The following lines contain the word 'select', 'insert', 'update' or 'delete':
G_update_allowed := 'Y';
G_update_allowed := NULL;
|| 'ALLOW_QUERY' is to verify that the user has cross project view/update
|| access, or has the project authority role in the organizational domain
|| of this project, or is a key member of the project.
||
|| There are only two valid values returned from the extension
|| procedure: 'Y' or 'N'. If the value returned is not one of
|| these values, then this function returns 'Y'.
|| -- changed the return value to 'N' for bug 2635016
||
|| ---------------------------------------------------------------------
*/
FUNCTION allow_query ( X_project_id IN NUMBER) RETURN VARCHAR2
IS
V_allow_query VARCHAR2(1);
V_allow_update VARCHAR2(1); /* added for bug 2686117 */
IF ( G_update_allowed = 'Y') THEN
RETURN( G_update_allowed );
, 'ALLOW_UPDATE'
, V_allow_update );
IF ( V_allow_update = 'Y') THEN
RETURN( V_allow_update );
|| Function Name: allow_update
||
|| Input Parameters:
|| X_project_id <-- project identifier
||
|| Description:
|| This function determines whether a user has update privileges for
|| a particular project.
||
|| The structure is identical to the allow_query function. The default
|| validation that PA seeds in the client extension for 'ALLOW_QUERY' is
|| to verify that the user has cross project update access, or has the
|| project authority role in the organizational domain of this project,
|| or is a key member of the project.
||
|| ---------------------------------------------------------------------
*/
FUNCTION allow_update ( X_project_id IN NUMBER) RETURN VARCHAR2
IS
V_allow_update VARCHAR2(1);
IF ( G_update_allowed IS NOT NULL ) THEN
RETURN( G_update_allowed );
, 'ALLOW_UPDATE'
, V_allow_update );
IF ( V_allow_update IN ('Y', 'N') ) THEN
RETURN( V_allow_update );
END allow_update;
ELSIF ( X_security_level = 'ALLOW_UPDATE' ) THEN
IF ( X_value IS NULL ) THEN
G_update_allowed := NULL;
G_update_allowed := X_value;
SELECT 1
INTO dummy
FROM pa_project_players
WHERE project_id = X_project_id
AND person_id = X_person_id
AND TRUNC(sysdate) >= trunc(start_date_active)
AND TRUNC(sysdate) <= trunc(NVL(end_date_active, sysdate+1));
SELECT 1
INTO dummy
--FROM pa_project_role_types rt --bug 4004821
FROM pa_project_role_types_b rt
, pa_project_players pp
, pa_role_controls rc -- Added for bug 3058844
WHERE rt.project_role_type = pp.project_role_type
/* Below code added for bug 3058844 */
AND rt.project_role_id = rc.project_role_id
AND rc.role_control_code = 'ALLOW_QUERY_LABOR_COST'
/* Code addition ends for bug 3058844 */
AND TRUNC(sysdate) >= trunc(pp.start_date_active)
AND TRUNC(sysdate) <= trunc(NVL(pp.end_date_active, sysdate+1))
AND pp.person_id = X_person_id
AND pp.project_id = X_project_id;
SELECT '1'
FROM pa_projects_all ppa,
pa_project_role_types_b ppr, -- Added for bug 3224170
fnd_grants fg,
fnd_objects fo
WHERE
--fg.grantee_key = 'PER:'||X_person_id and /* commenting this line for 11.5.10 security changes */
fg.grantee_key = PA_SECURITY_PVT.get_grantee_key( 'PERSON', X_person_id, 'N') and
/* replaced the above line with this call. The last paramater will assert that the function will not write to database. */
fg.grantee_type = 'USER' and
fg.menu_id = ppr.menu_id and -- Added for bug 3224170
ppr.project_role_id = 3 and -- Added for bug 3224170
ppa.project_id = X_project_id and
to_char(ppa.carrying_out_organization_id) = fg.instance_pk1_value and -- bug 2777621
fg.object_id = fo.object_id and
fo.obj_name = 'ORGANIZATION' and
fg.instance_type = 'INSTANCE' and
TRUNC(sysdate) >= trunc(fg.start_date) and
trunc(sysdate) <= trunc(NVL(fg.end_date, sysdate+1));
SELECT 1
INTO dummy
FROM pa_project_players
WHERE project_id = X_project_id
AND person_id = X_person_id;
SELECT '1'
FROM pa_projects_all ppa,
fnd_grants fg,
fnd_objects fo,
fnd_menus fm
WHERE */
--fg.grantee_key = 'PER:'||X_person_id and /* commenting this line for 11.5.10 security changes */
/* fg.grantee_key = PA_SECURITY_PVT.get_grantee_key( 'PERSON', X_person_id, 'N') and*/
/* replaced the above line with this call. The last paramater will assert that the function will not write to database. */
/* fg.grantee_type = 'USER' and
ppa.project_id = X_project_id and
to_char(ppa.carrying_out_organization_id) = fg.instance_pk1_value and -- bug2777621
fg.object_id = fo.object_id and
fm.menu_name = 'PA_PRM_FCST_AUTH' and
fg.menu_id = fm.menu_id and
fo.obj_name = 'ORGANIZATION' and
fg.instance_type = 'INSTANCE' and
TRUNC(sysdate) >= trunc(fg.start_date) and
trunc(sysdate) <= trunc(NVL(fg.end_date, sysdate+1));