------------------------
3633 --
3634 PROCEDURE add_hier_orgs_to_cache
3635 (p_top_organization_id IN NUMBER
3636 ,p_org_structure_version_id IN NUMBER
3637 ,p_include_top_org_flag IN VARCHAR2)
3638 IS
3639
3640 --
3641 -- Local variables.
3642 --
3643 l_temp_org_tbl g_number_t;
3644 l_proc VARCHAR2(72) := g_package||'add_hier_orgs_to_cache';
3645 l_dummy NUMBER;
3646
3647 --
3648 -- Get all the organizations in the hierarchy given a top
3649 -- organization and a hierarchy version.
3650 --
3651 CURSOR csr_get_orgs_in_hier IS
3652 SELECT o.organization_id_child
3653 FROM per_org_structure_elements o
3654 CONNECT BY o.organization_id_parent = PRIOR o.organization_id_child
3655 AND o.org_structure_version_id = PRIOR o.org_structure_version_id
3656 START WITH o.organization_id_parent = p_top_organization_id
3657 AND o.org_structure_version_id = p_org_structure_version_id;
3658
3659 --
3660 -- Check if the top organization is in the hierarchy.
3661 --
3662 CURSOR csr_top_org_in_hier IS
3663 SELECT NULL
3664 FROM per_org_structure_elements o
3665 WHERE o.org_structure_version_id = p_org_structure_version_id
3666 AND o.organization_id_child = p_top_organization_id
3667 AND rownum = 1;
3668
3669 BEGIN
3670
3671 IF g_dbg THEN op('Entering: '||l_proc, 1); END IF;
3672
3673 IF p_top_organization_id IS NOT NULL AND
3674 p_org_structure_version_id IS NOT NULL AND
3675 p_include_top_org_flag IS NOT NULL THEN
3676 --
3677 -- Traverse the organization hierarchy and fetch
3678 -- the orgs into a temporary collection.
3679 --
3680 IF g_dbg THEN op(l_proc, 20); END IF;
3681
3682 OPEN csr_get_orgs_in_hier;
3683 FETCH csr_get_orgs_in_hier BULK COLLECT INTO l_temp_org_tbl;
3684 CLOSE csr_get_orgs_in_hier;
3685
3686 IF g_dbg THEN op(l_proc, 30); END IF;
3687
3688 IF l_temp_org_tbl.COUNT > 0 THEN
3689 --
3690 -- Enumerate through the temporary table and re-order
3691 -- the list of orgs into the global cache so that the
3692 -- index is the org_id. This allows for direct index
3693 -- access.
3694 --
3695 IF g_dbg THEN op(l_proc, 40); END IF;
3696
3697 FOR i IN l_temp_org_tbl.FIRST..l_temp_org_tbl.LAST LOOP
3698 IF NOT g_org_tbl.EXISTS(l_temp_org_tbl(i)) THEN
3699 g_org_tbl(l_temp_org_tbl(i)) := TRUE;
3700 END IF;
3701 END LOOP;
3702 END IF;
3703
3704 IF g_dbg THEN op(l_proc, 50); END IF;
3705
3706 IF p_include_top_org_flag = 'Y' THEN
3707 --
3708 -- Add the top organization into the org cache.
3709 --
3710 -- The top organization should only be added when it
3711 -- does actually exist in the organization hierarchy.
3712 --
3713 -- If there are other orgs in the hierarchy (ie, if
3714 -- l_temp_org_tbl contains any rows) the top org
3715 -- can be added immediately to the cache.
3716 --
3717 -- If the top org does not have any subordinate orgs
3718 -- (ie, if l_temp_org_tbl contains no rows) it is
3719 -- necessary to verify that the top org does in fact
3720 -- exist in the hierarchy at all before adding it
3721 -- to the cache.
3722 --
3723 IF l_temp_org_tbl.COUNT > 0 THEN
3724 --
3725 -- The top org exists in the hierarchy so it is
3726 -- added straight into the cache.
3727 --
3728 IF g_dbg THEN op(l_proc, 60); END IF;
3729
3730 IF NOT g_org_tbl.EXISTS(p_top_organization_id) THEN
3731 g_org_tbl(p_top_organization_id) := TRUE;
3732 END IF;
3733
3734 ELSE
3735 --
3736 -- Verify that the top org exists in the hierarchy
3737 -- before adding it to the cache.
3738 --
3739 IF g_dbg THEN op(l_proc, 70); END IF;
3740
3741 OPEN csr_top_org_in_hier;
3742 FETCH csr_top_org_in_hier INTO l_dummy;
3743 IF csr_top_org_in_hier%FOUND THEN
3744 --
3745 -- The top org is in the hierarchy so add it
3746 -- to the cache.
3747 --
3748 IF g_dbg THEN op(l_proc, 80); END IF;
3749
3750 IF NOT g_org_tbl.EXISTS(p_top_organization_id) THEN
3751 g_org_tbl(p_top_organization_id) := TRUE;
3752 END IF;
3753 END IF;
3754 CLOSE csr_top_org_in_hier;
3755 END IF;
3756 END IF;
3757 END IF;
3758
3759 IF g_dbg THEN op('Leaving: '||l_proc, 999); END IF;
3760
3761 END add_hier_orgs_to_cache;
3762 --
3763 -- ----------------------------------------------------------------------------
3764 -- |----------------------< positions_org_visible >---------------------------|
3765 -- ----------------------------------------------------------------------------
3766 --
3767 FUNCTION positions_org_visible
3768 (p_position_id IN NUMBER
3769 ,p_effective_date IN DATE)
3770 RETURN BOOLEAN IS
3771
3772 --
3773 -- Local variables.
3774 --
3775 l_proc VARCHAR2(72) := g_package||'positions_org_visible';
3776 l_position_id NUMBER;
3777
3778 --
3779 -- Determines whether this position's organization is visible.
3780 --
3781 CURSOR csr_pos_org_visible IS
3782 SELECT hapf.position_id
3783 FROM hr_all_positions_f hapf
3784 WHERE hapf.position_id = p_position_id
3785 AND p_effective_date BETWEEN
3786 hapf.effective_start_date AND hapf.effective_end_date
3787 AND hr_security_internal.show_organization
3788 (hapf.organization_id) = 'TRUE';
3789
3790 BEGIN
3791
3792 IF g_dbg THEN op('Entering: '||l_proc, 1); END IF;
3793
3794 IF p_position_id IS NOT NULL AND p_effective_date IS NOT NULL THEN
3795 OPEN csr_pos_org_visible;
3796 FETCH csr_pos_org_visible INTO l_position_id;
3797 CLOSE csr_pos_org_visible;
3798 END IF;
3799
3800 IF g_dbg THEN op('Leaving: '||l_proc, 999); END IF;
3801
3802 RETURN (l_position_id IS NOT NULL);
3803
3804 END positions_org_visible;
3805 --
3806 -- ----------------------------------------------------------------------------
3807 -- |----------------------< add_hier_pos_to_cache >---------------------------|
3808 -- ----------------------------------------------------------------------------
3809 --
3810 PROCEDURE add_hier_pos_to_cache
3811 (p_top_position_id IN NUMBER
3812 ,p_pos_structure_version_id IN NUMBER
3813 ,p_include_top_position_flag IN VARCHAR2
3814 ,p_effective_date IN DATE
3815 ,p_restricted_orgs IN BOOLEAN)
3816 IS
3817
3818 l_temp_pos_tbl g_number_t;
3819 l_proc VARCHAR2(72) := g_package||'add_hier_pos_to_cache';
3820 l_dummy NUMBER;
3821
3822 --
3823 -- Get the restricted positions in the hierarchy given a top
3824 -- position and a hierarchy version. This cursor uses
3825 -- organization security to only allow positions whose
3826 -- organization can be seen.
3827 --
3828 CURSOR csr_get_restricted_pos IS
3829 SELECT p.subordinate_position_id
3830 FROM per_pos_structure_elements p
3831 CONNECT BY p.parent_position_id = PRIOR p.subordinate_position_id
3832 AND p.pos_structure_version_id = PRIOR p.pos_structure_version_id
3833 START WITH p.parent_position_id = p_top_position_id
3834 AND p.pos_structure_version_id = p_pos_structure_version_id
3835 AND EXISTS
3836 (SELECT null
3837 FROM hr_all_positions_f hapf
3838 WHERE hapf.position_id = p.subordinate_position_id
3839 AND p_effective_date BETWEEN
3840 hapf.effective_start_date AND hapf.effective_end_date
3841 AND hr_security_internal.show_organization
3842 (hapf.organization_id) = 'TRUE');
3843
3844 --
3845 -- Get all the positions in the hierarchy given a top
3846 -- position and a hierarchy version. This cursor does
3847 -- not secure by organizations.
3848 --
3849 CURSOR csr_get_all_pos IS
3850 SELECT p.subordinate_position_id
3851 FROM per_pos_structure_elements p
3852 CONNECT BY p.parent_position_id = PRIOR p.subordinate_position_id
3853 AND p.pos_structure_version_id = PRIOR p.pos_structure_version_id
3854 START WITH p.parent_position_id = p_top_position_id
3855 AND p.pos_structure_version_id = p_pos_structure_version_id;
3856
3857 --
3858 -- Check if the top position is in the hierarchy.
3859 --
3860 CURSOR csr_top_pos_in_hier IS
3861 SELECT NULL
3862 FROM per_pos_structure_elements p
3863 WHERE p.pos_structure_version_id = p_pos_structure_version_id
3864 AND p.subordinate_position_id = p_top_position_id
3865 AND rownum = 1;
3866
3867 BEGIN
3868
3869 IF g_dbg THEN op('Entering: '||l_proc, 1); END IF;
3870
3871 IF p_top_position_id IS NOT NULL AND
3872 p_pos_structure_version_id IS NOT NULL AND
3873 p_include_top_position_flag IS NOT NULL AND
3874 p_effective_date IS NOT NULL AND
3875 p_restricted_orgs IS NOT NULL THEN
3876 --
3877 -- Traverse the position hierarchy and fetch
3878 -- the positions into a temporary collection.
3879 -- If restricting on organizations, use a cursor
3880 -- that uses show_organization.
3881 --
3882 IF p_restricted_orgs THEN
3883 IF g_dbg THEN op(l_proc, 20); END IF;
3884 OPEN csr_get_restricted_pos;
3885 FETCH csr_get_restricted_pos BULK COLLECT INTO l_temp_pos_tbl;
3886 CLOSE csr_get_restricted_pos;
3887 ELSE
3888 IF g_dbg THEN op(l_proc, 30); END IF;
3889 OPEN csr_get_all_pos;
3890 FETCH csr_get_all_pos BULK COLLECT INTO l_temp_pos_tbl;
3891 CLOSE csr_get_all_pos;
3892 END IF;
3893
3894 IF g_dbg THEN op(l_proc, 40); END IF;
3895
3896 IF l_temp_pos_tbl.COUNT > 0 THEN
3897 --
3898 -- Enumerate through the temporary table and re-order
3899 -- the list of positions into the global cache so that the
3900 -- index is the pos_id. This allows for direct index
3901 -- access.
3902 --
3903 IF g_dbg THEN op(l_proc, 50); END IF;
3904
3905 FOR i IN l_temp_pos_tbl.FIRST..l_temp_pos_tbl.LAST LOOP
3906 IF NOT g_pos_tbl.EXISTS(l_temp_pos_tbl(i)) THEN
3907 g_pos_tbl(l_temp_pos_tbl(i)) := TRUE;
3908 END IF;
3909 END LOOP;
3910
3911 IF g_dbg THEN op(l_proc, 60); END IF;
3912
3913 IF p_include_top_position_flag = 'Y' AND
3914 ((NOT p_restricted_orgs) OR
3915 (p_restricted_orgs AND
3916 positions_org_visible(p_top_position_id, p_effective_date)))
3917 THEN
3918 --
3919 -- Add the top position into the cache.
3920 --
3921 IF g_dbg THEN op(l_proc, 70); END IF;
3922
3923 IF NOT g_pos_tbl.EXISTS(p_top_position_id) THEN
3924 g_pos_tbl(p_top_position_id) := TRUE;
3925 END IF;
3926 END IF;
3927 END IF;
3928
3929 IF g_dbg THEN op(l_proc, 60); END IF;
3930
3931 IF p_include_top_position_flag = 'Y' AND
3932 ((NOT p_restricted_orgs) OR
3933 (p_restricted_orgs AND
3934 positions_org_visible(p_top_position_id, p_effective_date)))
3935 THEN
3936 --
3937 -- Add the top position into the position cache.
3938 --
3939 -- The top position should only be added when it
3940 -- does actually exist in the position hierarchy
3941 -- and when the position's org is visible.
3942 --
3943 -- If there are other positions in the hierarchy (ie, if
3944 -- l_temp_pos_tbl contains any rows) the top position
3945 -- can be added immediately to the cache.
3946 --
3947 -- If the top pos does not have any subordinate positions
3948 -- (ie, if l_temp_pos_tbl contains no rows) it is
3949 -- necessary to verify that the top pos does in fact
3950 -- exist in the hierarchy at all before adding it
3951 -- to the cache.
3952 --
3953 IF l_temp_pos_tbl.COUNT > 0 THEN
3954 --
3955 -- The top pos exists in the hierarchy so it is
3956 -- added straight into the cache.
3957 --
3958 IF g_dbg THEN op(l_proc, 70); END IF;
3959
3960 IF NOT g_pos_tbl.EXISTS(p_top_position_id) THEN
3961 g_pos_tbl(p_top_position_id) := TRUE;
3962 END IF;
3963
3964 ELSE
3965 --
3966 -- Verify that the top pos exists in the hierarchy
3967 -- before adding it to the cache.
3968 --
3969 IF g_dbg THEN op(l_proc, 80); END IF;
3970
3971 OPEN csr_top_pos_in_hier;
3972 FETCH csr_top_pos_in_hier INTO l_dummy;
3973 IF csr_top_pos_in_hier%FOUND THEN
3974 --
3975 -- The top pos is in the hierarchy so add it
3976 -- to the cache.
3977 --
3978 IF g_dbg THEN op(l_proc, 90); END IF;
3979
3980 IF NOT g_pos_tbl.EXISTS(p_top_position_id) THEN
3981 g_pos_tbl(p_top_position_id) := TRUE;
3982 END IF;
3983 END IF;
3984 CLOSE csr_top_pos_in_hier;
3985 END IF;
3986 END IF;
3987 END IF;
3988
3989 IF g_dbg THEN op('Leaving: '||l_proc, 999); END IF;
3990
3991 END add_hier_pos_to_cache;
3992 --
3993 -- ----------------------------------------------------------------------------
3994 -- |----------------------< add_contacts_to_cache >---------------------------|
3995 -- ----------------------------------------------------------------------------
3996 --
3997 procedure add_contacts_to_cache(
3998 p_effective_date in date
3999 ,p_business_group_id in number
4000 ) is
4001 -- Local variables.
4002 l_proc varchar2(72) := g_package||'add_contacts_to_cache';
4003 l_temp_per_tbl g_number_t;
4004 l_temp_per_tbl2 g_boolean_t;
4005 i number;
4006 k number;
4007 -- Gets all the related contacts for a particular person.
4008 -- The contacts must not have any assignments because
4009 -- assignments are evaluated at an earlier point in the process.
4010 cursor csr_related_contacts(p_person_id in number) is
4011 select pcr.contact_person_id
4012 from per_contact_relationships pcr
4013 where pcr.person_id = p_person_id
4014 and p_effective_date between pcr.date_start
4015 and nvl(pcr.date_end, hr_api.g_eot)
4016 and not exists
4017 (select null
4018 from per_all_assignments_f paaf
4019 where paaf.person_id = pcr.contact_person_id
4020 and paaf.ASSIGNMENT_TYPE <> 'B'); -- Bug 4450149
4021 -- Gets all unrelated contacts (excluding the candidates - registered
4022 -- users from iRec) for the business group, or globally if using a global
4023 -- profile. The people cannot have any current or historical assignments.
4024 -- Here the numbers are checked instead of hitting per_all_assignments_f.
4025 cursor csr_unrelated_contacts is
4026 select distinct papf.person_id
4027 from per_all_people_f papf
4028 where (p_business_group_id is null or
4029 papf.business_group_id = p_business_group_id)
4030 and papf.employee_number is null
4031 and papf.npw_number is null
4032 and papf.applicant_number is null
4033 and not exists
4034 (select null
4035 from per_contact_relationships pcr
4036 where pcr.contact_person_id = papf.person_id)
4037 and not exists
4038 (select null
4039 from per_person_type_usages_f ptuf,
4040 per_person_types ppt
4041 where ppt.system_person_type = 'IRC_REG_USER'
4042 and ptuf.person_type_id = ppt.person_type_id
4043 and ptuf.person_id = papf.person_id);
4044 --
4045 begin
4046 --
4047 if g_dbg then op('Entering: '||l_proc, 1); end if;
4048 -- Only evaluate contact security if all the values are specified.
4049 if p_effective_date is not null then
4050 --
4051 if g_dbg then op(l_proc, 20); end if;
4052 --
4053 if g_per_tbl.count > 0 then
4054 -- Loop through all people already in the cache and
4055 -- add their related contacts to the list.
4056 i := g_per_tbl.first;
4057 --
4058 while i <= g_per_tbl.last loop
4059 --
4060 if g_dbg then op(l_proc||':'||to_char(i), 30); end if;
4061 --
4062 open csr_related_contacts(i);
4063 fetch csr_related_contacts bulk collect into l_temp_per_tbl;
4064 close csr_related_contacts;
4065 -- For any rows returned, restructure the results into a
4066 -- temporary table to avoid mutating the global table.
4067 -- The results are restructured so that the index is the person_id.
4068 if g_dbg then op(l_proc||':'||to_char(i), 40); end if;
4069 --
4070 if l_temp_per_tbl.count > 0 then
4071 --
4072 for j in l_temp_per_tbl.first..l_temp_per_tbl.last loop
4073 --
4074 if not l_temp_per_tbl2.exists(l_temp_per_tbl(j)) then
4075 l_temp_per_tbl2(l_temp_per_tbl(j)) := true;
4076 end if;
4077 --
4078 end loop;
4079 end if;
4080 -- Clear the table to free up memory before the next loop.
4081 if g_dbg then op(l_proc||':'||to_char(i), 50); end if;
4082 l_temp_per_tbl.delete;
4083 i := g_per_tbl.next(i);
4084 --
4085 end loop;
4086 --
4087 end if;
4088
4089 -- Fetch all unrelated contacts.
4090 if g_dbg then op(l_proc, 60); end if;
4091 open csr_unrelated_contacts;
4092 fetch csr_unrelated_contacts bulk collect into l_temp_per_tbl;
4093 close csr_unrelated_contacts;
4094 -- Add the related contacts to the cache.
4095 if g_dbg then op(l_proc, 70); end if;
4096 if l_temp_per_tbl2.count > 0 then
4097 -- Enumerate through the temporary table and add each
4098 -- person to the global cache.
4099 if g_dbg then op(l_proc, 80); end if;
4100 k := l_temp_per_tbl2.first;
4101 --
4102 while k <= l_temp_per_tbl2.last loop
4103 --
4104 if not g_per_tbl.exists(k) then
4105 g_per_tbl(k) := true;
4106 end if;
4107 k := l_temp_per_tbl2.next(k);
4108 --
4109 end loop;
4110 --
4111 end if;
4112
4113 -- Add the unrelated contacts to the cache.
4114 if g_dbg then op(l_proc, 90); end if;
4115 if l_temp_per_tbl.count > 0 then
4116 -- Enumerate through the temporary table and add in the list of
4117 -- unrelated contacts into the global cache cache so that the index
4118 -- is the per_id. This allows for direct index access.
4119 if g_dbg then op(l_proc, 100); end if;
4120 --
4121 for i in l_temp_per_tbl.first..l_temp_per_tbl.last loop
4122 --
4123 if not g_per_tbl.exists(l_temp_per_tbl(i)) then
4124 g_per_tbl(l_temp_per_tbl(i)) := true;
4125 end if;
4126 --
4127 end loop;
4128 --
4129 end if;
4130 --
4131 end if; -- End of effective date check
4132 --
4133 if g_dbg then op('Leaving: '||l_proc, 999); end if;
4134 --
4135 end add_contacts_to_cache;
4136 --
4137 -- ----------------------------------------------------------------------------
4138 -- |---------------------< add_candidates_to_cache >--------------------------|
4139 -- ----------------------------------------------------------------------------
4140 --
4141 procedure add_candidates_to_cache(
4142 p_effective_date in date
4143 ,p_business_group_id in number
4144 ) is
4145 -- Local variables.
4146 l_proc varchar2(72) := g_package||'add_candidates_to_cache';
4147 l_temp_per_tbl g_number_t;
4148 -- Get all candidates (registered through iRecruitment) and excluding
4149 -- related contacts if any.
4150 cursor csr_candidates is
4151 select ptuf.person_id
4152 from per_person_type_usages_f ptuf,
4153 per_person_types ppt
4154 where ppt.system_person_type = 'IRC_REG_USER'
4155 and ptuf.person_type_id = ppt.person_type_id
4156 and ppt.business_group_id + 0 = nvl(p_business_group_id,ppt.business_group_id)--fix for bug 5222441.
4157 and not exists
4158 (select null
4159 from per_all_assignments_f paaf
4160 where paaf.person_id = ptuf.person_id)
4161 and not exists
4162 (select null
4163 from per_contact_relationships pcr
4164 where pcr.contact_person_id = ptuf.person_id);
4165 --
4166 begin
4167 --
4168 if g_dbg then op('Entering: '||l_proc, 1); end if;
4169 -- Evaluate candidate security if all the values are specified.
4170 if p_effective_date is not null then
4171 --
4172 if g_dbg then op(l_proc, 20); end if;
4173 --
4174 open csr_candidates;
4175 fetch csr_candidates bulk collect into l_temp_per_tbl;
4176 close csr_candidates;
4177 --
4178 if l_temp_per_tbl.count > 0 then
4179 -- Enumerate through the temporary table and add in the list of
4180 -- candidates into the global cache, so that the index is the
4181 -- person_id. This allows for direct index access.
4182 if g_dbg then op(l_proc, 30); end if;
4183 --
4184 for i in l_temp_per_tbl.first..l_temp_per_tbl.last loop
4185 --
4186 if not g_per_tbl.exists(l_temp_per_tbl(i)) then
4187 g_per_tbl(l_temp_per_tbl(i)) := true;
4188 end if;
4189 --
4190 end loop;
4191 --
4192 end if;
4193 --
4194 if g_dbg then op(l_proc, 40); end if;
4195 --
4196 end if;
4197 --
4198 if g_dbg then op('Leaving: '||l_proc, 99); end if;
4199 --
4200 end add_candidates_to_cache;
4201 --
4202 -- ----------------------------------------------------------------------------
4203 -- |----------------------< add_remove_bgs_for_orgs >-------------------------|
4204 -- ----------------------------------------------------------------------------
4205 --
4206 PROCEDURE add_remove_bgs_for_orgs
4207 (p_exclude_business_groups_flag IN VARCHAR2
4208 ,p_business_group_id IN NUMBER)
4209 IS
4210
4211 --
4212 -- Local variables.
4213 --
4214 l_proc VARCHAR2(72) := g_package||'add_remove_bgs_for_orgs';
4215 l_bg_id NUMBER;
4216 i NUMBER;
4217 j NUMBER := 1;
4218 l_temp_org_tbl g_number_t;
4219
4220 --
4221 -- Get the business group given a particular organization.
4222 -- This is used in global hierarchies when business groups should
4223 -- be included or excluded.
4224 --
4225 CURSOR csr_get_bg_for_org
4226 (p_organization_id IN NUMBER)
4227 IS
4228 SELECT o.business_group_id
4229 FROM hr_all_organization_units o
4230 WHERE o.organization_id = p_organization_id;
4231
4232 BEGIN
4233
4234 IF g_dbg THEN op('Entering: '||l_proc, 1); END IF;
4235
4236 IF p_business_group_id IS NOT NULL THEN
4237 --
4238 -- The profile is Business Group specific.
4239 --
4240 IF g_dbg THEN op(l_proc, 20); END IF;
4241
4242 IF NVL(p_exclude_business_groups_flag, 'N') = 'Y' THEN
4243 --
4244 -- The business groups should be excluded.
4245 --
4246 -- This is a local profile so at most there can only
4247 -- be one business group in the hierachy, and if it
4248 -- is in the hierarchy it is by definition the top org.
4249 -- When building the hierarchy, the top org is excluded
4250 -- unless "Include Top Organization" is ticked. In the
4251 -- case of local profiles, it makes no sense to tick
4252 -- both "Include Top Organization" and "Exclude Business
4253 -- Groups" because the two contradict each other.
4254 -- Nevertheless, we explicitly remove the BG in this case.
4255 --
4256 IF g_dbg THEN op(l_proc, 30); END IF;
4257
4258 IF g_org_tbl.EXISTS(p_business_group_id) THEN
4259 g_org_tbl.DELETE(p_business_group_id);
4260 END IF;
4261
4262 ELSIF NVL(p_exclude_business_groups_flag, 'N') = 'N' THEN
4263 --
4264 -- The business groups should not be excluded, which means
4265 -- they should be explicitly included.
4266 -- As this is a local profile, the BG of the profile can
4267 -- simply be added to the cache.
4268 --
4269 IF g_dbg THEN op(l_proc, 40); END IF;
4270
4271 IF NOT g_org_tbl.EXISTS(p_business_group_id) THEN
4272 g_org_tbl(p_business_group_id) := TRUE;
4273 END IF;
4274 END IF;
4275
4276 ELSIF p_business_group_id IS NULL THEN
4277 --
4278 -- The profile is global. The business group for each
4279 -- org in the hierarchy must be added or removed, depending
4280 -- on the exclude Business Groups flag.
4281 --
4282 -- Unfortunately, there is no quick way of finding out the
4283 -- BGs for the orgs in the cache without fetching the BG for
4284 -- each org. The BG could be retrieved in the hierarchy tree-
4285 -- walk by joining to hr_all_organization_units but this would
4286 -- be an unnecessary hit where global profiles are not used.
4287 -- Instead, the BG for each org is retrieved separately here.
4288 --
4289 IF g_dbg THEN op(l_proc, 50); END IF;
4290
4291 IF g_org_tbl.COUNT > 0 THEN
4292 --
4293 -- Loop through each org in the cache.
4294 --
4295 IF g_dbg THEN op(l_proc, 60); END IF;
4296
4297 i := g_org_tbl.FIRST;
4298
4299 WHILE i <= g_org_tbl.LAST LOOP
4300 --
4301 -- Fetch the business group for this org.
4302 --
4303 OPEN csr_get_bg_for_org (i);
4304 FETCH csr_get_bg_for_org INTO l_bg_id;
4305 CLOSE csr_get_bg_for_org;
4306
4307 IF g_dbg THEN op(l_proc||'('||to_char(i)||')', 70); END IF;
4308
4309 IF l_bg_id IS NOT NULL THEN
4310 --
4311 -- Store the business group in a temporary table to avoid
4312 -- mutating the global cache. l_bg_id should always be
4313 -- populated but this is wrapped in an IF statement to
4314 -- avoid data corruption issues.
4315 --
4316 l_temp_org_tbl(j) := l_bg_id;
4317 j := j + 1;
4318 END IF;
4319 i := g_org_tbl.NEXT(i);
4320 END LOOP;
4321 END IF;
4322
4323 IF g_dbg THEN op(l_proc, 80); END IF;
4324
4325 IF l_temp_org_tbl.COUNT > 0 THEN
4326 --
4327 -- Add / remove each business group from the global org cache.
4328 --
4329 IF g_dbg THEN op(l_proc, 90); END IF;
4330
4331 FOR i IN l_temp_org_tbl.FIRST..l_temp_org_tbl.LAST LOOP
4332 --
4333 -- For each business group...
4334 --
4335 IF NVL(p_exclude_business_groups_flag, 'N') = 'Y' THEN
4336 --
4337 -- The business group against this org should be
4338 -- excluded from the cache if it exists.
4339 --
4340 IF g_dbg THEN op(l_proc||'('||to_char(i)||')', 100); END IF;
4341
4342 IF g_org_tbl.EXISTS(l_temp_org_tbl(i)) THEN
4343 g_org_tbl.DELETE(l_temp_org_tbl(i));
4344 END IF;
4345
4346 ELSIF NVL(p_exclude_business_groups_flag, 'N') = 'N' THEN
4347 --
4348 -- The business group against this org should be
4349 -- added to the cache if it's not already there.
4350 --
4351 IF g_dbg THEN op(l_proc||'('||to_char(i)||')', 110); END IF;
4352
4353 IF NOT g_org_tbl.EXISTS(l_temp_org_tbl(i)) THEN
4354 g_org_tbl(l_temp_org_tbl(i)) := TRUE;
4355 END IF;
4356 END IF;
4357 END LOOP;
4358 END IF;
4359 END IF;
4360
4361 IF g_dbg THEN op('Leaving: '||l_proc, 999); END IF;
4362
4363 END add_remove_bgs_for_orgs;
4364 --
4365 -- ----------------------------------------------------------------------------
4366 -- |----------------------< add_incl_remove_excl_orgs >-----------------------|
4367 -- ----------------------------------------------------------------------------
4368 --
4369 PROCEDURE add_incl_remove_excl_orgs
4370 (p_security_profile_id IN NUMBER)
4371 IS
4372
4373 --
4374 -- Local variables.
4375 --
4376 l_proc VARCHAR2(72) := g_package||'add_incl_remove_excl_orgs';
4377
4378 --
4379 -- Gets the discrete list of orgs specified in the security profile.
4380 -- The parameter should always contain a value (i.e., be not null)
4381 -- but verify this anyway.
4382 -- Ordering is in descending order so that the include organizations
4383 -- come first and exclude orgs come second: this is the correct
4384 -- functional order, that is, if an org is both include and exclude
4385 -- it will be included and then removed so will not be visible.
4386 --
4387 CURSOR csr_get_discrete_orgs IS
4388 SELECT organization_id
4389 ,entry_type
4390 FROM per_security_organizations
4391 WHERE p_security_profile_id IS NOT NULL
4392 AND security_profile_id = p_security_profile_id
4393 ORDER BY entry_type DESC;
4394
4395 BEGIN
4396
4397 IF g_dbg THEN op('Entering: '||l_proc, 1); END IF;
4398
4399 IF p_security_profile_id IS NOT NULL THEN
4400 --
4401 -- Add the include organizations. Here a bulk collect
4402 -- is not typically necessary because the volumes per
4403 -- security profile will not be significant.
4404 --
4405 IF g_dbg THEN op(l_proc, 20); END IF;
4406
4407 FOR org_rec IN csr_get_discrete_orgs LOOP
4408 --
4409 -- Add the "Include" organizations to the cached org
4410 -- list; remove the "Exclude" organizations from the
4411 -- cached list. All include orgs are added before any
4412 -- org is removed (see the ORDER BY in the cursor).
4413 --
4414 IF org_rec.entry_type = 'I' THEN
4415 IF g_dbg THEN op(l_proc||' I: ', org_rec.organization_id);
4416 END IF;
4417 IF NOT g_org_tbl.EXISTS(org_rec.organization_id) THEN
4418 g_org_tbl(org_rec.organization_id) := TRUE;
4419 END IF;
4420 ELSIF org_rec.entry_type = 'E' THEN
4421 IF g_dbg THEN op(l_proc||' E: ', org_rec.organization_id);
4422 END IF;
4423 IF g_org_tbl.EXISTS(org_rec.organization_id) THEN
4424 g_org_tbl.DELETE(org_rec.organization_id);
4425 END IF;
4426 END IF;
4427 END LOOP;
4428 END IF;
4429
4430 IF g_dbg THEN op('Leaving: '||l_proc, 999); END IF;
4431
4432 END add_incl_remove_excl_orgs;
4433 --
4434 -- ----------------------------------------------------------------------------
4435 -- |----------------------< and_clause >--------------------------------------|
4436 -- ----------------------------------------------------------------------------
4437 --
4438 FUNCTION and_clause(p_str IN VARCHAR2, p_append IN VARCHAR2) RETURN VARCHAR2 IS
4439
4440 BEGIN
4441
4442 --
4443 -- Private utility function, used to build an 'OR' predicate.
4444 --
4445 IF p_str IS null OR p_append IS null THEN
4446 RETURN(p_str || p_append);
4447 ELSE
4448 RETURN(p_str||' AND '||p_append);
4449 END IF;
4450
4451 END and_clause;
4452 --
4453 --
4454 -- ----------------------------------------------------------------------------
4455 -- |----------------------< or_clause >---------------------------------------|
4456 -- ----------------------------------------------------------------------------
4457 --
4458 FUNCTION or_clause(p_str IN VARCHAR2, p_append IN VARCHAR2) RETURN VARCHAR2 IS
4459
4460 BEGIN
4461
4462 --
4463 -- Private utility function, used to build an 'OR' predicate.
4464 --
4465 IF p_str IS null OR p_append IS null THEN
4466 RETURN(p_str || p_append);
4467 ELSE
4468 RETURN(p_str||' OR '||p_append);
4469 END IF;
4470
4471 END or_clause;
4472 --
4473 -- ----------------------------------------------------------------------------
4474 -- |----------------------< add_brackets >------------------------------------|
4475 -- ----------------------------------------------------------------------------
4476 --
4477 FUNCTION add_brackets(p_str IN VARCHAR2) RETURN VARCHAR2 IS
4478
4479 BEGIN
4480
4481 --
4482 -- Private utility function that wraps the passed in string in brackets.
4483 --
4484 IF p_str IS NOT null THEN
4485 RETURN('('||p_str||')');
4486 ELSE
4487 RETURN(p_str);
4488 END IF;
4489
4490 END add_brackets;
4491 --
4492 -- ----------------------------------------------------------------------------
4493 -- |----------------------< add_people_to_cache >-----------------------------|
4494 -- ----------------------------------------------------------------------------
4495 --
4496 PROCEDURE add_people_to_cache
4497 (p_top_person_id IN NUMBER
4498 ,p_effective_date IN DATE
4499 ,p_sec_prof_rec IN g_sec_prof_r
4500 ,p_use_static_lists IN BOOLEAN)
4501 IS
4502 -- Local type definitions.
4503 TYPE l_csr_type IS REF CURSOR;
4504 -- Exceptions.
4505 loop_in_user_data EXCEPTION;
4506 PRAGMA EXCEPTION_INIT(loop_in_user_data, -01436);
4507
4508 -- Local variables.
4509 l_proc VARCHAR2(72) := g_package||'add_people_to_cache';
4510 l_org_restriction VARCHAR2(1) := 'N';
4511 l_pos_restriction VARCHAR2(1) := 'N';
4512 l_pay_restriction VARCHAR2(1) := 'N';
4513 l_custom_per per_security_profiles.custom_restriction_flag%TYPE;
4514 l_temp_asg_tbl g_number_t;
4515 l_temp_per_tbl g_number_t;
4516 l_ex_emp_security varchar2(1) := 'N';
4517 --
4518 -- Dynamic SQL variables.
4519 --
4520 l_custom_y_set BOOLEAN := FALSE;
4521 l_custom_u_set BOOLEAN := FALSE;
4522 l_sup_hier_set BOOLEAN := TRUE;
4523 l_sql_str VARCHAR2(32767);
4524 l_exec_str_print VARCHAR2(32767);
4525 l_select_from_clause VARCHAR2(1000);
4526 l_where_clause VARCHAR2(31567);
4527 l_temp_clause VARCHAR2(31567);
4528 l_connect_clause VARCHAR2(500); -- bug 5105261
4529 l_asg_types_y_or_n VARCHAR2(200);
4530 l_asg_types_y VARCHAR2(200);
4531 l_asg_types_n VARCHAR2(200);
4532 l_cnt BINARY_INTEGER;
4533 l_csr l_csr_type;
4534 --
4535 -- Re-used Dynamic SQL strings
4536 --
4537 l_emp_str VARCHAR2(32) := 'hr_asg.assignment_type = ''E''';
4538 l_cwk_str VARCHAR2(32) := 'hr_asg.assignment_type = ''C''';
4539 l_apl_str VARCHAR2(32) := 'hr_asg.assignment_type = ''A''';
4540 l_org_str VARCHAR2(150) :=
4541 'hr_security_internal.show_organization(hr_asg.organization_id) = ''TRUE''';
4542 l_pos_str VARCHAR2(150) :=
4543 '(hr_asg.position_id IS NULL OR hr_security_internal.show_position(hr_asg.position_id) = ''TRUE'')';
4544 l_pay_str VARCHAR2(150) :=
4545 '(hr_asg.payroll_id IS NULL OR hr_security_internal.show_payroll(hr_asg.payroll_id) = ''TRUE'')';
4546
4547 BEGIN
4548
4549 IF g_dbg THEN op('Entering: '||l_proc, 1); END IF;
4550
4551 --
4552 -- Only evaluate person security if all the values are specified.
4553 --
4554 IF p_effective_date IS NOT NULL
4555 AND p_sec_prof_rec.security_profile_id IS NOT NULL
4556 THEN
4557 -- Query for the Security Profile Option set for Ex-Employee.
4558 -- fnd_profile.get('PER_EX_SECURITY_PROFILE',l_ex_emp_security);
4559 fnd_profile.get(
4560 NAME => 'PER_EX_SECURITY_PROFILE'
4561 ,VAL => l_ex_emp_security);
4562 IF g_dbg THEN hr_utility.trace( 'Ex-Employee Profile Value= '||l_ex_emp_security); END IF;
4563
4564 IF g_dbg THEN op(l_proc, 10); END IF;
4565 --
4566 -- Set the restricted flags.
4567 --
4568 IF restricted_orgs(p_sec_prof_rec) THEN
4569 l_org_restriction := 'Y';
4570 END IF;
4571 IF restricted_pos(p_sec_prof_rec) THEN
4572 l_pos_restriction := 'Y';
4573 END IF;
4574 IF restricted_pays(p_sec_prof_rec) THEN
4575 l_pay_restriction := 'Y';
4576 END IF;
4577
4578 --
4579 -- Set the custom restriction flag.
4580 --
4581 l_custom_per := NVL(p_sec_prof_rec.custom_restriction_flag, 'N');
4582
4583 --
4584 -- Force custom security to be evaluated on the fly
4585 -- where appropriate.
4586 --
4587 IF l_custom_per = 'Y' AND
4588 (NOT p_use_static_lists
4589 OR (l_org_restriction = 'Y' AND
4590 NVL(p_sec_prof_rec.top_organization_method, 'N') = 'U')
4591 OR (l_pos_restriction = 'Y' AND
4592 NVL(p_sec_prof_rec.top_position_method, 'N') = 'U'))
4593 THEN
4594 --
4595 -- Although custom security is not user-based (it is static),
4596 -- the static list cannot be used because either:
4597 -- a) the profile option permits the use of static lists
4598 -- b) user-based org security is in use
4599 -- c) user-based pos security is in use.
4600 --
4601 -- In these circumstances, force custom security to be
4602 -- evaluated on the fly.
4603 --
4604 l_custom_per := 'U';
4605
4606 END IF;
4607
4608 IF g_dbg THEN op(l_proc, 20); END IF;
4609
4610 --
4611 -- Set the skeleton SELECT..FROM clause.
4612 --
4613 -- Fetch the visible people and assignments, applying the
4614 -- various different security restrictions before allowing
4615 -- them to be returned.
4616 -- This does not return ex-people (ex-employees, etc) and
4617 -- it does not return contacts.
4618 --
4619 -- Bug 3686545
4620 -- When restrict_on_individual_asg flag on security profile is set
4621 -- then custom security should be evaluated as user based because
4622 -- listgen currently does not maintain static assignment list.
4623 --
4624 l_select_from_clause :=
4625 'SELECT hr_asg.assignment_id
4626 ,hr_asg.person_id
4627 FROM per_all_assignments_f hr_asg ';
4628
4629 /*-- Check for the Supervisor Security --*/
4630 /* -- In the New enhancement we are ignoring the supervisor security from
4631 showing the Ex-Employee and Future Employee records (New enhancement)
4632 This If condition will check whether the Supervisor Security is
4633 Present or Not.
4634 If there is Supervisorvisor Security Present do not change any thing
4635 This is functioning as it was in previous.
4636 */
4637 IF nvl(p_sec_prof_rec.restrict_by_supervisor_flag, 'N') = 'Y'
4638 OR nvl(p_sec_prof_rec.restrict_by_supervisor_flag, 'N') = 'A' THEN
4639 l_sup_hier_set := TRUE;
4640 ELSE
4641 l_sup_hier_set := FALSE;
4642 END IF;
4643 --
4644 -- Only evaluate person security if all the values are specified.
4645 --
4646 IF NOT l_sup_hier_set and l_ex_emp_security= 'Y' THEN
4647
4648 /*--- Supervisor Security is not present ---*/
4649 IF g_dbg THEN hr_utility.trace( 'Supervisor Security is Not present'); END IF;
4650
4651 --
4652 -- Set the skeleton WHERE clause.
4653 --
4654 /* Where clause is modified for the enhancement
4655 In the where clause,
4656 1. To see the Ex-Employee`s
4657 2. To see the Future Employees. */
4658 l_where_clause :=
4659 ' WHERE /* Active Employee */
4660 (:effective_date BETWEEN hr_asg.effective_start_date AND hr_asg.effective_end_date
4661 /* Ex-Employee */
4662 or (hr_asg.effective_end_date < :effective_date
4663 and not exists
4664 ( select null from per_all_assignments_f papf
4665 where papf.person_id = hr_asg.person_id
4666 and papf.assignment_type in (''A'',''C'',''E'')
4667 and papf.effective_end_date >= :effective_date )
4668 )
4669 /* End Ex-Employee */
4670 /* Future Employee */
4671 or ( hr_asg.effective_start_date > :effective_date
4672 and not exists
4673 ( select null from per_all_assignments_f papf
4674 where papf.person_id = hr_asg.person_id
4675 and papf.assignment_type in (''A'',''C'',''E'')
4676 and papf.effective_start_date < hr_asg.effective_start_date )
4677 )
4678 /* End Future Employee */
4679 )';
4680
4681 IF g_dbg THEN op(l_proc, 30); END IF;
4682
4683 --
4684 -- Build strings that can be used to select
4685 -- allowable assignment types.
4686 --
4687 IF p_sec_prof_rec.view_all_employees_flag = 'Y' THEN
4688 l_asg_types_y := or_clause(l_asg_types_y, l_emp_str);
4689 ELSIF p_sec_prof_rec.view_all_employees_flag = 'N' THEN
4690 l_asg_types_n := or_clause(l_asg_types_n, l_emp_str);
4691 END IF;
4692
4693 IF p_sec_prof_rec.view_all_cwk_flag = 'Y' THEN
4694 l_asg_types_y := or_clause(l_asg_types_y, l_cwk_str);
4695 ELSIF p_sec_prof_rec.view_all_cwk_flag = 'N' THEN
4696 l_asg_types_n := or_clause(l_asg_types_n, l_cwk_str);
4697 END IF;
4698
4699 IF p_sec_prof_rec.view_all_applicants_flag = 'Y' THEN
4700 l_asg_types_y := or_clause(l_asg_types_y, l_apl_str);
4701 ELSIF p_sec_prof_rec.view_all_applicants_flag = 'N' THEN
4702 l_asg_types_n := or_clause(l_asg_types_n, l_apl_str);
4703 END IF;
4704
4705 --
4706 -- Add brackets to the strings that have just been built.
4707 --
4708 l_asg_types_y_or_n := add_brackets(or_clause(l_asg_types_y, l_asg_types_n));
4709 l_asg_types_y := add_brackets(l_asg_types_y);
4710 l_asg_types_n := add_brackets(l_asg_types_n);
4711
4712 IF g_dbg THEN op(l_proc, 40); END IF;
4713
4714 --
4715 -- Allow all 'View All' and 'Restricted' assignment types
4716 -- but no 'View None' ('X') types.
4717 --
4718 IF l_asg_types_y_or_n IS NULL THEN
4719 --
4720 -- All assignment types must be 'X' so prevent
4721 -- any rows from being returned.
4722 --
4723 l_where_clause := and_clause(l_where_clause, 'rownum < 1');
4724 ELSE
4725 l_where_clause := and_clause(l_where_clause, l_asg_types_y_or_n);
4726 END IF;
4727
4728 IF g_dbg THEN op(l_proc, 50); END IF;
4729
4730 --
4731 -- Restrict to primary assignments only if set.
4732 --
4733 IF p_sec_prof_rec.exclude_secondary_asgs_flag = 'Y' THEN
4734 l_where_clause := and_clause(l_where_clause, 'hr_asg.primary_flag = ''Y''');
4735 END IF;
4736
4737 IF g_dbg THEN op(l_proc, 55); END IF;
4738
4739 --
4740 -- Restrict by business group if the profile is local.
4741 --
4742 -- Note: the business group restriction is only added when there
4743 -- is no supervisor restriction. Functionally, this is a bug
4744 -- because global profiles should be used instead of local profiles
4745 -- but security has always behaved like that so adding this restriction
4746 -- will cause havoc in customers' security profile setup.
4747 --
4748 IF p_sec_prof_rec.business_group_id IS NOT null AND
4749 NVL(p_sec_prof_rec.restrict_by_supervisor_flag, 'N') = 'N' THEN
4750 l_where_clause := and_clause (l_where_clause,
4751 'hr_asg.business_group_id = '||p_sec_prof_rec.business_group_id);
4752 END IF;
4753
4754 IF g_dbg THEN op(l_proc, 60); END IF;
4755
4756 --
4757 -- If there are any restrictions to org, pos, pay or custom then
4758 -- apply them here - but only to assignment types that are 'Restricted'.
4759 --
4760 IF l_asg_types_n IS NOT null AND
4761 (l_org_restriction = 'Y' OR l_pos_restriction = 'Y' OR
4762 l_pay_restriction = 'Y' OR l_custom_per = 'Y' OR l_custom_per = 'U')
4763 THEN
4764 IF g_dbg THEN op(l_proc, 65); END IF;
4765 --
4766 -- Restrict by organization.
4767 --
4768 IF g_dbg THEN op(l_proc, 70); END IF;
4769 IF l_org_restriction = 'Y' THEN
4770 l_temp_clause := and_clause(l_temp_clause, l_org_str);
4771 END IF;
4772 --
4773 -- Restrict by position.
4774 --
4775 IF g_dbg THEN op(l_proc, 75); END IF;
4776 IF l_pos_restriction = 'Y' THEN
4777 l_temp_clause := and_clause(l_temp_clause, l_pos_str);
4778 END IF;
4779 --
4780 -- Restrict by payroll.
4781 --
4782 IF g_dbg THEN op(l_proc, 80); END IF;
4783 IF l_pay_restriction = 'Y' THEN
4784 l_temp_clause := and_clause(l_temp_clause, l_pay_str);
4785 END IF;
4786 --
4787 -- Restrict by custom (static).
4788 --
4789 IF g_dbg THEN op(l_proc, 85); END IF;
4790 IF ((p_sec_prof_rec.restrict_on_individual_asg IS NULL OR
4791 p_sec_prof_rec.restrict_on_individual_asg = 'N') AND
4792 l_custom_per = 'Y') THEN
4793 l_temp_clause := and_clause(l_temp_clause,
4794 'EXISTS
4795 (SELECT null
4796 FROM per_person_list ppl
4797 WHERE ppl.security_profile_id = :security_profile_id
4798 AND ppl.person_id = hr_asg.person_id)');
4799 l_custom_y_set := TRUE;
4800 END IF;
4801 --
4802 -- Restrict by custom (user-based).
4803 --
4804 IF g_dbg THEN op(l_proc, 90); END IF;
4805 IF ((p_sec_prof_rec.restrict_on_individual_asg IS NOT NULL AND
4806 p_sec_prof_rec.restrict_on_individual_asg = 'Y') OR
4807 l_custom_per = 'U') AND
4808 p_sec_prof_rec.restriction_text IS NOT NULL THEN
4809 --
4810 -- Check if the custom restriction is using the PERSON or PERSON_TYPE
4811 -- table aliases. If they are, do the full sub-select otherwise
4812 -- substitute the ASSIGNMENT alias for asg and run the SQL as an
4813 -- in-line predicate.
4814 --
4815 IF instr(upper(p_sec_prof_rec.restriction_text), 'PERSON.') = 0 AND
4816 instr(upper(p_sec_prof_rec.restriction_text), 'PERSON_TYPE.') = 0
4817 THEN
4818 --
4819 -- Added upper() clause for bug 5048562.
4820 --
4821 l_temp_clause := and_clause(l_temp_clause
4822 ,replace(upper(p_sec_prof_rec.restriction_text)
4823 ,'ASSIGNMENT.', 'hr_asg.'));
4824 ELSE
4825 /* -- The l_temp_clause is changed for the enhancement */
4826 l_temp_clause := and_clause(l_temp_clause, and_clause(
4827 'EXISTS (SELECT NULL
4828 FROM per_all_assignments_f ASSIGNMENT,
4829 per_all_people_f PERSON,
4830 per_person_type_usages_f PERSON_TYPE
4831 WHERE ASSIGNMENT.rowid = hr_asg.rowid
4832 AND ASSIGNMENT.ASSIGNMENT_ID = hr_asg.assignment_id
4833 AND ASSIGNMENT.ASSIGNMENT_TYPE IN (''A'',''C'',''E'')
4834 /* For the bug 6196437 */
4835 AND PERSON.person_id = ASSIGNMENT.person_id
4836 AND (
4837 /* Active Employee */
4838 :effective_date
4839 BETWEEN PERSON.effective_start_date AND PERSON.effective_end_date
4840 or /* Future Employee */
4841 PERSON.effective_start_date > :effective_date)
4842 AND PERSON.person_id = PERSON_TYPE.person_id
4843 AND ( /* Active Employee */
4844 :effective_date BETWEEN
4845 PERSON_TYPE.effective_start_date AND PERSON_TYPE.effective_end_date
4846 or /* Future Employee */
4847 PERSON_TYPE.effective_start_date > :effective_date)',
4848 p_sec_prof_rec.restriction_text||')'));
4849 l_custom_u_set := TRUE;
4850 END IF;
4851 END IF;
4852
4853 IF g_dbg THEN op(l_proc, 95); END IF;
4854
4855 --
4856 -- Merge the above restrictions into l_where_clause.
4857 --
4858 IF l_asg_types_y IS NOT null THEN
4859 --
4860 -- For workers that are 'Y' include those rows without checking
4861 -- the restrictions.
4862 --
4863 IF g_dbg THEN op(l_proc, 100); END IF;
4864 l_where_clause := and_clause
4865 (l_where_clause, add_brackets
4866 (or_clause(l_asg_types_y, add_brackets(l_temp_clause))));
4867 ELSE
4868 --
4869 -- l_asg_types_y is null, which means asg types are either
4870 -- 'Restricted' (in which case the above conditions must run for
4871 -- all rows) or 'None' (which are filtered out earlier).
4872 --
4873 IF g_dbg THEN op(l_proc, 105); END IF;
4874 l_where_clause := and_clause (l_where_clause, l_temp_clause);
4875 END IF;
4876 IF g_dbg THEN op(l_proc, 110); END IF;
4877 END IF;
4878
4879 IF g_dbg THEN op(l_proc, 140); END IF;
4880 --
4881 -- Piece the SQL statement together.
4882 --
4883 l_sql_str := l_select_from_clause || l_where_clause || l_connect_clause;
4884
4885 IF g_dbg THEN
4886 hr_utility.trace( 'No Supervisor Security is present');
4887 hr_utility.trace('***************************************************');
4888 l_exec_str_print:= l_sql_str;
4889 while length(l_exec_str_print)>0 loop
4890 hr_utility.trace(substr(l_exec_str_print,1,70));
4891 l_exec_str_print:=substr(l_exec_str_print,71);
4892 end loop;
4893 hr_utility.trace('***************************************************');
4894 End if;
4895
4896 IF g_dbg THEN op(l_proc, 150); END IF;
4897 --
4898 -- Open cursor, bulk fetch all the rows and close
4899 -- branching on dynamic binds.
4900 -- Do not to pass p_top_person_id.
4901 --
4902 /*-- Depending on the Security Profile Setup
4903 We are opening the cusroer by passing the
4904 bind variables.
4905 As For enhancement we added more date clause for
4906 Ex-EMployee and Future Employee so we modified the
4907 bind variables accordingly. */
4908 IF l_custom_y_set THEN
4909 OPEN l_csr FOR l_sql_str
4910 USING p_effective_date,
4911 p_effective_date,
4912 p_effective_date,
4913 p_effective_date,
4914 p_sec_prof_rec.security_profile_id;
4915 ELSIF l_custom_u_set THEN
4916 OPEN l_csr FOR l_sql_str
4917 USING p_effective_date,
4918 p_effective_date,
4919 p_effective_date,
4920 p_effective_date,
4921 p_effective_date,
4922 p_effective_date,
4923 p_effective_date,
4924 p_effective_date;
4925 ELSE
4926 OPEN l_csr FOR l_sql_str
4927 USING p_effective_date,
4928 p_effective_date,
4929 p_effective_date,
4930 p_effective_date;
4931 END IF;
4932
4933 IF g_dbg THEN op(l_proc, 170); END IF;
4934
4935 --
4936 -- Oracle 8/8i does not support BULK COLLECT of a dynamic PL/SQL
4937 -- statement.
4938 --
4939 IF hr_general2.get_oracle_db_version >= 9 THEN
4940 --
4941 -- Oracle 9+ being used so perform a BULK COLLECT.
4942 --
4943 FETCH l_csr BULK COLLECT INTO l_temp_asg_tbl
4944 ,l_temp_per_tbl;
4945 ELSE
4946 --
4947 -- Pre Oracle 9 so fetch each row individually.
4948 --
4949 l_cnt := 1;
4950 LOOP
4951 --
4952 -- A Pre Oracle 9 DB is being used so LOOP through,
4953 -- fetching each row.
4954 --
4955 FETCH l_csr INTO l_temp_asg_tbl(l_cnt), l_temp_per_tbl(l_cnt);
4956 EXIT WHEN l_csr%NOTFOUND;
4957 l_cnt := l_cnt + 1;
4958 END LOOP;
4959 END IF;
4960 CLOSE l_csr;
4961
4962 IF g_dbg THEN op(l_proc, 180); END IF;
4963
4964 IF l_temp_asg_tbl.COUNT > 0 THEN
4965 --
4966 -- Enumerate through the temporary table and re-order
4967 -- the list of asgs into the global cache so that the
4968 -- index is the asg_id. This allows for direct index
4969 -- access.
4970 --
4971 IF g_dbg THEN op(l_proc, 190); END IF;
4972 FOR i IN l_temp_asg_tbl.FIRST..l_temp_asg_tbl.LAST LOOP
4973 IF NOT g_asg_tbl.EXISTS(l_temp_asg_tbl(i)) THEN
4974 g_asg_tbl(l_temp_asg_tbl(i)) := l_temp_per_tbl(i);
4975 END IF;
4976 END LOOP;
4977
4978 --
4979 -- Enumerate through the temporary table and re-order
4980 -- the list of pers into the global cache so that the
4981 -- index is the per_id. This allows for direct index
4982 -- access.
4983 --
4984 IF g_dbg THEN op(l_proc, 200); END IF;
4985 FOR i IN l_temp_per_tbl.FIRST..l_temp_per_tbl.LAST LOOP
4986 IF NOT g_per_tbl.EXISTS(l_temp_per_tbl(i)) THEN
4987 g_per_tbl(l_temp_per_tbl(i)) := TRUE;
4988 END IF;
4989 END LOOP;
4990 END IF;
4991 ELSE
4992 /*-- SUPERVISOR SECURITY IS SET */
4993 IF g_dbg THEN
4994 hr_utility.trace( 'Supervisor Security is present or HR: Ex-Employee Security Profile Option is not Set');
4995 END IF;
4996 --
4997 -- Set the skeleton WHERE clause.
4998 --
4999 l_where_clause :=
5000 ' WHERE :effective_date BETWEEN
5001 hr_asg.effective_start_date AND hr_asg.effective_end_date';
5002
5003 IF g_dbg THEN op(l_proc, 30); END IF;
5004
5005 --
5006 -- Build strings that can be used to select
5007 -- allowable assignment types.
5008 --
5009 IF p_sec_prof_rec.view_all_employees_flag = 'Y' THEN
5010 l_asg_types_y := or_clause(l_asg_types_y, l_emp_str);
5011 ELSIF p_sec_prof_rec.view_all_employees_flag = 'N' THEN
5012 l_asg_types_n := or_clause(l_asg_types_n, l_emp_str);
5013 END IF;
5014
5015 IF p_sec_prof_rec.view_all_cwk_flag = 'Y' THEN
5016 l_asg_types_y := or_clause(l_asg_types_y, l_cwk_str);
5017 ELSIF p_sec_prof_rec.view_all_cwk_flag = 'N' THEN
5018 l_asg_types_n := or_clause(l_asg_types_n, l_cwk_str);
5019 END IF;
5020
5021 IF p_sec_prof_rec.view_all_applicants_flag = 'Y' THEN
5022 l_asg_types_y := or_clause(l_asg_types_y, l_apl_str);
5023 ELSIF p_sec_prof_rec.view_all_applicants_flag = 'N' THEN
5024 l_asg_types_n := or_clause(l_asg_types_n, l_apl_str);
5025 END IF;
5026
5027 --
5028 -- Add brackets to the strings that have just been built.
5029 --
5030 l_asg_types_y_or_n := add_brackets(or_clause(l_asg_types_y, l_asg_types_n));
5031 l_asg_types_y := add_brackets(l_asg_types_y);
5032 l_asg_types_n := add_brackets(l_asg_types_n);
5033
5034 IF g_dbg THEN op(l_proc, 40); END IF;
5035
5036 --
5037 -- Allow all 'View All' and 'Restricted' assignment types
5038 -- but no 'View None' ('X') types.
5039 --
5040 IF l_asg_types_y_or_n IS NULL THEN
5041 --
5042 -- All assignment types must be 'X' so prevent
5043 -- any rows from being returned.
5044 --
5045 l_where_clause := and_clause(l_where_clause, 'rownum < 1');
5046 ELSE
5047 l_where_clause := and_clause(l_where_clause, l_asg_types_y_or_n);
5048 END IF;
5049
5050 IF g_dbg THEN op(l_proc, 50); END IF;
5051
5052 --
5053 -- Restrict to primary assignments only if set.
5054 --
5055 IF p_sec_prof_rec.exclude_secondary_asgs_flag = 'Y' THEN
5056 l_where_clause := and_clause(l_where_clause, 'hr_asg.primary_flag = ''Y''');
5057 END IF;
5058
5059 IF g_dbg THEN op(l_proc, 55); END IF;
5060
5061 --
5062 -- Restrict by business group if the profile is local.
5063 --
5064 -- Note: the business group restriction is only added when there
5065 -- is no supervisor restriction. Functionally, this is a bug
5066 -- because global profiles should be used instead of local profiles
5067 -- but security has always behaved like that so adding this restriction
5068 -- will cause havoc in customers' security profile setup.
5069 --
5070 IF p_sec_prof_rec.business_group_id IS NOT null AND
5071 NVL(p_sec_prof_rec.restrict_by_supervisor_flag, 'N') = 'N' THEN
5072 l_where_clause := and_clause (l_where_clause,
5073 'hr_asg.business_group_id = '||p_sec_prof_rec.business_group_id);
5074 END IF;
5075
5076 IF g_dbg THEN op(l_proc, 60); END IF;
5077
5078 --
5079 -- If there are any restrictions to org, pos, pay or custom then
5080 -- apply them here - but only to assignment types that are 'Restricted'.
5081 --
5082 IF l_asg_types_n IS NOT null AND
5083 (l_org_restriction = 'Y' OR l_pos_restriction = 'Y' OR
5084 l_pay_restriction = 'Y' OR l_custom_per = 'Y' OR l_custom_per = 'U')
5085 THEN
5086 IF g_dbg THEN op(l_proc, 65); END IF;
5087 --
5088 -- Restrict by organization.
5089 --
5090 IF g_dbg THEN op(l_proc, 70); END IF;
5091 IF l_org_restriction = 'Y' THEN
5092 l_temp_clause := and_clause(l_temp_clause, l_org_str);
5093 END IF;
5094 --
5095 -- Restrict by position.
5096 --
5097 IF g_dbg THEN op(l_proc, 75); END IF;
5098 IF l_pos_restriction = 'Y' THEN
5099 l_temp_clause := and_clause(l_temp_clause, l_pos_str);
5100 END IF;
5101 --
5102 -- Restrict by payroll.
5103 --
5104 IF g_dbg THEN op(l_proc, 80); END IF;
5105 IF l_pay_restriction = 'Y' THEN
5106 l_temp_clause := and_clause(l_temp_clause, l_pay_str);
5107 END IF;
5108 --
5109 -- Restrict by custom (static).
5110 --
5111 IF g_dbg THEN op(l_proc, 85); END IF;
5112 IF ((p_sec_prof_rec.restrict_on_individual_asg IS NULL OR
5113 p_sec_prof_rec.restrict_on_individual_asg = 'N') AND
5114 l_custom_per = 'Y') THEN
5115 l_temp_clause := and_clause(l_temp_clause,
5116 'EXISTS
5117 (SELECT null
5118 FROM per_person_list ppl
5119 WHERE ppl.security_profile_id = :security_profile_id
5120 AND ppl.person_id = hr_asg.person_id)');
5121 l_custom_y_set := TRUE;
5122 END IF;
5123 --
5124 -- Restrict by custom (user-based).
5125 --
5126 IF g_dbg THEN op(l_proc, 90); END IF;
5127 IF ((p_sec_prof_rec.restrict_on_individual_asg IS NOT NULL AND
5128 p_sec_prof_rec.restrict_on_individual_asg = 'Y') OR
5129 l_custom_per = 'U') AND
5130 p_sec_prof_rec.restriction_text IS NOT NULL THEN
5131 --
5132 -- Check if the custom restriction is using the PERSON or PERSON_TYPE
5133 -- table aliases. If they are, do the full sub-select otherwise
5134 -- substitute the ASSIGNMENT alias for asg and run the SQL as an
5135 -- in-line predicate.
5136 --
5137 IF instr(upper(p_sec_prof_rec.restriction_text), 'PERSON.') = 0 AND
5138 instr(upper(p_sec_prof_rec.restriction_text), 'PERSON_TYPE.') = 0
5139 THEN
5140 --
5141 -- Added upper() clause for bug 5048562.
5142 --
5143 l_temp_clause := and_clause(l_temp_clause
5144 ,replace(upper(p_sec_prof_rec.restriction_text)
5145 ,'ASSIGNMENT.', 'hr_asg.'));
5146 ELSE
5147 l_temp_clause := and_clause(l_temp_clause, and_clause(
5148 'EXISTS (SELECT NULL
5149 FROM per_all_assignments_f ASSIGNMENT,
5150 per_all_people_f PERSON,
5151 per_person_type_usages_f PERSON_TYPE
5152 WHERE ASSIGNMENT.rowid = hr_asg.rowid
5153 AND ASSIGNMENT.ASSIGNMENT_ID = hr_asg.assignment_id /* For the bug 6196437 */
5154 AND PERSON.person_id = ASSIGNMENT.person_id
5155 AND :effective_date
5156 BETWEEN PERSON.effective_start_date AND PERSON.effective_end_date
5157 AND PERSON.person_id = PERSON_TYPE.person_id
5158 AND :effective_date BETWEEN
5159 PERSON_TYPE.effective_start_date AND
5160 PERSON_TYPE.effective_end_date',
5161 p_sec_prof_rec.restriction_text||')'));
5162 l_custom_u_set := TRUE;
5163 END IF;
5164 END IF;
5165
5166 IF g_dbg THEN op(l_proc, 95); END IF;
5167
5168 --
5169 -- Merge the above restrictions into l_where_clause.
5170 --
5171 IF l_asg_types_y IS NOT null THEN
5172 --
5173 -- For workers that are 'Y' include those rows without checking
5174 -- the restrictions.
5175 --
5176 IF g_dbg THEN op(l_proc, 100); END IF;
5177 l_where_clause := and_clause
5178 (l_where_clause, add_brackets
5179 (or_clause(l_asg_types_y, add_brackets(l_temp_clause))));
5180 ELSE
5181 --
5182 -- l_asg_types_y is null, which means asg types are either
5183 -- 'Restricted' (in which case the above conditions must run for
5184 -- all rows) or 'None' (which are filtered out earlier).
5185 --
5186 IF g_dbg THEN op(l_proc, 105); END IF;
5187 l_where_clause := and_clause (l_where_clause, l_temp_clause);
5188 END IF;
5189 IF g_dbg THEN op(l_proc, 110); END IF;
5190 END IF;
5191
5192 IF g_dbg THEN op(l_proc, 120); END IF;
5193
5194 IF nvl(p_sec_prof_rec.restrict_by_supervisor_flag, 'N') = 'Y' THEN
5195 --
5196 -- Add the connect by clause to traverse the supervisor
5197 -- hierarchy by person_id.
5198 --
5199 IF g_dbg THEN op(l_proc, 125); END IF;
5200 -- effective date condition in connect by and start with added for bug 5105261
5201 /*
5202 l_connect_clause :=
5203 ' CONNECT BY hr_asg.supervisor_id = PRIOR person_id
5204 and hr_asg.assignment_type <> ''B''
5205 and :effective_date BETWEEN hr_asg.effective_start_date AND hr_asg.effective_end_date
5206 AND LEVEL <= NVL(:supervisor_levels, LEVEL) + 1
5207 START WITH hr_asg.person_id = :top_person_id
5208 and :effective_date BETWEEN hr_asg.effective_start_date AND hr_asg.effective_end_date';
5209
5210 -- added for the bug 5647930
5211 l_connect_clause := ' CONNECT BY hr_asg.supervisor_id = PRIOR person_id
5212 and hr_asg.assignment_type <> ''B''
5213 and :effective_date BETWEEN hr_asg.effective_start_date AND hr_asg.effective_end_date
5214 AND LEVEL <= NVL(:supervisor_levels, LEVEL) + 1';
5215
5216 IF p_sec_prof_rec.exclude_secondary_asgs_flag = 'Y' THEN
5217 l_connect_clause := l_connect_clause || ' and hr_asg.primary_flag = ''Y''';
5218 END IF;
5219
5220 l_connect_clause := l_connect_clause || ' START WITH hr_asg.person_id = :top_person_id
5221 and :effective_date BETWEEN hr_asg.effective_start_date AND hr_asg.effective_end_date';
5222 -- end of bug 5647930
5223 */
5224 -- re added the code so that the fix goes into R12 branch line
5225 -- added for the bug 5647930
5226 l_connect_clause := ' CONNECT BY hr_asg.supervisor_id = PRIOR person_id
5227 and hr_asg.assignment_type <> ''B''
5228 and :effective_date BETWEEN hr_asg.effective_start_date AND hr_asg.effective_end_date
5229 AND LEVEL <= NVL(:supervisor_levels, LEVEL) + 1';
5230
5231 IF p_sec_prof_rec.exclude_secondary_asgs_flag = 'Y' THEN
5232 l_connect_clause := l_connect_clause || ' and hr_asg.primary_flag = ''Y''';
5233 END IF;
5234
5235 l_connect_clause := l_connect_clause || ' START WITH hr_asg.person_id = :top_person_id
5236 and :effective_date BETWEEN hr_asg.effective_start_date AND hr_asg.effective_end_date';
5237 -- end of bug 5647930
5238 --
5239 ELSIF nvl(p_sec_prof_rec.restrict_by_supervisor_flag, 'N') = 'A' THEN
5240 --
5241 -- Add the connect by clause to traverse the supervisor
5242 -- hierarchy by assignment_id.
5243 --
5244 -- effective date condition in connect by and start with added for bug 5105261
5245 /*
5246 IF g_dbg THEN op(l_proc, 130); END IF;
5247 l_connect_clause :=
5248 ' CONNECT BY hr_asg.supervisor_assignment_id = PRIOR assignment_id
5249 and hr_asg.assignment_type <> ''B''
5250 and :effective_date BETWEEN hr_asg.effective_start_date AND hr_asg.effective_end_date
5251 AND LEVEL <= NVL(:supervisor_levels, LEVEL) + 1
5252 START WITH hr_asg.person_id = :top_person_id
5253 and :effective_date BETWEEN hr_asg.effective_start_date AND hr_asg.effective_end_date';
5254
5255 --
5256 -- added for the bug 5647930
5257 IF g_dbg THEN op(l_proc, 130); END IF;
5258 l_connect_clause := ' CONNECT BY hr_asg.supervisor_assignment_id = PRIOR assignment_id
5259 and hr_asg.assignment_type <> ''B''
5260 and :effective_date BETWEEN hr_asg.effective_start_date AND hr_asg.effective_end_date
5261 AND LEVEL <= NVL(:supervisor_levels, LEVEL) + 1';
5262
5263 IF p_sec_prof_rec.exclude_secondary_asgs_flag = 'Y' THEN
5264 l_connect_clause := l_connect_clause || ' and hr_asg.primary_flag = ''Y''';
5265 END IF;
5266
5267 l_connect_clause := l_connect_clause || ' START WITH hr_asg.person_id = :top_person_id
5268 and :effective_date BETWEEN hr_asg.effective_start_date AND hr_asg.effective_end_date';
5269 --
5270 -- end of bug 5647930
5271 --
5272 */
5273 -- For R12 Branch line
5274 -- added for the bug 5647930
5275 IF g_dbg THEN op(l_proc, 130); END IF;
5276 l_connect_clause := ' CONNECT BY hr_asg.supervisor_assignment_id = PRIOR assignment_id
5277 and hr_asg.assignment_type <> ''B''
5278 and :effective_date BETWEEN hr_asg.effective_start_date AND hr_asg.effective_end_date
5279 AND LEVEL <= NVL(:supervisor_levels, LEVEL) + 1';
5280
5281 IF p_sec_prof_rec.exclude_secondary_asgs_flag = 'Y' THEN
5282 l_connect_clause := l_connect_clause || ' and hr_asg.primary_flag = ''Y''';
5283 END IF;
5284
5285 l_connect_clause := l_connect_clause || ' START WITH hr_asg.person_id = :top_person_id
5286 and :effective_date BETWEEN hr_asg.effective_start_date AND hr_asg.effective_end_date';
5287 --
5288 -- end of bug 5647930
5289 --
5290 ELSE
5291 l_sup_hier_set := FALSE;
5292 END IF;
5293
5294 IF g_dbg THEN op(l_proc, 140); END IF;
5295
5296 --
5297 -- Piece the SQL statement together.
5298 --
5299 l_sql_str := l_select_from_clause || l_where_clause || l_connect_clause;
5300
5301 IF g_dbg THEN op(l_sql_str); END IF;
5302 IF g_dbg THEN op(l_proc, 150); END IF;
5303
5304 --
5305 -- Trace bind variables.
5306 --
5307 IF g_dbg THEN
5308 op(':effective_date: '||to_char(p_effective_date));
5309 op(':security_profile_id: '||to_char(p_sec_prof_rec.security_profile_id));
5310 op(':supervisor_levels: '||to_char(p_sec_prof_rec.supervisor_levels));
5311 op(':top_person_id: '||to_char(p_top_person_id));
5312 END IF;
5313
5314 --
5315 -- Open cursor, bulk fetch all the rows and close
5316 -- branching on dynamic binds.
5317 --
5318 IF l_sup_hier_set THEN
5319 --
5320 -- Need to pass p_top_person_id for supervisor hierarchy tree-walk.
5321 --
5322 IF g_dbg THEN op(l_proc, 155); END IF;
5323 IF l_custom_y_set THEN
5324 OPEN l_csr FOR l_sql_str
5325 USING p_effective_date,
5326 p_sec_prof_rec.security_profile_id,
5327 p_effective_date, -- bug 5105261
5328 p_sec_prof_rec.supervisor_levels,
5329 p_top_person_id,
5330 p_effective_date; -- bug 5105261
5331 ELSIF l_custom_u_set THEN
5332 OPEN l_csr FOR l_sql_str
5333 USING p_effective_date,
5334 p_effective_date,
5335 p_effective_date,
5336 p_effective_date, -- bug 5105261
5337 p_sec_prof_rec.supervisor_levels,
5338 p_top_person_id,
5339 p_effective_date; -- bug 5105261
5340 ELSE
5341 OPEN l_csr FOR l_sql_str
5342 USING p_effective_date,
5343 p_effective_date, -- bug 5105261
5344 p_sec_prof_rec.supervisor_levels,
5345 p_top_person_id,
5346 p_effective_date; -- bug 5105261
5347 END IF;
5348 ELSE
5349 --
5350 -- Do not to pass p_top_person_id.
5351 --
5352 IF g_dbg THEN op(l_proc, 160); END IF;
5353 IF l_custom_y_set THEN
5354 OPEN l_csr FOR l_sql_str
5355 USING p_effective_date,
5356 p_sec_prof_rec.security_profile_id;
5357 ELSIF l_custom_u_set THEN
5358 OPEN l_csr FOR l_sql_str
5359 USING p_effective_date,
5360 p_effective_date,
5361 p_effective_date;
5362 ELSE
5363 OPEN l_csr FOR l_sql_str
5364 USING p_effective_date;
5365 END IF;
5366 END IF;
5367
5368 IF g_dbg THEN op(l_proc, 170); END IF;
5369
5370 --
5371 -- Oracle 8/8i does not support BULK COLLECT of a dynamic PL/SQL
5372 -- statement.
5373 --
5374 IF hr_general2.get_oracle_db_version >= 9 THEN
5375 --
5376 -- Oracle 9+ being used so perform a BULK COLLECT.
5377 --
5378 FETCH l_csr BULK COLLECT INTO l_temp_asg_tbl
5379 ,l_temp_per_tbl;
5380 ELSE
5381 --
5382 -- Pre Oracle 9 so fetch each row individually.
5383 --
5384 l_cnt := 1;
5385 LOOP
5386 --
5387 -- A Pre Oracle 9 DB is being used so LOOP through,
5388 -- fetching each row.
5389 --
5390 FETCH l_csr INTO l_temp_asg_tbl(l_cnt), l_temp_per_tbl(l_cnt);
5391 EXIT WHEN l_csr%NOTFOUND;
5392 l_cnt := l_cnt + 1;
5393 END LOOP;
5394 END IF;
5395 CLOSE l_csr;
5396
5397 IF g_dbg THEN op(l_proc, 180); END IF;
5398
5399 IF l_temp_asg_tbl.COUNT > 0 THEN
5400 --
5401 -- Enumerate through the temporary table and re-order
5402 -- the list of asgs into the global cache so that the
5403 -- index is the asg_id. This allows for direct index
5404 -- access.
5405 --
5406 IF g_dbg THEN op(l_proc, 190); END IF;
5407 FOR i IN l_temp_asg_tbl.FIRST..l_temp_asg_tbl.LAST LOOP
5408 IF NOT g_asg_tbl.EXISTS(l_temp_asg_tbl(i)) THEN
5409 g_asg_tbl(l_temp_asg_tbl(i)) := l_temp_per_tbl(i);
5410 END IF;
5411 END LOOP;
5412
5413 --
5414 -- Enumerate through the temporary table and re-order
5415 -- the list of pers into the global cache so that the
5416 -- index is the per_id. This allows for direct index
5417 -- access.
5418 --
5419 IF g_dbg THEN op(l_proc, 200); END IF;
5420 FOR i IN l_temp_per_tbl.FIRST..l_temp_per_tbl.LAST LOOP
5421 IF NOT g_per_tbl.EXISTS(l_temp_per_tbl(i)) THEN
5422 g_per_tbl(l_temp_per_tbl(i)) := TRUE;
5423 END IF;
5424 END LOOP;
5425 END IF;
5426 End IF; -- SuperVisor Security Check end if;
5427 END IF;
5428 IF g_dbg THEN op('Leaving: '||l_proc, 970); END IF;
5429
5430 EXCEPTION
5431
5432 WHEN no_data_found THEN
5433 --
5434 -- Close the cursor if open to avoid leaking.
5435 --
5436 IF l_csr%isopen THEN
5437 CLOSE l_csr;
5438 END IF;
5439 IF g_dbg THEN op('Leaving: '||l_proc, 993); END IF;
5440
5441 WHEN loop_in_user_data THEN
5442 --
5443 -- Close the cursor if open to avoid leaking.
5444 --
5445 IF l_csr%isopen THEN
5446 CLOSE l_csr;
5447 END IF;
5448 IF g_dbg THEN op('Leaving: '||l_proc, 996); END IF;
5449 fnd_message.set_name('PER','PER_449800_ORA_1436');
5450 fnd_message.raise_error;
5451
5452 WHEN others THEN
5453 --
5454 -- Close the cursor if open to avoid leaking.
5455 --
5456 IF l_csr%isopen THEN
5457 CLOSE l_csr;
5458 END IF;
5459 IF g_dbg THEN op('Leaving: '||l_proc, 999); END IF;
5460 RAISE;
5461
5462 END add_people_to_cache;
5463
5464 --
5465 -- ----------------------------------------------------------------------------
5466 -- |----------------------< add_static_orgs_to_cache >------------------------|
5467 -- ----------------------------------------------------------------------------
5468 --
5469 PROCEDURE add_static_orgs_to_cache
5470 (p_user_id IN NUMBER
5471 ,p_security_profile_id IN NUMBER
5472 ,p_top_organization_method IN VARCHAR2)
5473 IS
5474
5475 --
5476 -- Local variables.
5477 --
5478 l_temp_org_tbl g_number_t;
5479 l_proc VARCHAR2(72) := g_package||'add_static_orgs_to_cache';
5480
5481 --
5482 -- Fetch all the organizations in the static org list
5483 -- for the given user.
5484 -- As there is a user and security profile pair, this
5485 -- allows for scenarios whereby a single user has multiple
5486 -- secured responsibilities, each attached to a different
5487 -- security profile and therefore different access rights.
5488 --
5489 CURSOR csr_get_static_orgs_for_user IS
5490 SELECT pol.organization_id
5491 FROM per_organization_list pol
5492 WHERE pol.security_profile_id IS NOT NULL
5493 AND pol.user_id IS NOT NULL
5494 AND pol.security_profile_id = p_security_profile_id
5495 AND pol.user_id = p_user_id;
5496
5497 --
5498 -- Fetch the organizations in the static org list for this profile.
5499 -- This cursor is used when user-based org security is
5500 -- not in use.
5501 --
5502 CURSOR csr_get_static_orgs IS
5503 SELECT pol.organization_id
5504 FROM per_organization_list pol
5505 WHERE pol.security_profile_id IS NOT NULL
5506 AND pol.user_id IS NULL
5507 AND pol.security_profile_id = p_security_profile_id;
5508
5509 BEGIN
5510
5511 IF g_dbg THEN op('Entering: '||l_proc, 1); END IF;
5512
5513 --
5514 -- Verify that the necessary parameters have a value.
5515 --
5516 IF p_user_id IS NOT NULL AND
5517 p_security_profile_id IS NOT NULL THEN
5518 --
5519 -- If this is user-based, look for a user and
5520 -- security profile pair. Generally speaking, the static
5521 -- user lists will only be cached when it is known that
5522 -- this user is in the list of users to build static
5523 -- lists for AND they have rows in per_organization_list.
5524 --
5525 IF g_dbg THEN op(l_proc, 20); END IF;
5526
5527 IF NVL(p_top_organization_method, 'S') = 'U' THEN
5528 --
5529 -- Get the user's visible orgs by bulk collecting into a
5530 -- temporary collection.
5531 --
5532 IF g_dbg THEN op(l_proc, 30); END IF;
5533
5534 OPEN csr_get_static_orgs_for_user;
5535 FETCH csr_get_static_orgs_for_user BULK COLLECT INTO l_temp_org_tbl;
5536 CLOSE csr_get_static_orgs_for_user;
5537
5538 IF g_dbg THEN op(l_proc, 40); END IF;
5539
5540 ELSE
5541 --
5542 -- Get the visible orgs for the profile by bulk collecting
5543 -- into a temporary collection.
5544 --
5545 IF g_dbg THEN op(l_proc, 50); END IF;
5546
5547 OPEN csr_get_static_orgs;
5548 FETCH csr_get_static_orgs BULK COLLECT INTO l_temp_org_tbl;
5549 CLOSE csr_get_static_orgs;
5550
5551 IF g_dbg THEN op(l_proc, 60); END IF;
5552
5553 END IF;
5554
5555 IF l_temp_org_tbl.COUNT > 0 THEN
5556 --
5557 -- Enumerate through the temporary table and re-order
5558 -- the list of orgs into the global cache so that the
5559 -- index is the org_id. This allows for direct index
5560 -- access.
5561 --
5562 IF g_dbg THEN op(l_proc, 70); END IF;
5563
5564 FOR i IN l_temp_org_tbl.FIRST..l_temp_org_tbl.LAST LOOP
5565 IF NOT g_org_tbl.EXISTS(l_temp_org_tbl(i)) THEN
5566 g_org_tbl(l_temp_org_tbl(i)) := TRUE;
5567 END IF;
5568 END LOOP;
5569 END IF;
5570 END IF;
5571
5572 IF g_dbg THEN op('Leaving: '||l_proc, 999); END IF;
5573
5574 END add_static_orgs_to_cache;
5575 --
5576 -- ----------------------------------------------------------------------------
5577 -- |----------------------< add_static_pos_to_cache >-------------------------|
5578 -- ----------------------------------------------------------------------------
5579 --
5580 PROCEDURE add_static_pos_to_cache
5581 (p_user_id IN NUMBER
5582 ,p_security_profile_id IN NUMBER
5583 ,p_top_position_method IN VARCHAR2)
5584 IS
5585
5586 --
5587 -- Local variables.
5588 --
5589 l_temp_pos_tbl g_number_t;
5590 l_proc VARCHAR2(72) := g_package||'add_static_pos_to_cache';
5591
5592 --
5593 -- Fetch all the positions in the static pos list
5594 -- for the given user.
5595 -- As there is a user and security profile pair, this
5596 -- allows for scenarios whereby a single user has multiple
5597 -- secured responsibilities, each attached to a different
5598 -- security profile and therefore different access rights.
5599 --
5600 CURSOR csr_get_static_pos_for_user IS
5601 SELECT ppl.position_id
5602 FROM per_position_list ppl
5603 WHERE ppl.security_profile_id IS NOT NULL
5604 AND ppl.user_id IS NOT NULL
5605 AND ppl.security_profile_id = p_security_profile_id
5606 AND ppl.user_id = p_user_id;
5607
5608 --
5609 -- Fetch the positions in the static pos list for this profile.
5610 -- This cursor is used when user-based pos security is
5611 -- not in use.
5612 --
5613 CURSOR csr_get_static_pos IS
5614 SELECT ppl.position_id
5615 FROM per_position_list ppl
5616 WHERE ppl.security_profile_id IS NOT NULL
5617 AND ppl.user_id IS NULL
5618 AND ppl.security_profile_id = p_security_profile_id;
5619
5620 BEGIN
5621
5622 IF g_dbg THEN op('Entering: '||l_proc, 1); END IF;
5623
5624 --
5625 -- Verify that the necessary parameters have a value.
5626 --
5627 IF p_user_id IS NOT NULL AND
5628 p_security_profile_id IS NOT NULL THEN
5629 --
5630 -- If this is user-based, look for a user and
5631 -- security profile pair. Generally speaking, the static
5632 -- user lists will only be cached when it is known that
5633 -- this user is in the list of users to build static
5634 -- lists for AND they have rows in per_position_list.
5635 --
5636 IF g_dbg THEN op(l_proc, 20); END IF;
5637
5638 IF NVL(p_top_position_method, 'S') = 'U' THEN
5639 --
5640 -- Get the user's visible positions by bulk collecting into a
5641 -- temporary collection.
5642 --
5643 IF g_dbg THEN op(l_proc, 30); END IF;
5644
5645 OPEN csr_get_static_pos_for_user;
5646 FETCH csr_get_static_pos_for_user BULK COLLECT INTO l_temp_pos_tbl;
5647 CLOSE csr_get_static_pos_for_user;
5648
5649 IF g_dbg THEN op(l_proc, 40); END IF;
5650
5651 ELSE
5652 --
5653 -- Get the visible positions for the profile by bulk collecting
5654 -- into a temporary collection.
5655 --
5656 IF g_dbg THEN op(l_proc, 50); END IF;
5657
5658 OPEN csr_get_static_pos;
5659 FETCH csr_get_static_pos BULK COLLECT INTO l_temp_pos_tbl;
5660 CLOSE csr_get_static_pos;
5661
5662 IF g_dbg THEN op(l_proc, 60); END IF;
5663
5664 END IF;
5665
5666 IF l_temp_pos_tbl.COUNT > 0 THEN
5667 --
5668 -- Enumerate through the temporary table and re-order
5669 -- the list of positions into the global cache so that the
5670 -- index is the pos_id. This allows for direct index
5671 -- access.
5672 --
5673 IF g_dbg THEN op(l_proc, 70); END IF;
5674
5675 FOR i IN l_temp_pos_tbl.FIRST..l_temp_pos_tbl.LAST LOOP
5676 IF NOT g_pos_tbl.EXISTS(l_temp_pos_tbl(i)) THEN
5677 g_pos_tbl(l_temp_pos_tbl(i)) := TRUE;
5678 END IF;
5679 END LOOP;
5680 END IF;
5681 END IF;
5682
5683 IF g_dbg THEN op('Leaving: '||l_proc, 999); END IF;
5684
5685 END add_static_pos_to_cache;
5686 --
5687 -- ----------------------------------------------------------------------------
5688 -- |----------------------< add_static_pay_to_cache >-------------------------|
5689 -- ----------------------------------------------------------------------------
5690 --
5691 PROCEDURE add_static_pay_to_cache
5692 (p_security_profile_id IN NUMBER)
5693 IS
5694
5695 --
5696 -- Local variables.
5697 --
5698 l_temp_pay_tbl g_number_t;
5699 l_proc VARCHAR2(72) := g_package||'add_static_pay_to_cache';
5700
5701 --
5702 -- Fetch the payrolls in the static pay list for this profile.
5703 --
5704 CURSOR csr_get_static_pay IS
5705 SELECT ppl.payroll_id
5706 FROM pay_payroll_list ppl
5707 WHERE ppl.security_profile_id IS NOT NULL
5708 AND ppl.security_profile_id = p_security_profile_id;
5709
5710 BEGIN
5711
5712 IF g_dbg THEN op('Entering: '||l_proc, 1); END IF;
5713
5714 --
5715 -- Verify that the necessary parameters have a value.
5716 --
5717 IF p_security_profile_id IS NOT NULL THEN
5718 --
5719 -- Get the visible payrolls for the profile by bulk collecting
5720 -- into a temporary collection.
5721 --
5722 IF g_dbg THEN op(l_proc, 20); END IF;
5723
5724 OPEN csr_get_static_pay;
5725 FETCH csr_get_static_pay BULK COLLECT INTO l_temp_pay_tbl;
5726 CLOSE csr_get_static_pay;
5727
5728 IF g_dbg THEN op(l_proc, 30); END IF;
5729
5730 IF l_temp_pay_tbl.COUNT > 0 THEN
5731 --
5732 -- Enumerate through the temporary table and re-order
5733 -- the list of payrolls into the global cache so that the
5734 -- index is the pay_id. This allows for direct index
5735 -- access.
5736 --
5737 IF g_dbg THEN op(l_proc, 40); END IF;
5738
5739 FOR i IN l_temp_pay_tbl.FIRST..l_temp_pay_tbl.LAST LOOP
5740 IF NOT g_pay_tbl.EXISTS(l_temp_pay_tbl(i)) THEN
5741 g_pay_tbl(l_temp_pay_tbl(i)) := TRUE;
5742 END IF;
5743 END LOOP;
5744 END IF;
5745 END IF;
5746
5747 IF g_dbg THEN op('Leaving: '||l_proc, 999); END IF;
5748
5749 END add_static_pay_to_cache;
5750 --
5751 -- ----------------------------------------------------------------------------
5752 -- |----------------------< add_static_per_to_cache >-------------------------|
5753 -- ----------------------------------------------------------------------------
5754 --
5755 PROCEDURE add_static_per_to_cache
5756 (p_user_id IN NUMBER
5757 ,p_security_profile_id IN NUMBER
5758 ,p_cache_by_user IN BOOLEAN)
5759 IS
5760
5761 --
5762 -- Local variables.
5763 --
5764 l_temp_per_tbl g_number_t;
5765 l_proc VARCHAR2(72) := g_package||'add_static_per_to_cache';
5766
5767 --
5768 -- Fetch all the people in the static per list
5769 -- for the given user.
5770 -- As there is a user and security profile pair, this
5771 -- allows for scenarios whereby a single user has multiple
5772 -- secured responsibilities, each attached to a different
5773 -- security profile and therefore different access rights.
5774 --
5775 CURSOR csr_get_static_per_for_user IS
5776 SELECT ppl.person_id
5777 FROM per_person_list ppl
5778 WHERE ppl.security_profile_id IS NOT NULL
5779 AND ppl.granted_user_id IS NOT NULL
5780 AND ppl.security_profile_id = p_security_profile_id
5781 AND ppl.granted_user_id = p_user_id;
5782
5783 --
5784 -- Fetch the people in the static per list for this profile.
5785 -- This cursor is used when user-based per security is
5786 -- not in use.
5787 --
5788 CURSOR csr_get_static_per IS
5789 SELECT ppl.person_id
5790 FROM per_person_list ppl
5791 WHERE ppl.security_profile_id IS NOT NULL
5792 AND ppl.granted_user_id IS NULL
5793 AND ppl.security_profile_id = p_security_profile_id;
5794
5795 BEGIN
5796
5797 IF g_dbg THEN op('Entering: '||l_proc, 1); END IF;
5798
5799 --
5800 -- Verify that the necessary parameters have a value.
5801 --
5802 IF p_user_id IS NOT NULL AND
5803 p_security_profile_id IS NOT NULL THEN
5804 --
5805 -- If this is user-based, look for a user and
5806 -- security profile pair. Generally speaking, the static
5807 -- user lists will only be cached when it is known that
5808 -- this user is in the list of users to build static
5809 -- lists for AND they have rows in per_person_list.
5810 --
5811 IF g_dbg THEN op(l_proc, 20); END IF;
5812
5813 IF p_cache_by_user THEN
5814 --
5815 -- Get the user's visible people by bulk collecting into a
5816 -- temporary collection.
5817 --
5818 IF g_dbg THEN op(l_proc, 30); END IF;
5819
5820 OPEN csr_get_static_per_for_user;
5821 FETCH csr_get_static_per_for_user BULK COLLECT INTO l_temp_per_tbl;
5822 CLOSE csr_get_static_per_for_user;
5823
5824 IF g_dbg THEN op(l_proc, 40); END IF;
5825
5826 ELSE
5827 --
5828 -- Get the security profile's visible people.
5829 --
5830 IF g_dbg THEN op(l_proc, 50); END IF;
5831
5832 OPEN csr_get_static_per;
5833 FETCH csr_get_static_per BULK COLLECT INTO l_temp_per_tbl;
5834 CLOSE csr_get_static_per;
5835
5836 IF g_dbg THEN op(l_proc, 60); END IF;
5837
5838 END IF;
5839
5840 IF l_temp_per_tbl.COUNT > 0 THEN
5841 --
5842 -- Enumerate through the temporary table and re-order
5843 -- the list of people into the global cache so that the
5844 -- index is the per_id. This allows for direct index
5845 -- access.
5846 --
5847 IF g_dbg THEN op(l_proc, 70); END IF;
5848
5849 FOR i IN l_temp_per_tbl.FIRST..l_temp_per_tbl.LAST LOOP
5850 IF NOT g_per_tbl.EXISTS(l_temp_per_tbl(i)) THEN
5851 g_per_tbl(l_temp_per_tbl(i)) := TRUE;
5852 END IF;
5853 END LOOP;
5854 END IF;
5855 END IF;
5856
5857 IF g_dbg THEN op('Leaving: '||l_proc, 999); END IF;
5858
5859 END add_static_per_to_cache;
5860 --
5861 -- ----------------------------------------------------------------------------
5862 -- |----------------------< add_static_asg_to_cache >-------------------------|
5863 -- ----------------------------------------------------------------------------
5864 --
5865 PROCEDURE add_static_asg_to_cache
5866 (p_user_id IN NUMBER
5867 ,p_security_profile_id IN NUMBER
5868 ,p_cache_by_user IN BOOLEAN)
5869 IS
5870
5871 --
5872 -- Local variables.
5873 --
5874 l_temp_asg_tbl g_number_t;
5875 l_temp_per_tbl g_number_t;
5876 l_proc VARCHAR2(72) := g_package||'add_static_asg_to_cache';
5877
5878 --
5879 -- Fetch all the assignments in the static asg list
5880 -- for the given user.
5881 -- As there is a user and security profile pair, this
5882 -- allows for scenarios whereby a single user has multiple
5883 -- secured responsibilities, each attached to a different
5884 -- security profile and therefore different access rights.
5885 --
5886 CURSOR csr_get_static_asg_for_user IS
5887 SELECT pal.assignment_id
5888 ,pal.person_id
5889 FROM per_assignment_list pal
5890 WHERE pal.security_profile_id IS NOT NULL
5891 AND pal.user_id IS NOT NULL
5892 AND pal.security_profile_id = p_security_profile_id
5893 AND pal.user_id = p_user_id;
5894
5895 --
5896 -- Fetch the people in the static asg list for this profile.
5897 -- This cursor is used when user-based asg security is
5898 -- not in use. At the moment, permissions are only stored
5899 -- in the assignment list against a user so this cursor
5900 -- should never return any rows.
5901 --
5902 CURSOR csr_get_static_asg IS
5903 SELECT pal.assignment_id
5904 ,pal.person_id
5905 FROM per_assignment_list pal
5906 WHERE pal.security_profile_id IS NOT NULL
5907 AND pal.user_id IS NULL
5908 AND pal.security_profile_id = p_security_profile_id;
5909
5910 BEGIN
5911
5912 IF g_dbg THEN op('Entering: '||l_proc, 1); END IF;
5913
5914 --
5915 -- Verify that the necessary parameters have a value.
5916 --
5917 IF p_user_id IS NOT NULL AND
5918 p_security_profile_id IS NOT NULL AND
5919 p_cache_by_user IS NOT NULL THEN
5920 --
5921 -- If this is user-based, look for a user and
5922 -- security profile pair. Generally speaking, the static
5923 -- user lists will only be cached when it is known that
5924 -- this user is in the list of users to build static
5925 -- lists for AND they have rows in per_assignment_list.
5926 --
5927 IF g_dbg THEN op(l_proc, 20); END IF;
5928
5929 IF p_cache_by_user THEN
5930 --
5931 -- Get the user's visible assignments by bulk collecting
5932 -- into a temporary collection.
5933 --
5934 IF g_dbg THEN op(l_proc, 30); END IF;
5935
5936 OPEN csr_get_static_asg_for_user;
5937 FETCH csr_get_static_asg_for_user BULK COLLECT INTO l_temp_asg_tbl
5938 ,l_temp_per_tbl;
5939 CLOSE csr_get_static_asg_for_user;
5940
5941 IF g_dbg THEN op(l_proc, 40); END IF;
5942
5943 ELSE
5944 --
5945 -- Get the security profile's visible assignments.
5946 --
5947 IF g_dbg THEN op(l_proc, 50); END IF;
5948
5949 OPEN csr_get_static_asg;
5950 FETCH csr_get_static_asg BULK COLLECT INTO l_temp_asg_tbl
5951 ,l_temp_per_tbl;
5952 CLOSE csr_get_static_asg;
5953
5954 IF g_dbg THEN op(l_proc, 60); END IF;
5955
5956 END IF;
5957
5958 IF l_temp_asg_tbl.COUNT > 0 THEN
5959 --
5960 -- Enumerate through the temporary table and re-order
5961 -- the list of assignments into the global cache so that
5962 -- the index is the asg_id. This allows for direct index
5963 -- access. Also, use the person ID as each row's value
5964 -- so that show_person could potentially use this table
5965 -- in the future.
5966 --
5967 IF g_dbg THEN op(l_proc, 70); END IF;
5968
5969 FOR i IN l_temp_asg_tbl.FIRST..l_temp_asg_tbl.LAST LOOP
5970 IF NOT g_asg_tbl.EXISTS(l_temp_asg_tbl(i)) THEN
5971 g_asg_tbl(l_temp_asg_tbl(i)) := l_temp_per_tbl(i);
5972 END IF;
5973 END LOOP;
5974 END IF;
5975 END IF;
5976
5977 IF g_dbg THEN op('Leaving: '||l_proc, 999); END IF;
5978
5979 END add_static_asg_to_cache;
5980 --
5981 -- ----------------------------------------------------------------------------
5982 -- |----------------------< add_per_list_changes_to_cache >-------------------|
5983 -- ----------------------------------------------------------------------------
5984 --
5985 PROCEDURE add_per_list_changes_to_cache
5986 (p_security_profile_id IN NUMBER
5987 ,p_effective_date IN DATE)
5988 IS
5989
5990 --
5991 -- Local variables.
5992 --
5993 l_temp_per_tbl g_number_t;
5994 l_proc VARCHAR2(72) := g_package||'add_per_list_changes_to_cache';
5995
5996 --
5997 -- Fetch all the people in the static person list changes to the
5998 -- cache. In theory, this table should be empty because of the
5999 -- ex-person enhancements but in practice, it is likely that this
6000 -- table is still maintained or was used by unsupported customer
6001 -- processes.
6002 -- Either way, cache the contents to be safe.
6003 -- Only include people that do not have an assignment effective
6004 -- as of the effective date (because they would have already been
6005 -- evaluated) but did once have an assignment.
6006 --
6007 CURSOR csr_get_static_per IS
6008 SELECT plc.person_id
6009 FROM per_person_list_changes plc
6010 WHERE plc.security_profile_id IS NOT NULL
6011 AND plc.security_profile_id = p_security_profile_id
6012 AND NOT EXISTS
6013 (SELECT NULL
6014 FROM per_all_assignments_f paaf
6015 WHERE paaf.person_id = plc.person_id
6016 AND paaf.assignment_type <> 'B'
6017 AND p_effective_date BETWEEN
6018 paaf.effective_start_date AND paaf.effective_end_date)
6019 AND EXISTS
6020 (SELECT NULL
6021 FROM per_all_assignments_f paaf2
6022 WHERE paaf2.person_id = plc.person_id
6023 AND paaf2.assignment_type <> 'B'
6024 AND p_effective_date > paaf2.effective_start_date);
6025
6026 BEGIN
6027
6028 IF g_dbg THEN op('Entering: '||l_proc, 1); END IF;
6029
6030 --
6031 -- Verify that the necessary parameters have a value.
6032 --
6033 IF p_security_profile_id IS NOT NULL THEN
6034 --
6035 -- Get the people in the list by bulk collecting into a
6036 -- temporary collection.
6037 --
6038 IF g_dbg THEN op(l_proc, 20); END IF;
6039
6040 OPEN csr_get_static_per;
6041 FETCH csr_get_static_per BULK COLLECT INTO l_temp_per_tbl;
6042 CLOSE csr_get_static_per;
6043
6044 IF g_dbg THEN op(l_proc, 30); END IF;
6045
6046 IF l_temp_per_tbl.COUNT > 0 THEN
6047 --
6048 -- Enumerate through the temporary table and re-order
6049 -- the list of people into the global cache so that the
6050 -- index is the per_id. This allows for direct index
6051 -- access.
6052 --
6053 IF g_dbg THEN op(l_proc, 40); END IF;
6054
6055 FOR i IN l_temp_per_tbl.FIRST..l_temp_per_tbl.LAST LOOP
6056 IF NOT g_per_tbl.EXISTS(l_temp_per_tbl(i)) THEN
6057 g_per_tbl(l_temp_per_tbl(i)) := TRUE;
6058 END IF;
6059 END LOOP;
6060 END IF;
6061 END IF;
6062
6063 IF g_dbg THEN op('Leaving: '||l_proc, 999); END IF;
6064
6065 END add_per_list_changes_to_cache;
6066 --
6067 -- ----------------------------------------------------------------------------
6068 -- |----------------------< add_granted_users_to_cache >----------------------|
6069 -- ----------------------------------------------------------------------------
6070 --
6071 PROCEDURE add_granted_users_to_cache
6072 (p_user_id IN NUMBER
6073 ,p_effective_date IN DATE
6074 ,p_allow_granted_users_flag IN VARCHAR2
6075 ,p_restrict_on_individual_asg IN VARCHAR2)
6076 IS
6077
6078 --
6079 -- Local variables.
6080 --
6081 l_proc VARCHAR2(72) := g_package||'add_granted_users_to_cache';
6082 l_temp_per_tbl g_number_t;
6083
6084 --
6085 -- Fetch all the people for whom this user has explicitly been
6086 -- granted access.
6087 --
6088 CURSOR csr_get_granted_users IS
6089 SELECT ppl.person_id
6090 FROM per_person_list ppl
6091 WHERE ppl.granted_user_id IS NOT NULL
6092 AND ppl.granted_user_id = p_user_id
6093 AND ppl.security_profile_id IS NULL;
6094
6095 --
6096 -- Fetch all the non-benefits assignments for a given person.
6097 --
6098 CURSOR csr_get_asgs_for_per
6099 (p_person_id IN NUMBER) IS
6100 SELECT paaf.assignment_id
6101 FROM per_all_assignments_f paaf
6102 WHERE paaf.person_id = p_person_id
6103 AND p_effective_date BETWEEN
6104 paaf.effective_start_date AND paaf.effective_end_date
6105 AND paaf.assignment_type <> 'B';
6106
6107 BEGIN
6108
6109 IF g_dbg THEN op('Entering: '||l_proc, 1); END IF;
6110
6111 --
6112 -- Verify that the necessary parameters have a value.
6113 --
6114 IF p_user_id IS NOT NULL AND
6115 p_effective_date IS NOT NULL THEN
6116
6117 --
6118 -- If granted users are allowed.
6119 --
6120 IF NVL(p_allow_granted_users_flag, 'N') = 'Y' THEN
6121 --
6122 -- Get the granted users by bulk collecting into a
6123 -- temporary collection.
6124 --
6125 IF g_dbg THEN op(l_proc, 20); END IF;
6126
6127 OPEN csr_get_granted_users;
6128 FETCH csr_get_granted_users BULK COLLECT INTO l_temp_per_tbl;
6129 CLOSE csr_get_granted_users;
6130
6131 IF g_dbg THEN op(l_proc, 30); END IF;
6132
6133 IF l_temp_per_tbl.COUNT > 0 THEN
6134 --
6135 -- Enumerate through the temporary table and re-order
6136 -- the list of people into the global cache so that the
6137 -- index is the per_id. This allows for direct index
6138 -- access.
6139 --
6140 IF g_dbg THEN op(l_proc, 40); END IF;
6141
6142 FOR i IN l_temp_per_tbl.FIRST..l_temp_per_tbl.LAST LOOP
6143 --
6144 -- Add the granted user to the person cache if they
6145 -- do not already exist.
6146 --
6147 IF NOT g_per_tbl.EXISTS(l_temp_per_tbl(i)) THEN
6148 g_per_tbl(l_temp_per_tbl(i)) := TRUE;
6149 END IF;
6150
6151 IF NVL(p_restrict_on_individual_asg, 'N') = 'Y' THEN
6152 --
6153 -- This profile is securing at an individual assignment level
6154 -- so add all the assignments for this person into the
6155 -- assignment cache.
6156 --
6157 FOR asg_rec IN csr_get_asgs_for_per(l_temp_per_tbl(i)) LOOP
6158 --
6159 -- For each assignment, add it to the assignment
6160 -- cache if it does not already exist.
6161 --
6162 IF NOT g_asg_tbl.EXISTS(asg_rec.assignment_id) THEN
6163 g_asg_tbl(asg_rec.assignment_id) := l_temp_per_tbl(i);
6164 END IF;
6165 END LOOP;
6166 END IF;
6167 END LOOP;
6168 END IF;
6169 END IF;
6170 END IF;
6171
6172 IF g_dbg THEN op('Leaving: '||l_proc, 999); END IF;
6173
6174 END add_granted_users_to_cache;
6175 --
6176 -- ----------------------------------------------------------------------------
6177 -- |----------------------< add_sec_prof_pay_to_cache >-----------------------|
6178 -- ----------------------------------------------------------------------------
6179 --
6180 PROCEDURE add_sec_prof_pay_to_cache
6181 (p_security_profile_id IN NUMBER
6182 ,p_include_exclude_payroll_flag IN VARCHAR2
6183 ,p_business_group_id IN NUMBER
6184 ,p_effective_date IN DATE)
6185 IS
6186
6187 --
6188 -- Local variables.
6189 --
6190 l_temp_pay_tbl g_number_t;
6191 l_proc VARCHAR2(72) := g_package||'add_sec_prof_pay_to_cache';
6192
6193 --
6194 -- Fetch the effective payrolls in the security profile's payroll
6195 -- list. This cursor is used when the payrolls listed should be
6196 -- included.
6197 --
6198 CURSOR csr_get_include_pay IS
6199 SELECT pay.payroll_id
6200 FROM pay_all_payrolls_f pay
6201 ,pay_security_payrolls psp
6202 WHERE psp.security_profile_id IS NOT NULL
6203 AND psp.security_profile_id = p_security_profile_id
6204 AND psp.payroll_id = pay.payroll_id
6205 AND p_effective_date BETWEEN
6206 pay.effective_start_date AND pay.effective_end_date;
6207
6208 --
6209 -- Fetch the effective payrolls in the business group of the
6210 -- security profile, specifically excluding those listed
6211 -- in the security profile's list of payrolls.
6212 -- This cursor is used when the payrolls listed should be
6213 -- included.
6214 --
6215 CURSOR csr_get_exclude_pay IS
6216 SELECT pay.payroll_id
6217 FROM pay_all_payrolls_f pay
6218 WHERE p_effective_date BETWEEN
6219 pay.effective_start_date AND pay.effective_end_date
6220 AND pay.business_group_id IS NOT NULL
6221 AND pay.business_group_id = p_business_group_id
6222 AND NOT EXISTS
6223 (SELECT NULL
6224 FROM pay_security_payrolls psp
6225 WHERE psp.security_profile_id IS NOT NULL
6226 AND psp.security_profile_id = p_security_profile_id
6227 AND psp.payroll_id = pay.payroll_id);
6228
6229 BEGIN
6230
6231 IF g_dbg THEN op('Entering: '||l_proc, 1); END IF;
6232
6233 --
6234 -- Verify that the necessary parameters have a value.
6235 --
6236 IF p_security_profile_id IS NOT NULL AND
6237 p_include_exclude_payroll_flag IS NOT NULL AND
6238 p_business_group_id IS NOT NULL AND
6239 p_effective_date IS NOT NULL THEN
6240
6241 IF g_dbg THEN op(l_proc, 20); END IF;
6242
6243 --
6244 -- Add the payrolls to the cache: include them if
6245 -- Include is specified, otherwise exclude all
6246 -- except those in the payroll list.
6247 --
6248 IF p_include_exclude_payroll_flag = 'I' THEN
6249 --
6250 -- Include those in the security profile's payroll list.
6251 --
6252 IF g_dbg THEN op(l_proc, 30); END IF;
6253
6254 OPEN csr_get_include_pay;
6255 FETCH csr_get_include_pay BULK COLLECT INTO l_temp_pay_tbl;
6256 CLOSE csr_get_include_pay;
6257
6258 ELSIF p_include_exclude_payroll_flag = 'E' THEN
6259 --
6260 -- Include all but those in the security profile's payroll
6261 -- list.
6262 --
6263 IF g_dbg THEN op(l_proc, 40); END IF;
6264
6265 OPEN csr_get_exclude_pay;
6266 FETCH csr_get_exclude_pay BULK COLLECT INTO l_temp_pay_tbl;
6267 CLOSE csr_get_exclude_pay;
6268
6269 END IF;
6270
6271 IF l_temp_pay_tbl.COUNT > 0 THEN
6272 --
6273 -- Enumerate through the temporary table and re-order
6274 -- the list of payrolls into the global cache so that the
6275 -- index is the pay_id. This allows for direct index
6276 -- access.
6277 --
6278 IF g_dbg THEN op(l_proc, 50); END IF;
6279
6280 FOR i IN l_temp_pay_tbl.FIRST..l_temp_pay_tbl.LAST LOOP
6281 IF NOT g_pay_tbl.EXISTS(l_temp_pay_tbl(i)) THEN
6282 g_pay_tbl(l_temp_pay_tbl(i)) := TRUE;
6283 END IF;
6284 END LOOP;
6285 END IF;
6286 END IF;
6287
6288 IF g_dbg THEN op('Leaving: '||l_proc, 999); END IF;
6289
6290 END add_sec_prof_pay_to_cache;
6291 --
6292 -- ----------------------------------------------------------------------------
6293 -- |----------------------< user_in_static_org_list >-------------------------|
6294 -- ----------------------------------------------------------------------------
6295 --
6296 FUNCTION user_in_static_org_list
6297 (p_user_id IN NUMBER
6298 ,p_security_profile_id IN NUMBER)
6299 RETURN BOOLEAN IS
6300
6301 --
6302 -- Local variables.
6303 --
6304 l_return BOOLEAN := FALSE;
6305 l_organization_id NUMBER;
6306 l_proc VARCHAR2(72) := g_package||'user_in_static_org_list';
6307
6308 BEGIN
6309
6310 IF g_dbg THEN op('Entering: '||l_proc, 1); END IF;
6311
6312 IF p_user_id IS NOT NULL AND p_security_profile_id IS NOT NULL THEN
6313
6314 IF g_dbg THEN op(l_proc, 30); END IF;
6315
6316 SELECT pol.organization_id
6317 INTO l_organization_id
6318 FROM per_organization_list pol
6319 WHERE pol.user_id IS NOT NULL
6320 AND pol.security_profile_id IS NOT NULL
6321 AND pol.user_id = p_user_id
6322 AND pol.security_profile_id = p_security_profile_id
6323 AND rownum = 1;
6324
6325 IF g_dbg THEN op(l_proc, 40); END IF;
6326
6327 END IF;
6328
6329 l_return := (l_organization_id IS NOT NULL);
6330
6331 IF g_dbg THEN op('Leaving: '||l_proc, 989); END IF;
6332
6333 RETURN l_return;
6334
6335 EXCEPTION
6336
6337 WHEN no_data_found THEN
6338
6339 IF g_dbg THEN op('Leaving: '||l_proc, 999); END IF;
6340
6341 RETURN l_return;
6342
6343 END user_in_static_org_list;
6344 --
6345 -- ----------------------------------------------------------------------------
6346 -- |----------------------< user_in_static_pos_list >-------------------------|
6347 -- ----------------------------------------------------------------------------
6348 --
6349 FUNCTION user_in_static_pos_list
6350 (p_user_id IN NUMBER
6351 ,p_security_profile_id IN NUMBER)
6352 RETURN BOOLEAN IS
6353
6354 --
6355 -- Local variables.
6356 --
6357 l_return BOOLEAN := FALSE;
6358 l_position_id NUMBER;
6359 l_proc VARCHAR2(72) := g_package||'user_in_static_pos_list';
6360
6361 BEGIN
6362
6363 IF g_dbg THEN op('Entering: '||l_proc, 1); END IF;
6364
6365 IF p_user_id IS NOT NULL AND p_security_profile_id IS NOT NULL THEN
6366
6367 IF g_dbg THEN op(l_proc, 30); END IF;
6368
6369 SELECT ppl.position_id
6370 INTO l_position_id
6371 FROM per_position_list ppl
6372 WHERE ppl.user_id IS NOT NULL
6373 AND ppl.security_profile_id IS NOT NULL
6374 AND ppl.user_id = p_user_id
6375 AND ppl.security_profile_id = p_security_profile_id
6376 AND rownum = 1;
6377
6378 IF g_dbg THEN op(l_proc, 40); END IF;
6379
6380 END IF;
6381
6382 l_return := (l_position_id IS NOT NULL);
6383
6384 IF g_dbg THEN op('Leaving: '||l_proc, 989); END IF;
6385
6386 RETURN l_return;
6387
6388 EXCEPTION
6389
6390 WHEN no_data_found THEN
6391
6392 IF g_dbg THEN op('Leaving: '||l_proc, 999); END IF;
6393
6394 RETURN l_return;
6395
6396 END user_in_static_pos_list;
6397 --
6398 -- ----------------------------------------------------------------------------
6399 -- |----------------------< user_in_static_per_list >-------------------------|
6400 -- ----------------------------------------------------------------------------
6401 --
6402 FUNCTION user_in_static_per_list
6403 (p_user_id IN NUMBER
6404 ,p_security_profile_id IN NUMBER)
6405 RETURN BOOLEAN IS
6406
6407 --
6408 -- Local variables.
6409 --
6410 l_return BOOLEAN := FALSE;
6411 l_person_id NUMBER;
6412 l_proc VARCHAR2(72) := g_package||'user_in_static_per_list';
6413
6414 BEGIN
6415
6416 IF g_dbg THEN op('Entering: '||l_proc, 1); END IF;
6417
6418 IF p_user_id IS NOT NULL AND p_security_profile_id IS NOT NULL THEN
6419
6420 IF g_dbg THEN op(l_proc, 30); END IF;
6421
6422 --
6423 -- Here it is important to specify that the security_profile_id is not
6424 -- null because rows with a null security_profile_id indicate
6425 -- access explicitly granted through SSHR, and this should not be
6426 -- picked up here.
6427 --
6428 SELECT ppl.person_id
6429 INTO l_person_id
6430 FROM per_person_list ppl
6431 WHERE ppl.granted_user_id IS NOT NULL
6432 AND ppl.security_profile_id IS NOT NULL
6433 AND ppl.granted_user_id = p_user_id
6434 AND ppl.security_profile_id = p_security_profile_id
6435 AND rownum = 1;
6436
6437 IF g_dbg THEN op(l_proc, 40); END IF;
6438
6439 END IF;
6440
6441 l_return := (l_person_Id IS NOT NULL);
6442
6443 IF g_dbg THEN op('Leaving: '||l_proc, 989); END IF;
6444
6445 RETURN l_return;
6446
6447 EXCEPTION
6448
6449 WHEN no_data_found THEN
6450
6451 IF g_dbg THEN op('Leaving: '||l_proc, 999); END IF;
6452
6453 RETURN l_return;
6454
6455 END user_in_static_per_list;
6456 --
6457 -- ----------------------------------------------------------------------------
6458 -- |----------------------< user_in_static_asg_list >-------------------------|
6459 -- ----------------------------------------------------------------------------
6460 --
6461 FUNCTION user_in_static_asg_list
6462 (p_user_id IN NUMBER
6463 ,p_security_profile_id IN NUMBER)
6464 RETURN BOOLEAN IS
6465
6466 --
6467 -- Local variables.
6468 --
6469 l_return BOOLEAN := FALSE;
6470 l_assignment_id NUMBER;
6471 l_proc VARCHAR2(72) := g_package||'user_in_static_asg_list';
6472
6473 BEGIN
6474
6475 IF g_dbg THEN op('Entering: '||l_proc, 1); END IF;
6476
6477 IF p_user_id IS NOT NULL AND p_security_profile_id IS NOT NULL THEN
6478
6479 IF g_dbg THEN op(l_proc, 30); END IF;
6480
6481 SELECT pal.assignment_id
6482 INTO l_assignment_id
6483 FROM per_assignment_list pal
6484 WHERE pal.user_id IS NOT NULL
6485 AND pal.security_profile_id IS NOT NULL
6486 AND pal.user_id = p_user_id
6487 AND pal.security_profile_id = p_security_profile_id
6488 AND rownum = 1;
6489
6490 IF g_dbg THEN op(l_proc, 40); END IF;
6491
6492 END IF;
6493
6494 l_return := (l_assignment_id IS NOT NULL);
6495
6496 IF g_dbg THEN op('Leaving: '||l_proc, 989); END IF;
6497
6498 RETURN l_return;
6499
6500 EXCEPTION
6501
6502 WHEN no_data_found THEN
6503
6504 IF g_dbg THEN op('Leaving: '||l_proc, 999); END IF;
6505
6506 RETURN l_return;
6507
6508 END user_in_static_asg_list;
6509 --
6510 -- ----------------------------------------------------------------------------
6511 -- |----------------------< delete_org_list_for_user >------------------------|
6512 -- ----------------------------------------------------------------------------
6513 --
6514 PROCEDURE delete_org_list_for_user
6515 (p_user_id IN NUMBER
6516 ,p_security_profile_id IN NUMBER)
6517 IS
6518
6519 --
6520 -- Break out into an autonomous transaction so that this does not
6521 -- share the same commit cycle as the calling routine.
6522 -- This ensures rows get deleted where there is no assumed commits
6523 -- elsewhere, for example, at longon. It also commits regardless of
6524 -- unexpected exceptions elsewhere.
6525 --
6526 PRAGMA AUTONOMOUS_TRANSACTION;
6527
6528 --
6529 -- Local variables.
6530 --
6531 l_proc VARCHAR2(72) := g_package||'delete_org_list_for_user';
6532
6533 BEGIN
6534
6535 IF g_dbg THEN op('Entering: '||l_proc, 1); END IF;
6536
6537 IF p_user_id IS NOT NULL AND p_security_profile_id IS NOT NULL THEN
6538
6539 --
6540 -- Delete all orgs in per_organization_list for this user
6541 -- and this security profile.
6542 --
6543 IF g_dbg THEN op(l_proc, 20); END IF;
6544
6545 DELETE FROM per_organization_list pol
6546 WHERE pol.user_id IS NOT NULL
6547 AND pol.security_profile_id IS NOT NULL
6548 AND pol.user_id = p_user_id
6549 AND pol.security_profile_id = p_security_profile_id;
6550
6551 IF g_dbg THEN op(l_proc, 30); END IF;
6552 --
6553 -- This is an autonomous transaction so an explicit
6554 -- commit or rollback is required.
6555 --
6556 COMMIT;
6557
6558 END IF;
6559
6560 IF g_dbg THEN op('Leaving: '||l_proc, 999); END IF;
6561
6562 END delete_org_list_for_user;
6563 --
6564 -- ----------------------------------------------------------------------------
6565 -- |----------------------< delete_pos_list_for_user >------------------------|
6566 -- ----------------------------------------------------------------------------
6567 --
6568 PROCEDURE delete_pos_list_for_user
6569 (p_user_id IN NUMBER
6570 ,p_security_profile_id IN NUMBER)
6571 IS
6572
6573 --
6574 -- Break out into an autonomous transaction so that this does not
6575 -- share the same commit cycle as the calling routine.
6576 -- This ensures rows get deleted where there is no assumed commits
6577 -- elsewhere, for example, at longon. It also commits regardless of
6578 -- unexpected exceptions elsewhere.
6579 --
6580 PRAGMA AUTONOMOUS_TRANSACTION;
6581
6582 --
6583 -- Local variables.
6584 --
6585 l_proc VARCHAR2(72) := g_package||'delete_pos_list_for_user';
6586
6587 BEGIN
6588
6589 IF g_dbg THEN op('Entering: '||l_proc, 1); END IF;
6590
6591 IF p_user_id IS NOT NULL AND p_security_profile_id IS NOT NULL THEN
6592
6593 --
6594 -- Delete all positions in per_position_list for this user
6595 -- and this security profile.
6596 --
6597 IF g_dbg THEN op(l_proc, 20); END IF;
6598
6599 DELETE FROM per_position_list ppl
6600 WHERE ppl.user_id IS NOT NULL
6601 AND ppl.security_profile_id IS NOT NULL
6602 AND ppl.user_id = p_user_id
6603 AND ppl.security_profile_id = p_security_profile_id;
6604
6605 IF g_dbg THEN op(l_proc, 30); END IF;
6606 --
6607 -- This is an autonomous transaction so an explicit
6608 -- commit or rollback is required.
6609 --
6610 COMMIT;
6611
6612 END IF;
6613
6614 IF g_dbg THEN op('Leaving: '||l_proc, 999); END IF;
6615
6616 END delete_pos_list_for_user;
6617 --
6618 -- ----------------------------------------------------------------------------
6619 -- |----------------------< delete_per_list_for_user >------------------------|
6620 -- ----------------------------------------------------------------------------
6621 --
6622 PROCEDURE delete_per_list_for_user
6623 (p_user_id IN NUMBER
6624 ,p_security_profile_id IN NUMBER)
6625 IS
6626
6627 --
6628 -- Break out into an autonomous transaction so that this does not
6629 -- share the same commit cycle as the calling routine.
6630 -- This ensures rows get deleted where there is no assumed commits
6631 -- elsewhere, for example, at longon. It also commits regardless of
6632 -- unexpected exceptions elsewhere.
6633 --
6634 PRAGMA AUTONOMOUS_TRANSACTION;
6635
6636 --
6637 -- Local variables.
6638 --
6639 l_proc VARCHAR2(72) := g_package||'delete_per_list_for_user';
6640
6641 BEGIN
6642
6643 IF g_dbg THEN op('Entering: '||l_proc, 1); END IF;
6644
6645 IF p_user_id IS NOT NULL AND p_security_profile_id IS NOT NULL THEN
6646
6647 --
6648 -- Delete all people in per_person_list for this user
6649 -- and this security profile.
6650 --
6651 IF g_dbg THEN op(l_proc, 20); END IF;
6652
6653 --
6654 -- Here it is important to specify that the security_profile_id is not
6655 -- null because rows with a null security_profile_id indicate
6656 -- access explicitly granted through SSHR.
6657 --
6658 DELETE FROM per_person_list ppl
6659 WHERE ppl.granted_user_id IS NOT NULL
6660 AND ppl.security_profile_id IS NOT NULL
6661 AND ppl.granted_user_id = p_user_id
6662 AND ppl.security_profile_id = p_security_profile_id;
6663
6664 IF g_dbg THEN op(l_proc, 30); END IF;
6665 --
6666 -- This is an autonomous transaction so an explicit
6667 -- commit or rollback is required.
6668 --
6669 COMMIT;
6670
6671 END IF;
6672
6673 IF g_dbg THEN op('Leaving: '||l_proc, 999); END IF;
6674
6675 END delete_per_list_for_user;
6676 --
6677 -- ----------------------------------------------------------------------------
6678 -- |----------------------< delete_asg_list_for_user >------------------------|
6679 -- ----------------------------------------------------------------------------
6680 --
6681 PROCEDURE delete_asg_list_for_user
6682 (p_user_id IN NUMBER
6683 ,p_security_profile_id IN NUMBER)
6684 IS
6685
6686 --
6687 -- Break out into an autonomous transaction so that this does not
6688 -- share the same commit cycle as the calling routine.
6689 -- This ensures rows get deleted where there is no assumed commits
6690 -- elsewhere, for example, at longon. It also commits regardless of
6691 -- unexpected exceptions elsewhere.
6692 --
6693 PRAGMA AUTONOMOUS_TRANSACTION;
6694
6695 --
6696 -- Local variables.
6697 --
6698 l_proc VARCHAR2(72) := g_package||'delete_asg_list_for_user';
6699
6700 BEGIN
6701
6702 IF g_dbg THEN op('Entering: '||l_proc, 1); END IF;
6703
6704 IF p_user_id IS NOT NULL AND p_security_profile_id IS NOT NULL THEN
6705
6706 --
6707 -- Delete all assignments in per_assignment_list for this user
6708 -- and this security profile.
6709 --
6710 IF g_dbg THEN op(l_proc, 20); END IF;
6711
6712 DELETE FROM per_assignment_list pal
6713 WHERE pal.user_id IS NOT NULL
6714 AND pal.security_profile_id IS NOT NULL
6715 AND pal.user_id = p_user_id
6716 AND pal.security_profile_id = p_security_profile_id;
6717
6718 IF g_dbg THEN op(l_proc, 30); END IF;
6719 --
6720 -- This is an autonomous transaction so an explicit
6721 -- commit or rollback is required.
6722 --
6723 COMMIT;
6724
6725 END IF;
6726
6727 IF g_dbg THEN op('Leaving: '||l_proc, 999); END IF;
6728
6729 END delete_asg_list_for_user;
6730 --
6731 -- ----------------------------------------------------------------------------
6732 -- |----------------------< insert_org_list_for_user >------------------------|
6733 -- ----------------------------------------------------------------------------
6734 --
6735 PROCEDURE insert_org_list_for_user
6736 (p_user_id IN NUMBER
6737 ,p_security_profile_id IN NUMBER)
6738 IS
6739
6740 --
6741 -- Break out into an autonomous transaction so that this does not
6742 -- share the same commit cycle as the calling routine.
6743 -- This ensures rows get inserted where there is no assumed commits
6744 -- elsewhere, for example, at longon. It also commits regardless of
6745 -- unexpected exceptions elsewhere.
6746 --
6747 PRAGMA AUTONOMOUS_TRANSACTION;
6748
6749 --
6750 -- Local variables. Used for populating the who columns.
6751 --
6752 l_proc VARCHAR2(72) := g_package||'insert_org_list_for_user';
6753 l_request_id NUMBER := fnd_profile.value('CONC_REQUEST_ID');
6754 l_program_id NUMBER := fnd_profile.value('CONC_PROGRAM_ID');
6755 l_program_application_id NUMBER := fnd_profile.value
6756 ('CONC_PROGRAM_APPLICATION_ID');
6757 i NUMBER;
6758
6759 BEGIN
6760
6761 IF g_dbg THEN op('Entering: '||l_proc, 1); END IF;
6762
6763 --
6764 -- If all the values needed to insert rows are available,
6765 -- insert them.
6766 --
6767 IF p_user_id IS NOT NULL AND p_security_profile_id IS NOT NULL
6768 AND g_org_tbl.COUNT > 0 THEN
6769 --
6770 -- Unfortunately, a bulk insert (forall) statement cannot
6771 -- be used here because the index is by organization_id
6772 -- and is therefore not contiguous and there are likely
6773 -- to be gaps in the range.
6774 --
6775 IF g_dbg THEN op(l_proc, 20); END IF;
6776
6777 i := g_org_tbl.FIRST;
6778
6779 WHILE i <= g_org_tbl.LAST LOOP
6780 --
6781 -- There is no duplicate row checking. Although the index
6782 -- in g_org_tbl will be unique, this routine relies on
6783 -- existing rows to have been deleted (through
6784 -- delete_org_list_for_user) prior to insertion.
6785 --
6786 IF g_dbg THEN op(l_proc||'('||to_char(i)||'):'); END IF;
6787
6788 INSERT INTO per_organization_list
6789 (security_profile_id
6790 ,organization_id
6791 ,user_id
6792 ,request_id
6793 ,program_application_id
6794 ,program_id
6795 ,program_update_date)
6796 VALUES
6797 (p_security_profile_id
6798 ,i
6799 ,p_user_id
6800 ,l_request_id
6801 ,l_program_application_id
6802 ,l_program_id
6803 ,sysdate
6804 );
6805
6806 i := g_org_tbl.NEXT(i);
6807
6808 END LOOP;
6809
6810 IF g_dbg THEN op(l_proc, 30); END IF;
6811 --
6812 -- This is an autonomous transaction so an explicit
6813 -- commit or rollback is required.
6814 --
6815 COMMIT;
6816
6817 END IF;
6818
6819 IF g_dbg THEN op('Leaving: '||l_proc, 999); END IF;
6820
6821 END insert_org_list_for_user;
6822 --
6823 -- ----------------------------------------------------------------------------
6824 -- |----------------------< insert_pos_list_for_user >------------------------|
6825 -- ----------------------------------------------------------------------------
6826 --
6827 PROCEDURE insert_pos_list_for_user
6828 (p_user_id IN NUMBER
6829 ,p_security_profile_id IN NUMBER)
6830 IS
6831
6832 --
6833 -- Break out into an autonomous transaction so that this does not
6834 -- share the same commit cycle as the calling routine.
6835 -- This ensures rows get inserted where there is no assumed commits
6836 -- elsewhere, for example, at longon. It also commits regardless of
6837 -- unexpected exceptions elsewhere.
6838 --
6839 PRAGMA AUTONOMOUS_TRANSACTION;
6840
6841 --
6842 -- Local variables. Used for populating the who columns.
6843 --
6844 l_proc VARCHAR2(72) := g_package||'insert_pos_list_for_user';
6845 l_request_id NUMBER := fnd_profile.value('CONC_REQUEST_ID');
6846 l_program_id NUMBER := fnd_profile.value('CONC_PROGRAM_ID');
6847 l_program_application_id NUMBER := fnd_profile.value
6848 ('CONC_PROGRAM_APPLICATION_ID');
6849 i NUMBER;
6850
6851 BEGIN
6852
6853 IF g_dbg THEN op('Entering: '||l_proc, 1); END IF;
6854
6855 --
6856 -- If all the values needed to insert rows are available,
6857 -- insert them.
6858 --
6859 IF p_user_id IS NOT NULL AND p_security_profile_id IS NOT NULL
6860 AND g_pos_tbl.COUNT > 0 THEN
6861 --
6862 -- Unfortunately, a bulk insert (forall) statement cannot
6863 -- be used here because the index is by position_id
6864 -- and is therefore not contiguous and there are likely
6865 -- to be gaps in the range.
6866 --
6867 IF g_dbg THEN op(l_proc, 20); END IF;
6868
6869 i := g_pos_tbl.FIRST;
6870
6871 WHILE i <= g_pos_tbl.LAST LOOP
6872 --
6873 -- There is no duplicate row checking. Although the index
6874 -- in g_pos_tbl will be unique, this routine relies on
6875 -- existing rows to have been deleted (through
6876 -- delete_pos_list_for_user) prior to insertion.
6877 --
6878 IF g_dbg THEN op(l_proc||'('||to_char(i)||'):'); END IF;
6879
6880 INSERT INTO per_position_list
6881 (security_profile_id
6882 ,position_id
6883 ,user_id
6884 ,request_id
6885 ,program_application_id
6886 ,program_id
6887 ,program_update_date)
6888 VALUES
6889 (p_security_profile_id
6890 ,i
6891 ,p_user_id
6892 ,l_request_id
6893 ,l_program_application_id
6894 ,l_program_id
6895 ,sysdate
6896 );
6897
6898 i := g_pos_tbl.NEXT(i);
6899
6900 END LOOP;
6901
6902 IF g_dbg THEN op(l_proc, 30); END IF;
6903 --
6904 -- This is an autonomous transaction so an explicit
6905 -- commit or rollback is required.
6906 --
6907 COMMIT;
6908
6909 END IF;
6910
6911 IF g_dbg THEN op('Leaving: '||l_proc, 999); END IF;
6912
6913 END insert_pos_list_for_user;
6914 --
6915 -- ----------------------------------------------------------------------------
6916 -- |----------------------< insert_per_list_for_user >------------------------|
6917 -- ----------------------------------------------------------------------------
6918 --
6919 PROCEDURE insert_per_list_for_user
6920 (p_user_id IN NUMBER
6921 ,p_security_profile_id IN NUMBER)
6922 IS
6923
6924 --
6925 -- Break out into an autonomous transaction so that this does not
6926 -- share the same commit cycle as the calling routine.
6927 -- This ensures rows get inserted where there is no assumed commits
6928 -- elsewhere, for example, at longon. It also commits regardless of
6929 -- unexpected exceptions elsewhere.
6930 --
6931 PRAGMA AUTONOMOUS_TRANSACTION;
6932
6933 --
6934 -- Local variables. Used for populating the who columns.
6935 --
6936 l_proc VARCHAR2(72) := g_package||'insert_per_list_for_user';
6937 l_request_id NUMBER := fnd_profile.value('CONC_REQUEST_ID');
6938 l_program_id NUMBER := fnd_profile.value('CONC_PROGRAM_ID');
6939 l_program_application_id NUMBER := fnd_profile.value
6940 ('CONC_PROGRAM_APPLICATION_ID');
6941 i NUMBER;
6942
6943 BEGIN
6944
6945 IF g_dbg THEN op('Entering: '||l_proc, 1); END IF;
6946
6947 --
6948 -- If all the values needed to insert rows are available,
6949 -- insert them.
6950 --
6951 IF p_user_id IS NOT NULL AND p_security_profile_id IS NOT NULL
6952 AND g_per_tbl.COUNT > 0 THEN
6953 --
6954 -- Unfortunately, a bulk insert (forall) statement cannot
6955 -- be used here because the index is by person_id
6956 -- and is therefore not contiguous and there are likely
6957 -- to be gaps in the range.
6958 --
6959 IF g_dbg THEN op(l_proc, 20); END IF;
6960
6961 i := g_per_tbl.FIRST;
6962
6963 WHILE i <= g_per_tbl.LAST LOOP
6964 --
6965 -- There is no duplicate row checking. Although the index
6966 -- in g_per_tbl will be unique, this routine relies on
6967 -- existing rows to have been deleted (through
6968 -- delete_per_list_for_user) prior to insertion.
6969 --
6970 IF g_dbg THEN op(l_proc||'('||to_char(i)||'):'); END IF;
6971
6972 INSERT INTO per_person_list
6973 (security_profile_id
6974 ,person_id
6975 ,granted_user_id
6976 ,request_id
6977 ,program_application_id
6978 ,program_id
6979 ,program_update_date)
6980 VALUES
6981 (p_security_profile_id
6982 ,i
6983 ,p_user_id
6984 ,l_request_id
6985 ,l_program_application_id
6986 ,l_program_id
6987 ,sysdate
6988 );
6989
6990 i := g_per_tbl.NEXT(i);
6991
6992 END LOOP;
6993
6994 IF g_dbg THEN op(l_proc, 30); END IF;
6995 --
6996 -- This is an autonomous transaction so an explicit
6997 -- commit or rollback is required.
6998 --
6999 COMMIT;
7000
7001 END IF;
7002
7003 IF g_dbg THEN op('Leaving: '||l_proc, 999); END IF;
7004
7005 END insert_per_list_for_user;
7006 --
7007 -- ----------------------------------------------------------------------------
7008 -- |----------------------< insert_asg_list_for_user >------------------------|
7009 -- ----------------------------------------------------------------------------
7010 --
7011 PROCEDURE insert_asg_list_for_user
7012 (p_user_id IN NUMBER
7013 ,p_security_profile_id IN NUMBER)
7014 IS
7015
7016 --
7017 -- Break out into an autonomous transaction so that this does not
7018 -- share the same commit cycle as the calling routine.
7019 -- This ensures rows get inserted where there is no assumed commits
7020 -- elsewhere, for example, at longon. It also commits regardless of
7021 -- unexpected exceptions elsewhere.
7022 --
7023 PRAGMA AUTONOMOUS_TRANSACTION;
7024
7025 --
7026 -- Local variables. Used for populating the who columns.
7027 --
7028 l_proc VARCHAR2(72) := g_package||'insert_asg_list_for_user';
7029 l_request_id NUMBER := fnd_profile.value('CONC_REQUEST_ID');
7030 l_program_id NUMBER := fnd_profile.value('CONC_PROGRAM_ID');
7031 l_program_application_id NUMBER := fnd_profile.value
7032 ('CONC_PROGRAM_APPLICATION_ID');
7033 i NUMBER;
7034
7035 BEGIN
7036
7037 IF g_dbg THEN op('Entering: '||l_proc, 1); END IF;
7038
7039 --
7040 -- If all the values needed to insert rows are available,
7041 -- insert them.
7042 --
7043 IF p_user_id IS NOT NULL AND p_security_profile_id IS NOT NULL
7044 AND g_asg_tbl.COUNT > 0 THEN
7045 --
7046 -- Unfortunately, a bulk insert (forall) statement cannot
7047 -- be used here because the index is by assignment_id
7048 -- and is therefore not contiguous and there are likely
7049 -- to be gaps in the range.
7050 --
7051 IF g_dbg THEN op(l_proc, 20); END IF;
7052
7053 i := g_asg_tbl.FIRST;
7054
7055 WHILE i <= g_asg_tbl.LAST LOOP
7056 --
7057 -- There is no duplicate row checking. Although the index
7058 -- in g_asg_tbl will be unique, this routine relies on
7059 -- existing rows to have been deleted (through
7060 -- delete_asg_list_for_user) prior to insertion.
7061 --
7062 IF g_dbg THEN op(l_proc||'('||to_char(i)||'):'); END IF;
7063
7064 INSERT INTO per_assignment_list
7065 (security_profile_id
7066 ,assignment_id
7067 ,person_id
7068 ,user_id
7069 ,request_id
7070 ,program_application_id
7071 ,program_id
7072 ,program_update_date)
7073 VALUES
7074 (p_security_profile_id
7075 ,i
7076 ,g_asg_tbl(i)
7077 ,p_user_id
7078 ,l_request_id
7079 ,l_program_application_id
7080 ,l_program_id
7081 ,sysdate
7082 );
7083
7084 i := g_asg_tbl.NEXT(i);
7085
7086 END LOOP;
7087
7088 IF g_dbg THEN op(l_proc, 30); END IF;
7089 --
7090 -- This is an autonomous transaction so an explicit
7091 -- commit or rollback is required.
7092 --
7093 COMMIT;
7094
7095 END IF;
7096
7097 IF g_dbg THEN op('Leaving: '||l_proc, 999); END IF;
7098
7099 END insert_asg_list_for_user;
7100 --
7101 -- ----------------------------------------------------------------------------
7102 -- |----------------------< evaluate_org_access >-----------------------------|
7103 -- ----------------------------------------------------------------------------
7104 --
7105 FUNCTION evaluate_org_access
7106 (p_user_id IN NUMBER
7107 ,p_effective_date IN DATE
7108 ,p_assignments_tbl IN g_assignments_t
7109 ,p_sec_prof_rec IN g_sec_prof_r
7110 ,p_use_static_lists IN BOOLEAN DEFAULT TRUE
7111 ,p_update_static_lists IN BOOLEAN DEFAULT FALSE)
7112 RETURN BOOLEAN IS
7113
7114 --
7115 -- Local variables.
7116 --
7117 l_org_structure_version_id NUMBER;
7118 l_proc VARCHAR2(72) := g_package||'evaluate_org_access';
7119
7120 BEGIN
7121
7122 IF g_dbg THEN op('Entering: '||l_proc, 1); END IF;
7123
7124 --
7125 -- If there is no organization security, return true.
7126 --
7127 IF NOT restricted_orgs(p_sec_prof_rec) THEN
7128 IF g_dbg THEN op('Leaving: '||l_proc, 989); END IF;
7129 RETURN TRUE;
7130 END IF;
7131
7132 --
7133 -- Here organization security is evaluated on the fly.
7134 -- This is done dynamically because:
7135 -- a) user-based org security is in use and the user does
7136 -- not have their permissions stored in static tables, or
7137 -- b) the per_organization_list table is not to be used.
7138 --
7139 IF NOT p_use_static_lists
7140 OR (NVL(p_sec_prof_rec.top_organization_method, 'S') = 'U'
7141 AND NOT user_in_static_org_list(p_user_id
7142 ,p_sec_prof_rec.security_profile_id))
7143 THEN
7144 --
7145 -- Start by getting the organization hierarchy version for the
7146 -- security profile. Note that the structure ID will be null
7147 -- when only Include orgs are used. In this case, the
7148 -- get_org_structure_version function below will return null
7149 -- and the org hierarchy assessment will be stepped over.
7150 --
7151 IF g_dbg THEN op(l_proc, 30); END IF;
7152
7153 l_org_structure_version_id := get_org_structure_version
7154 (p_sec_prof_rec.organization_structure_id
7155 ,p_effective_date);
7156
7157 IF l_org_structure_version_id IS NOT NULL THEN
7158 --
7159 -- This will occur when using, for example, include organizations
7160 -- without hierarchies.
7161 --
7162 IF g_dbg THEN op(l_proc, 40); END IF;
7163
7164 IF NVL(p_sec_prof_rec.top_organization_method, 'S') = 'U' THEN
7165 --
7166 -- If using user-based security, permissions must be
7167 -- evaluated on a per assignment basis.
7168 --
7169 IF g_dbg THEN op(l_proc, 50); END IF;
7170
7171 IF p_assignments_tbl.COUNT > 0 THEN
7172 --
7173 -- Check that assignments exist and evaluate access
7174 -- for each assignment.
7175 --
7176 IF g_dbg THEN op(l_proc, 60); END IF;
7177
7178 FOR i IN p_assignments_tbl.FIRST..p_assignments_tbl.LAST LOOP
7179
7180 --
7181 -- Add the organizations in the hierarchy to the cache,
7182 -- using the assignment's organization as the top
7183 -- org.
7184 --
7185 IF g_dbg THEN op(l_proc||'('||
7186 to_char(p_assignments_tbl(i).assignment_id)||')', 10);
7187 END IF;
7188
7189 add_hier_orgs_to_cache
7190 (p_assignments_tbl(i).organization_id
7191 ,l_org_structure_version_id
7192 ,p_sec_prof_rec.include_top_organization_flag);
7193
7194 IF g_dbg THEN op(l_proc||'('||
7195 to_char(p_assignments_tbl(i).assignment_id)||')', 20);
7196 END IF;
7197 END LOOP;
7198 END IF; -- End of evaluating each individual assignment
7199
7200 ELSE
7201 --
7202 -- Add the organizations in the hierarchy to the cache,
7203 -- using the organization specified on the security profile
7204 -- as the top org.
7205 --
7206 IF g_dbg THEN op(l_proc, 70); END IF;
7207
7208 add_hier_orgs_to_cache
7209 (p_sec_prof_rec.organization_id
7210 ,l_org_structure_version_id
7211 ,p_sec_prof_rec.include_top_organization_flag);
7212 END IF;
7213 END IF;
7214
7215 IF g_dbg THEN op(l_proc, 90); END IF;
7216
7217 --
7218 -- If the exclude business groups flag is ticked, remove any BGs
7219 -- already in the list.
7220 -- If the exclude business groups flag is unticked, add the orgs'
7221 -- owning BGs to the list.
7222 --
7223 add_remove_bgs_for_orgs(p_sec_prof_rec.exclude_business_groups_flag
7224 ,p_sec_prof_rec.business_group_id);
7225
7226 IF g_dbg THEN op(l_proc, 100); END IF;
7227 --
7228 -- Add the include organizations; remove the exclude
7229 -- organizations.
7230 --
7231 add_incl_remove_excl_orgs(p_sec_prof_rec.security_profile_id);
7232
7233 IF g_dbg THEN op(l_proc, 110); END IF;
7234
7235 ELSE
7236 --
7237 -- Organization security will not be calculated on the fly
7238 -- so the static org list is cached.
7239 --
7240 IF g_dbg THEN op(l_proc, 120); END IF;
7241
7242 add_static_orgs_to_cache(p_user_id
7243 ,p_sec_prof_rec.security_profile_id
7244 ,p_sec_prof_rec.top_organization_method);
7245
7246 IF g_dbg THEN op(l_proc, 130); END IF;
7247
7248 END IF;
7249
7250 IF g_dbg THEN op(l_proc, 140); END IF;
7251
7252 IF p_update_static_lists
7253 AND NVL(p_sec_prof_rec.top_organization_method, 'S') = 'U'
7254 THEN
7255 --
7256 -- Existing records for this user are deleted and then
7257 -- re-inserted. Records are only inserted if this profile
7258 -- is using user-based org security.
7259 --
7260 IF g_dbg THEN op(l_proc, 150); END IF;
7261
7262 delete_org_list_for_user
7263 (p_user_id, p_sec_prof_rec.security_profile_id);
7264 insert_org_list_for_user
7265 (p_user_id,p_sec_prof_rec.security_profile_id);
7266
7267 END IF;
7268
7269 IF g_dbg THEN op('Leaving: '||l_proc, 999); END IF;
7270
7271 RETURN TRUE;
7272
7273 END evaluate_org_access;
7274 --
7275 -- ----------------------------------------------------------------------------
7276 -- |----------------------< evaluate_pos_access >-----------------------------|
7277 -- ----------------------------------------------------------------------------
7278 --
7279 FUNCTION evaluate_pos_access
7280 (p_user_id IN NUMBER
7281 ,p_effective_date IN DATE
7282 ,p_assignments_tbl IN g_assignments_t
7283 ,p_sec_prof_rec IN g_sec_prof_r
7284 ,p_use_static_lists IN BOOLEAN DEFAULT TRUE
7285 ,p_update_static_lists IN BOOLEAN DEFAULT FALSE)
7286 RETURN BOOLEAN IS
7287
7288 --
7289 -- Local variables.
7290 --
7291 l_pos_structure_version_id NUMBER;
7292 l_restricted_orgs BOOLEAN;
7293 l_proc VARCHAR2(72) := g_package||'evaluate_pos_access';
7294
7295 BEGIN
7296
7297 IF g_dbg THEN op('Entering: '||l_proc, 1); END IF;
7298
7299 --
7300 -- If there is no position security, return true.
7301 --
7302 IF NOT restricted_pos(p_sec_prof_rec) THEN
7303 IF g_dbg THEN op('Leaving: '||l_proc, 989); END IF;
7304 RETURN TRUE;
7305 END IF;
7306
7307 --
7308 -- Here position security is evaluated on the fly.
7309 -- This is done dynamically because:
7310 -- a) user-based pos security or user-based org security
7311 -- is in use and the user does not have their permissions
7312 -- stored in static tables, or
7313 -- b) the per_position_list table is not to be used.
7314 --
7315 IF NOT p_use_static_lists
7316 OR ((NVL(p_sec_prof_rec.top_position_method, 'S') = 'U' OR
7317 NVL(p_sec_prof_rec.top_organization_method, 'S') = 'U')
7318 AND NOT user_in_static_pos_list(p_user_id
7319 ,p_sec_prof_rec.security_profile_id))
7320 THEN
7321
7322 IF g_dbg THEN op(l_proc, 20); END IF;
7323 l_restricted_orgs := restricted_orgs(p_sec_prof_rec);
7324
7325 IF l_restricted_orgs AND (NOT org_access_known) THEN
7326 --
7327 -- The profile has organization restrictions, but
7328 -- the evaluation of organization security was deferred
7329 -- for performance reasons. The org permissions
7330 -- are needed to determine the position permissions, so
7331 -- force evaluation of organization security permissions
7332 -- now.
7333 --
7334 IF g_dbg THEN op(l_proc, 30); END IF;
7335
7336 evaluate_access
7337 (p_person_id => g_access_known_rec.person_id
7338 ,p_user_id => p_user_id
7339 ,p_effective_date => p_effective_date
7340 ,p_sec_prof_rec => p_sec_prof_rec
7341 ,p_what_to_evaluate => g_ORG_SEC_ONLY
7342 ,p_update_static_lists => p_update_static_lists
7343 ,p_debug => g_dbg_type);
7344 END IF;
7345
7346 --
7347 -- Get the position hierarchy version for the security
7348 -- profile. Note that the structure ID should be
7349 -- set (the below "IF" is for safety).
7350 --
7351 IF g_dbg THEN op(l_proc, 30); END IF;
7352
7353 l_pos_structure_version_id := get_pos_structure_version
7354 (p_sec_prof_rec.position_structure_id
7355 ,p_effective_date);
7356
7357 IF l_pos_structure_version_id IS NOT NULL THEN
7358 --
7359 -- This will occur if the hierarchy exists but does not have
7360 -- versions.
7361 --
7362 IF g_dbg THEN op(l_proc, 40); END IF;
7363
7364 IF NVL(p_sec_prof_rec.top_position_method, 'S') = 'U' THEN
7365 --
7366 -- If using user-based security, permissions must be
7367 -- evaluated on a per assignment basis.
7368 --
7369 IF g_dbg THEN op(l_proc, 50); END IF;
7370
7371 IF p_assignments_tbl.COUNT > 0 THEN
7372 --
7373 -- Check that assignments exist and evaluate access
7374 -- for each assignment.
7375 --
7376 IF g_dbg THEN op(l_proc, 60); END IF;
7377
7378 FOR i IN p_assignments_tbl.FIRST..p_assignments_tbl.LAST LOOP
7379 --
7380 -- Add the positions in the hierarchy to the cache,
7381 -- using the assignment's position as the top
7382 -- position.
7383 --
7384 IF g_dbg THEN op(l_proc||'('||
7385 to_char(p_assignments_tbl(i).assignment_id)||')', 10);
7386 END IF;
7387
7388 add_hier_pos_to_cache
7389 (p_assignments_tbl(i).position_id
7390 ,l_pos_structure_version_id
7391 ,p_sec_prof_rec.include_top_position_flag
7392 ,p_effective_date
7393 ,l_restricted_orgs);
7394
7395 IF g_dbg THEN op(l_proc||'('||
7396 to_char(p_assignments_tbl(i).assignment_id)||')', 20);
7397 END IF;
7398 END LOOP;
7399 END IF; -- End of evaluating each individual assignment
7400
7401 ELSE
7402 --
7403 -- Add the positions in the hierarchy to the cache,
7404 -- using the position specified on the security profile
7405 -- as the top position.
7406 --
7407 IF g_dbg THEN op(l_proc, 70); END IF;
7408
7409 add_hier_pos_to_cache
7410 (p_sec_prof_rec.position_id
7411 ,l_pos_structure_version_id
7412 ,p_sec_prof_rec.include_top_position_flag
7413 ,p_effective_date
7414 ,l_restricted_orgs);
7415
7416 IF g_dbg THEN op(l_proc, 80); END IF;
7417 END IF;
7418 END IF;
7419
7420 IF g_dbg THEN op(l_proc, 90); END IF;
7421
7422 ELSE
7423 --
7424 -- Position security will not be calculated on the fly
7425 -- so the static position list is cached.
7426 --
7427 IF g_dbg THEN op(l_proc, 100); END IF;
7428
7429 add_static_pos_to_cache(p_user_id
7430 ,p_sec_prof_rec.security_profile_id
7431 ,p_sec_prof_rec.top_position_method);
7432
7433 IF g_dbg THEN op(l_proc, 110); END IF;
7434
7435 END IF;
7436
7437 IF g_dbg THEN op(l_proc, 120); END IF;
7438
7439 IF p_update_static_lists AND
7440 NVL(p_sec_prof_rec.top_position_method, 'S') = 'U'
7441 THEN
7442 --
7443 -- Existing records for this user are deleted and then
7444 -- re-inserted. Records are only inserted if this profile
7445 -- is using user-based org security.
7446 --
7447 IF g_dbg THEN op(l_proc, 130); END IF;
7448
7449 delete_pos_list_for_user
7450 (p_user_id, p_sec_prof_rec.security_profile_id);
7451 insert_pos_list_for_user
7452 (p_user_id,p_sec_prof_rec.security_profile_id);
7453
7454 END IF;
7455
7456 IF g_dbg THEN op('Leaving: '||l_proc, 999); END IF;
7457
7458 RETURN TRUE;
7459
7460 END evaluate_pos_access;
7461 --
7462 -- ----------------------------------------------------------------------------
7463 -- |----------------------< evaluate_pay_access >-----------------------------|
7464 -- ----------------------------------------------------------------------------
7465 --
7466 FUNCTION evaluate_pay_access
7467 (p_user_id IN NUMBER
7468 ,p_effective_date IN DATE
7469 ,p_sec_prof_rec IN g_sec_prof_r
7470 ,p_use_static_lists IN BOOLEAN DEFAULT TRUE)
7471 RETURN BOOLEAN IS
7472
7473 --
7474 -- Local variables.
7475 --
7476 l_proc VARCHAR2(72) := g_package||'evaluate_pay_access';
7477
7478 BEGIN
7479
7480 IF g_dbg THEN op('Entering: '||l_proc, 1); END IF;
7481
7482 --
7483 -- If there is no payroll security, return true.
7484 --
7485 IF NOT restricted_pays(p_sec_prof_rec) THEN
7486 IF g_dbg THEN op(l_proc, 20); END IF;
7487 RETURN TRUE;
7488 END IF;
7489
7490 IF NOT p_use_static_lists THEN
7491 --
7492 -- Here payroll security is evaluated on the fly if static
7493 -- lists will not be used.
7494 --
7495 IF g_dbg THEN op(l_proc, 30); END IF;
7496
7497 add_sec_prof_pay_to_cache(p_sec_prof_rec.security_profile_id
7498 ,p_sec_prof_rec.include_exclude_payroll_flag
7499 ,p_sec_prof_rec.business_group_id
7500 ,p_effective_date);
7501
7502 IF g_dbg THEN op(l_proc, 40); END IF;
7503
7504 ELSE
7505 --
7506 -- Payroll security will not be calculated on the fly
7507 -- so the static payroll list is cached.
7508 --
7509 IF g_dbg THEN op(l_proc, 50); END IF;
7510
7511 add_static_pay_to_cache(p_sec_prof_rec.security_profile_id);
7512
7513 IF g_dbg THEN op(l_proc, 60); END IF;
7514
7515 END IF;
7516
7517 IF g_dbg THEN op('Leaving: '||l_proc, 999); END IF;
7518
7519 RETURN TRUE;
7520
7521 END evaluate_pay_access;
7522 --
7523 -- ----------------------------------------------------------------------------
7524 -- |----------------------< evaluate_per_access >-----------------------------|
7525 -- ----------------------------------------------------------------------------
7526 --
7527 function evaluate_per_access(
7528 p_user_id in number
7529 ,p_effective_date in date
7530 ,p_assignments_tbl in g_assignments_t
7531 ,p_sec_prof_rec in g_sec_prof_r
7532 ,p_use_static_lists in boolean default true
7533 ,p_update_static_lists in boolean default false
7534 ) return boolean is
7535 -- Local variables.
7536 l_proc varchar2(72) := g_package||'evaluate_per_access';
7537 l_user_restriction boolean := false;
7538 l_restricted_orgs boolean := false;
7539 l_restricted_pos boolean := false;
7540 l_restricted_pays boolean := false;
7541 l_only_use_static boolean := false;
7542 --
7543 begin
7544 --
7545 if g_dbg then op('Entering: '||l_proc, 1); end if;
7546 --
7547 -- If there is no person security, return true.
7548 if not restricted_pers(p_sec_prof_rec) then
7549 --
7550 if g_dbg then op(l_proc, 20); end if;
7551 return true;
7552 --
7553 end if;
7554 --
7555 -- Record whether this profile uses a user-based restriction.
7556 if nvl(p_sec_prof_rec.top_organization_method, 'S') = 'U' or
7557 nvl(p_sec_prof_rec.top_position_method, 'S') = 'U' or
7558 nvl(p_sec_prof_rec.restrict_by_supervisor_flag, 'N') <> 'N' or
7559 nvl(p_sec_prof_rec.custom_restriction_flag, 'N') = 'U' then
7560 --
7561 l_user_restriction := true;
7562 --
7563 end if;
7564 --
7565 -- The static lists will be used when:
7566 -- a) No user-based or assignment-level security is in use,
7567 -- b) Assignment-level security is used without user-based security
7568 -- (the static lists are used for person-level security only where
7569 -- assignment security is evaluated dynamically),
7570 -- c) User-based security is in use, but permissions for this user
7571 -- are stored in static lists.
7572 if p_use_static_lists and
7573 (not l_user_restriction or
7574 (l_user_restriction and user_in_static_per_list(p_user_id,
7575 p_sec_prof_rec.security_profile_id))) then
7576 --
7577 l_only_use_static := true;
7578 --
7579 end if;
7580 --
7581 -- Security is only assessed dynamically where essential.
7582 -- The conditions that force this are:
7583 -- a) User-based security is used and the user-based permissions
7584 -- are not stored in static lists for this user,
7585 -- a) Assignment-level security is in use and the assignment-level
7586 -- permissions are not stored in static lists for this user,
7587 -- c) The p_use_static_lists parameter is forcing the dynamic
7588 -- evaluation of security.
7589 if not l_only_use_static or
7590 (nvl(p_sec_prof_rec.restrict_on_individual_asg, 'N') = 'Y'
7591 and not user_in_static_asg_list(p_user_id,
7592 p_sec_prof_rec.security_profile_id)) then
7593 --
7594 -- First, ensure all other security criteria has already
7595 -- been evaluated where it is needed.
7596 if g_dbg then op(l_proc, 20); end if;
7597 --
7598 l_restricted_orgs := restricted_orgs(p_sec_prof_rec);
7599 --
7600 if l_restricted_orgs and (not org_access_known) then
7601 --
7602 -- The profile has organization restrictions, but
7603 -- the evaluation of organization security was deferred
7604 -- for performance reasons. The org permissions
7605 -- are needed to determine the per / asg permissions, so
7606 -- force evaluation of organization security permissions now.
7607 if g_dbg then op(l_proc, 30); end if;
7608 --
7609 evaluate_access(p_person_id => g_access_known_rec.person_id
7610 ,p_user_id => p_user_id
7611 ,p_effective_date => p_effective_date
7612 ,p_sec_prof_rec => p_sec_prof_rec
7613 ,p_what_to_evaluate => g_ORG_SEC_ONLY
7614 ,p_update_static_lists => p_update_static_lists
7615 ,p_debug => g_dbg_type);
7616 --
7617 end if;
7618 --
7619 if g_dbg then op(l_proc, 40); end if;
7620 --
7621 l_restricted_pos := restricted_pos(p_sec_prof_rec);
7622 --
7623 if l_restricted_pos and (not pos_access_known) then
7624 --
7625 -- The profile has position restrictions, but
7626 -- the evaluation of position security was deferred
7627 -- for performance reasons. The pos permissions
7628 -- are needed to determine the per / asg permissions, so
7629 -- force evaluation of position security permissions now.
7630 if g_dbg then op(l_proc, 50); end if;
7631 --
7632 evaluate_access(p_person_id => g_access_known_rec.person_id
7633 ,p_user_id => p_user_id
7634 ,p_effective_date => p_effective_date
7635 ,p_sec_prof_rec => p_sec_prof_rec
7636 ,p_what_to_evaluate => g_POS_SEC_ONLY
7637 ,p_update_static_lists => p_update_static_lists
7638 ,p_debug => g_dbg_type);
7639 --
7640 end if;
7641 --
7642 if g_dbg then op(l_proc, 60); end if;
7643 --
7644 l_restricted_pays := restricted_pays(p_sec_prof_rec);
7645 --
7646 if l_restricted_pays and (not pay_access_known) then
7647 --
7648 -- The profile has payroll restrictions, but
7649 -- the evaluation of payroll security was deferred
7650 -- for performance reasons. The pay permissions
7651 -- are needed to determine the per / asg permissions, so
7652 -- force evaluation of payroll security permissions now.
7653 if g_dbg then op(l_proc, 70); end if;
7654 --
7655 evaluate_access(p_person_id => g_access_known_rec.person_id
7656 ,p_user_id => p_user_id
7657 ,p_effective_date => p_effective_date
7658 ,p_sec_prof_rec => p_sec_prof_rec
7659 ,p_what_to_evaluate => g_PAY_SEC_ONLY
7660 ,p_update_static_lists => p_update_static_lists
7661 ,p_debug => g_dbg_type);
7662 --
7663 end if;
7664 --
7665 -- Evaluate person and assignment security permissions.
7666 if g_dbg then op(l_proc, 80); end if;
7667
7668 add_people_to_cache(p_top_person_id => g_access_known_rec.person_id
7669 ,p_effective_date => p_effective_date
7670 ,p_sec_prof_rec => p_sec_prof_rec
7671 ,p_use_static_lists => p_use_static_lists);
7672
7673 --
7674 -- Contacts for the people visible (both related and unrelated) and
7675 -- rows in per_person_list_changes are not processed and so not visible
7676 -- for all types of user-based security.
7677
7678 -- The reason for this is to remain consistent with supervisor security
7679 -- (been around since 11i) where PPLC people were not processed and
7680 -- so not visible and contacts only being visible in a view all contacts
7681 -- profile.
7682
7683 -- It is possible that future enhancements will allow contacts to be
7684 -- displayed in a user-based profile, but as it stands now they are
7685 -- never visible: the routines are kept here for future use only.
7686
7687 -- Add contacts to the cache if the profile restricts by contacts.
7688 -- If the security profile does not restrict by contacts, people
7689 -- are not added to the cache because the secure views handle
7690 -- this scenario without need to refer to the cache.
7691
7692 -- A condition with view_all_contacts_flag = All and
7693 -- view_all_candidates_flag = None, needs caching (ie: similar to
7694 -- record existing in per_person_list). The additional OR condition
7695 -- is included as part of Candidate Security enchancements.
7696
7697 -- if p_sec_prof_rec.view_all_contacts_flag = 'N' or
7698 -- (p_sec_prof_rec.view_all_contacts_flag = 'Y' and
7699 -- p_sec_prof_rec.view_all_candidates_flag = 'X') then
7700 --
7701 -- add_contacts_to_cache(p_effective_date
7702 -- ,p_sec_prof_rec.business_group_id);
7703 --
7704 -- end if;
7705 --
7706 -- However Candidate Security still needs the contacts to be cached
7707 -- atleast for the following condition.
7708 if p_sec_prof_rec.view_all_contacts_flag = 'Y' and
7709 p_sec_prof_rec.view_all_candidates_flag = 'X' then
7710 --
7711 add_contacts_to_cache(p_effective_date
7712 ,p_sec_prof_rec.business_group_id);
7713 --
7714 end if;
7715 -- Add the people in per_person_list_changes to the cache.
7716 -- It is expected that this can be obsoleted at a future
7717 -- date, because per_person_list_changes is effectively
7718 -- obsolete and is retained solely for the purpose of not
7719 -- breaking customer custom processes that use this table.
7720
7721 -- add_per_list_changes_to_cache(p_sec_prof_rec.security_profile_id
7722 -- ,p_effective_date);
7723
7724 end if;
7725 --
7726 if l_only_use_static then
7727 --
7728 -- Person security will not be calculated on the fly
7729 -- so the static person list is cached.
7730 add_static_per_to_cache(p_user_id
7731 ,p_sec_prof_rec.security_profile_id
7732 ,l_user_restriction);
7733 --
7734 -- If restricting at an assignment level, also cache
7735 -- the assignment list.
7736 if nvl(p_sec_prof_rec.restrict_on_individual_asg, 'N') = 'Y' then
7737 --
7738 add_static_asg_to_cache(p_user_id
7739 ,p_sec_prof_rec.security_profile_id
7740 ,l_user_restriction);
7741 --
7742 end if;
7743 --
7744 end if;
7745 --
7746 -- Add granted users and their assignments to the cache.
7747 add_granted_users_to_cache(p_user_id
7748 ,p_effective_date
7749 ,p_sec_prof_rec.allow_granted_users_flag
7750 ,p_sec_prof_rec.restrict_on_individual_asg);
7751 --
7752 -- Caching candidates (registered users through iRecruitment), this is
7753 -- valid only if the iRecruitment is installed.
7754 if p_sec_prof_rec.view_all_candidates_flag = 'Y' and
7755 p_sec_prof_rec.view_all_contacts_flag = 'N' then
7756 --
7757 add_candidates_to_cache(p_effective_date
7758 ,p_sec_prof_rec.business_group_id);
7759 --
7760 end if;
7761 --
7762 if p_update_static_lists and l_user_restriction then
7763 --
7764 -- Existing records for this user are deleted and then
7765 -- re-inserted. Records are only inserted if this profile
7766 -- is using user-based security.
7767 if g_dbg then op(l_proc, 130); end if;
7768 --
7769 delete_per_list_for_user(p_user_id,p_sec_prof_rec.security_profile_id);
7770 --
7771 insert_per_list_for_user(p_user_id,p_sec_prof_rec.security_profile_id);
7772 --
7773 if g_dbg then op(l_proc, 140); end if;
7774 --
7775 if nvl(p_sec_prof_rec.restrict_on_individual_asg, 'N') = 'Y' then
7776 --
7777 -- Only insert the assignment privileges if securing
7778 -- at an assignment level.
7779 if g_dbg then op(l_proc, 150); end if;
7780 --
7781 delete_asg_list_for_user(p_user_id,p_sec_prof_rec.security_profile_id);
7782 --
7783 insert_asg_list_for_user(p_user_id,p_sec_prof_rec.security_profile_id);
7784 --
7785 if g_dbg then op(l_proc, 160); end if;
7786 --
7787 end if;
7788 --
7789 end if;
7790 --
7791 if g_dbg then op('Leaving: '||l_proc, 999); end if;
7792 --
7793 return true;
7794 --
7795 end evaluate_per_access;
7796 --
7797 -- ----------------------------------------------------------------------------
7798 -- |----------------------< evaluate_access >---------------------------------|
7799 -- ----------------------------------------------------------------------------
7800 --
7801 PROCEDURE evaluate_access
7802 (p_user_id IN NUMBER
7803 ,p_effective_date IN DATE
7804 ,p_sec_prof_rec IN g_sec_prof_r
7805 ,p_person_id IN NUMBER DEFAULT NULL
7806 ,p_what_to_evaluate IN NUMBER DEFAULT g_PER_SEC_ONLY
7807 ,p_use_static_lists IN BOOLEAN DEFAULT TRUE
7808 ,p_update_static_lists IN BOOLEAN DEFAULT FALSE
7809 ,p_debug IN NUMBER DEFAULT g_NO_DEBUG)
7810 IS
7811
7812 --
7813 -- Local variables.
7814 --
7815 l_proc VARCHAR2(72) := g_package||'evaluate_access';
7816 l_debug BOOLEAN := FALSE;
7817 l_effective_date DATE := TRUNC(p_effective_date);
7818 l_assignments_tbl g_assignments_t;
7819
7820 BEGIN
7821
7822 --
7823 -- Initialise debugging.
7824 --
7825 IF p_debug = g_NO_DEBUG THEN
7826 --
7827 -- If no debug was specified (or defaulted) then
7828 -- checking for standard HRMS Pipe output.
7829 --
7830 IF g_debug THEN
7831 g_dbg_type := g_PIPE;
7832 g_dbg := TRUE;
7833 END IF;
7834 ELSIF p_debug <> g_NO_DEBUG THEN
7835 --
7836 -- If debugging was specified, set accordingly.
7837 --
7838 g_dbg_type := p_debug;
7839 g_dbg := TRUE;
7840 END IF;
7841
7842 IF g_dbg THEN
7843 op('Entering: '||l_proc, 1);
7844 op(' ');
7845 op(' --------------------------------'||
7846 '---------------------------------');
7847 op(' Profile: '||p_sec_prof_rec.security_profile_name);
7848 op(' --------------------------------'||
7849 '+--------------------------------');
7850 op(' p_person_id '||
7851 to_char(p_person_id));
7852 op(' p_user_id '||
7853 to_char(p_user_id));
7854 op(' p_effective_date '||
7855 to_char(l_effective_date));
7856 op(' p_security_profile_id '||
7857 to_char(p_sec_prof_rec.security_profile_id));
7858 op(' p_business_group_id '||
7859 to_char(p_sec_prof_rec.business_group_id));
7860 op(' p_view_all_flag '||
7861 p_sec_prof_rec.view_all_flag);
7862 op(' p_reporting_oracle_username '||
7863 p_sec_prof_rec.reporting_oracle_username);
7864 op(' p_allow_granted_users_flag '||
7865 p_sec_prof_rec.allow_granted_users_flag);
7866 op(' p_restrict_on_individual_asg '||
7867 p_sec_prof_rec.restrict_on_individual_asg);
7868 op(' p_view_all_employees_flag '||
7869 p_sec_prof_rec.view_all_employees_flag);
7870 op(' p_view_all_cwk_flag '||
7871 p_sec_prof_rec.view_all_cwk_flag);
7872 op(' p_view_all_applicants_flag '||
7873 p_sec_prof_rec.view_all_applicants_flag);
7874 op(' p_view_all_contacts_flag '||
7875 p_sec_prof_rec.view_all_contacts_flag);
7876 op(' p_view_all_organizations_flag '||
7877 p_sec_prof_rec.view_all_organizations_flag);
7878 op(' p_org_security_mode '||
7879 p_sec_prof_rec.org_security_mode);
7880 op(' p_top_organization_method '||
7881 p_sec_prof_rec.top_organization_method);
7882 op(' p_organization_structure_id '||
7883 to_char(p_sec_prof_rec.organization_structure_id));
7884 op(' p_organization_id '||
7885 to_char(p_sec_prof_rec.organization_id));
7886 op(' p_include_top_organization_flag '||
7887 p_sec_prof_rec.include_top_organization_flag);
7888 op(' p_exclude_business_groups_flag '||
7889 p_sec_prof_rec.exclude_business_groups_flag);
7890 op(' p_view_all_positions_flag '||
7891 p_sec_prof_rec.view_all_positions_flag);
7892 op(' p_top_position_method '||
7893 p_sec_prof_rec.top_position_method);
7894 op(' p_position_structure_id '||
7895 to_char(p_sec_prof_rec.position_structure_id));
7896 op(' p_position_id '||
7897 to_char(p_sec_prof_rec.position_id));
7898 op(' p_include_top_position_flag '||
7899 p_sec_prof_rec.include_top_position_flag);
7900 op(' p_view_all_payrolls_flag '||
7901 p_sec_prof_rec.view_all_payrolls_flag);
7902 op(' p_include_exclude_payroll_flag '||
7903 p_sec_prof_rec.include_exclude_payroll_flag);
7904 op(' p_restrict_by_supervisor_flag '||
7905 p_sec_prof_rec.restrict_by_supervisor_flag);
7906 op(' p_supervisor_levels '||
7907 to_char(p_sec_prof_rec.supervisor_levels));
7908 op(' p_exclude_secondary_asgs_flag '||
7909 p_sec_prof_rec.exclude_secondary_asgs_flag);
7910 op(' p_exclude_person_flag '||
7911 p_sec_prof_rec.exclude_person_flag);
7912 op(' p_named_person_id '||
7913 to_char(p_sec_prof_rec.named_person_id));
7914 op(' p_custom_restriction_flag '||
7915 p_sec_prof_rec.custom_restriction_flag);
7916 op(' p_what_to_evaluate '||
7917 to_char(p_what_to_evaluate));
7918 IF p_use_static_lists THEN
7919 op(' p_use_static_lists '||
7920 'TRUE');
7921 ELSE
7922 op(' p_use_static_lists '||
7923 'FALSE');
7924 END IF;
7925 IF p_update_static_lists THEN
7926 op(' p_update_static_lists '||
7927 'TRUE');
7928 ELSE
7929 op(' p_update_static_lists '||
7930 'FALSE');
7931 END IF;
7932 END IF;
7933
7934 --
7935 -- Protect against required values being NULL.
7936 --
7937 IF p_user_id IS NOT NULL AND
7938 l_effective_date IS NOT NULL AND
7939 p_sec_prof_rec.security_profile_id IS NOT NULL THEN
7940
7941 --
7942 -- Check that the permissions in memory (if any) match the
7943 -- given person, user, and security profile.
7944 --
7945 IF g_dbg THEN op(l_proc, 20); END IF;
7946
7947 IF g_access_known_rec.user_id IS NULL
7948 OR g_access_known_rec.effective_date IS NULL
7949 OR g_access_known_rec.security_profile_id IS NULL
7950 OR g_access_known_rec.user_id <> p_user_id
7951 OR g_access_known_rec.effective_date <> l_effective_date
7952 OR g_access_known_rec.security_profile_id <>
7953 p_sec_prof_rec.security_profile_id
7954 THEN
7955 --
7956 -- Clear the existing permission cache.
7957 --
7958 IF g_dbg THEN op(l_proc, 30); END IF;
7959
7960 g_access_known_rec.org := FALSE;
7961 g_access_known_rec.pos := FALSE;
7962 g_access_known_rec.pay := FALSE;
7963 g_access_known_rec.per := FALSE;
7964 g_org_tbl.DELETE;
7965 g_pos_tbl.DELETE;
7966 g_pay_tbl.DELETE;
7967 g_per_tbl.DELETE;
7968 g_asg_tbl.DELETE;
7969
7970 --
7971 -- Record the contexts of the (soon to be) cached permission.
7972 --
7973 g_access_known_rec.person_id := p_person_id;
7974 g_access_known_rec.user_id := p_user_id;
7975 g_access_known_rec.effective_date := l_effective_date;
7976 g_access_known_rec.security_profile_id
7977 := p_sec_prof_rec.security_profile_id;
7978
7979
7980 END IF;
7981
7982 IF g_dbg THEN op(l_proc, 40); END IF;
7983 --
7984 --
7985 -- Fetch the assignments for this person if the person is
7986 -- known.
7987 --
7988 IF p_person_id IS NOT NULL THEN
7989 l_assignments_tbl :=
7990 get_assignments(p_person_id, l_effective_date);
7991 END IF;
7992
7993 IF g_dbg THEN op(l_proc, 50); END IF;
7994
7995 --
7996 -- Evaluate the security permissions for this person
7997 -- and each assignments.
7998 --
7999 -- Not all permissions are evalulated right now. Where
8000 -- possible, evaluation is deferred until a more convenient
8001 -- point (eg, not at longon but perhaps on demand).
8002 -- The permissions are cached in PL/SQL list tables;
8003 -- the below g_access_known_rec record is used to indicate
8004 -- where evaluation has been deferred so that they can be
8005 -- evaluated at a later point.
8006 --
8007
8008 --
8009 -- Organization security.
8010 --
8011 IF p_what_to_evaluate = g_ALL OR
8012 p_what_to_evaluate = g_ORG_SEC_ONLY
8013 THEN
8014 IF g_dbg THEN op(l_proc, 60); END IF;
8015
8016 g_access_known_rec.org
8017 := evaluate_org_access
8018 (p_user_id => p_user_id
8019 ,p_effective_date => l_effective_date
8020 ,p_assignments_tbl => l_assignments_tbl
8021 ,p_sec_prof_rec => p_sec_prof_rec
8022 ,p_use_static_lists => p_use_static_lists
8023 ,p_update_static_lists => p_update_static_lists);
8024 END IF;
8025
8026 --
8027 -- Position security.
8028 --
8029 IF p_what_to_evaluate = g_ALL OR
8030 p_what_to_evaluate = g_POS_SEC_ONLY
8031 THEN
8032 IF g_dbg THEN op(l_proc, 70); END IF;
8033
8034 g_access_known_rec.pos
8035 := evaluate_pos_access
8036 (p_user_id => p_user_id
8037 ,p_effective_date => l_effective_date
8038 ,p_assignments_tbl => l_assignments_tbl
8039 ,p_sec_prof_rec => p_sec_prof_rec
8040 ,p_use_static_lists => p_use_static_lists
8041 ,p_update_static_lists => p_update_static_lists);
8042 END IF;
8043
8044 --
8045 -- Payroll security.
8046 --
8047 IF p_what_to_evaluate = g_ALL OR
8048 p_what_to_evaluate = g_PAY_SEC_ONLY
8049 THEN
8050 --
8051 -- Payroll security currently has no user-based feature,
8052 -- so there is no need to pass the table of assignments.
8053 -- As such, there is no benefit of using the
8054 -- p_use_static_lists and p_update_static_lists parameters.
8055 --
8056 IF g_dbg THEN op(l_proc, 80); END IF;
8057
8058 g_access_known_rec.pay
8059 := evaluate_pay_access
8060 (p_user_id => p_user_id
8061 ,p_effective_date => l_effective_date
8062 ,p_sec_prof_rec => p_sec_prof_rec
8063 ,p_use_static_lists => p_use_static_lists);
8064 END IF;
8065
8066 --
8067 -- Person security.
8068 --
8069 IF p_what_to_evaluate = g_ALL OR
8070 p_what_to_evaluate = g_PER_SEC_ONLY
8071 THEN
8072 IF g_dbg THEN op(l_proc, 90); END IF;
8073
8074 g_access_known_rec.per
8075 := evaluate_per_access
8076 (p_user_id => p_user_id
8077 ,p_effective_date => l_effective_date
8078 ,p_assignments_tbl => l_assignments_tbl
8079 ,p_sec_prof_rec => p_sec_prof_rec
8080 ,p_use_static_lists => p_use_static_lists
8081 ,p_update_static_lists => p_update_static_lists);
8082 END IF;
8083
8084 --
8085 -- Keep a record of the fnd session context in the local cache
8086 -- so that a context change can be detected.
8087 --
8088 --DK:4188036. Have moved this call to the end of evaluate_access
8089 --to guard against the case where apps initialize is called without
8090 --a change a change in security context.
8091
8092 sync_session_context;
8093
8094
8095 END IF;
8096
8097 IF g_dbg THEN op('Leaving: '||l_proc, 999); END IF;
8098
8099 END evaluate_access;
8100 --
8101 -- ----------------------------------------------------------------------------
8102 -- |----------------------< user_in_static_lists >----------------------------|
8103 -- ----------------------------------------------------------------------------
8104 --
8105 FUNCTION user_in_static_lists
8106 (p_user_id IN NUMBER
8107 ,p_security_profile_id IN NUMBER)
8108 RETURN BOOLEAN IS
8109
8110 --
8111 -- Local variables.
8112 --
8113 l_proc VARCHAR2(72) := g_package||'user_in_static_lists';
8114
8115 BEGIN
8116
8117 IF g_dbg THEN op('Entering: '||l_proc, 1); END IF;
8118
8119 IF p_user_id IS NOT NULL and p_security_profile_id IS NOT NULL THEN
8120 --
8121 -- Look in each of the static lists for this user and security profile
8122 -- pair. If a match is found in any list, immediately return true.
8123 -- The payroll list does not store static user permissions so it
8124 -- is not checked here.
8125 --
8126 IF g_dbg THEN op(l_proc, 20); END IF;
8127
8128 IF user_in_static_org_list(p_user_id, p_security_profile_id) THEN
8129 IF g_dbg THEN op('Leaving: '||l_proc, 959); END IF;
8130 RETURN TRUE;
8131 END IF;
8132
8133 IF user_in_static_pos_list(p_user_id, p_security_profile_id) THEN
8134 IF g_dbg THEN op('Leaving: '||l_proc, 969); END IF;
8135 RETURN TRUE;
8136 END IF;
8137
8138 IF user_in_static_per_list(p_user_id, p_security_profile_id) THEN
8139 IF g_dbg THEN op('Leaving: '||l_proc, 979); END IF;
8140 RETURN TRUE;
8141 END IF;
8142
8143 IF user_in_static_asg_list(p_user_id, p_security_profile_id) THEN
8144 IF g_dbg THEN op('Leaving: '||l_proc, 989); END IF;
8145 RETURN TRUE;
8146 END IF;
8147
8148 END IF;
8149
8150 IF g_dbg THEN op('Leaving: '||l_proc, 999); END IF;
8151
8152 RETURN FALSE;
8153
8154 END user_in_static_lists;
8155 --
8156 -- ----------------------------------------------------------------------------
8157 -- |----------------------< delete_static_lists_for_user >--------------------|
8158 -- ----------------------------------------------------------------------------
8159 --
8160 PROCEDURE delete_static_lists_for_user
8161 (p_user_id IN NUMBER
8162 ,p_security_profile_id IN NUMBER)
8163 IS
8164
8165 --
8166 -- This is not an autonomous transaction because it is called during
8167 -- normal transaction processing, eg, by APIs, so an explicit commit
8168 -- cannot be issued.
8169 --
8170 --
8171 -- Local variables.
8172 --
8173 l_proc VARCHAR2(72) := g_package||'delete_static_lists_for_user';
8174
8175 BEGIN
8176
8177 IF g_dbg THEN op('Entering: '||l_proc, 1); END IF;
8178
8179 IF p_user_id IS NOT NULL AND p_security_profile_id IS NOT NULL THEN
8180 --
8181 -- Delete from each of the static lists. The only list untouched
8182 -- is the payroll list and that is because it doesn't contain
8183 -- the user_id column, ie, it doesn't store static user permissions.
8184 --
8185 -- Organization List.
8186 --
8187 IF g_dbg THEN op(l_proc, 20); END IF;
8188
8189 DELETE FROM per_organization_list pol
8190 WHERE pol.user_id IS NOT NULL
8191 AND pol.security_profile_id IS NOT NULL
8192 AND pol.user_id = p_user_id
8193 AND pol.security_profile_id = p_security_profile_id;
8194
8195 --
8196 -- Position List.
8197 --
8198 IF g_dbg THEN op(l_proc, 30); END IF;
8199
8200 DELETE FROM per_position_list ppl
8201 WHERE ppl.user_id IS NOT NULL
8202 AND ppl.security_profile_id IS NOT NULL
8203 AND ppl.user_id = p_user_id
8204 AND ppl.security_profile_id = p_security_profile_id;
8205
8206 --
8207 -- Person List.
8208 --
8209 -- WARNING: This will delete any self-service grants.
8210 --
8211 IF g_dbg THEN op(l_proc, 40); END IF;
8212
8213 DELETE FROM per_person_list ppl
8214 WHERE ppl.granted_user_id IS NOT NULL
8215 AND ppl.security_profile_id IS NOT NULL
8216 AND ppl.granted_user_id = p_user_id
8217 AND ppl.security_profile_id = p_security_profile_id;
8218
8219 --
8220 -- Assignment List.
8221 --
8222 IF g_dbg THEN op(l_proc, 50); END IF;
8223
8224 DELETE FROM per_assignment_list pal
8225 WHERE pal.user_id IS NOT NULL
8226 AND pal.security_profile_id IS NOT NULL
8227 AND pal.user_id = p_user_id
8228 AND pal.security_profile_id = p_security_profile_id;
8229
8230 END IF;
8231
8232 END delete_static_lists_for_user;
8233 --
8234 -- ----------------------------------------------------------------------------
8235 -- |----------------------< get_effective_date >------------------------------|
8236 -- ----------------------------------------------------------------------------
8237 --
8238 FUNCTION get_effective_date RETURN DATE
8239 IS
8240
8241 --
8242 -- Local variables.
8243 --
8244 l_proc VARCHAR2(72) := g_package||'get_effective_date';
8245
8246 BEGIN
8247
8248 IF g_dbg THEN op('Entering: '||l_proc, 1); END IF;
8249
8250 --
8251 -- Default the effective date to sysdate. This could potentially
8252 -- be used in the future to set the effective date to the
8253 -- date-track effective date, but as it stands now, security
8254 -- is also determined as of sysdate.
8255 --
8256 IF g_dbg THEN op('Leaving: '||l_proc, 999); END IF;
8257
8258 RETURN trunc(sysdate);
8259
8260 END get_effective_date;
8261 --
8262 -- ----------------------------------------------------------------------------
8263 -- |----------------------< get_what_to_evaluate >----------------------------|
8264 -- ----------------------------------------------------------------------------
8265 --
8266 FUNCTION get_what_to_evaluate RETURN NUMBER
8267 IS
8268
8269 --
8270 -- Local variables.
8271 --
8272 l_proc VARCHAR2(72) := g_package||'get_what_to_evaluate';
8273
8274 BEGIN
8275
8276 IF g_dbg THEN op('Entering: '||l_proc, 1); END IF;
8277
8278 --
8279 -- Determine what permissions should be cached when a secured object is
8280 -- first used for a session. By default, only person security is first
8281 -- cached (although this may force the caching of org and pos security too
8282 -- if they are used-based) but it is possible to cache all security
8283 -- permissions when a secured object is first used, even if only person
8284 -- security is needed.
8285 --
8286 -- THIS PROFILE OPTION HAS NOT BEEN SEEDED, IT IS FOR ORACLE INTERNAL
8287 -- USE ONLY.
8288 --
8289 IF g_dbg THEN op('Leaving: '||l_proc, 999); END IF;
8290
8291 RETURN NVL(to_number(fnd_profile.value('HR_SEC_EVALUATION_TYPE'))
8292 ,g_PER_SEC_ONLY);
8293
8294 END get_what_to_evaluate;
8295 --
8296 -- ----------------------------------------------------------------------------
8297 -- |----------------------< get_use_static_lists >----------------------------|
8298 -- ----------------------------------------------------------------------------
8299 --
8300 FUNCTION get_use_static_lists RETURN BOOLEAN
8301 IS
8302
8303 --
8304 -- Local variables.
8305 --
8306 l_proc VARCHAR2(72) := g_package||'get_use_static_lists';
8307
8308 BEGIN
8309
8310 IF g_dbg THEN op('Entering: '||l_proc, 1); END IF;
8311
8312 --
8313 -- Determine whether the static lists should be used for profiles that
8314 -- use static security ("Y"), or whether security should be evaluated
8315 -- dynamically at each session initialisation and the static lists
8316 -- should be ignored ("N").
8317 --
8318 -- THIS PROFILE OPTION HAS NOT BEEN SEEDED, IT IS FOR ORACLE INTERNAL
8319 -- USE ONLY.
8320 --
8321 IF g_dbg THEN op('Leaving: '||l_proc, 999); END IF;
8322
8323 RETURN (NVL(fnd_profile.value('HR_SEC_USE_STATIC_LISTS'),'Y')
8324 = 'Y');
8325
8326 END get_use_static_lists;
8327 --
8328 --
8329 -- ----------------------------------------------------------------------------
8330 -- |-------------------< delete_security_list_for_bg >-------------------------|
8331 -- ----------------------------------------------------------------------------
8332 PROCEDURE delete_security_list_for_bg(p_business_group_id NUMBER)
8333 IS
8334 --
8335 l_proc varchar2(80) := g_package||'delete_security_list_for_bg';
8336 --
8337 -- DK 16-SEP-1996 Enabled use of business group index
8338 -- In development there are lots of business groups
8339 -- and otherwise it is not a very high cost.
8340 CURSOR pev IS
8341 SELECT pp.person_id
8342 FROM per_people_f pp,
8343 per_person_list pl
8344 WHERE pp.person_id = pl.person_id
8345 AND pp.business_group_id = p_business_group_id;
8346 BEGIN
8347 --
8348 hr_utility.set_location(l_proc,20);
8349 --
8350 DELETE FROM pay_security_payrolls psp
8351 WHERE psp.business_group_id = p_business_group_id;
8352 hr_utility.set_location(l_proc,30);
8353 --
8354 DELETE FROM pay_payroll_list ppl
8355 WHERE EXISTS ( SELECT ''
8356 FROM pay_payrolls_f pay
8357 WHERE pay.payroll_id = ppl.payroll_id
8358 AND pay.business_group_id = p_business_group_id);
8359 hr_utility.set_location(l_proc,40);
8360 --
8361 FOR pevrec IN pev LOOP
8362 DELETE FROM per_person_list pl
8363 WHERE pl.person_id = pevrec.person_id;
8364 END LOOP;
8365 hr_utility.set_location(l_proc,50);
8366 --
8367 -- Changes 02-Oct-99 SCNair (per_positions to hr_all_positions_f) date track position req.
8368 --
8369 DELETE FROM per_position_list pol
8370 WHERE EXISTS ( SELECT ''
8371 FROM hr_all_positions_f pos
8372 WHERE pos.position_id = pol.position_id
8373 AND pos.business_group_id = p_business_group_id);
8374 --
8375 hr_utility.set_location('hr_delete.delete_security_list_for_bg',6);
8376
8377 -- Bug fix 3622082.
8378 -- Delete statement modified to improve performance.
8379
8380 -- Bug fix 4889068.
8381 -- SQL Tuned to improve performance.
8382 DELETE FROM per_organization_list ol
8383 WHERE EXISTS ( SELECT null
8384 FROM hr_all_organization_units ou
8385 WHERE ou.business_group_id = p_business_group_id
8386 and ou.organization_id = ol.organization_id);
8387 --
8388 hr_utility.set_location('hr_delete.delete_security_list_for_bg',7);
8389 DELETE FROM per_security_profiles psp
8390 WHERE psp.business_group_id = p_business_group_id
8391 AND psp.view_all_flag = 'N';
8392 --
8393 hr_utility.set_location('hr_delete.delete_security_list_for_bg',8);
8394
8395 -- Bug fix 4889068.
8396 -- SQL Tuned to improve performance.
8397 DELETE FROM per_security_organizations pso
8398 WHERE EXISTS( SELECT null
8399 FROM hr_all_organization_units ou
8400 WHERE ou.business_group_id = p_business_group_id
8401 and ou.organization_id = pso.organization_id);
8402 --
8403 hr_utility.set_location('hr_delete.delete_security_list_for_bg',9);
8404 DELETE FROM per_security_users psu
8405 WHERE psu.security_profile_id IN (SELECT sp.security_profile_id
8406 FROM per_security_profiles sp
8407 WHERE sp.business_group_id = p_business_group_id);
8408 --
8409 END delete_security_list_for_bg;
8410 --
8411 --
8412 -- ----------------------------------------------------------------------------
8413 -- |------------------< delete_per_from_security_list >-----------------------|
8414 -- ----------------------------------------------------------------------------
8415 PROCEDURE delete_per_from_security_list(P_PERSON_ID IN number)
8416 IS
8417 --
8418 -- bug fix 3760559. l_proc size increased to 80.
8419 l_proc varchar2(80) := 'HR_SECURITY_INTERNAL.DELETE_PER_FROM_SECURITY_LIST';
8420 begin
8421 hr_utility.set_location('Entering:'|| l_proc, 10);
8422 delete from per_person_list l
8423 where l.person_id = P_PERSON_ID;
8424 exception
8425 when NO_DATA_FOUND then
8426 hr_utility.set_location(l_proc, 20);
8427 end delete_per_from_security_list;
8428 --
8429 --
8430 -- ----------------------------------------------------------------------------
8431 -- |---------------------< add_org_to_security_list >--------------------------|
8432 -- ----------------------------------------------------------------------------
8433 PROCEDURE add_org_to_security_list(p_security_profile_id in number,
8434 p_organization_id in number)
8435 IS
8436 --
8437 l_proc varchar2(80) := 'HR_SECURITY_INTERNAL.ADD_ORG_TO_SECURITY_LIST';
8438 --
8439 p_program_id number;
8440 p_request_id number;
8441 p_program_application_id number;
8442 p_update_date date;
8443 --
8444 BEGIN
8445 -- Set WHO columns
8446 p_update_date := trunc(sysdate);
8447 p_request_id := fnd_profile.value('CONC_REQUEST_ID');
8448
8449 -- If called from concurrent request then get other values
8450 IF (p_request_id > 0) THEN
8451 p_program_id := fnd_profile.value('CONC_PROGRAM_ID');
8452 p_program_application_id := fnd_profile.value('CONC_PROGRAM_APPLICATION_ID');
8453 END IF;
8454
8455 insert into per_organization_list
8456 (organization_id
8457 ,security_profile_id
8458 ,request_id
8459 ,program_application_id
8460 ,program_id
8461 ,program_update_date)
8462 select
8463 p_organization_id
8464 ,p_security_profile_id
8465 ,p_request_id
8466 ,p_program_application_id
8467 ,p_program_id
8468 ,p_update_date
8469 from sys.dual
8470 where not exists(select 1
8471 from per_organization_list pol
8472 where pol.organization_id = p_organization_id
8473 and pol.security_profile_id = p_security_profile_Id
8474 );
8475 --
8476 END add_org_to_security_list;
8477
8478
8479 --
8480 -- ----------------------------------------------------------------------------
8481 -- |------------------< delete_org_from_security_list >-----------------------|
8482 -- ----------------------------------------------------------------------------
8483 PROCEDURE delete_org_from_security_list(P_Organization_Id in number)
8484 IS
8485 --
8486 l_proc varchar2(80) := 'HR_SECURITY_INTERNAL.DELETE_ORG_FROM_SECURITY_LIST';
8487 begin
8488 hr_utility.set_location('Entering:'|| l_proc, 10);
8489 DELETE FROM PER_ORGANIZATION_LIST
8490 WHERE organization_id = P_Organization_Id;
8491 exception
8492 when NO_DATA_FOUND then
8493 hr_utility.set_location(l_proc, 20);
8494 end delete_org_from_security_list;
8495 --
8496 --
8497 --
8498 -- ----------------------------------------------------------------------------
8499 -- |---------------------< add_pos_to_security_list >--------------------------|
8500 -- ----------------------------------------------------------------------------
8501 PROCEDURE add_pos_to_security_list(p_security_profile_id in number,
8502 p_position_id in number)
8503 IS
8504 --
8505 l_proc varchar2(80) := 'HR_SECURITY_INTERNAL.ADD_POS_TO_SECURITY_LIST';
8506 --
8507 begin
8508 --
8509 insert into per_position_list
8510 (security_profile_id, position_id)
8511 values (p_Security_Profile_Id, p_position_id);
8512 --
8513 end add_pos_to_security_list;
8514 --
8515
8516 --
8517 -- ----------------------------------------------------------------------------
8518 -- |------------------< delete_pos_from_security_list >-----------------------|
8519 -- ----------------------------------------------------------------------------
8520 PROCEDURE delete_pos_from_security_list(p_position_Id in number)
8521 IS
8522 --
8523 l_proc varchar2(80) := 'HR_SECURITY_INTERNAL.DELETE_POS_FROM_SECURITY_LIST';
8524 begin
8525 hr_utility.set_location('Entering:'|| l_proc, 10);
8526 DELETE FROM PER_POSITION_LIST
8527 WHERE position_id = p_position_Id;
8528 exception
8529 when NO_DATA_FOUND then
8530 hr_utility.set_location(l_proc, 20);
8531 end delete_pos_from_security_list;
8532 --
8533 -- ----------------------------------------------------------------------------
8534 -- |----------------- delete_pay_from_security_list >---------------------|
8535 -- ----------------------------------------------------------------------------
8536 PROCEDURE delete_pay_from_security_list(p_payroll_id number)
8537 IS
8538 --
8539 l_proc varchar2(80) := 'HR_SECURITY_INTERNAL.DELETE_PAY_FROM_SECURITY_LIST';
8540 begin
8541 hr_utility.set_location('Entering:'|| l_proc, 10);
8542 DELETE FROM PAY_PAYROLL_LIST
8543 WHERE payroll_id = p_payroll_id;
8544 exception
8545 when NO_DATA_FOUND then
8546 hr_utility.set_location(l_proc, 20);
8547 end delete_pay_from_security_list;
8548 --
8549 END hr_security_internal;