[Home] [Help]
PACKAGE BODY: APPS.EGO_DATA_SECURITY
Source
1 PACKAGE BODY EGO_DATA_SECURITY AS
2 /* $Header: EGOPFDSB.pls 120.37.12020000.2 2013/01/15 03:08:16 jawan ship $ */
3
4 G_PKG_NAME CONSTANT VARCHAR2(30):= 'EGO_DATA_SECURITY';
5 G_LOG_HEAD CONSTANT VARCHAR2(40):= 'fnd.plsql.ego.EGO_DATA_SECURITY.';
6 G_TYPE_SET CONSTANT VARCHAR2(30):= 'SET';
7 G_TYPE_INSTANCE CONSTANT VARCHAR2(30):= 'INSTANCE';
8 G_TYPE_UNIVERSAL CONSTANT VARCHAR2(30):= 'UNIVERSAL';
9
10 g_pred_buf_size CONSTANT NUMBER := 32767;
11 /* This is the VPD size limit of predicates in the database. */
12 /* In 8.1.7 databases the limit is 4k, and in 8.2 it will be 32k. */
13 /* Once we no longer support 8.1.7 then we can increase this to 32,000 */
14 g_vpd_buf_limit CONSTANT NUMBER := 4*1024;
15
16 -- Character-set independent NEWLINE, TAB and WHITESPACE
17 --
18 NEWLINE CONSTANT VARCHAR2(4) := fnd_global.newline;
19 MAX_SEG_SIZE CONSTANT NUMBER := 200;
20
21 G_RETURN_SUCCESS CONSTANT VARCHAR2(1) := 'T';
22 G_RETURN_FAILURE CONSTANT VARCHAR2(1) := 'F';
23 G_RETURN_UNEXP_ERR CONSTANT VARCHAR2(1) := 'U';
24
25 G_DEBUG_LEVEL_UNEXPECTED CONSTANT NUMBER := FND_LOG.LEVEL_UNEXPECTED;
26 G_DEBUG_LEVEL_ERROR CONSTANT NUMBER := FND_LOG.LEVEL_ERROR;
27 G_DEBUG_LEVEL_EXCEPTION CONSTANT NUMBER := FND_LOG.LEVEL_EXCEPTION;
28 G_DEBUG_LEVEL_EVENT CONSTANT NUMBER := FND_LOG.LEVEL_EVENT;
29 G_DEBUG_LEVEL_PROCEDURE CONSTANT NUMBER := FND_LOG.LEVEL_PROCEDURE;
30 G_DEBUG_LEVEL_STATEMENT CONSTANT NUMBER := FND_LOG.LEVEL_STATEMENT;
31
32 G_CURRENT_DEBUG_LEVEL NUMBER;
33 G_USER_NAME VARCHAR2(100);
34
35 TYPE DYNAMIC_CUR IS REF CURSOR;
36
37 ----------------------------------------------------------------------
38 ----------------------------------------------
39 --This is an internal procedure. Not in spec.
40 ----------------------------------------------
41 -- For debugging purposes.
42 PROCEDURE code_debug (p_log_level IN NUMBER
43 ,p_module IN VARCHAR2
44 ,p_message IN VARCHAR2
45 ) IS
46 BEGIN
47 IF (p_log_level >= G_CURRENT_DEBUG_LEVEL ) THEN
48 fnd_log.string(log_level => p_log_level
49 ,module => G_LOG_HEAD||p_module
50 ,message => p_message
51 );
52 END IF;
53 -- sri_debug(G_PKG_NAME||' - '||p_module||' - '||p_message);
54 EXCEPTION
55 WHEN OTHERS THEN
56 RAISE;
57 END code_debug;
58
59 ----------------------------------------------
60 --This is an internal procedure. Not in spec.
61 ----------------------------------------------
62 PROCEDURE SetGlobals IS
63 BEGIN
64 G_CURRENT_DEBUG_LEVEL := FND_LOG.G_CURRENT_RUNTIME_LEVEL;
65 G_USER_NAME := FND_GLOBAL.USER_NAME;
66 EXCEPTION
67 WHEN OTHERS THEN
68 RAISE;
69 END SetGlobals;
70
71 ----------------------------------------------
72 --This is an internal procedure. Not in spec.
73 ----------------------------------------------
74 FUNCTION get_group_info (p_party_id IN NUMBER) RETURN VARCHAR2 IS
75
76 CURSOR group_membership_c (cp_orig_system_id IN NUMBER) IS
77 SELECT 'HZ_GROUP:'||group_membership_rel.object_id group_name
78 FROM hz_relationships group_membership_rel
79 WHERE group_membership_rel.RELATIONSHIP_CODE = 'MEMBER_OF'
80 AND group_membership_rel.status= 'A'
81 AND group_membership_rel.start_date <= SYSDATE
82 AND NVL(group_membership_rel.end_date, SYSDATE) >= SYSDATE
83 AND group_membership_rel.subject_id = cp_orig_system_id;
84 l_group_info VARCHAR2(32767);
85 BEGIN
86 l_group_info := '';
87 FOR group_rec IN group_membership_c (p_party_id) LOOP
88 l_group_info := l_group_info ||''''||group_rec.group_name ||''' , ';
89 END LOOP;
90
91 IF( length( l_group_info ) >0) THEN
92 -- strip off the trailing ', '
93 l_group_info := SUBSTR(l_group_info, 1,
94 length(l_group_info) - length(', '));
95 ELSE
96 l_group_info := '''NULL''';
97 END IF;
98 RETURN l_group_info;
99 EXCEPTION
100 WHEN OTHERS THEN
101 RETURN '''NULL''';
102 END get_group_info;
103
104 ----------------------------------------------
105 --This is an internal procedure. Not in spec.
106 ----------------------------------------------
107
108 FUNCTION get_company_info (p_party_id IN NUMBER) RETURN VARCHAR2 IS
109 CURSOR company_membership_c (cp_orig_system_id IN NUMBER) IS
110 SELECT 'HZ_COMPANY:'||group_membership_rel.object_id company_name
111 FROM hz_relationships group_membership_rel
112 WHERE group_membership_rel.RELATIONSHIP_CODE = 'EMPLOYEE_OF'
113 AND group_membership_rel.status= 'A'
114 AND group_membership_rel.start_date <= SYSDATE
115 AND NVL(group_membership_rel.end_date, SYSDATE) >= SYSDATE
116 AND group_membership_rel.subject_id = cp_orig_system_id;
117 l_company_info VARCHAR2(32767);
118 BEGIN
119 l_company_info := '';
120 FOR company_rec IN company_membership_c (p_party_id) LOOP
121 l_company_info:=l_company_info||''''||company_rec.company_name||''' , ';
122 END LOOP;
123
124 IF( length( l_company_info ) >0) THEN
125 -- strip off the trailing ', '
126 l_company_info := SUBSTR(l_company_info, 1,
127 length(l_company_info) - length(', '));
128 ELSE
129 l_company_info := '''NULL''';
130 END IF;
131 RETURN l_company_info;
132 EXCEPTION
133 WHEN OTHERS THEN
134 RETURN '''NULL''';
135 END get_company_info;
136
137 ----------------------------------------------
138 --This is an internal procedure. Not in spec.
139 ----------------------------------------------
140
141 FUNCTION getRole_mappedTo_profileOption(p_object_name IN VARCHAR2,
142 p_user_name IN VARCHAR2)
143 RETURN VARCHAR2
144 IS
145 l_role_name VARCHAR2(99) := '';
146 l_party_id NUMBER;
147 l_colon NUMBER;
148 l_count NUMBER;
149 l_ego_item_profile_option VARCHAR2(99) := 'EGO_INTERNAL_USER_DEFAULT_ROLE';
150 l_eng_change_profile_option VARCHAR2(99) := 'ENG_INTERNAL_USER_DEFAULT_ROLE';
151
152 BEGIN
153
154 l_colon := instr(p_user_name, ':');
155 IF (l_colon <> 0) THEN
156 l_party_id := to_number(substr(p_user_name, l_colon+1));
157 ELSE
158 l_party_id := NULL;
159 END IF;
160
161 -- check in ego_internal_people_v if the user exists.
162 -- This tells if he is an internal user.
163 -- If not we do not check the internal option at all
164 -- We may need to go against the table rather than the view
165 -- to improve performance.
166
167 --PERF:Bug NO:6531906 --changed the query to look into the base tables instead of the View.
168 --Bug NO: 8818999 - Enable the HZ_PARTIES object for supplier data hub security
169 IF p_object_name IN ('EGO_ITEM','ENG_CHANGE','HZ_PARTIES') THEN
170 IF l_party_id IS NULL THEN
171 SELECT count(1) into l_count
172 FROM hz_parties employee,
173 FND_USER FND_user,
174 PER_ALL_PEOPLE_F HR_EMPLOYEE
175 WHERE HR_EMPLOYEE.PERSON_ID = FND_user.EMPLOYEE_ID
176 AND fnd_user.start_date <= SYSDATE
177 AND NVL(fnd_user.end_date, SYSDATE) >= SYSDATE
178 AND (HR_EMPLOYEE.CURRENT_EMPLOYEE_FLAG = 'Y'
179 OR HR_EMPLOYEE.CURRENT_NPW_FLAG = 'Y'
180 )
181 AND HR_EMPLOYEE.EFFECTIVE_START_DATE <= SYSDATE
182 AND NVL(HR_EMPLOYEE.EFFECTIVE_END_DATE,SYSDATE) >= SYSDATE
183 AND employee.party_type = 'PERSON'
184 AND employee.status = 'A'
185 AND employee.party_id = HR_EMPLOYEE.PARTY_ID
186 AND user_name = p_user_name;
187 ELSE
188 SELECT Count(1) into l_count
189 FROM hz_parties employee ,
190 FND_USER FND_user ,
191 PER_ALL_PEOPLE_F HR_EMPLOYEE
192 WHERE HR_EMPLOYEE.PERSON_ID = FND_user.EMPLOYEE_ID
193 AND fnd_user.start_date <= SYSDATE
194 AND NVL(fnd_user.end_date, SYSDATE) >= SYSDATE
195 AND (HR_EMPLOYEE.CURRENT_EMPLOYEE_FLAG = 'Y'
196 OR HR_EMPLOYEE.CURRENT_NPW_FLAG = 'Y')
197 AND HR_EMPLOYEE.EFFECTIVE_START_DATE <= SYSDATE
198 AND NVL(HR_EMPLOYEE.EFFECTIVE_END_DATE,SYSDATE) >= SYSDATE
199 AND employee.party_type = 'PERSON'
200 AND employee.status = 'A'
201 AND employee.party_id = HR_EMPLOYEE.PARTY_ID
202 AND employee.party_id = l_party_id;
203 END IF;
204 --IF (l_count = 0) THEN
205 -- l_role_name := '';
206 -- Bug 11877108: Define default supplier profile option for HZ_PARTIES case
207 IF (l_count = 0) THEN
208 IF (p_object_name = 'HZ_PARTIES') THEN --Bug 16093422
209 l_role_name := NVL(FND_PROFILE.VALUE('POS_SM_DEFAULT_ROLE_SUPP'),'');
210 ELSE
211 l_role_name := '';
212 END IF;
213 -- End Bug 11877108
214 ELSE
215 IF (p_object_name = 'EGO_ITEM') THEN
216 l_role_name := FND_PROFILE.VALUE(l_ego_item_profile_option);
217 ELSIF (p_object_name = 'ENG_CHANGE') THEN
218 l_role_name := FND_PROFILE.VALUE(l_eng_change_profile_option);
219 ELSIF (p_object_name = 'HZ_PARTIES') THEN
220 l_role_name := FND_PROFILE.VALUE('POS_SM_DEFAULT_ROLE_INTERNAL');
221 END IF;
222 END IF; --l_count = 0
223 END IF;
224 RETURN l_role_name;
225
226 END getRole_mappedTo_profileOption;
227
228 ----------------------------------------------
229 --This is an internal procedure. Not in spec.
230 ----------------------------------------------
231
232 PROCEDURE getPrivilege_for_profileOption
233 (p_api_version IN NUMBER,
234 p_object_name IN VARCHAR2,
235 p_user_name IN VARCHAR2,
236 x_privilege_tbl OUT NOCOPY EGO_VARCHAR_TBL_TYPE,
237 x_return_status OUT NOCOPY VARCHAR2
238 )
239 IS
240 l_role_name VARCHAR2(30);
241 BEGIN
242
243 l_role_name := getRole_mappedTo_profileOption(p_object_name, p_user_name);
244 -- Now we need to find all the privileges in this role
245 -- add it to the out table
246 get_role_functions
247 (p_api_version => p_api_version
248 ,p_role_name => l_role_name
249 ,x_return_status => x_return_status
250 ,x_privilege_tbl => x_privilege_tbl
251 );
252
253 END getPrivilege_for_profileOption;
254
255 ----------------------------------------------
256 --This is an internal procedure. Not in spec.
257 ----------------------------------------------
258 PROCEDURE translate_pk_values (p_instance_pk2_value IN VARCHAR2
259 ,p_instance_pk3_value IN VARCHAR2
260 ,p_instance_pk4_value IN VARCHAR2
261 ,p_instance_pk5_value IN VARCHAR2
262 ,x_trans_pk2_value OUT NOCOPY VARCHAR2
263 ,x_trans_pk3_value OUT NOCOPY VARCHAR2
264 ,x_trans_pk4_value OUT NOCOPY VARCHAR2
265 ,x_trans_pk5_value OUT NOCOPY VARCHAR2
266 ) IS
267 BEGIN
268 IF p_instance_pk2_value IS NULL THEN
269 x_trans_pk2_value := '*NULL*';
270 ELSE
271 x_trans_pk2_value := p_instance_pk2_value;
272 END IF;
273 IF p_instance_pk3_value IS NULL THEN
274 x_trans_pk3_value := '*NULL*';
275 ELSE
276 x_trans_pk3_value := p_instance_pk3_value;
277 END IF;
278 IF p_instance_pk4_value IS NULL THEN
279 x_trans_pk4_value := '*NULL*';
280 ELSE
281 x_trans_pk4_value := p_instance_pk4_value;
282 END IF;
283 IF p_instance_pk5_value IS NULL THEN
284 x_trans_pk5_value := '*NULL*';
285 ELSE
286 x_trans_pk5_value := p_instance_pk5_value;
287 END IF;
288 END;
289
290 -----------------------------------------------
291 -- This is an internal procedure. Not in spec.
292 -----------------------------------------------
293 -- Gets the orig_system_id and orig_system from wf_roles,
294 -- given the user_name. These can be used as keys for selects
295 -- against WF_USER_ROLES so it hits the index (user_name alone won't).
296 -- Eventually a routine to do this, more performant than
297 -- wf_directory.getRoleOrigSysInfo, should become part of the workflow
298 -- system and then we can replace this with a callout to that routine.
299 -----------------------------------------------
300 PROCEDURE get_orig_key (x_user_name IN OUT NOCOPY VARCHAR2,
301 -- x_orig_system OUT NOCOPY VARCHAR2,
302 x_orig_system_id OUT NOCOPY NUMBER)
303 is
304 l_api_name CONSTANT VARCHAR2(30) := 'GET_ORIG_KEY';
305 colon pls_integer;
306 begin
307
308 -- x_orig_system := NULL;
309 x_orig_system_id := NULL;
310
311 if x_user_name IS NULL THEN
312 x_user_name := G_USER_NAME;
313 end if;
314 colon := instr(x_user_name, ':');
315 if (colon = 0) then
316 begin
317 /***
318 -- Get the key from wf_roles. Note that if the wf_roles view
319 -- gets more parts that don't have colons in the user, those will
320 -- have to be added to this SQL stmnt.
321 select WR.orig_system, WR.orig_system_id
322 into x_orig_system, x_orig_system_id
323 from WF_ROLES WR
324 where WR.NAME = x_user_name
325 and WR.ORIG_SYSTEM IN ('PER', 'FND_USR');
326 x_user_name := 'HZ_PARTY:'||x_orig_system_id;
327 ***/
328 SELECT party_id
329 INTO x_orig_system_id
330 FROM ego_user_v
331 where user_name = x_user_name;
332 exception
333 when no_data_found then
334 if( FND_LOG.LEVEL_PROCEDURE >= FND_LOG.G_CURRENT_RUNTIME_LEVEL ) then
335 fnd_log.string(FND_LOG.LEVEL_PROCEDURE,
336 g_log_head || l_api_name || '.end_nodatafound',
337 'returning NULLs.');
338 end if;
339 return;
340 end;
341 else
342 -- x_orig_system := substr(x_user_name, 1, colon-1);
343 x_orig_system_id := to_number(substr(x_user_name, colon+1));
344 end if;
345
346 end get_orig_key;
347
348
349 -----------------------------------------------
350 -- This is an internal procedure. Not in spec.
351 -----------------------------------------------
352 -- Out is a string that is a SQL call that returns the value passed in
353 -- (in varchar format), in the data type specified.
354 -- That description probably doesn't make much sense, so just look
355 -- at the code and you'll get what it does.
356 -----------------------------------------------
357 FUNCTION get_conv_from_char(p_instance_value in VARCHAR2,
358 p_col_type IN VARCHAR2)
359 RETURN VARCHAR2 IS
360 BEGIN
361 if(p_col_type = 'NUMBER' OR p_col_type = 'INTEGER') then
362 return 'FND_NUMBER.CANONICAL_TO_NUMBER('||p_instance_value||')';
363 elsif(p_col_type = 'DATE') then
364 return 'FND_DATE.CANONICAL_TO_DATE('||p_instance_value||')';
365 else
366 return p_instance_value;
367 end if;
368 END;
369
370 ----------------------------------------------
371 --This is an internal procedure. Not in spec.
372 ----------------------------------------------
373 Function get_object_id(p_object_name in varchar2) return number is
374 l_object_id number;
375 Begin
376 select object_id
377 into l_object_id
378 from fnd_objects
379 where obj_name=p_object_name;
380 return l_object_id;
381 exception
382 when no_data_found then
383 return null;
384 end get_object_id;
385
386 ----------------------------------------------
387 --This is an internal procedure. Not in spec.
388 ----------------------------------------------
389 Function get_role_id(p_role_name in varchar2) return number is
390 l_role_id number;
391 Begin
392 select menu_id
393 into l_role_id
394 from fnd_menus
395 where menu_name = p_role_name;
396 RETURN l_role_id;
397 EXCEPTION
398 when no_data_found then
399 RETURN NULL;
400 end get_role_id;
401
402 -----------------------------------------------
403 -- This is an internal procedure. Not in spec.
404 -----------------------------------------------
405 -- Procedure get_pk_information
406 -- x_aliased_pk_column returns the aliased list of columns without
407 -- type conv.
408 -- x_aliased_ik_column returns 'INSTANCE_PK1_VALUE' etc with type
409 -- conversion from char type, with to_number() to_date() etc.
410 -- x_orig_pk_column returns the unaliased list of columns
411 -- without type conv.
412 -- returns 'T' for success or 'U' for unexpected error.
413 -----------------------------------------------
414 function get_pk_information(p_object_name IN VARCHAR2,
415 x_pk1_column_name OUT NOCOPY VARCHAR2,
416 x_pk2_column_name OUT NOCOPY VARCHAR2,
417 x_pk3_column_name OUT NOCOPY VARCHAR2,
418 x_pk4_column_name OUT NOCOPY VARCHAR2,
419 x_pk5_column_name OUT NOCOPY VARCHAR2,
420 x_aliased_pk_column OUT NOCOPY VARCHAR2,
421 x_aliased_ik_column OUT NOCOPY VARCHAR2,
422 x_orig_pk_column OUT NOCOPY VARCHAR2,
423 x_database_object_name OUT NOCOPY VARCHAR2,
424 p_pk1_alias IN VARCHAR2 DEFAULT NULL,
425 p_pk2_alias IN VARCHAR2 DEFAULT NULL,
426 p_pk3_alias IN VARCHAR2 DEFAULT NULL,
427 p_pk4_alias IN VARCHAR2 DEFAULT NULL,
428 p_pk5_alias IN VARCHAR2 DEFAULT NULL)
429 RETURN VARCHAR2 IS
430 l_api_name CONSTANT VARCHAR2(30) := 'GET_PK_INFORMATION';
431 x_pk1_column_type varchar2(8);
432 x_pk2_column_type varchar2(8);
433 x_pk3_column_type varchar2(8);
434 x_pk4_column_type varchar2(8);
435 x_pk5_column_type varchar2(8);
436 cursor c_pk is
437 SELECT pk1_column_name
438 ,pk2_column_name
439 ,pk3_column_name
440 ,pk4_column_name
441 ,pk5_column_name
442 ,pk1_column_type
443 ,pk2_column_type
444 ,pk3_column_type
445 ,pk4_column_type
446 ,pk5_column_type
447 , database_object_name
448 FROM fnd_objects
449 WHERE obj_name=p_object_name ;
450 begin
451 open c_pk;
452 fetch c_pk into
453 x_pk1_column_name ,
454 x_pk2_column_name ,
455 x_pk3_column_name ,
456 x_pk4_column_name ,
457 x_pk5_column_name ,
458 x_pk1_column_type ,
459 x_pk2_column_type ,
460 x_pk3_column_type ,
461 x_pk4_column_type ,
462 x_pk5_column_type ,
463 x_database_object_name;
464
465 IF(c_pk%NOTFOUND) THEN
466 fnd_message.set_name('FND', 'GENERIC-INTERNAL ERROR');
467 fnd_message.set_token('ROUTINE',
468 g_pkg_name || '.'|| l_api_name);
469 fnd_message.set_token('REASON',
470 'FND_OBJECTS does not have column obj_name with value:'||
471 p_object_name);
472 return G_RETURN_UNEXP_ERR;
473 end if;
474
475 CLOSE c_pk;
476
477 -- Build up the list of unaliased column names
478 x_orig_pk_column := NULL;
479 if(x_pk1_column_name is not NULL) then
480 x_orig_pk_column := x_orig_pk_column || x_pk1_column_name;
481 end if;
482 if(x_pk2_column_name is not NULL) then
483 x_orig_pk_column := x_orig_pk_column || ',' || x_pk2_column_name;
484 end if;
485 if(x_pk3_column_name is not NULL) then
486 x_orig_pk_column := x_orig_pk_column || ',' || x_pk3_column_name;
487 end if;
488 if(x_pk4_column_name is not NULL) then
489 x_orig_pk_column := x_orig_pk_column || ',' || x_pk4_column_name;
490 end if;
491 if(x_pk5_column_name is not NULL) then
492 x_orig_pk_column := x_orig_pk_column || ',' || x_pk5_column_name;
493 end if;
494
495
496 -- Replace column names with aliases if aliases were passed.
497 if(x_pk1_column_name is not NULL) and (p_pk1_alias is not NULL) then
498 x_pk1_column_name := p_pk1_alias;
499 end if;
500 if(x_pk2_column_name is not NULL) and (p_pk2_alias is not NULL) then
501 x_pk2_column_name := p_pk2_alias;
502 end if;
503 if(x_pk3_column_name is not NULL) and (p_pk3_alias is not NULL) then
504 x_pk3_column_name := p_pk3_alias;
505 end if;
506 if(x_pk4_column_name is not NULL) and (p_pk4_alias is not NULL) then
507 x_pk4_column_name := p_pk4_alias;
508 end if;
509 if(x_pk5_column_name is not NULL) and (p_pk5_alias is not NULL) then
510 x_pk5_column_name := p_pk5_alias;
511 end if;
512
513 -- Build up the x_aliased_pk_column and x_aliased_ik_column lists
514 -- by adding values for each column name.
515 x_aliased_pk_column:=x_pk1_column_name;
516
517 x_aliased_ik_column := get_conv_from_char(
518 'INSTANCE_PK1_VALUE', x_pk1_column_type);
519
520 if x_pk2_COLUMN_name is not null then
521 x_aliased_pk_column:=
522 x_aliased_pk_column||','||x_pk2_COLUMN_name;
523 x_aliased_ik_column := x_aliased_ik_column||','||get_conv_from_char(
524 'INSTANCE_PK2_VALUE', x_pk2_column_type);
525
526 if x_pk3_COLUMN_name is not null then
527 x_aliased_pk_column :=
528 x_aliased_pk_column||','||x_pk3_COLUMN_name;
529 x_aliased_ik_column := x_aliased_ik_column||','||get_conv_from_char(
530 'INSTANCE_PK3_VALUE', x_pk3_column_type);
531
532 if x_pk4_COLUMN_name is not null then
533 x_aliased_pk_column:=
534 x_aliased_pk_column||','||x_pk4_COLUMN_name;
535 x_aliased_ik_column := x_aliased_ik_column||','||
536 get_conv_from_char(
537 'INSTANCE_PK4_VALUE', x_pk4_column_type);
538
539 if x_pk5_COLUMN_name is not null then
540 x_aliased_pk_column:=
541 x_aliased_pk_column||','||x_pk5_COLUMN_name;
542 x_aliased_ik_column := x_aliased_ik_column||','||
543 get_conv_from_char('INSTANCE_PK5_VALUE', x_pk5_column_type);
544 end if;
545 end if;
546 end if;
547 end if;
548
549 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
550 ,p_module => l_api_name
551 ,p_message => 'Returning PK information as ' ||
552 'p_object_name: '|| p_object_name ||
553 ' - x_pk1_column_name: '|| x_pk1_column_name ||
554 ' - x_pk2_column_name: '|| x_pk2_column_name ||
555 ' - x_pk3_column_name: '|| x_pk3_column_name ||
556 ' - x_pk4_column_name: '|| x_pk4_column_name ||
557 ' - x_pk5_column_name: '|| x_pk5_column_name ||
558 ' - x_aliased_pk_column: '|| x_aliased_pk_column ||
559 ' - x_aliased_ik_column: '|| x_aliased_ik_column ||
560 ' - x_database_object_name: '|| x_database_object_name
561 );
562 return G_RETURN_SUCCESS;
563 end get_pk_information;
564 --Bug 5027160 :START
565 ----------------------------------------------
566 --This is an internal procedure. Not in spec.
567 ----------------------------------------------
568 --This will return either T or F depending on
569 --whethe the user has privilege or not
570 ----------------------------------------------
571 FUNCTION process_set_ids(
572 p_db_pk1_column IN VARCHAR2,
573 p_db_pk2_column IN VARCHAR2,
574 p_db_pk3_column IN VARCHAR2,
575 p_db_pk4_column IN VARCHAR2,
576 p_db_pk5_column IN VARCHAR2,
577 p_instance_pk1_value IN VARCHAR2,
578 p_instance_pk2_value IN VARCHAR2 DEFAULT NULL,
579 p_instance_pk3_value IN VARCHAR2 DEFAULT NULL,
580 p_instance_pk4_value IN VARCHAR2 DEFAULT NULL,
581 p_instance_pk5_value IN VARCHAR2 DEFAULT NULL,
582 p_dynamic_sql IN VARCHAR2,
583 p_instance_predicate_list IN VARCHAR2
584 ) RETURN VARCHAR2 IS
585 l_api_name CONSTANT VARCHAR2(30) := 'PROCESS_SET_IDS';
586 instance_set DYNAMIC_CUR;
587 l_instance_id_col1 VARCHAR2(512);
588 l_instance_id_col2 VARCHAR2(512);
589 l_instance_id_col3 VARCHAR2(512);
590 l_instance_id_col4 VARCHAR2(512);
591 l_instance_id_col5 VARCHAR2(512);
592 l_dynamic_sql VARCHAR2(32767);
593 l_instance_predicate_list VARCHAR2(32767);
594 l_inst_pred_length NUMBER;
595
596 BEGIN
597 l_instance_predicate_list := p_instance_predicate_list;
598 -- if the last word is 'OR' then strip the trailing 'OR'
599 l_inst_pred_length := LENGTH(l_instance_predicate_list);
600 IF l_inst_pred_length <= 1 THEN
601 RETURN G_RETURN_FAILURE;
602 ELSE
603 l_instance_predicate_list := SUBSTR(l_instance_predicate_list, 1,
604 l_inst_pred_length - length('OR ('));
605 END IF;
606 l_dynamic_sql := p_dynamic_sql ||'('||l_instance_predicate_list||')';
607 if(p_db_pk5_column is not NULL) THEN
608 OPEN instance_set FOR l_dynamic_sql USING
609 p_instance_pk1_value, p_instance_pk1_value,
610 p_instance_pk2_value, p_instance_pk2_value,
611 p_instance_pk3_value, p_instance_pk3_value,
612 p_instance_pk4_value, p_instance_pk4_value,
613 p_instance_pk5_value, p_instance_pk5_value;
614 FETCH instance_set INTO l_instance_id_col1, l_instance_id_col2,
615 l_instance_id_col3, l_instance_id_col4,
616 l_instance_id_col5;
617 CLOSE instance_set;
618 IF (l_instance_id_col1 = p_instance_pk1_value
619 and l_instance_id_col2 = p_instance_pk2_value
620 and l_instance_id_col3 = p_instance_pk3_value
621 and l_instance_id_col4 = p_instance_pk4_value
622 and l_instance_id_col5 = p_instance_pk5_value) THEN
623 RETURN G_RETURN_SUCCESS;
624 ELSE
625 RETURN G_RETURN_FAILURE;
626 END IF;
627 elsif(p_db_pk4_column is not NULL) then
628 OPEN instance_set FOR l_dynamic_sql USING
629 p_instance_pk1_value, p_instance_pk1_value,
630 p_instance_pk2_value, p_instance_pk2_value,
631 p_instance_pk3_value, p_instance_pk3_value,
632 p_instance_pk4_value, p_instance_pk4_value;
633 FETCH instance_set into l_instance_id_col1,
634 l_instance_id_col2,
635 l_instance_id_col3,
636 l_instance_id_col4;
637 CLOSE instance_set;
638 IF (l_instance_id_col1 = p_instance_pk1_value
639 and l_instance_id_col2 = p_instance_pk2_value
640 and l_instance_id_col3 = p_instance_pk3_value
641 and l_instance_id_col4 = p_instance_pk4_value) THEN
642 RETURN G_RETURN_SUCCESS;
643 ELSE
644 RETURN G_RETURN_FAILURE;
645 END IF;
646 elsif(p_db_pk3_column is not NULL) then
647 OPEN instance_set FOR l_dynamic_sql USING
648 p_instance_pk1_value, p_instance_pk1_value,
649 p_instance_pk2_value, p_instance_pk2_value,
650 p_instance_pk3_value, p_instance_pk3_value;
651 FETCH instance_set INTO l_instance_id_col1,
652 l_instance_id_col2,
653 l_instance_id_col3;
654 CLOSE instance_set;
655 IF (l_instance_id_col1 = p_instance_pk1_value
656 and l_instance_id_col2 = p_instance_pk2_value
657 and l_instance_id_col3 = p_instance_pk3_value) THEN
658 RETURN G_RETURN_SUCCESS;
659 ELSE
660 RETURN G_RETURN_FAILURE;
661 END IF;
662 elsif(p_db_pk2_column is not NULL) then
663 OPEN instance_set FOR l_dynamic_sql USING
664 p_instance_pk1_value, p_instance_pk1_value,
665 p_instance_pk2_value, p_instance_pk2_value;
666 FETCH instance_set INTO l_instance_id_col1, l_instance_id_col2;
667 CLOSE instance_set;
668 IF (l_instance_id_col1 = p_instance_pk1_value
669 and l_instance_id_col2 = p_instance_pk2_value) THEN
670 RETURN G_RETURN_SUCCESS;
671 ELSE
672 RETURN G_RETURN_FAILURE;
673 END IF;
674 elsif(p_db_pk1_column is not NULL) then
675 OPEN instance_set FOR l_dynamic_sql USING
676 p_instance_pk1_value, p_instance_pk1_value;
677 FETCH instance_set INTO l_instance_id_col1;
678 CLOSE instance_set;
679 IF (l_instance_id_col1 = p_instance_pk1_value) THEN
680 RETURN G_RETURN_SUCCESS;
681 ELSE
682 RETURN G_RETURN_FAILURE;
683 END IF;
684 else
685 RETURN G_RETURN_UNEXP_ERR; /* This will never happen since pk1 is reqd*/
686 end if;
687 EXCEPTION
688 WHEN OTHERS THEN
689 return G_RETURN_UNEXP_ERR;
690 END process_set_ids;
691 --------------------------------------------------------------------------
692 --Bug 5027160 :END
693
694 --------------------------------------------------------
695 ---- check_function
696 --------------------------------------------------------
697 FUNCTION check_function
698 (
699 p_api_version IN NUMBER,
700 p_function IN VARCHAR2,
701 p_object_name IN VARCHAR2,
702 p_instance_pk1_value IN VARCHAR2,
703 p_instance_pk2_value IN VARCHAR2 DEFAULT NULL,
704 p_instance_pk3_value IN VARCHAR2 DEFAULT NULL,
705 p_instance_pk4_value IN VARCHAR2 DEFAULT NULL,
706 p_instance_pk5_value IN VARCHAR2 DEFAULT NULL,
707 p_user_name IN VARCHAR2 DEFAULT NULL
708 )
709 RETURN VARCHAR2 IS
710
711 l_api_version CONSTANT NUMBER := 1.0;
712 l_api_name CONSTANT VARCHAR2(30) := 'CHECK_FUNCTION';
713 -- l_orig_system VARCHAR2(48);
714 l_orig_system_id NUMBER;
715 l_db_object_name VARCHAR2(99);
716 l_db_pk1_column VARCHAR2(99);
717 l_db_pk2_column VARCHAR2(99);
718 l_db_pk3_column VARCHAR2(99);
719 l_db_pk4_column VARCHAR2(99);
720 l_db_pk5_column VARCHAR2(99);
721 l_pk_column_names VARCHAR2(512);
722 l_pk_orig_column_names VARCHAR2(512);
723 l_type_converted_val_cols VARCHAR2(512);
724 l_result VARCHAR2(1);
725 l_return_status VARCHAR2(1);
726 l_group_info VARCHAR2(32767); /* Must match g_pred_buf_size*/
727 l_company_info VARCHAR2(32767); /* Must match g_pred_buf_size*/
728 l_menu_info VARCHAR2(32767); /* Must match g_pred_buf_size*/
729 l_object_id NUMBER;
730 l_user_name VARCHAR2(80);
731 l_prof_privilege_tbl EGO_VARCHAR_TBL_TYPE;
732
733 candidate_sets_c DYNAMIC_CUR;
734 instance_set DYNAMIC_CUR;
735 l_dynamic_sql_1 VARCHAR2(32767);
736 l_dynamic_sql VARCHAR2(32767);
737 l_select_query_part VARCHAR2(3000);
738 l_one_set_predicate VARCHAR2(32767);
739 l_one_set_id NUMBER;
740
741 --Bug:11708885 : Start
742 Type set_predicates is table of VARCHAR2(32767) ;
743 Type set_ids is TABLE OF NUMBER;
744
745
746 l_set_predicates set_predicates;
747 l_set_ids set_ids;
748 -- Bug 11708885 : End
749
750 --bug 5027160.
751 l_instance_predicate_list VARCHAR2(10000);
752 l_has_priv VARCHAR2(1);
753 l_set_id_cnt NUMBER;
754
755 CURSOR menu_functions_c (cp_function_name IN VARCHAR2) IS
756 SELECT menu_id
757 FROM fnd_menu_entries
758 WHERE function_id =
759 (SELECT function_id
760 FROM fnd_form_functions
761 WHERE function_name = cp_function_name
762 );
763
764 --********************************************** 8673870 *********************************
765 l_return_success CONSTANT VARCHAR2(1) := 'T';
766 l_return_failure CONSTANT VARCHAR2(1) := 'F';
767 l_in_params_rec EGO_CUSTOM_SECURITY_PUB.in_params_rec_type;
768 l_out_params_rec EGO_CUSTOM_SECURITY_PUB.out_params_rec_type;
769 -- for standard API parameter
770 -- l_return_status VARCHAR2(1); --already exist above
771 l_msg_count NUMBER;
772 l_msg_data VARCHAR(2000); -- Bug 9948053, increasing length of variable
773 --********************************************** 8673870 *********************************
774
775
776
777 BEGIN
778 SetGlobals();
779 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
780 ,p_module => l_api_name
781 ,p_message => 'Started with 9 params '||
782 ' p_api_version: '|| to_char(p_api_version) ||
783 ' - p_function: '|| p_function ||
784 ' - p_object_name: '|| p_object_name ||
785 ' - p_instance_pk1_value: '|| p_instance_pk1_value ||
786 ' - p_instance_pk2_value: '|| p_instance_pk2_value ||
787 ' - p_instance_pk3_value: '|| p_instance_pk3_value ||
788 ' - p_instance_pk4_value: '|| p_instance_pk4_value ||
789 ' - p_instance_pk5_value: '|| p_instance_pk5_value ||
790 ' - p_user_name: '|| p_user_name
791 );
792
793 if TRUNC(l_api_version) <> TRUNC(p_api_version) THEN
794 fnd_message.set_name('FND', 'GENERIC-INTERNAL ERROR');
795 fnd_message.set_token('ROUTINE',
796 g_pkg_name || '.'|| l_api_name);
797 fnd_message.set_token('REASON',
798 'Unsupported version '|| to_char(p_api_version)||
799 ' passed to API; expecting version '||
800 to_char(l_api_version));
801 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
802 ,p_module => l_api_name
803 ,p_message => 'Returning as the call in incompatible '
804 );
805 return G_RETURN_UNEXP_ERR;
806 end if;
807 l_user_name := p_user_name;
808
809 --********************************************** 8673870 *********************************
810 l_in_params_rec.user_name := p_user_name;
811 l_in_params_rec.object_name := p_object_name;
812 l_in_params_rec.instance_pk1_value := p_instance_pk1_value;
813 l_in_params_rec.instance_pk2_value := p_instance_pk2_value;
814 l_in_params_rec.instance_pk3_value := p_instance_pk3_value;
815 l_in_params_rec.instance_pk4_value := p_instance_pk4_value;
816 l_in_params_rec.instance_pk5_value := p_instance_pk5_value;
817 l_in_params_rec.function_name := p_function;
818
819 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
820 ,p_module => l_api_name
821 ,p_message => 'Calling EGO_CUSTOM_SECURITY_PUB.check_custom_security with params'||
822 ' l_in_params_rec.user_name = '|| l_in_params_rec.user_name ||
823 ' l_in_params_rec.object_name = '|| l_in_params_rec.object_name ||
824 ' l_in_params_rec.instance_pk1_value = '|| l_in_params_rec.instance_pk1_value ||
825 ' l_in_params_rec.instance_pk2_value = '|| l_in_params_rec.instance_pk2_value ||
826 ' l_in_params_rec.instance_pk3_value = '|| l_in_params_rec.instance_pk3_value ||
827 ' l_in_params_rec.instance_pk4_value = '|| l_in_params_rec.instance_pk4_value ||
828 ' l_in_params_rec.instance_pk5_value = '|| l_in_params_rec.instance_pk5_value ||
829 ' l_in_params_rec.function_name = '|| l_in_params_rec.function_name
830 );
831
832 EGO_CUSTOM_SECURITY_PUB.check_custom_security(
833 p_in_params_rec => l_in_params_rec
834 ,x_out_params_rec => l_out_params_rec
835
836 --standard parameters
837 ,p_api_version => 1.0
838 ,x_return_status => l_return_status
839 ,x_msg_count => l_msg_count
840 ,x_msg_data => l_msg_data
841 );
842
843 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
844 ,p_module => l_api_name
845 ,p_message => 'Returned from EGO_CUSTOM_SECURITY_PUB.check_custom_security ' ||
846 ' with return_status: '|| l_return_status ||
847 ' l_out_params_rec.user_has_function: '|| l_out_params_rec.user_has_function
848 );
849
850 IF l_out_params_rec.user_has_function = 'T' THEN
851 RETURN l_return_success;
852 ELSIF l_out_params_rec.user_has_function = 'F' THEN
853 RETURN l_return_failure;
854 END IF;
855
856 --********************************************** 8673870 *********************************
857
858
859 get_orig_key(x_user_name => l_user_name
860 -- ,x_orig_system => l_orig_system
861 ,x_orig_system_id => l_orig_system_id);
862 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
863 ,p_module => l_api_name
864 ,p_message => 'l_user_name: '||l_user_name||
865 -- ' - l_orig_system: '||l_orig_system||
866 ' - l_orig_system_id: '||l_orig_system_id
867 );
868 ------------------------------------------------------------------
869 --First we see if a profile option is set and if function exists--
870 -- if so we return it here itself without doing further query --
871 -------------------------------------------------------------------
872 getPrivilege_for_profileOption(p_api_version => p_api_version,
873 p_object_name => p_object_name,
874 p_user_name => l_user_name,
875 x_privilege_tbl => l_prof_privilege_tbl,
876 x_return_status => l_return_status);
877
878 IF (l_return_status = G_RETURN_SUCCESS) THEN
879 IF (l_prof_privilege_tbl.COUNT > 0) THEN
880 FOR i IN l_prof_privilege_tbl.first .. l_prof_privilege_tbl.last LOOP
881 IF (l_prof_privilege_tbl(i) = p_function) THEN
882 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
883 ,p_module => l_api_name
884 ,p_message => 'Returning TRUE as privilege is obtained from profile '
885 );
886 RETURN G_RETURN_SUCCESS;
887 END IF; --if function match, returning T
888 END LOOP;
889 END IF; -- x_prof_privilege_tbl >0
890 END IF; --return status is T
891
892 ------------------------------------------------------------------
893 --end of check in profile option --
894 -------------------------------------------------------------------
895 -- get All privileges of a user on a given object
896 -- Step 1.
897 -- get database object name and column
898 -- cache the PK column name
899 l_return_status := get_pk_information(p_object_name ,
900 l_db_pk1_column ,
901 l_db_pk2_column ,
902 l_db_pk3_column ,
903 l_db_pk4_column ,
904 l_db_pk5_column ,
905 l_pk_column_names ,
906 l_type_converted_val_cols ,
907 l_pk_orig_column_names,
908 l_db_object_name );
909 IF (l_return_status <> G_RETURN_SUCCESS) THEN
910 /* There will be a message on the msg dict stack. */
911 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
912 ,p_module => l_api_name
913 ,p_message => 'Returning FALSE as pk values are not correct'
914 );
915 return l_return_status; /* We will return the x_return_status as out param */
916 end if;
917
918 l_object_id:=get_object_id(p_object_name => p_object_name );
919 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
920 ,p_module => l_api_name
921 ,p_message => 'l_object_id: '||l_object_id
922 );
923 -- step 1.1
924 -- pre-fetch company/group/menu info
925 l_menu_info := '';
926 FOR menu_rec IN menu_functions_c (cp_function_name => p_function) LOOP
927 l_menu_info:=l_menu_info||menu_rec.menu_id||', ';
928 END LOOP;
929 IF( length( l_menu_info ) >0) THEN
930 -- strip off the trailing ', '
931 l_menu_info := SUBSTR(l_menu_info,1,length(l_menu_info) - length(', '));
932 ELSE
933 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
934 ,p_module => l_api_name
935 ,p_message => 'Returning FALSE as function not associated to any menu'
936 );
937 RETURN G_RETURN_FAILURE;
938 END IF;
939 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
940 ,p_module => l_api_name
941 ,p_message => 'l_menu_info: '||l_menu_info
942 );
943
944 l_group_info := get_group_info(p_party_id => l_orig_system_id);
945 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
946 ,p_module => l_api_name
947 ,p_message => 'l_group_info: '||l_group_info
948 );
949 l_company_info := get_company_info (p_party_id => l_orig_system_id);
950 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
951 ,p_module => l_api_name
952 ,p_message => 'l_company_info: '||l_company_info
953 );
954
955 --end_date:= DBMS_UTILITY.GET_TIME;
956 --millisec:= (end_date-start_date)*24*60*60*1000;
957 --dbms_output.put_line('2. Diff. in Get Time 100th of a sec ::'||to_char(end_date-start_date,'9999999'));
958 -- R12C Security Changes
959 /* l_dynamic_sql :=
960 'SELECT ''X'' ' ||
961 ' FROM fnd_grants grants ' ||
962 ' WHERE grants.object_id = :object_id ' ||
963 ' AND grants.start_date <= SYSDATE '||
964 ' AND NVL(grants.end_date, SYSDATE) >= SYSDATE ' ||
965 ' AND grants.instance_type = :instance_type ' ||
966 ' AND ( ( grants.grantee_type = ''USER'' AND ' ||
967 ' grants.grantee_key = :user_name ) '||
968 ' OR ( grants.grantee_type = ''GROUP'' AND '||
969 ' grants.grantee_key in ( '||l_group_info||' ))' ||
970 ' OR ( grants.grantee_type = ''COMPANY'' AND '||
971 ' grants.grantee_key in ( '||l_company_info||' ))' ||
972 ' OR (grants.grantee_type = ''GLOBAL'' AND '||
973 ' grants.grantee_key in (''HZ_GLOBAL:-1000'', ''GLOBAL'') )) '||
974 ' AND grants.menu_id IN (' || l_menu_info ||') ' ||
975 ' AND grants.instance_pk1_value = :pk1_val ' ||
976 ' AND ( grants.instance_pk2_value = :pk2_val OR' ||
977 ' ( grants.instance_pk2_value = ''*NULL*'' AND :pk2_val is NULL )) '||
978 ' AND ( grants.instance_pk3_value = :pk3_val OR '||
979 ' ( grants.instance_pk3_value = ''*NULL*'' AND :pk3_val is NULL )) '||
980 ' AND ( grants.instance_pk4_value = :pk4_val OR '||
981 ' ( grants.instance_pk4_value = ''*NULL*'' AND :pk4_val is NULL )) '||
982 ' AND ( grants.instance_pk5_value = :pk5_val OR '||
983 ' ( grants.instance_pk5_value = ''*NULL*'' AND :pk5_val is NULL )) '; */
984
985 IF (p_object_name = 'EGO_CATALOG_GROUP') THEN
986 l_dynamic_sql :=
987 'SELECT ''X'' ' ||
988 ' FROM fnd_grants grants, ego_item_cat_denorm_hier cathier ' ||
989 ' WHERE grants.object_id = :object_id ' ||
990 ' AND grants.start_date <= SYSDATE '||
991 ' AND NVL(grants.end_date, SYSDATE) >= SYSDATE ' ||
992 ' AND grants.instance_type = :instance_type ' ||
993 ' AND ( ( grants.grantee_type = ''USER'' AND ' ||
994 ' grants.grantee_key = :user_name ) '||
995 ' OR ( grants.grantee_type = ''GROUP'' AND '||
996 ' grants.grantee_key in ( '||l_group_info||' ))' ||
997 ' OR ( grants.grantee_type = ''COMPANY'' AND '||
998 ' grants.grantee_key in ( '||l_company_info||' ))' ||
999 ' OR (grants.grantee_type = ''GLOBAL'' AND '||
1000 ' grants.grantee_key in (''HZ_GLOBAL:-1000'', ''GLOBAL'') )) '||
1001 ' AND grants.menu_id IN (' || l_menu_info ||') ' ||
1002
1003 ' AND grants.instance_pk1_value = cathier.parent_catalog_group_id ' ||
1004 ' AND cathier.child_catalog_group_id = :pk1_val ' ||
1005 ' AND ( grants.instance_pk2_value = :pk2_val OR' ||
1006 ' ( grants.instance_pk2_value = ''*NULL*'' AND :pk2_val is NULL )) '||
1007 ' AND ( grants.instance_pk3_value = :pk3_val OR '||
1008 ' ( grants.instance_pk3_value = ''*NULL*'' AND :pk3_val is NULL )) '||
1009 ' AND ( grants.instance_pk4_value = :pk4_val OR '||
1010 ' ( grants.instance_pk4_value = ''*NULL*'' AND :pk4_val is NULL )) '||
1011 ' AND ( grants.instance_pk5_value = :pk5_val OR '||
1012 ' ( grants.instance_pk5_value = ''*NULL*'' AND :pk5_val is NULL )) ';
1013 ELSE
1014 l_dynamic_sql :=
1015 'SELECT ''X'' ' ||
1016 ' FROM fnd_grants grants ' ||
1017 ' WHERE grants.object_id = :object_id ' ||
1018 ' AND grants.start_date <= SYSDATE '||
1019 ' AND NVL(grants.end_date, SYSDATE) >= SYSDATE ' ||
1020 ' AND grants.instance_type = :instance_type ' ||
1021 ' AND ( ( grants.grantee_type = ''USER'' AND ' ||
1022 ' grants.grantee_key = :user_name ) '||
1023 ' OR ( grants.grantee_type = ''GROUP'' AND '||
1024 ' grants.grantee_key in ( '||l_group_info||' ))' ||
1025 ' OR ( grants.grantee_type = ''COMPANY'' AND '||
1026 ' grants.grantee_key in ( '||l_company_info||' ))' ||
1027 ' OR (grants.grantee_type = ''GLOBAL'' AND '||
1028 ' grants.grantee_key in (''HZ_GLOBAL:-1000'', ''GLOBAL'') )) '||
1029
1030 ' AND grants.menu_id IN (' || l_menu_info ||') ' ||
1031
1032 ' AND grants.instance_pk1_value = :pk1_val ' ||
1033 ' AND ( grants.instance_pk2_value = :pk2_val OR' ||
1034 ' ( grants.instance_pk2_value = ''*NULL*'' AND :pk2_val is NULL )) '||
1035 ' AND ( grants.instance_pk3_value = :pk3_val OR '||
1036 ' ( grants.instance_pk3_value = ''*NULL*'' AND :pk3_val is NULL )) '||
1037 ' AND ( grants.instance_pk4_value = :pk4_val OR '||
1038 ' ( grants.instance_pk4_value = ''*NULL*'' AND :pk4_val is NULL )) '||
1039 ' AND ( grants.instance_pk5_value = :pk5_val OR '||
1040 ' ( grants.instance_pk5_value = ''*NULL*'' AND :pk5_val is NULL )) ';
1041 END IF;
1042 -- R12C Security Changes
1043
1044 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
1045 ,p_module => l_api_name
1046 ,p_message => 'Binds for instance_set sql '||
1047 ' l_object_id: '||l_object_id||
1048 ' - G_TYPE_INSTANCE: '||G_TYPE_INSTANCE||
1049 ' - l_user_name: '||l_user_name||
1050 ' - p_instance_pk1_value: '|| p_instance_pk1_value ||
1051 ' - p_instance_pk2_value: '|| p_instance_pk2_value ||
1052 ' - p_instance_pk3_value: '|| p_instance_pk3_value ||
1053 ' - p_instance_pk4_value: '|| p_instance_pk4_value ||
1054 ' - p_instance_pk5_value: '|| p_instance_pk5_value
1055 );
1056
1057 OPEN instance_set FOR l_dynamic_sql
1058 USING IN l_object_id,
1059 IN G_TYPE_INSTANCE,
1060 IN l_user_name,
1061
1062 IN p_instance_pk1_value,
1063 IN p_instance_pk2_value,
1064 IN p_instance_pk2_value,
1065 IN p_instance_pk3_value,
1066 IN p_instance_pk3_value,
1067 IN p_instance_pk4_value,
1068 IN p_instance_pk4_value,
1069 IN p_instance_pk5_value,
1070 IN p_instance_pk5_value;
1071 FETCH instance_set INTO l_result;
1072 CLOSE instance_set;
1073 IF (l_result = 'X') THEN
1074 RETURN G_RETURN_SUCCESS;
1075 END IF;
1076 -- Step 2.
1077 -- get instance set ids in which the given object_key exist
1078 -- as a set into l_instance_set
1079 -- R12C Security Changes
1080 /*l_select_query_part:=
1081 'SELECT '|| l_pk_column_names ||
1082 ' FROM '|| l_db_object_name ||
1083 ' WHERE '; */
1084
1085 IF (p_object_name = 'EGO_ITEM') THEN
1086 l_select_query_part:=
1087 'SELECT '|| l_pk_column_names ||
1088 ' FROM '|| l_db_object_name || ', ego_item_cat_denorm_hier cathier'||
1089 ' WHERE ';
1090 ELSE
1091 l_select_query_part:=
1092 'SELECT '|| l_pk_column_names ||
1093 ' FROM '|| l_db_object_name ||
1094 ' WHERE ';
1095 END IF;
1096 -- R12C Security Changes
1097
1098 IF (l_db_pk1_column IS NOT NULL) THEN
1099 l_select_query_part := l_select_query_part ||
1100 ' ( '||l_db_pk1_column||' = :pk1_val '||
1101 ' OR ( '||l_db_pk1_column||' is NULL AND :pk1_val is NULL))';
1102 END IF;
1103 IF (l_db_pk2_column IS NOT NULL) THEN
1104 l_select_query_part := l_select_query_part ||
1105 ' AND ( '||l_db_pk2_column||' = :pk2_val '||
1106 ' OR ( '||l_db_pk2_column||' is NULL AND :pk2_val is NULL))';
1107 END IF;
1108 IF (l_db_pk3_column IS NOT NULL) THEN
1109 l_select_query_part := l_select_query_part ||
1110 ' AND ( '||l_db_pk3_column||' = :pk3_val '||
1111 ' OR ( '||l_db_pk3_column||' is NULL AND :pk3_val is NULL))';
1112 END IF;
1113 IF (l_db_pk4_column IS NOT NULL) THEN
1114 l_select_query_part := l_select_query_part ||
1115 ' AND ( '||l_db_pk4_column||' = :pk4_val '||
1116 ' OR ( '||l_db_pk4_column||' is NULL AND :pk4_val is NULL))';
1117 END IF;
1118 IF (l_db_pk5_column IS NOT NULL) THEN
1119 l_select_query_part := l_select_query_part ||
1120 ' AND ( '||l_db_pk5_column||' = :pk5_val '||
1121 ' OR ( '||l_db_pk5_column||' is NULL AND :pk5_val is NULL))';
1122 END IF;
1123
1124 -- R12C Security Changes
1125 -- l_select_query_part := l_select_query_part || ' AND ';
1126 IF (p_object_name = 'EGO_ITEM') THEN
1127 l_select_query_part := l_select_query_part || ' AND item_catalog_group_id = cathier.child_catalog_group_id(+) AND ';
1128 ELSE
1129 l_select_query_part := l_select_query_part || ' AND ';
1130 END IF;
1131 -- R12C Security Changes
1132
1133 l_dynamic_sql := l_select_query_part;
1134 l_instance_predicate_list := '(';
1135 l_set_id_cnt := 0;
1136
1137
1138 --end_date:= DBMS_UTILITY.GET_TIME;
1139 --millisec:= (end_date-start_date)*24*60*60*1000;
1140 --dbms_output.put_line('1. Diff. in Get Time 100th of a sec ::'||to_char(end_date-start_date,'9999999'));
1141 --bug 5027160.:START
1142
1143 --
1144 -- open cursor for candidate sets and find out what all are required
1145 --
1146
1147 l_dynamic_sql_1 :=
1148 ' SELECT sets.instance_SET_ID, sets.predicate ' ||
1149 ' FROM fnd_object_instance_sets sets '||
1150 ' WHERE (sets.instance_set_id, sets.object_id) IN ' ||
1151 ' (SELECT grants.instance_set_id, grants.object_id ' ||
1152 ' FROM fnd_grants grants '||
1153 ' WHERE grants.object_id = :object_id '||
1154 ' AND grants.start_date <= SYSDATE ' ||
1155 ' AND NVL(grants.end_date,SYSDATE) >= SYSDATE '||
1156 ' AND grants.instance_type = :instance_type ' ||
1157 ' AND ( ( grants.grantee_type = ''USER'' AND '||
1158 ' grants.grantee_key = :user_name ) '||
1159 ' OR ( grants.grantee_type = ''GROUP'' AND '||
1160 ' grants.grantee_key in ( '||l_group_info||' ))' ||
1161 ' OR ( grants.grantee_type = ''COMPANY'' AND '||
1162 ' grants.grantee_key in ( '||l_company_info||' ))' ||
1163 ' OR (grants.grantee_type = ''GLOBAL'' AND '||
1164 ' grants.grantee_key in (''HZ_GLOBAL:-1000'', ''GLOBAL'') )) '||
1165 ' AND grants.menu_id IN (' || l_menu_info ||') )' ;
1166
1167
1168
1169 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
1170 ,p_module => l_api_name
1171 ,p_message => 'SQL for candidate_sets_cursor '||l_dynamic_sql_1
1172 );
1173 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
1174 ,p_module => l_api_name
1175 ,p_message => 'Binds for candidate_sets_cursor '||
1176 ' l_object_id: '||l_object_id||
1177 ' - G_TYPE_SET: '||G_TYPE_SET||
1178 ' - l_user_name: '||l_user_name
1179 );
1180
1181 OPEN candidate_sets_c FOR l_dynamic_sql_1
1182 USING IN l_object_id,
1183 IN G_TYPE_SET,
1184 IN l_user_name;
1185
1186 FETCH candidate_sets_c BULK COLLECT INTO l_set_ids,l_set_predicates; -- Bug 11708885
1187
1188 FOR indx IN 1 .. l_set_predicates.COUNT -- Bug 11708885
1189 LOOP
1190 --FETCH candidate_sets_c INTO l_one_set_id, l_one_set_predicate;
1191 --EXIT WHEN candidate_sets_c%NOTFOUND;
1192 --incrementing the count so that we can call the API process_set_ids if
1193 --the count is 10.
1194 l_set_id_cnt:=l_set_id_cnt+1;
1195 l_one_set_id := l_set_ids(indx); -- Bug 11708885
1196 l_one_set_predicate := l_set_predicates(indx); -- Bug 11708885
1197
1198 l_instance_predicate_list :=
1199 l_instance_predicate_list ||l_one_set_predicate ||') OR (';
1200 --we are collectig prdicates and trying to process 10 at a time
1201 --by executing the l_dynamic_sql once for ten predicates, thus reducing
1202 --the number of times the l_dynamic_sql is executed.
1203 IF (MOD(l_set_id_cnt,10) = 0) THEN
1204 l_has_priv := process_set_ids (
1205 p_db_pk1_column => l_db_pk1_column,
1206 p_db_pk2_column => l_db_pk2_column,
1207 p_db_pk3_column => l_db_pk3_column,
1208 p_db_pk4_column => l_db_pk4_column,
1209 p_db_pk5_column => l_db_pk5_column,
1210 p_instance_pk1_value => p_instance_pk1_value,
1211 p_instance_pk2_value => p_instance_pk2_value,
1212 p_instance_pk3_value => p_instance_pk3_value,
1213 p_instance_pk4_value => p_instance_pk4_value,
1214 p_instance_pk5_value => p_instance_pk5_value,
1215 p_dynamic_sql => l_dynamic_sql,
1216 p_instance_predicate_list => l_instance_predicate_list
1217 );
1218 --return T if the user has a privilege
1219 IF l_has_priv = G_RETURN_SUCCESS THEN
1220 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
1221 ,p_module => l_api_name
1222 ,p_message => 'Returning from set id''s '||l_has_priv
1223 );
1224 RETURN l_has_priv;
1225 ELSIF l_has_priv = G_RETURN_UNEXP_ERR THEN
1226 RAISE FND_API.G_EXC_UNEXPECTED_ERROR;
1227 ELSE
1228 l_instance_predicate_list :='(';
1229 l_set_id_cnt:=0;
1230 END IF;
1231 END IF;--MOD(l_set_id_cnt,10)
1232 END LOOP;
1233 CLOSE candidate_sets_c;
1234 --calling the API process_set_ids for the rest of the set_ids.
1235 l_has_priv := process_set_ids (
1236 p_db_pk1_column => l_db_pk1_column,
1237 p_db_pk2_column => l_db_pk2_column,
1238 p_db_pk3_column => l_db_pk3_column,
1239 p_db_pk4_column => l_db_pk4_column,
1240 p_db_pk5_column => l_db_pk5_column,
1241 p_instance_pk1_value => p_instance_pk1_value,
1242 p_instance_pk2_value => p_instance_pk2_value,
1243 p_instance_pk3_value => p_instance_pk3_value,
1244 p_instance_pk4_value => p_instance_pk4_value,
1245 p_instance_pk5_value => p_instance_pk5_value,
1246 p_dynamic_sql => l_dynamic_sql,
1247 p_instance_predicate_list => l_instance_predicate_list
1248 );
1249 IF l_has_priv = G_RETURN_UNEXP_ERR THEN
1250 RAISE FND_API.G_EXC_UNEXPECTED_ERROR;
1251 END IF;
1252 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
1253 ,p_module => l_api_name
1254 ,p_message => 'Returning status '||l_has_priv
1255 );
1256 RETURN l_has_priv;
1257 --bug 5027160.:END
1258 EXCEPTION
1259 WHEN FND_API.G_EXC_UNEXPECTED_ERROR THEN
1260 code_debug (p_log_level => G_DEBUG_LEVEL_EXCEPTION
1261 ,p_module => l_api_name
1262 ,p_message => 'Returning EXCEPTION '||SQLERRM
1263 );
1264 RETURN G_RETURN_UNEXP_ERR;
1265 WHEN OTHERS THEN
1266 fnd_message.set_name('FND', 'SQL_PLSQL_ERROR');
1267 fnd_message.set_token('ROUTINE',G_PKG_NAME||l_api_name);
1268 fnd_message.set_token('ERRNO', SQLCODE);
1269 fnd_message.set_token('REASON', SQLERRM);
1270 code_debug (p_log_level => G_DEBUG_LEVEL_EXCEPTION
1271 ,p_module => l_api_name
1272 ,p_message => 'Returning EXCEPTION '||SQLERRM
1273 );
1274 RETURN G_RETURN_UNEXP_ERR;
1275 END check_function;
1276
1277 --------------------------------------------------------
1278 ---- check_inherited_function
1279 --------------------------------------------------------
1280 FUNCTION check_inherited_function
1281 (
1282 p_api_version IN NUMBER,
1283 p_function IN VARCHAR2,
1284 p_object_name IN VARCHAR2,
1285 p_instance_pk1_value IN VARCHAR2,
1286 p_instance_pk2_value IN VARCHAR2 DEFAULT NULL,
1287 p_instance_pk3_value IN VARCHAR2 DEFAULT NULL,
1288 p_instance_pk4_value IN VARCHAR2 DEFAULT NULL,
1289 p_instance_pk5_value IN VARCHAR2 DEFAULT NULL,
1290 p_user_name IN VARCHAR2 DEFAULT NULL,
1291 p_object_type IN VARCHAR2 DEFAULT NULL,
1292 p_parent_object_name IN VARCHAR2,
1293 p_parent_instance_pk1_value IN VARCHAR2,
1294 p_parent_instance_pk2_value IN VARCHAR2 DEFAULT NULL,
1295 p_parent_instance_pk3_value IN VARCHAR2 DEFAULT NULL,
1296 p_parent_instance_pk4_value IN VARCHAR2 DEFAULT NULL,
1297 p_parent_instance_pk5_value IN VARCHAR2 DEFAULT NULL
1298 )
1299 RETURN VARCHAR2 IS
1300
1301 l_api_version CONSTANT NUMBER := 1.0;
1302 l_api_name CONSTANT VARCHAR2(30) := 'CHECK_INHERITED_FUNCTION';
1303 l_sysdate DATE := Sysdate;
1304 l_predicate VARCHAR2(32767);
1305 -- l_orig_system VARCHAR2(48);
1306 l_orig_system_id NUMBER;
1307 l_dummy_id NUMBER;
1308 l_db_object_name VARCHAR2(30);
1309 l_db_pk1_column VARCHAR2(30);
1310 l_db_pk2_column VARCHAR2(30);
1311 l_db_pk3_column VARCHAR2(30);
1312 l_db_pk4_column VARCHAR2(30);
1313 l_db_pk5_column VARCHAR2(30);
1314 l_pk_column_names VARCHAR2(512);
1315 l_pk_orig_column_names VARCHAR2(512);
1316 l_type_converted_val_cols VARCHAR2(512);
1317 l_result VARCHAR2(1);
1318 l_return_status VARCHAR2(1);
1319 result VARCHAR2(30);
1320 l_own_result VARCHAR2(1);
1321 l_parent_object_table_count NUMBER;
1322 l_set_predicates VARCHAR2(32767);
1323 l_set_predicate_segment VARCHAR2(32767);
1324 l_group_info VARCHAR2(32767); /* Must match g_pred_buf_size*/
1325 l_company_info VARCHAR2(32767); /* Must match g_pred_buf_size*/
1326 l_menu_info VARCHAR2(32767); /* Must match g_pred_buf_size*/
1327 l_pk2_value VARCHAR2(200);
1328 l_pk3_value VARCHAR2(200);
1329 l_pk4_value VARCHAR2(200);
1330 l_pk5_value VARCHAR2(200);
1331
1332 instance_sets_cur DYNAMIC_CUR;
1333 dynamic_sql VARCHAR2(32767);
1334 parent_instance_grants_c DYNAMIC_CUR;
1335 parent_instance_set_grants_c DYNAMIC_CUR;
1336 l_dynamic_sql_1 VARCHAR2(32767);
1337
1338 CURSOR menu_id_c (cp_function VARCHAR2, cp_object_id NUMBER,
1339 cp_object_type VARCHAR2, cp_parent_object_id NUMBER)
1340 IS
1341 SELECT p.parent_role_id parent_role_id
1342 FROM fnd_menu_entries r, fnd_form_functions f,
1343 fnd_menus m, ego_obj_role_mappings p
1344 WHERE r.function_id = f.function_id
1345 AND r.menu_id = m.menu_id
1346 AND f.function_name = cp_function
1347 AND m.menu_id = p.child_role_id
1348 AND p.child_object_id = cp_object_id
1349 AND p.parent_object_id = cp_parent_object_id
1350 AND p.child_object_type = cp_object_type;
1351
1352 l_object_id NUMBER;
1353 l_parent_object_id NUMBER;
1354 l_user_name VARCHAR2(80);
1355 l_inst_pred_length NUMBER;
1356 l_profile_role VARCHAR2(30);
1357 BEGIN
1358 SetGlobals();
1359 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
1360 ,p_module => l_api_name
1361 ,p_message => 'Started with 16 params '||
1362 ' p_api_version: '|| to_char(p_api_version) ||
1363 ' - p_function: '|| p_function ||
1364 ' - p_object_name: '|| p_object_name ||
1365 ' - p_instance_pk1_value: '|| p_instance_pk1_value ||
1366 ' - p_instance_pk2_value: '|| p_instance_pk2_value ||
1367 ' - p_instance_pk3_value: '|| p_instance_pk3_value ||
1368 ' - p_instance_pk4_value: '|| p_instance_pk4_value ||
1369 ' - p_instance_pk5_value: '|| p_instance_pk5_value ||
1370 ' - p_user_name: '|| p_user_name ||
1371 ' - p_object_type: '|| p_object_type ||
1372 ' - p_parent_object_name: '|| p_parent_object_name ||
1373 ' - p_parent_instance_pk1_value: '|| p_parent_instance_pk1_value ||
1374 ' - p_parent_instance_pk2_value: '|| p_parent_instance_pk2_value ||
1375 ' - p_parent_instance_pk3_value: '|| p_parent_instance_pk3_value ||
1376 ' - p_parent_instance_pk4_value: '|| p_parent_instance_pk4_value ||
1377 ' - p_parent_instance_pk5_value: '|| p_parent_instance_pk5_value
1378 );
1379
1380 -- check for call compatibility.
1381 IF TRUNC(l_api_version) <> TRUNC(p_api_version) THEN
1382 fnd_message.set_name('FND', 'GENERIC-INTERNAL ERROR');
1383 fnd_message.set_token('ROUTINE',
1384 g_pkg_name || '.'|| l_api_name);
1385 fnd_message.set_token('REASON',
1386 'Unsupported version '|| to_char(p_api_version)||
1387 ' passed to API; expecting version '||
1388 to_char(l_api_version));
1389 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
1390 ,p_module => l_api_name
1391 ,p_message => 'Returning as the call in incompatible '
1392 );
1393 RETURN G_RETURN_UNEXP_ERR;
1394 END IF;
1395
1396 l_user_name := p_user_name;
1397 get_orig_key(x_user_name => l_user_name
1398 -- ,x_orig_system => l_orig_system
1399 ,x_orig_system_id => l_orig_system_id);
1400 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
1401 ,p_module => l_api_name
1402 ,p_message => 'l_user_name: '||l_user_name||
1403 -- ' - l_orig_system: '||l_orig_system||
1404 ' - l_orig_system_id: '||l_orig_system_id
1405 );
1406
1407 --call check_function first to check its own security
1408 --won't check it if object_instance is -1
1409
1410 if (p_instance_pk1_value<>-1) then
1411 l_own_result := check_function
1412 (p_api_version => 1.0,
1413 p_function => p_function,
1414 p_object_name => p_object_name,
1415 p_instance_pk1_value => p_instance_pk1_value,
1416 p_instance_pk2_value => p_instance_pk2_value,
1417 p_instance_pk3_value => p_instance_pk3_value,
1418 p_instance_pk4_value => p_instance_pk4_value,
1419 p_instance_pk5_value => p_instance_pk5_value,
1420 p_user_name => l_user_name);
1421
1422 if (l_own_result = G_RETURN_SUCCESS) then
1423 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
1424 ,p_module => l_api_name
1425 ,p_message => 'Returning Success as we have direct role '
1426 );
1427 RETURN G_RETURN_SUCCESS;
1428 end if;
1429 end if;
1430
1431 l_object_id := get_object_id(p_object_name => p_object_name);
1432 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
1433 ,p_module => l_api_name
1434 ,p_message => 'l_object_id: '||l_object_id
1435 );
1436 l_parent_object_id := get_object_id(p_object_name => p_parent_object_name);
1437 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
1438 ,p_module => l_api_name
1439 ,p_message => 'l_parent_object_id: '||l_parent_object_id
1440 );
1441
1442 l_menu_info := '';
1443 FOR menu_rec IN menu_id_c(p_function, l_object_id,
1444 p_object_type, l_parent_object_id)
1445 LOOP
1446 l_menu_info := l_menu_info || menu_rec.parent_role_id || ', ';
1447 END LOOP;
1448
1449 IF (length(l_menu_info) > 0) THEN
1450 -- strip off the trailing ', '
1451 l_menu_info := substr(l_menu_info, 1, length(l_menu_info) - length(', '));
1452 ELSE
1453 l_menu_info := 'NULL';
1454 END IF;
1455 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
1456 ,p_module => l_api_name
1457 ,p_message => 'l_menu_info: '||l_menu_info
1458 );
1459 l_group_info := get_group_info(p_party_id => l_orig_system_id);
1460 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
1461 ,p_module => l_api_name
1462 ,p_message => 'l_group_info: '||l_group_info
1463 );
1464 l_company_info := get_company_info (p_party_id => l_orig_system_id);
1465 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
1466 ,p_module => l_api_name
1467 ,p_message => 'l_company_info: '||l_company_info
1468 );
1469
1470 ------------------------------------------------------------------
1471 -- we see if a profile option is set and if so we add it to --
1472 -- the other list of menus --
1473 -------------------------------------------------------------------
1474 l_profile_role :=
1475 getRole_mappedTo_profileOption(p_parent_object_name, p_user_name);
1476 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
1477 ,p_module => l_api_name
1478 ,p_message => 'profile role for '||p_parent_object_name||
1479 ' is: '||l_profile_role
1480 );
1481 IF (l_profile_role <> '') THEN
1482 l_dummy_id := get_role_id(l_profile_role);
1483 IF l_dummy_id IS NOT NULL THEN
1484 IF(l_menu_info = 'NULL') THEN
1485 l_menu_info := l_dummy_id;
1486 ELSE
1487 l_menu_info := l_menu_info || ', ' || l_dummy_id;
1488 END IF;
1489 END IF;
1490 END IF;
1491
1492 -------------------------------------------------------
1493 -- We set PK query strings based on values passed in --
1494 -- (NOTE: following bug 2865553, FND_GRANTS will not --
1495 -- have null PK column values, so I'm changing this --
1496 -- code to check for '*NULL*' instead of null. -Dylan--
1497 -------------------------------------------------------
1498 translate_pk_values (p_instance_pk2_value => p_parent_instance_pk2_value
1499 ,p_instance_pk3_value => p_parent_instance_pk3_value
1500 ,p_instance_pk4_value => p_parent_instance_pk4_value
1501 ,p_instance_pk5_value => p_parent_instance_pk5_value
1502 ,x_trans_pk2_value => l_pk2_value
1503 ,x_trans_pk3_value => l_pk3_value
1504 ,x_trans_pk4_value => l_pk4_value
1505 ,x_trans_pk5_value => l_pk5_value
1506 );
1507 /***
1508 IF (p_instance_pk2_value IS NULL) THEN
1509 l_pk2_value := '*NULL*';
1510 else
1511 l_pk2_value := p_parent_instance_pk2_value;
1512 end if;
1513
1514 IF (p_instance_pk3_value IS NULL) THEN
1515 l_pk3_value := '*NULL*';
1516 ELSE
1517 l_pk3_value := p_parent_instance_pk3_value;
1518 END IF;
1519
1520 IF (p_instance_pk4_value IS NULL) THEN
1521 l_pk4_value := '*NULL*';
1522 ELSE
1523 l_pk4_value := p_parent_instance_pk4_value;
1524 END IF;
1525
1526 IF (p_instance_pk5_value IS NULL) THEN
1527 l_pk5_value := '*NULL*';
1528 ELSE
1529 l_pk5_value := p_parent_instance_pk5_value;
1530 END IF;
1531 ***/
1532 -------------------------------------------------------------------------------
1533 -- Now we build dynamic SQL using the work we just did to optimize the query --
1534 -------------------------------------------------------------------------------
1535 -- R12C Security Changes
1536 /* l_dynamic_sql_1 :=
1537 ' SELECT ''X'' ' ||
1538 ' FROM fnd_grants grants ' ||
1539 ' WHERE grants.object_id = :object_id' ||
1540 ' AND grants.start_date <= SYSDATE ' ||
1541 ' AND NVL(grants.end_date,SYSDATE) >= SYSDATE ' ||
1542 ' AND grants.instance_type = :instance_type ' ||
1543 ' AND grants.instance_pk1_value = :parent_instance_pk1_value ' ||
1544 ' AND grants.instance_pk2_value = :pk2_value ' ||
1545 ' AND grants.instance_pk3_value = :pk3_value ' ||
1546 ' AND grants.instance_pk4_value = :pk4_value ' ||
1547 ' AND grants.instance_pk5_value = :pk5_value ' ||
1548 ' AND ( ( grants.grantee_type = ''USER'' AND ' ||
1549 ' grants.grantee_key = :user_name ) '||
1550 ' OR (grants.grantee_type = ''GROUP'' AND ' ||
1551 ' grants.grantee_key in ( '||l_group_info||' )) ' ||
1552 ' OR (grants.grantee_type = ''COMPANY'' AND ' ||
1553 ' grants.grantee_key in ( '||l_company_info||' )) ' ||
1554 ' OR (grants.grantee_type = ''GLOBAL'' AND ' ||
1555 ' grants.grantee_key in (''HZ_GLOBAL:-1000'', ''GLOBAL'') )) '||
1556 ' AND grants.menu_id IN (' || l_menu_info ||') '; */
1557
1558
1559 IF (p_object_name = 'EGO_CATALOG_GROUP') THEN
1560 l_dynamic_sql_1 :=
1561 ' SELECT ''X'' ' ||
1562 ' FROM fnd_grants grants , ego_item_cat_denorm_hier cathier ' ||
1563 ' WHERE grants.object_id = :object_id' ||
1564 ' AND grants.start_date <= SYSDATE ' ||
1565 ' AND NVL(grants.end_date,SYSDATE) >= SYSDATE ' ||
1566 ' AND grants.instance_type = :instance_type ' ||
1567 ' AND grants.instance_pk1_value = cathier.parent_catalog_group_id ' ||
1568 ' AND cathier.child_catalog_group_id = :parent_instance_pk1_value ' ||
1569 ' AND grants.instance_pk2_value = :pk2_value ' ||
1570 ' AND grants.instance_pk3_value = :pk3_value ' ||
1571 ' AND grants.instance_pk4_value = :pk4_value ' ||
1572 ' AND grants.instance_pk5_value = :pk5_value ' ||
1573 ' AND ( ( grants.grantee_type = ''USER'' AND ' ||
1574 ' grants.grantee_key = :user_name ) '||
1575 ' OR (grants.grantee_type = ''GROUP'' AND ' ||
1576 ' grants.grantee_key in ( '||l_group_info||' )) ' ||
1577 ' OR (grants.grantee_type = ''COMPANY'' AND ' ||
1578 ' grants.grantee_key in ( '||l_company_info||' )) ' ||
1579 ' OR (grants.grantee_type = ''GLOBAL'' AND ' ||
1580 ' grants.grantee_key in (''HZ_GLOBAL:-1000'', ''GLOBAL'') )) '||
1581 ' AND grants.menu_id IN (' || l_menu_info ||') ';
1582
1583 ELSE
1584 l_dynamic_sql_1 :=
1585 ' SELECT ''X'' ' ||
1586 ' FROM fnd_grants grants ' ||
1587 ' WHERE grants.object_id = :object_id' ||
1588 ' AND grants.start_date <= SYSDATE ' ||
1589 ' AND NVL(grants.end_date,SYSDATE) >= SYSDATE ' ||
1590 ' AND grants.instance_type = :instance_type ' ||
1591 ' AND grants.instance_pk1_value = :parent_instance_pk1_value ' ||
1592 ' AND grants.instance_pk2_value = :pk2_value ' ||
1593 ' AND grants.instance_pk3_value = :pk3_value ' ||
1594 ' AND grants.instance_pk4_value = :pk4_value ' ||
1595 ' AND grants.instance_pk5_value = :pk5_value ' ||
1596 ' AND ( ( grants.grantee_type = ''USER'' AND ' ||
1597 ' grants.grantee_key = :user_name ) '||
1598 ' OR (grants.grantee_type = ''GROUP'' AND ' ||
1599 ' grants.grantee_key in ( '||l_group_info||' )) ' ||
1600 ' OR (grants.grantee_type = ''COMPANY'' AND ' ||
1601 ' grants.grantee_key in ( '||l_company_info||' )) ' ||
1602 ' OR (grants.grantee_type = ''GLOBAL'' AND ' ||
1603 ' grants.grantee_key in (''HZ_GLOBAL:-1000'', ''GLOBAL'') )) '||
1604 ' AND grants.menu_id IN (' || l_menu_info ||') ';
1605
1606 END IF;
1607
1608 --R12C Security Changes
1609
1610 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
1611 ,p_module => l_api_name
1612 ,p_message => 'Binds for parent direct grants '||
1613 ' l_parent_object_id: '||l_parent_object_id||
1614 ' - G_TYPE_INSTANCE: '||G_TYPE_INSTANCE||
1615 ' - p_parent_instance_pk1_value: '|| p_parent_instance_pk1_value ||
1616 ' - l_pk2_value: '|| l_pk2_value ||
1617 ' - l_pk3_value: '|| l_pk3_value ||
1618 ' - l_pk4_value: '|| l_pk4_value ||
1619 ' - l_pk5_value: '|| l_pk5_value ||
1620 ' - l_user_name: '||l_user_name
1621 );
1622 OPEN parent_instance_grants_c
1623 FOR l_dynamic_sql_1
1624 USING IN l_parent_object_id,
1625 IN G_TYPE_INSTANCE,
1626 IN p_parent_instance_pk1_value,
1627 IN l_pk2_value,
1628 IN l_pk3_value,
1629 IN l_pk4_value,
1630 IN l_pk5_value,
1631 IN l_user_name;
1632 FETCH parent_instance_grants_c INTO l_result;
1633 CLOSE parent_instance_grants_c;
1634
1635 IF (l_result = 'X') THEN
1636 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
1637 ,p_module => l_api_name
1638 ,p_message => 'Returning Success as function found in parent direct grants '
1639 );
1640 RETURN G_RETURN_SUCCESS;
1641 ELSE
1642 result := get_pk_information(p_parent_object_name, l_db_pk1_column,
1643 l_db_pk2_column, l_db_pk3_column,
1644 l_db_pk4_column, l_db_pk5_column,
1645 l_pk_column_names, l_type_converted_val_cols,
1646 l_pk_orig_column_names, l_db_object_name);
1647 if (result <> G_RETURN_SUCCESS) then
1648 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
1649 ,p_module => l_api_name
1650 ,p_message => 'Parent PK informatino not available returning: '||result
1651 );
1652 /* There will be a message on the msg dict stack. */
1653 return result;
1654 end if;
1655
1656 ---------------------------------------------------------------------------------
1657 -- Now we build a second dynamic SQL to check instance sets (still optimizing) --
1658 ---------------------------------------------------------------------------------
1659 l_set_predicates := '(';
1660 l_set_predicate_segment := '';
1661 l_dynamic_sql_1 :=
1662 ' SELECT DISTINCT instance_sets.predicate ' ||
1663 ' FROM fnd_grants grants, fnd_object_instance_sets instance_sets ' ||
1664 ' WHERE grants.instance_type = :instance_type '||
1665 ' AND grants.start_date <= SYSDATE ' ||
1666 ' AND NVL(grants.end_date,SYSDATE) >= SYSDATE ' ||
1667 ' AND grants.instance_set_id = instance_sets.instance_set_id ' ||
1668 ' AND grants.object_id = :object_id ' ||
1669 ' AND ( ( grants.grantee_type = ''USER'' AND ' ||
1670 ' grants.grantee_key = :user_name ) '||
1671 ' OR (grants.grantee_type = ''GROUP'' AND ' ||
1672 ' grants.grantee_key in ( '||l_group_info||' )) ' ||
1673 ' OR (grants.grantee_type = ''COMPANY'' AND ' ||
1674 ' grants.grantee_key in ( '||l_company_info||' )) ' ||
1675 ' OR (grants.grantee_type = ''GLOBAL'' AND ' ||
1676 ' grants.grantee_key in (''HZ_GLOBAL:-1000'', ''GLOBAL'') )) '||
1677 ' AND grants.menu_id IN (' || l_menu_info ||') ';
1678 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
1679 ,p_module => l_api_name
1680 ,p_message => 'Binds for parent_instance_set_grants_c '||
1681 ' G_TYPE_SET: '||G_TYPE_SET||
1682 ' - l_parent_object_id: '||l_parent_object_id||
1683 ' - l_user_name: '||l_user_name
1684 );
1685
1686 ----------------------------------------------------------------------
1687 -- Loop through the result set adding each segment to the predicate --
1688 ----------------------------------------------------------------------
1689 OPEN parent_instance_set_grants_c
1690 FOR l_dynamic_sql_1
1691 USING IN G_TYPE_SET,
1692 IN l_parent_object_id,
1693 IN l_user_name;
1694 LOOP
1695 FETCH parent_instance_set_grants_c into l_set_predicate_segment;
1696 EXIT WHEN parent_instance_set_grants_c%NOTFOUND;
1697
1698 l_set_predicates := substrb(l_set_predicates ||
1699 l_set_predicate_segment ||
1700 ') OR (',
1701 1, g_pred_buf_size);
1702 END LOOP;
1703 CLOSE parent_instance_set_grants_c;
1704
1705 l_inst_pred_length := LENGTH(l_set_predicates);
1706 IF l_inst_pred_length = 1 THEN
1707 -- No predicate
1708 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
1709 ,p_module => l_api_name
1710 ,p_message => 'No instance sets available returning: '||G_RETURN_FAILURE
1711 );
1712 RETURN G_RETURN_FAILURE;
1713 ELSE
1714 l_set_predicates := SUBSTR(l_set_predicates, 1,
1715 l_inst_pred_length - length('OR ('));
1716 END IF;
1717 -- finished by.a
1718 l_predicate := l_set_predicates;
1719 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
1720 ,p_module => l_api_name
1721 ,p_message => 'l_set_predicates: '||l_set_predicates
1722 );
1723 -- R12C Security Changes
1724 /*dynamic_sql :=
1725 'SELECT ''X'' '||
1726 ' FROM '|| l_db_object_name ||
1727 ' WHERE '; */
1728
1729 IF (p_object_name = 'EGO_ITEM') THEN
1730 dynamic_sql :=
1731 'SELECT ''X'' '||
1732 ' FROM '|| l_db_object_name || ', ego_item_cat_denorm_hier cathier'||
1733 ' WHERE ';
1734 ELSE
1735 dynamic_sql :=
1736 'SELECT ''X'' '||
1737 ' FROM '|| l_db_object_name ||
1738 ' WHERE ';
1739 END IF;
1740 -- R12C Security Changes
1741
1742 if (l_db_pk1_column is not NULL) then
1743 dynamic_sql := dynamic_sql ||
1744 ' (('||l_db_pk1_column||' = :pk1_val) '||
1745 ' OR (('||l_db_pk1_column||' is NULL) '||
1746 ' AND (:pk1_val is NULL)))';
1747 end if;
1748 if (l_db_pk2_column is not NULL) then
1749 dynamic_sql := dynamic_sql ||
1750 ' AND (('||l_db_pk2_column||' = :pk2_val) '||
1751 ' OR (('||l_db_pk2_column||' is NULL) '||
1752 ' AND (:pk2_val is NULL)))';
1753 end if;
1754 if (l_db_pk3_column is not NULL) then
1755 dynamic_sql := dynamic_sql ||
1756 ' AND (('||l_db_pk3_column||' = :pk3_val) '||
1757 ' OR (('||l_db_pk3_column||' is NULL) '||
1758 ' AND (:pk3_val is NULL)))';
1759 end if;
1760 if (l_db_pk4_column is not NULL) then
1761 dynamic_sql := dynamic_sql ||
1762 ' AND (('||l_db_pk4_column||' = :pk4_val) '||
1763 ' OR (('||l_db_pk4_column||' is NULL) '||
1764 ' AND (:pk4_val is NULL)))';
1765 end if;
1766 if (l_db_pk5_column is not NULL) then
1767 dynamic_sql := dynamic_sql ||
1768 ' AND (('||l_db_pk5_column||' = :pk5_val) '||
1769 ' OR (('||l_db_pk5_column||' is NULL) '||
1770 ' AND (:pk2_val is NULL)))';
1771 end if;
1772
1773 --R12C Security Changes
1774 /*dynamic_sql := dynamic_sql ||
1775 ' AND ('||l_predicate||') ';*/
1776 IF (p_object_name = 'EGO_ITEM') THEN
1777 dynamic_sql := dynamic_sql ||
1778 ' AND item_catalog_group_id = cathier.child_catalog_group_id(+) AND ('||l_predicate||') ';
1779 ELSE
1780 dynamic_sql := dynamic_sql ||
1781 ' AND ('||l_predicate||') ';
1782 END IF;
1783 --R12C Security Changes
1784
1785 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
1786 ,p_module => l_api_name
1787 ,p_message => 'dynamic_sql: '||dynamic_sql
1788 );
1789
1790 if(l_db_pk5_column is not NULL) then
1791 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
1792 ,p_module => l_api_name
1793 ,p_message => 'Binds for instance_sets_cur is '||
1794 ' - p_parent_instance_pk1_value: '|| p_parent_instance_pk1_value ||
1795 ' - p_parent_instance_pk1_value: '|| p_parent_instance_pk1_value ||
1796 ' - p_parent_instance_pk2_value: '|| p_parent_instance_pk2_value ||
1797 ' - p_parent_instance_pk2_value: '|| p_parent_instance_pk2_value ||
1798 ' - p_parent_instance_pk3_value: '|| p_parent_instance_pk3_value ||
1799 ' - p_parent_instance_pk3_value: '|| p_parent_instance_pk3_value ||
1800 ' - p_parent_instance_pk4_value: '|| p_parent_instance_pk4_value ||
1801 ' - p_parent_instance_pk4_value: '|| p_parent_instance_pk4_value ||
1802 ' - p_parent_instance_pk5_value: '|| p_parent_instance_pk5_value ||
1803 ' - p_parent_instance_pk5_value: '|| p_parent_instance_pk5_value
1804 );
1805 OPEN instance_sets_cur FOR dynamic_sql USING
1806 p_parent_instance_pk1_value, p_parent_instance_pk1_value,
1807 p_parent_instance_pk2_value, p_parent_instance_pk2_value,
1808 p_parent_instance_pk3_value, p_parent_instance_pk3_value,
1809 p_parent_instance_pk4_value, p_parent_instance_pk4_value,
1810 p_parent_instance_pk5_value, p_parent_instance_pk5_value;
1811 elsif (l_db_pk4_column is not NULL) then
1812 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
1813 ,p_module => l_api_name
1814 ,p_message => 'Binds for instance_sets_cur is '||
1815 ' - p_parent_instance_pk1_value: '|| p_parent_instance_pk1_value ||
1816 ' - p_parent_instance_pk1_value: '|| p_parent_instance_pk1_value ||
1817 ' - p_parent_instance_pk2_value: '|| p_parent_instance_pk2_value ||
1818 ' - p_parent_instance_pk2_value: '|| p_parent_instance_pk2_value ||
1819 ' - p_parent_instance_pk3_value: '|| p_parent_instance_pk3_value ||
1820 ' - p_parent_instance_pk3_value: '|| p_parent_instance_pk3_value ||
1821 ' - p_parent_instance_pk4_value: '|| p_parent_instance_pk4_value ||
1822 ' - p_parent_instance_pk4_value: '|| p_parent_instance_pk4_value
1823 );
1824 OPEN instance_sets_cur FOR dynamic_sql USING
1825 p_parent_instance_pk1_value, p_parent_instance_pk1_value,
1826 p_parent_instance_pk2_value, p_parent_instance_pk2_value,
1827 p_parent_instance_pk3_value, p_parent_instance_pk3_value,
1828 p_parent_instance_pk4_value, p_parent_instance_pk4_value;
1829 elsif (l_db_pk3_column is not NULL) then
1830 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
1831 ,p_module => l_api_name
1832 ,p_message => 'Binds for instance_sets_cur is '||
1833 ' - p_parent_instance_pk1_value: '|| p_parent_instance_pk1_value ||
1834 ' - p_parent_instance_pk1_value: '|| p_parent_instance_pk1_value ||
1835 ' - p_parent_instance_pk2_value: '|| p_parent_instance_pk2_value ||
1836 ' - p_parent_instance_pk2_value: '|| p_parent_instance_pk2_value ||
1837 ' - p_parent_instance_pk3_value: '|| p_parent_instance_pk3_value ||
1838 ' - p_parent_instance_pk3_value: '|| p_parent_instance_pk3_value
1839 );
1840 OPEN instance_sets_cur FOR dynamic_sql USING
1841 p_parent_instance_pk1_value, p_parent_instance_pk1_value,
1842 p_parent_instance_pk2_value, p_parent_instance_pk2_value,
1843 p_parent_instance_pk3_value, p_parent_instance_pk3_value;
1844 elsif (l_db_pk2_column is not NULL) then
1845 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
1846 ,p_module => l_api_name
1847 ,p_message => 'Binds for instance_sets_cur is '||
1848 ' - p_parent_instance_pk1_value: '|| p_parent_instance_pk1_value ||
1849 ' - p_parent_instance_pk1_value: '|| p_parent_instance_pk1_value ||
1850 ' - p_parent_instance_pk2_value: '|| p_parent_instance_pk2_value ||
1851 ' - p_parent_instance_pk2_value: '|| p_parent_instance_pk2_value
1852 );
1853 OPEN instance_sets_cur FOR dynamic_sql USING
1854 p_parent_instance_pk1_value, p_parent_instance_pk1_value,
1855 p_parent_instance_pk2_value, p_parent_instance_pk2_value;
1856 elsif (l_db_pk1_column is not NULL) then
1857 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
1858 ,p_module => l_api_name
1859 ,p_message => 'Binds for instance_sets_cur is '||
1860 ' - p_parent_instance_pk1_value: '|| p_parent_instance_pk1_value ||
1861 ' - p_parent_instance_pk1_value: '|| p_parent_instance_pk1_value
1862 );
1863 OPEN instance_sets_cur FOR dynamic_sql USING
1864 p_parent_instance_pk1_value, p_parent_instance_pk1_value;
1865 else
1866 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
1867 ,p_module => l_api_name
1868 ,p_message => 'No pk values for parent!! : '||G_RETURN_UNEXP_ERR
1869 );
1870 return G_RETURN_UNEXP_ERR; /* This will never happen since pk1 is reqd*/
1871 end if;
1872
1873 FETCH instance_sets_cur INTO l_own_result;
1874 IF(instance_sets_cur%NOTFOUND) THEN
1875 CLOSE instance_sets_cur;
1876 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
1877 ,p_module => l_api_name
1878 ,p_message => 'No role from instance sets after query: '||G_RETURN_FAILURE
1879 );
1880 RETURN G_RETURN_FAILURE;
1881 ELSE
1882 CLOSE instance_sets_cur;
1883 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
1884 ,p_module => l_api_name
1885 ,p_message => 'No instance sets available returning: '||G_RETURN_SUCCESS
1886 );
1887 RETURN G_RETURN_SUCCESS;
1888 END IF;
1889 END IF; -- End of if l_result is 'X' else clause
1890
1891 EXCEPTION
1892 WHEN OTHERS THEN
1893 fnd_message.set_name('FND', 'SQL_PLSQL_ERROR');
1894 fnd_message.set_token('ROUTINE',G_PKG_NAME||l_api_name);
1895 fnd_message.set_token('ERRNO', SQLCODE);
1896 fnd_message.set_token('REASON', SQLERRM);
1897 code_debug (p_log_level => G_DEBUG_LEVEL_EXCEPTION
1898 ,p_module => l_api_name
1899 ,p_message => 'Returning EXCEPTION '||SQLERRM
1900 );
1901 RETURN G_RETURN_UNEXP_ERR;
1902 END check_inherited_function;
1903
1904 --------------------------------------------------------
1905 ---- get_functions
1906 --------------------------------------------------------
1907 PROCEDURE get_functions
1908 (
1909 p_api_version IN NUMBER,
1910 p_object_name IN VARCHAR2,
1911 p_instance_pk1_value IN VARCHAR2,
1912 p_instance_pk2_value IN VARCHAR2 DEFAULT NULL,
1913 p_instance_pk3_value IN VARCHAR2 DEFAULT NULL,
1914 p_instance_pk4_value IN VARCHAR2 DEFAULT NULL,
1915 p_instance_pk5_value IN VARCHAR2 DEFAULT NULL,
1916 p_user_name IN varchar2 default null,
1917 x_return_status OUT NOCOPY VARCHAR2,
1918 x_privilege_tbl OUT NOCOPY EGO_PRIVILEGE_NAME_TABLE_TYPE
1919 ) IS
1920
1921 l_api_version CONSTANT NUMBER := 1.0;
1922 l_api_name CONSTANT VARCHAR2(30) := 'GET_FUNCTIONS';
1923
1924 -- On addition of any Required parameters the major version needs
1925 -- to change i.e. for eg. 1.X to 2.X.
1926 -- On addition of any Optional parameters the minor version needs
1927 -- to change i.e. for eg. X.6 to X.7.
1928 l_sysdate DATE := SYSDATE;
1929
1930 l_index NUMBER;
1931 l_dynamic_sql VARCHAR2(32767);
1932 l_instance_id_col1 VARCHAR2(512);
1933 l_instance_id_col2 VARCHAR2(512);
1934 l_instance_id_col3 VARCHAR2(512);
1935 l_instance_id_col4 VARCHAR2(512);
1936 l_instance_id_col5 VARCHAR2(512);
1937 l_instance_sets_list VARCHAR2(10000);
1938 l_privilege VARCHAR2(480);
1939 l_select_query_part VARCHAR2(3000);
1940
1941 l_group_info VARCHAR2(32767); /* Must match g_pred_buf_size*/
1942 l_company_info VARCHAR2(32767); /* Must match g_pred_buf_size*/
1943
1944 start_date number;
1945 end_date number;
1946 millisec number;
1947
1948 instance_set DYNAMIC_CUR;
1949
1950 l_one_set_predicate VARCHAR2(32767);
1951 l_one_set_id NUMBER;
1952 candidate_sets_c DYNAMIC_CUR;
1953 l_dynamic_sql_1 VARCHAR2(32767);
1954 l_common_dyn_sql VARCHAR2(32767);
1955 l_set_dyn_sql VARCHAR2(32767);
1956 l_inst_dyn_sql VARCHAR2(32767);
1957
1958 l_db_object_name varchar2(30);
1959 l_db_pk1_column varchar2(30);
1960 l_db_pk2_column varchar2(30);
1961 l_db_pk3_column varchar2(30);
1962 l_db_pk4_column varchar2(30);
1963 l_db_pk5_column varchar2(30);
1964
1965 l_pk_column_names varchar2(512);
1966 l_pk_orig_column_names varchar2(512);
1967 l_type_converted_val_cols varchar2(512);
1968 l_object_id number;
1969 l_user_name varchar2(80);
1970 -- l_orig_system varchar2(48);
1971 l_orig_system_id NUMBER;
1972 l_prof_privilege_tbl EGO_VARCHAR_TBL_TYPE;
1973
1974 l_pk2_value VARCHAR2(200);
1975 l_pk3_value VARCHAR2(200);
1976 l_pk4_value VARCHAR2(200);
1977 l_pk5_value VARCHAR2(200);
1978
1979 BEGIN
1980 SetGlobals();
1981 --start_date:= DBMS_UTILITY.GET_TIME;
1982 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
1983 ,p_module => l_api_name
1984 ,p_message => 'Started with 10 params '||
1985 ' p_api_version: '|| to_char(p_api_version) ||
1986 ' - p_object_name: '|| p_object_name ||
1987 ' - p_instance_pk1_value: '|| p_instance_pk1_value ||
1988 ' - p_instance_pk2_value: '|| p_instance_pk2_value ||
1989 ' - p_instance_pk3_value: '|| p_instance_pk3_value ||
1990 ' - p_instance_pk4_value: '|| p_instance_pk4_value ||
1991 ' - p_instance_pk5_value: '|| p_instance_pk5_value ||
1992 ' - p_user_name: '|| p_user_name
1993 );
1994 -- check for call compatibility.
1995 if TRUNC(l_api_version) <> TRUNC(p_api_version) THEN
1996 fnd_message.set_name('FND', 'GENERIC-INTERNAL ERROR');
1997 fnd_message.set_token('ROUTINE',
1998 g_pkg_name || '.'|| l_api_name);
1999 fnd_message.set_token('REASON',
2000 'Unsupported version '|| to_char(p_api_version)||
2001 ' passed to API; expecting version '||
2002 to_char(l_api_version));
2003 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
2004 ,p_module => l_api_name
2005 ,p_message => 'Returning as the call in incompatible '
2006 );
2007 x_return_status := G_RETURN_UNEXP_ERR;
2008 RETURN;
2009 END IF;
2010
2011 x_return_status := G_RETURN_SUCCESS; /* Assume Success */
2012 l_user_name := p_user_name;
2013 get_orig_key(x_user_name => l_user_name
2014 -- ,x_orig_system => l_orig_system
2015 ,x_orig_system_id => l_orig_system_id);
2016 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
2017 ,p_module => l_api_name
2018 ,p_message => 'l_user_name: '||l_user_name||
2019 -- ' - l_orig_system: '||l_orig_system||
2020 ' - l_orig_system_id: '||l_orig_system_id
2021 );
2022
2023 -- first get all the privileges set by the profile option
2024 l_index:=0;
2025 getPrivilege_for_profileOption
2026 (p_api_version => p_api_version,
2027 p_object_name => p_object_name,
2028 p_user_name => l_user_name,
2029 x_privilege_tbl => l_prof_privilege_tbl ,
2030 x_return_status => x_return_status);
2031
2032 IF (x_return_status = G_RETURN_SUCCESS) THEN
2033 IF (l_prof_privilege_tbl.COUNT > 0) THEN
2034 FOR i IN l_prof_privilege_tbl.first .. l_prof_privilege_tbl.last LOOP
2035 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
2036 ,p_module => l_api_name
2037 ,p_message => 'Privilege from profile at: '||i||' value: '||l_prof_privilege_tbl(i)
2038 );
2039 x_privilege_tbl(i) := l_prof_privilege_tbl(i);
2040 END LOOP;
2041 END IF; -- x_prof_privilege_tbl >0
2042 l_index := l_prof_privilege_tbl.COUNT;
2043 END IF; --return status is T
2044
2045 --end of getting privileges from profile option
2046
2047 -- get All privileges of a user on a given object
2048 --Step 1.
2049 -- get database object name and column
2050 -- cache the PK column name
2051 x_return_status := get_pk_information(p_object_name ,
2052 l_db_pk1_column ,
2053 l_db_pk2_column ,
2054 l_db_pk3_column ,
2055 l_db_pk4_column ,
2056 l_db_pk5_column ,
2057 l_pk_column_names ,
2058 l_type_converted_val_cols ,
2059 l_pk_orig_column_names,
2060 l_db_object_name );
2061 if (x_return_status <> G_RETURN_SUCCESS) then
2062 /* There will be a message on the msg dict stack. */
2063 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
2064 ,p_module => l_api_name
2065 ,p_message => 'Returning FALSE as pk values are not correct'
2066 );
2067 RETURN; /* We will return the x_return_status as out param */
2068 end if;
2069
2070 -- Step 2.
2071 -- get instance set ids in which the given object_key exist
2072 -- as a set into l_instance_set
2073 l_instance_sets_list :='(';
2074
2075 -- R12C Security Changes
2076 /*l_select_query_part:=
2077 'SELECT '|| l_pk_column_names ||
2078 ' FROM '|| l_db_object_name ||
2079 ' WHERE '; */
2080 IF (p_object_name = 'EGO_ITEM') THEN
2081 l_select_query_part:=
2082 'SELECT '|| l_pk_column_names ||
2083 ' FROM '|| l_db_object_name || ', ego_item_cat_denorm_hier cathier'||
2084 ' WHERE ';
2085 ELSE
2086 l_select_query_part:=
2087 'SELECT '|| l_pk_column_names ||
2088 ' FROM '|| l_db_object_name ||
2089 ' WHERE ';
2090 END IF;
2091 -- R12C Security Changes
2092
2093 IF (l_db_pk1_column IS NOT NULL) THEN
2094 l_select_query_part := l_select_query_part ||
2095 ' ( '||l_db_pk1_column||' = :pk1_val '||
2096 ' OR ( '||l_db_pk1_column||' is NULL AND :pk1_val is NULL))';
2097 END IF;
2098 IF (l_db_pk2_column IS NOT NULL) THEN
2099 l_select_query_part := l_select_query_part ||
2100 ' AND ( '||l_db_pk2_column||' = :pk2_val '||
2101 ' OR ( '||l_db_pk2_column||' is NULL AND :pk2_val is NULL))';
2102 END IF;
2103 IF (l_db_pk3_column IS NOT NULL) THEN
2104 l_select_query_part := l_select_query_part ||
2105 ' AND ( '||l_db_pk3_column||' = :pk3_val '||
2106 ' OR ( '||l_db_pk3_column||' is NULL AND :pk3_val is NULL))';
2107 END IF;
2108 IF (l_db_pk4_column IS NOT NULL) THEN
2109 l_select_query_part := l_select_query_part ||
2110 ' AND ( '||l_db_pk4_column||' = :pk4_val '||
2111 ' OR ( '||l_db_pk4_column||' is NULL AND :pk4_val is NULL))';
2112 END IF;
2113 IF (l_db_pk5_column IS NOT NULL) THEN
2114 l_select_query_part := l_select_query_part ||
2115 ' AND ( '||l_db_pk5_column||' = :pk5_val '||
2116 ' OR ( '||l_db_pk5_column||' is NULL AND :pk5_val is NULL))';
2117 END IF;
2118
2119 -- R12C Security Changes
2120 --l_select_query_part := l_select_query_part || ' AND ';
2121 IF (p_object_name = 'EGO_ITEM') THEN
2122 l_select_query_part := l_select_query_part || ' AND item_catalog_group_id = cathier.child_catalog_group_id(+) AND ';
2123 ELSE
2124 l_select_query_part := l_select_query_part || ' AND ';
2125 END IF;
2126 -- R12C Security Changes
2127
2128 --end_date:= DBMS_UTILITY.GET_TIME;
2129 --millisec:= (end_date-start_date)*24*60*60*1000;
2130 --dbms_output.put_line('1. Diff. in Get Time 100th of a sec ::'||to_char(end_date-start_date,'9999999'));
2131
2132 l_object_id:=get_object_id(p_object_name => p_object_name );
2133 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
2134 ,p_module => l_api_name
2135 ,p_message => 'l_object_id: '||l_object_id
2136 );
2137 -- step 1.1
2138 -- pre-fetch company/group info
2139 l_group_info := get_group_info(p_party_id => l_orig_system_id);
2140 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
2141 ,p_module => l_api_name
2142 ,p_message => 'l_group_info: '||l_group_info
2143 );
2144 l_company_info := get_company_info (p_party_id => l_orig_system_id);
2145 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
2146 ,p_module => l_api_name
2147 ,p_message => 'l_company_info: '||l_company_info
2148 );
2149 --end_date:= DBMS_UTILITY.GET_TIME;
2150 --millisec:= (end_date-start_date)*24*60*60*1000;
2151 --dbms_output.put_line('2. Diff. in Get Time 100th of a sec ::'||to_char(end_date-start_date,'9999999'));
2152
2153 l_dynamic_sql_1 :=
2154 ' SELECT DISTINCT sets.instance_set_id, sets.predicate ' ||
2155 ' FROM fnd_grants grants, ' ||
2156 ' fnd_object_instance_sets sets '||
2157 ' WHERE grants.instance_type = :instance_type '||
2158 ' AND grants.start_date <= SYSDATE ' ||
2159 ' AND NVL(grants.end_date,SYSDATE) >= SYSDATE ' ||
2160 ' AND grants.instance_set_id = sets.instance_set_id ' ||
2161 ' AND grants.object_id = :object_id ' ||
2162 ' AND ( ( grants.grantee_type = ''USER'' AND ' ||
2163 ' grants.grantee_key = :user_name ) '||
2164 ' OR (grants.grantee_type = ''GROUP'' AND ' ||
2165 ' grants.grantee_key in ( '||l_group_info||' )) ' ||
2166 ' OR (grants.grantee_type = ''COMPANY'' AND ' ||
2167 ' grants.grantee_key in ( '||l_company_info||' )) ' ||
2168 ' OR (grants.grantee_type = ''GLOBAL'' AND ' ||
2169 ' grants.grantee_key in (''HZ_GLOBAL:-1000'', ''GLOBAL'') )) ';
2170 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
2171 ,p_module => l_api_name
2172 ,p_message => 'Binds for candidate_sets_c '||
2173 ' G_TYPE_SET: '||G_TYPE_SET||
2174 ' - l_object_id: '||l_object_id||
2175 ' - l_user_name: '||l_user_name
2176 );
2177 OPEN candidate_sets_c FOR l_dynamic_sql_1
2178 USING IN G_TYPE_SET,
2179 IN l_object_id,
2180 IN l_user_name;
2181 LOOP
2182 l_instance_id_col1 := '';
2183 l_instance_id_col2 := '';
2184 l_instance_id_col3 := '';
2185 l_instance_id_col4 := '';
2186 l_instance_id_col5 := '';
2187
2188 FETCH candidate_sets_c INTO l_one_set_id, l_one_set_predicate;
2189 EXIT WHEN candidate_sets_c%NOTFOUND;
2190
2191 l_dynamic_sql :=l_select_query_part ||
2192 ' ( ' || l_one_set_predicate || ' ) ';
2193
2194 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
2195 ,p_module => l_api_name
2196 ,p_message => 'l_dynamice_sql '||
2197 ' l_select_query_part: '||l_select_query_part||
2198 ' - l_one_set_predicate: '||l_one_set_predicate
2199 );
2200
2201 if(l_db_pk5_column is not NULL) then
2202 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
2203 ,p_module => l_api_name
2204 ,p_message => 'Binds for instance_sets_cur is '||
2205 ' - p_instance_pk1_value: '|| p_instance_pk1_value ||
2206 ' - p_instance_pk1_value: '|| p_instance_pk1_value ||
2207 ' - p_instance_pk2_value: '|| p_instance_pk2_value ||
2208 ' - p_instance_pk2_value: '|| p_instance_pk2_value ||
2209 ' - p_instance_pk3_value: '|| p_instance_pk3_value ||
2210 ' - p_instance_pk3_value: '|| p_instance_pk3_value ||
2211 ' - p_instance_pk4_value: '|| p_instance_pk4_value ||
2212 ' - p_instance_pk4_value: '|| p_instance_pk4_value ||
2213 ' - p_instance_pk5_value: '|| p_instance_pk5_value ||
2214 ' - p_instance_pk5_value: '|| p_instance_pk5_value
2215 );
2216 OPEN instance_set FOR l_dynamic_sql USING
2217 p_instance_pk1_value, p_instance_pk1_value,
2218 p_instance_pk2_value, p_instance_pk2_value,
2219 p_instance_pk3_value, p_instance_pk3_value,
2220 p_instance_pk4_value, p_instance_pk4_value,
2221 p_instance_pk5_value, p_instance_pk5_value;
2222 elsif(l_db_pk4_column is not NULL) then
2223 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
2224 ,p_module => l_api_name
2225 ,p_message => 'Binds for instance_sets_cur is '||
2226 ' - p_instance_pk1_value: '|| p_instance_pk1_value ||
2227 ' - p_instance_pk1_value: '|| p_instance_pk1_value ||
2228 ' - p_instance_pk2_value: '|| p_instance_pk2_value ||
2229 ' - p_instance_pk2_value: '|| p_instance_pk2_value ||
2230 ' - p_instance_pk3_value: '|| p_instance_pk3_value ||
2231 ' - p_instance_pk3_value: '|| p_instance_pk3_value ||
2232 ' - p_instance_pk4_value: '|| p_instance_pk4_value ||
2233 ' - p_instance_pk4_value: '|| p_instance_pk4_value
2234 );
2235 OPEN instance_set FOR l_dynamic_sql USING
2236 p_instance_pk1_value, p_instance_pk1_value,
2237 p_instance_pk2_value, p_instance_pk2_value,
2238 p_instance_pk3_value, p_instance_pk3_value,
2239 p_instance_pk4_value, p_instance_pk4_value;
2240 elsif(l_db_pk3_column is not NULL) then
2241 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
2242 ,p_module => l_api_name
2243 ,p_message => 'Binds for instance_sets_cur is '||
2244 ' - p_instance_pk1_value: '|| p_instance_pk1_value ||
2245 ' - p_instance_pk1_value: '|| p_instance_pk1_value ||
2246 ' - p_instance_pk2_value: '|| p_instance_pk2_value ||
2247 ' - p_instance_pk2_value: '|| p_instance_pk2_value ||
2248 ' - p_instance_pk3_value: '|| p_instance_pk3_value ||
2249 ' - p_instance_pk3_value: '|| p_instance_pk3_value
2250 );
2251 OPEN instance_set FOR l_dynamic_sql USING
2252 p_instance_pk1_value, p_instance_pk1_value,
2253 p_instance_pk2_value, p_instance_pk2_value,
2254 p_instance_pk3_value, p_instance_pk3_value;
2255 elsif(l_db_pk2_column is not NULL) then
2256 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
2257 ,p_module => l_api_name
2258 ,p_message => 'Binds for instance_sets_cur is '||
2259 ' - p_instance_pk1_value: '|| p_instance_pk1_value ||
2260 ' - p_instance_pk1_value: '|| p_instance_pk1_value ||
2261 ' - p_instance_pk2_value: '|| p_instance_pk2_value ||
2262 ' - p_instance_pk2_value: '|| p_instance_pk2_value
2263 );
2264 OPEN instance_set FOR l_dynamic_sql USING
2265 p_instance_pk1_value, p_instance_pk1_value,
2266 p_instance_pk2_value, p_instance_pk2_value;
2267 elsif(l_db_pk1_column is not NULL) then
2268 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
2269 ,p_module => l_api_name
2270 ,p_message => 'Binds for instance_sets_cur is '||
2271 ' - p_instance_pk1_value: '|| p_instance_pk1_value ||
2272 ' - p_instance_pk1_value: '|| p_instance_pk1_value
2273 );
2274 OPEN instance_set FOR l_dynamic_sql USING
2275 p_instance_pk1_value, p_instance_pk1_value;
2276 else
2277 x_return_status := G_RETURN_UNEXP_ERR;
2278 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
2279 ,p_module => l_api_name
2280 ,p_message => 'No pk values for oobject : '||G_RETURN_UNEXP_ERR
2281 );
2282 return; /* This will never happen since pk1 is reqd*/
2283 end if;
2284
2285 if l_db_pk5_column is not null
2286 and l_db_pk4_column is not null
2287 and l_db_pk3_column is not null
2288 and l_db_pk2_column is not null
2289 and l_db_pk1_column is not null then
2290 fetch instance_set into l_instance_id_col1, l_instance_id_col2,
2291 l_instance_id_col3,
2292 l_instance_id_col4, l_instance_id_col5;
2293 CLOSE instance_set;
2294 IF (l_instance_id_col1 = p_instance_pk1_value
2295 and l_instance_id_col2 = p_instance_pk2_value
2296 and l_instance_id_col3 = p_instance_pk3_value
2297 and l_instance_id_col4 = p_instance_pk4_value
2298 and l_instance_id_col5 = p_instance_pk5_value) THEN
2299 l_instance_sets_list :=l_instance_sets_list ||
2300 l_one_set_id || ',';
2301 END IF;
2302 elsif l_db_pk4_column is not null
2303 and l_db_pk3_column is not null
2304 and l_db_pk2_column is not null
2305 and l_db_pk1_column is not null then
2306 fetch instance_set into l_instance_id_col1,
2307 l_instance_id_col2,
2308 l_instance_id_col3,
2309 l_instance_id_col4;
2310 CLOSE instance_set;
2311 IF (l_instance_id_col1 = p_instance_pk1_value
2312 and l_instance_id_col2 = p_instance_pk2_value
2313 and l_instance_id_col3 = p_instance_pk3_value
2314 and l_instance_id_col4 = p_instance_pk4_value) THEN
2315 l_instance_sets_list :=l_instance_sets_list ||
2316 l_one_set_id || ',';
2317 END IF;
2318 elsif l_db_pk3_column is not null
2319 and l_db_pk2_column is not null
2320 and l_db_pk1_column is not null then
2321 fetch instance_set into l_instance_id_col1,
2322 l_instance_id_col2,
2323 l_instance_id_col3;
2324 CLOSE instance_set;
2325 IF (l_instance_id_col1 = p_instance_pk1_value
2326 and l_instance_id_col2 = p_instance_pk2_value
2327 and l_instance_id_col3 = p_instance_pk3_value) THEN
2328 l_instance_sets_list :=l_instance_sets_list
2329 || l_one_set_id || ',';
2330 END IF;
2331 elsif l_db_pk2_column is not null
2332 and l_db_pk1_column is not null then
2333 fetch instance_set into l_instance_id_col1, l_instance_id_col2;
2334 --EXIT WHEN instance_set%NOTFOUND;
2335 CLOSE instance_set;
2336 IF (l_instance_id_col1 = p_instance_pk1_value
2337 and l_instance_id_col2 = p_instance_pk2_value) THEN
2338 l_instance_sets_list :=l_instance_sets_list
2339 || l_one_set_id || ',';
2340 END IF;
2341 elsif l_db_pk1_column is not null then
2342 fetch instance_set into l_instance_id_col1;
2343 CLOSE instance_set;
2344 IF (l_instance_id_col1 = p_instance_pk1_value) THEN
2345 l_instance_sets_list :=l_instance_sets_list
2346 || l_one_set_id || ',';
2347 END IF;
2348 end if;
2349
2350 END LOOP;
2351 CLOSE candidate_sets_c;
2352
2353 --end_date:= DBMS_UTILITY.GET_TIME;
2354 --millisec:= (end_date-start_date)*24*60*60*1000;
2355 --dbms_output.put_line('3. Diff. in Get Time 100th of a sec ::'||to_char(end_date-start_date,'9999999'));
2356
2357 -- if the last character is ',' then strip the trailing ','
2358 if(substr(l_instance_sets_list,
2359 length(l_instance_sets_list),
2360 length(','))
2361 = ',')
2362 then
2363 l_instance_sets_list := substr(l_instance_sets_list, 1,
2364 length(l_instance_sets_list) - length(','));
2365 end if;
2366
2367 l_instance_sets_list :=l_instance_sets_list ||' )';
2368 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
2369 ,p_module => l_api_name
2370 ,p_message => 'l_instance_sets_list: '||l_instance_sets_list
2371 );
2372
2373 l_common_dyn_sql := '';
2374 l_set_dyn_sql := '';
2375 l_inst_dyn_sql := '';
2376
2377 -- R12C Security Changes Bug 6507794
2378 /* l_common_dyn_sql:=
2379 'SELECT DISTINCT fnd_functions.function_name ' ||
2380 ' FROM fnd_grants grants, ' ||
2381 ' fnd_form_functions fnd_functions, ' ||
2382 ' fnd_menu_entries cmf '||
2383 ' WHERE grants.object_id = :object_id ' ||
2384 ' AND grants.start_date <= SYSDATE ' ||
2385 ' AND NVL(grants.end_date,SYSDATE) >= SYSDATE ' ||
2386 ' AND ( ( grants.grantee_type = ''USER'' AND ' ||
2387 ' grants.grantee_key = :user_name ) '||
2388 ' OR (grants.grantee_type = ''GROUP'' AND ' ||
2389 ' grants.grantee_key in ( '||l_group_info||' )) ' ||
2390 ' OR (grants.grantee_type = ''COMPANY'' AND ' ||
2391 ' grants.grantee_key in ( '||l_company_info||' )) ' ||
2392 ' OR (grants.grantee_type = ''GLOBAL'' AND ' ||
2393 ' grants.grantee_key in (''HZ_GLOBAL:-1000'', ''GLOBAL'') ))'||
2394 ' AND cmf.function_id = fnd_functions.function_id ' ||
2395 ' AND cmf.menu_id = grants.menu_id '; */
2396
2397 IF (p_object_name = 'EGO_CATALOG_GROUP') THEN
2398 l_common_dyn_sql:=
2399 'SELECT DISTINCT fnd_functions.function_name ' ||
2400 ' FROM fnd_grants grants, ' ||
2401 ' fnd_form_functions fnd_functions, ' ||
2402 ' fnd_menu_entries cmf, '||
2403 ' ego_item_cat_denorm_hier cathier '||
2404 ' WHERE grants.object_id = :object_id ' ||
2405 ' AND grants.start_date <= SYSDATE ' ||
2406 ' AND NVL(grants.end_date,SYSDATE) >= SYSDATE ' ||
2407 ' AND ( ( grants.grantee_type = ''USER'' AND ' ||
2408 ' grants.grantee_key = :user_name ) '||
2409 ' OR (grants.grantee_type = ''GROUP'' AND ' ||
2410 ' grants.grantee_key in ( '||l_group_info||' )) ' ||
2411 ' OR (grants.grantee_type = ''COMPANY'' AND ' ||
2412 ' grants.grantee_key in ( '||l_company_info||' )) ' ||
2413 ' OR (grants.grantee_type = ''GLOBAL'' AND ' ||
2414 ' grants.grantee_key in (''HZ_GLOBAL:-1000'', ''GLOBAL'') ))'||
2415 ' AND cmf.function_id = fnd_functions.function_id ' ||
2416 ' AND cmf.menu_id = grants.menu_id ';
2417 ELSE
2418 l_common_dyn_sql:=
2419 'SELECT DISTINCT fnd_functions.function_name ' ||
2420 ' FROM fnd_grants grants, ' ||
2421 ' fnd_form_functions fnd_functions, ' ||
2422 ' fnd_menu_entries cmf '||
2423 ' WHERE grants.object_id = :object_id ' ||
2424 ' AND grants.start_date <= SYSDATE ' ||
2425 ' AND NVL(grants.end_date,SYSDATE) >= SYSDATE ' ||
2426 ' AND ( ( grants.grantee_type = ''USER'' AND ' ||
2427 ' grants.grantee_key = :user_name ) '||
2428 ' OR (grants.grantee_type = ''GROUP'' AND ' ||
2429 ' grants.grantee_key in ( '||l_group_info||' )) ' ||
2430 ' OR (grants.grantee_type = ''COMPANY'' AND ' ||
2431 ' grants.grantee_key in ( '||l_company_info||' )) ' ||
2432 ' OR (grants.grantee_type = ''GLOBAL'' AND ' ||
2433 ' grants.grantee_key in (''HZ_GLOBAL:-1000'', ''GLOBAL'') ))'||
2434 ' AND cmf.function_id = fnd_functions.function_id ' ||
2435 ' AND cmf.menu_id = grants.menu_id ';
2436 END IF;
2437 -- R12C Security Changes Bug 6507794
2438
2439
2440 translate_pk_values (p_instance_pk2_value => p_instance_pk2_value
2441 ,p_instance_pk3_value => p_instance_pk3_value
2442 ,p_instance_pk4_value => p_instance_pk4_value
2443 ,p_instance_pk5_value => p_instance_pk5_value
2444 ,x_trans_pk2_value => l_pk2_value
2445 ,x_trans_pk3_value => l_pk3_value
2446 ,x_trans_pk4_value => l_pk4_value
2447 ,x_trans_pk5_value => l_pk5_value
2448 );
2449
2450 -- R12C Security Changes Bug 6507794
2451 /* l_inst_dyn_sql :=
2452 ' AND grants.instance_type = :instance_type_instance '||
2453 ' AND grants.instance_pk1_value = :pk1_val '||
2454 ' AND grants.instance_pk2_value = :pk2_val '||
2455 ' AND grants.instance_pk3_value = :pk3_val '||
2456 ' AND grants.instance_pk4_value = :pk4_val '||
2457 ' AND grants.instance_pk5_value = :pk5_val ';*/
2458 IF (p_object_name = 'EGO_CATALOG_GROUP') THEN
2459 l_inst_dyn_sql :=
2460 ' AND grants.instance_type = :instance_type_instance '||
2461 ' AND grants.instance_pk1_value = cathier.parent_catalog_group_id ' ||
2462 ' AND cathier.child_catalog_group_id = :pk1_val '||
2463 ' AND grants.instance_pk2_value = :pk2_val '||
2464 ' AND grants.instance_pk3_value = :pk3_val '||
2465 ' AND grants.instance_pk4_value = :pk4_val '||
2466 ' AND grants.instance_pk5_value = :pk5_val ';
2467 ELSE
2468 l_inst_dyn_sql :=
2469 ' AND grants.instance_type = :instance_type_instance '||
2470 ' AND grants.instance_pk1_value = :pk1_val '||
2471 ' AND grants.instance_pk2_value = :pk2_val '||
2472 ' AND grants.instance_pk3_value = :pk3_val '||
2473 ' AND grants.instance_pk4_value = :pk4_val '||
2474 ' AND grants.instance_pk5_value = :pk5_val ';
2475 END IF;
2476 -- R12C Security Changes Bug 6507794
2477
2478 -- check whether it is empty set
2479 IF( l_instance_sets_list <> '( )') THEN
2480 l_set_dyn_sql:=l_set_dyn_sql ||
2481 ' AND ' ||
2482 ' ( ' ||
2483 ' grants.instance_type = :instance_type_set '||
2484 ' AND grants.instance_set_id IN ' || l_instance_sets_list ||
2485 ' ) ';
2486 END IF;
2487
2488 IF( l_instance_sets_list <> '( )') THEN
2489 l_dynamic_sql:= l_common_dyn_sql || l_inst_dyn_sql ||
2490 ' UNION ' ||
2491 l_common_dyn_sql || l_set_dyn_sql;
2492 ELSE
2493 l_dynamic_sql:=l_common_dyn_sql || l_inst_dyn_sql;
2494 END IF;
2495 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
2496 ,p_module => l_api_name
2497 ,p_message => 'l_dynamic_sql: '||l_dynamic_sql
2498 );
2499
2500 --end_date:= DBMS_UTILITY.GET_TIME;
2501 --millisec:= (end_date-start_date)*24*60*60*1000;
2502 --dbms_output.put_line('4. Diff. in Get Time 100th of a sec ::'||to_char(end_date-start_date,'9999999'));
2503
2504 -- Step 4.
2505 -- execute the dynamic SQL and Collect all privileges
2506
2507 IF( l_instance_sets_list <> '( )') THEN
2508 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
2509 ,p_module => l_api_name
2510 ,p_message => 'Binds for Dynamic sql '||
2511 ' l_object_id: '||l_object_id||
2512 ' - l_user_name: '||l_user_name||
2513 ' - G_TYPE_INSTANCE: '||G_TYPE_INSTANCE||
2514 ' - p_instance_pk1_value: '||p_instance_pk1_value||
2515 ' - p_instance_pk2_value: '||l_pk2_value||
2516 ' - p_instance_pk3_value: '||l_pk3_value||
2517 ' - p_instance_pk4_value: '||l_pk4_value||
2518 ' - p_instance_pk5_value: '||l_pk5_value||
2519 ' - l_object_id: '||l_object_id||
2520 ' - l_user_name: '||l_user_name||
2521 ' - G_TYPE_SET: '||G_TYPE_SET
2522 );
2523 OPEN instance_set FOR l_dynamic_sql
2524 USING IN l_object_id,
2525 IN l_user_name,
2526 IN G_TYPE_INSTANCE,
2527 IN p_instance_pk1_value,
2528 IN l_pk2_value,
2529 IN l_pk3_value,
2530 IN l_pk4_value,
2531 IN l_pk5_value,
2532 IN l_object_id,
2533 IN l_user_name,
2534 IN G_TYPE_SET;
2535 ELSE
2536 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
2537 ,p_module => l_api_name
2538 ,p_message => 'Binds for Dynamic sql '||
2539 ' l_object_id: '||l_object_id||
2540 ' - l_user_name: '||l_user_name||
2541 ' - G_TYPE_INSTANCE: '||G_TYPE_INSTANCE||
2542 ' - p_instance_pk1_value: '||p_instance_pk1_value||
2543 ' - p_instance_pk2_value: '||l_pk2_value||
2544 ' - p_instance_pk3_value: '||l_pk3_value||
2545 ' - p_instance_pk4_value: '||l_pk4_value||
2546 ' - p_instance_pk5_value: '||l_pk5_value
2547 );
2548 OPEN instance_set FOR l_dynamic_sql
2549 USING IN l_object_id,
2550 IN l_user_name,
2551 IN G_TYPE_INSTANCE,
2552 IN p_instance_pk1_value,
2553 IN l_pk2_value,
2554 IN l_pk3_value,
2555 IN l_pk4_value,
2556 IN l_pk5_value;
2557 END IF;
2558
2559 LOOP
2560 FETCH instance_set INTO l_privilege;
2561 --dbms_output.put_line('in executeing the dynamic sql');
2562 EXIT WHEN instance_set%NOTFOUND;
2563 l_index:=l_index+1;
2564 x_privilege_tbl (l_index):=l_privilege;
2565 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
2566 ,p_module => l_api_name
2567 ,p_message => 'Privilege from profile at: '||l_index||' - privilege: '||l_privilege
2568 );
2569 END LOOP;
2570 CLOSE instance_set;
2571 --end_date:= DBMS_UTILITY.GET_TIME;
2572 --millisec:= (end_date-start_date)*24*60*60*1000;
2573 --dbms_output.put_line('5. Diff. in Get Time 100th of a sec ::'||to_char(end_date-start_date,'9999999'));
2574
2575 IF x_privilege_tbl.count > 0 THEN
2576 x_return_status := G_RETURN_SUCCESS; /* Success */
2577 FOR i in x_privilege_tbl.first .. x_privilege_tbl.last LOOP
2578 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
2579 ,p_module => l_api_name
2580 ,p_message => 'Index : '||i||' - privilege: '||x_privilege_tbl(i)
2581 );
2582 END LOOP;
2583 ELSE
2584 x_return_status := G_RETURN_FAILURE; /* No functions */
2585 END IF;
2586
2587 EXCEPTION
2588 WHEN OTHERS THEN
2589 --dbms_output.put_line('error :' || SQLERRM);
2590 fnd_message.set_name('FND', 'SQL_PLSQL_ERROR');
2591 fnd_message.set_token('ROUTINE',G_PKG_NAME||l_api_name);
2592 fnd_message.set_token('ERRNO', SQLCODE);
2593 fnd_message.set_token('REASON', SQLERRM);
2594 code_debug (p_log_level => G_DEBUG_LEVEL_UNEXPECTED
2595 ,p_module => l_api_name
2596 ,p_message => 'Ending: Returning OTHER ERROR '||SQLERRM
2597 );
2598 x_return_status := G_RETURN_UNEXP_ERR;
2599 END get_functions;
2600
2601 --------------------------------------------------------
2602 ---- get_inherited_functions
2603 --------------------------------------------------------
2604 PROCEDURE get_inherited_functions
2605 (
2606 p_api_version IN NUMBER,
2607 p_object_name IN VARCHAR2,
2608 p_instance_pk1_value IN VARCHAR2,
2609 p_instance_pk2_value IN VARCHAR2 DEFAULT NULL,
2610 p_instance_pk3_value IN VARCHAR2 DEFAULT NULL,
2611 p_instance_pk4_value IN VARCHAR2 DEFAULT NULL,
2612 p_instance_pk5_value IN VARCHAR2 DEFAULT NULL,
2613 p_user_name IN VARCHAR2 DEFAULT NULL,
2614 p_object_type IN VARCHAR2 DEFAULT NULL,
2615 p_parent_object_name IN VARCHAR2,
2616 p_parent_instance_pk1_value IN VARCHAR2,
2617 p_parent_instance_pk2_value IN VARCHAR2 DEFAULT NULL,
2618 p_parent_instance_pk3_value IN VARCHAR2 DEFAULT NULL,
2619 p_parent_instance_pk4_value IN VARCHAR2 DEFAULT NULL,
2620 p_parent_instance_pk5_value IN VARCHAR2 DEFAULT NULL,
2621 x_return_status OUT NOCOPY VARCHAR2,
2622 x_privilege_tbl OUT NOCOPY EGO_VARCHAR_TBL_TYPE
2623 )
2624 IS
2625
2626 l_api_name CONSTANT VARCHAR2(30) := 'GET_INHERITED_FUNCTIONS';
2627
2628 -- On addition of any Required parameters the major version needs
2629 -- to change i.e. for eg. 1.X to 2.X.
2630 -- On addition of any Optional parameters the minor version needs
2631 -- to change i.e. for eg. X.6 to X.7.
2632 l_api_version CONSTANT NUMBER := 1.0;
2633 l_sysdate DATE := Sysdate;
2634
2635 l_index NUMBER;
2636 l_dynamic_sql VARCHAR2(32767);
2637 l_common_dyn_sql VARCHAR2(32767);
2638 l_set_dyn_sql VARCHAR2(32767);
2639 l_inst_dyn_sql VARCHAR2(32767);
2640
2641 l_instance_id_col1 VARCHAR2(512);
2642 l_instance_id_col2 VARCHAR2(512);
2643 l_instance_id_col3 VARCHAR2(512);
2644 l_instance_id_col4 VARCHAR2(512);
2645 l_instance_id_col5 VARCHAR2(512);
2646 l_instance_sets_list VARCHAR2(10000);
2647 l_privilege VARCHAR2(480);
2648 l_select_query_part VARCHAR2(3000);
2649 l_group_info VARCHAR2(32767); /* Must match g_pred_buf_size*/
2650 l_company_info VARCHAR2(32767); /* Must match g_pred_buf_size*/
2651
2652 l_db_object_name VARCHAR2(30);
2653 l_db_pk1_column VARCHAR2(30);
2654 l_db_pk2_column VARCHAR2(30);
2655 l_db_pk3_column VARCHAR2(30);
2656 l_db_pk4_column VARCHAR2(30);
2657 l_db_pk5_column VARCHAR2(30);
2658
2659 l_pk_column_names VARCHAR2(512);
2660 l_pk_orig_column_names VARCHAR2(512);
2661 l_type_converted_val_cols VARCHAR2(512);
2662 l_parent_object_id NUMBER;
2663 l_object_id NUMBER;
2664 l_user_name VARCHAR2(80);
2665 -- l_orig_system VARCHAR2(48);
2666 l_orig_system_id NUMBER;
2667
2668 l_return_status VARCHAR2(1);
2669 l_privilege_tbl EGO_PRIVILEGE_NAME_TABLE_TYPE;
2670 l_privilege_tbl_count NUMBER;
2671 l_privilege_tbl_index NUMBER;
2672 m_privilege_tbl EGO_PRIVILEGE_NAME_TABLE_TYPE;
2673 m_privilege_tbl_count NUMBER;
2674 m_privilege_tbl_index NUMBER;
2675 x_index NUMBER;
2676
2677 l_prof_privilege_tbl EGO_VARCHAR_TBL_TYPE;
2678 l_profile_role VARCHAR2(80);
2679
2680 instance_set DYNAMIC_CUR;
2681 candidate_sets_c DYNAMIC_CUR;
2682 l_dynamic_sql_1 VARCHAR2(32767);
2683 l_one_set_predicate VARCHAR2(32767);
2684 l_one_set_id NUMBER;
2685
2686 BEGIN
2687 SetGlobals();
2688 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
2689 ,p_module => l_api_name
2690 ,p_message => 'Started with 17 params '||
2691 ' p_api_version: '|| to_char(p_api_version) ||
2692 ' - p_object_name: '|| p_object_name ||
2693 ' - p_instance_pk1_value: '|| p_instance_pk1_value ||
2694 ' - p_instance_pk2_value: '|| p_instance_pk2_value ||
2695 ' - p_instance_pk3_value: '|| p_instance_pk3_value ||
2696 ' - p_instance_pk4_value: '|| p_instance_pk4_value ||
2697 ' - p_instance_pk5_value: '|| p_instance_pk5_value ||
2698 ' - p_user_name: '|| p_user_name ||
2699 ' - p_object_type: '|| p_object_type ||
2700 ' - p_parent_object_name: '|| p_parent_object_name ||
2701 ' - p_parent_instance_pk1_value: '|| p_parent_instance_pk1_value ||
2702 ' - p_parent_instance_pk2_value: '|| p_parent_instance_pk2_value ||
2703 ' - p_parent_instance_pk3_value: '|| p_parent_instance_pk3_value ||
2704 ' - p_parent_instance_pk4_value: '|| p_parent_instance_pk4_value ||
2705 ' - p_parent_instance_pk5_value: '|| p_parent_instance_pk5_value
2706 );
2707
2708 -- check for call compatibility.
2709 IF TRUNC(l_api_version) <> TRUNC(p_api_version) THEN
2710 fnd_message.set_name('FND', 'GENERIC-INTERNAL ERROR');
2711 fnd_message.set_token('ROUTINE', g_pkg_name || '.'|| l_api_name);
2712 fnd_message.set_token('REASON', 'Unsupported version '||
2713 to_char(p_api_version)||
2714 ' passed to API; expecting version '||
2715 to_char(l_api_version));
2716 x_return_status := G_RETURN_UNEXP_ERR;
2717 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
2718 ,p_module => l_api_name
2719 ,p_message => 'Returning as the call in incompatible '
2720 );
2721 RETURN;
2722 END IF;
2723
2724 x_return_status := G_RETURN_SUCCESS; /* Assume Success */
2725 l_user_name := p_user_name;
2726 get_orig_key(x_user_name => l_user_name
2727 -- ,x_orig_system => l_orig_system
2728 ,x_orig_system_id => l_orig_system_id);
2729 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
2730 ,p_module => l_api_name
2731 ,p_message => 'l_user_name: '||l_user_name||
2732 -- ' - l_orig_system: '||l_orig_system||
2733 ' - l_orig_system_id: '||l_orig_system_id
2734 );
2735
2736 -- get All privileges of a user on a given object
2737 --Step 1.
2738 -- get database object name and column
2739 -- cache the PK column name
2740 x_return_status := get_pk_information(p_parent_object_name,
2741 l_db_pk1_column,
2742 l_db_pk2_column,
2743 l_db_pk3_column,
2744 l_db_pk4_column,
2745 l_db_pk5_column,
2746 l_pk_column_names,
2747 l_type_converted_val_cols,
2748 l_pk_orig_column_names,
2749 l_db_object_name);
2750 if (x_return_status <> G_RETURN_SUCCESS) then
2751 /* There will be a message on the msg dict stack. */
2752 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
2753 ,p_module => l_api_name
2754 ,p_message => 'Ending: Returning Unable to get PK info '
2755 );
2756 return; /* We will return the x_return_status as out param */
2757 end if;
2758
2759 -- Step 2.
2760 -- get instance set ids in which the given object_key exists
2761 -- as a set into l_instance_set
2762
2763 l_group_info := get_group_info(p_party_id => l_orig_system_id);
2764 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
2765 ,p_module => l_api_name
2766 ,p_message => 'l_group_info: '||l_group_info
2767 );
2768 l_company_info := get_company_info (p_party_id => l_orig_system_id);
2769 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
2770 ,p_module => l_api_name
2771 ,p_message => 'l_company_info: '||l_company_info
2772 );
2773 l_object_id := get_object_id(p_object_name => p_object_name);
2774 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
2775 ,p_module => l_api_name
2776 ,p_message => 'l_object_id: '||l_object_id
2777 );
2778 l_parent_object_id:=get_object_id(p_object_name => p_parent_object_name);
2779 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
2780 ,p_module => l_api_name
2781 ,p_message => 'l_parent_object_id: '||l_parent_object_id
2782 );
2783 --R12C Security Changes
2784 /* l_select_query_part:=
2785 'SELECT '|| l_pk_column_names ||
2786 ' FROM '|| l_db_object_name ||
2787 ' WHERE ';*/
2788 IF (p_parent_object_name = 'EGO_ITEM') THEN
2789 l_select_query_part:=
2790 'SELECT '|| l_pk_column_names ||
2791 ' FROM '|| l_db_object_name ||', ego_item_cat_denorm_hier cathier'||
2792 ' WHERE ';
2793 ELSE
2794 l_select_query_part:=
2795 'SELECT '|| l_pk_column_names ||
2796 ' FROM '|| l_db_object_name ||
2797 ' WHERE ';
2798 END IF;
2799 --R12C Security Changes
2800
2801 IF (l_db_pk1_column IS NOT NULL) THEN
2802 l_select_query_part := l_select_query_part ||
2803 ' ( '||l_db_pk1_column||' = :pk1_val '||
2804 ' OR ( '||l_db_pk1_column||' is NULL AND :pk1_val is NULL))';
2805 END IF;
2806 IF (l_db_pk2_column IS NOT NULL) THEN
2807 l_select_query_part := l_select_query_part ||
2808 ' AND ( '||l_db_pk2_column||' = :pk2_val '||
2809 ' OR ( '||l_db_pk2_column||' is NULL AND :pk2_val is NULL))';
2810 END IF;
2811 IF (l_db_pk3_column IS NOT NULL) THEN
2812 l_select_query_part := l_select_query_part ||
2813 ' AND ( '||l_db_pk3_column||' = :pk3_val '||
2814 ' OR ( '||l_db_pk3_column||' is NULL AND :pk3_val is NULL))';
2815 END IF;
2816 IF (l_db_pk4_column IS NOT NULL) THEN
2817 l_select_query_part := l_select_query_part ||
2818 ' AND ( '||l_db_pk4_column||' = :pk4_val '||
2819 ' OR ( '||l_db_pk4_column||' is NULL AND :pk4_val is NULL))';
2820 END IF;
2821 IF (l_db_pk5_column IS NOT NULL) THEN
2822 l_select_query_part := l_select_query_part ||
2823 ' AND ( '||l_db_pk5_column||' = :pk5_val '||
2824 ' OR ( '||l_db_pk5_column||' is NULL AND :pk5_val is NULL))';
2825 END IF;
2826 --R12C Security Changes
2827 --l_select_query_part := l_select_query_part || ' AND ';
2828 IF (p_parent_object_name = 'EGO_ITEM') THEN
2829 l_select_query_part := l_select_query_part || ' AND item_catalog_group_id = cathier.child_catalog_group_id(+) AND ';
2830 ELSE
2831 l_select_query_part := l_select_query_part || ' AND ';
2832 END IF;
2833 --R12C Security Changes
2834 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
2835 ,p_module => l_api_name
2836 ,p_message => 'Select Query Part '||l_select_query_part
2837 );
2838 -------------------------------------------------------------------------------
2839 -- Now we build dynamic SQL using the work we just did to optimize the query --
2840 -------------------------------------------------------------------------------
2841 l_dynamic_sql_1 :=
2842 ' SELECT DISTINCT sets.instance_set_id, sets.predicate ' ||
2843 ' FROM fnd_grants grants, fnd_object_instance_sets sets' ||
2844 ' WHERE grants.object_id = :object_id ' ||
2845 ' AND grants.start_date <= SYSDATE ' ||
2846 ' AND NVL(grants.end_date,SYSDATE) >= SYSDATE '||
2847 ' AND grants.instance_type = :instance_type ' ||
2848 ' AND ( ( grants.grantee_type = ''USER'' AND '||
2849 ' grants.grantee_key = :user_name ) '||
2850 ' OR ( grants.grantee_type = ''GROUP'' AND '||
2851 ' grants.grantee_key in ( '||l_group_info||' ))' ||
2852 ' OR ( grants.grantee_type = ''COMPANY'' AND '||
2853 ' grants.grantee_key in ( '||l_company_info||' ))' ||
2854 ' OR (grants.grantee_type = ''GLOBAL'' AND '||
2855 ' grants.grantee_key in (''HZ_GLOBAL:-1000'', ''GLOBAL'') )) '||
2856 ' AND sets.instance_set_id = grants.instance_set_id ' ||
2857 ' AND sets.object_id = grants.object_id ';
2858
2859 l_instance_sets_list := '';
2860 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
2861 ,p_module => l_api_name
2862 ,p_message => 'Binds for get the candidate sets '||
2863 ' l_parent_object_id: '||l_parent_object_id||
2864 ' - G_TYPE_SET: '||G_TYPE_SET||
2865 ' - l_user_name: '||l_user_name
2866 );
2867 OPEN candidate_sets_c FOR l_dynamic_sql_1
2868 USING IN l_parent_object_id,
2869 IN G_TYPE_SET,
2870 IN l_user_name;
2871 LOOP
2872 l_instance_id_col1 := '';
2873 l_instance_id_col2 := '';
2874 l_instance_id_col3 := '';
2875 l_instance_id_col4 := '';
2876 l_instance_id_col5 := '';
2877
2878 FETCH candidate_sets_c INTO l_one_set_id, l_one_set_predicate;
2879 EXIT WHEN candidate_sets_c%NOTFOUND;
2880
2881 l_dynamic_sql := l_select_query_part ||
2882 ' (' || l_one_set_predicate || ') ';
2883
2884 if(l_db_pk5_column is not NULL) then
2885 OPEN instance_set FOR l_dynamic_sql USING
2886 p_parent_instance_pk1_value, p_parent_instance_pk1_value,
2887 p_parent_instance_pk2_value, p_parent_instance_pk2_value,
2888 p_parent_instance_pk3_value, p_parent_instance_pk3_value,
2889 p_parent_instance_pk4_value, p_parent_instance_pk4_value,
2890 p_parent_instance_pk5_value, p_parent_instance_pk5_value;
2891 elsif(l_db_pk4_column is not NULL) then
2892 OPEN instance_set FOR l_dynamic_sql USING
2893 p_parent_instance_pk1_value, p_parent_instance_pk1_value,
2894 p_parent_instance_pk2_value, p_parent_instance_pk2_value,
2895 p_parent_instance_pk3_value, p_parent_instance_pk3_value,
2896 p_parent_instance_pk4_value, p_parent_instance_pk4_value;
2897 elsif(l_db_pk3_column is not NULL) then
2898 OPEN instance_set FOR l_dynamic_sql USING
2899 p_parent_instance_pk1_value, p_parent_instance_pk1_value,
2900 p_parent_instance_pk2_value, p_parent_instance_pk2_value,
2901 p_parent_instance_pk3_value, p_parent_instance_pk3_value;
2902 elsif(l_db_pk2_column is not NULL) then
2903 OPEN instance_set FOR l_dynamic_sql USING
2904 p_parent_instance_pk1_value, p_parent_instance_pk1_value,
2905 p_parent_instance_pk2_value, p_parent_instance_pk2_value;
2906 elsif(l_db_pk1_column is not NULL) then
2907 OPEN instance_set FOR l_dynamic_sql USING
2908 p_parent_instance_pk1_value, p_parent_instance_pk1_value;
2909 else
2910 x_return_status := G_RETURN_UNEXP_ERR;
2911 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
2912 ,p_module => l_api_name
2913 ,p_message => 'Ending: PK1 not available!! '
2914 );
2915 return; /* This will never happen since pk1 is reqd*/
2916 end if;
2917
2918 if (l_db_pk5_column is not null
2919 and l_db_pk4_column is not null
2920 and l_db_pk3_column is not null
2921 and l_db_pk2_column is not null
2922 and l_db_pk1_column is not null) then
2923 fetch instance_set into l_instance_id_col1, l_instance_id_col2,
2924 l_instance_id_col3, l_instance_id_col4,
2925 l_instance_id_col5;
2926 CLOSE instance_set;
2927 if (l_instance_id_col1 = p_parent_instance_pk1_value
2928 and l_instance_id_col2 = p_parent_instance_pk2_value
2929 and l_instance_id_col3 = p_parent_instance_pk3_value
2930 and l_instance_id_col4 = p_parent_instance_pk4_value
2931 and l_instance_id_col5 = p_parent_instance_pk5_value) THEN
2932 l_instance_sets_list := l_instance_sets_list || l_one_set_id || ',';
2933 end if;
2934 elsif (l_db_pk4_column is not null
2935 and l_db_pk3_column is not null
2936 and l_db_pk2_column is not null
2937 and l_db_pk1_column is not null) then
2938 fetch instance_set into l_instance_id_col1, l_instance_id_col2,
2939 l_instance_id_col3, l_instance_id_col4;
2940 CLOSE instance_set;
2941 if (l_instance_id_col1 = p_parent_instance_pk1_value
2942 and l_instance_id_col2 = p_parent_instance_pk2_value
2943 and l_instance_id_col3 = p_parent_instance_pk3_value
2944 and l_instance_id_col4 = p_parent_instance_pk4_value) THEN
2945 l_instance_sets_list :=l_instance_sets_list || l_one_set_id || ',';
2946 end if;
2947 elsif (l_db_pk3_column is not null
2948 and l_db_pk2_column is not null
2949 and l_db_pk1_column is not null) then
2950 fetch instance_set into l_instance_id_col1, l_instance_id_col2, l_instance_id_col3;
2951 CLOSE instance_set;
2952 if (l_instance_id_col1 = p_parent_instance_pk1_value
2953 and l_instance_id_col2 = p_parent_instance_pk2_value
2954 and l_instance_id_col3 = p_parent_instance_pk3_value) THEN
2955 l_instance_sets_list := l_instance_sets_list || l_one_set_id || ',';
2956 end if;
2957 elsif (l_db_pk2_column is not null
2958 and l_db_pk1_column is not null) then
2959 fetch instance_set into l_instance_id_col1, l_instance_id_col2;
2960 CLOSE instance_set;
2961 if (l_instance_id_col1 = p_parent_instance_pk1_value
2962 and l_instance_id_col2 = p_parent_instance_pk2_value) THEN
2963 l_instance_sets_list := l_instance_sets_list || l_one_set_id || ',';
2964 end if;
2965 elsif l_db_pk1_column is not null then
2966 fetch instance_set into l_instance_id_col1;
2967 CLOSE instance_set;
2968 if (l_instance_id_col1 = p_parent_instance_pk1_value) THEN
2969 l_instance_sets_list := l_instance_sets_list || l_one_set_id || ',';
2970 end if;
2971 end if;
2972
2973 END LOOP;
2974 -- if the last character is ',' then strip the trailing ','
2975 if (substr(l_instance_sets_list, length(l_instance_sets_list), length(',')) = ',') then
2976 l_instance_sets_list := substr(l_instance_sets_list, 1,
2977 length(l_instance_sets_list) - length(','));
2978 end if;
2979 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
2980 ,p_module => l_api_name
2981 ,p_message => ' Instance Sets List: '||l_instance_sets_list
2982 );
2983
2984 l_common_dyn_sql := '';
2985 l_set_dyn_sql := '';
2986 l_inst_dyn_sql := '';
2987
2988 l_common_dyn_sql:=
2989 'SELECT DISTINCT fnd_functions.function_name ' ||
2990 ' FROM fnd_grants grants, ' ||
2991 ' fnd_form_functions fnd_functions, ' ||
2992 ' fnd_menu_entries cmf, '||
2993 ' ego_obj_role_mappings mapping '||
2994 ' WHERE grants.object_id = :object_id '||
2995 ' AND grants.start_date <= SYSDATE '||
2996 ' AND NVL(grants.end_date,SYSDATE) >= SYSDATE ' ||
2997 ' AND ( ( grants.grantee_type = ''USER'' AND ' ||
2998 ' grants.grantee_key = :user_name ) '||
2999 ' OR (grants.grantee_type = ''GROUP'' AND ' ||
3000 ' grants.grantee_key in ( '||l_group_info||' )) ' ||
3001 ' OR (grants.grantee_type = ''COMPANY'' AND ' ||
3002 ' grants.grantee_key in ( '||l_company_info||' )) ' ||
3003 ' OR (grants.grantee_type = ''GLOBAL'' AND ' ||
3004 ' grants.grantee_key in (''HZ_GLOBAL:-1000'', ''GLOBAL'') ))'||
3005 ' AND mapping.child_role_id = cmf.menu_id ' ||
3006 ' AND mapping.parent_role_id = grants.menu_id ' ||
3007 ' AND mapping.child_object_id = :child_object_id ' ||
3008 ' AND mapping.parent_object_id = :parent_object_id ' ||
3009 ' AND mapping.child_object_type = :object_type ' ||
3010 ' AND cmf.function_id = fnd_functions.function_id ';
3011
3012 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
3013 ,p_module => l_api_name
3014 ,p_message => 'Binds for common dyn sql '||
3015 ' l_parent_object_id: '||l_parent_object_id||
3016 ' - l_user_name: '||l_user_name||
3017 ' - l_object_id: '||l_object_id||
3018 ' - l_parent_object_id: '||l_parent_object_id||
3019 ' - p_object_type: '||p_object_type
3020 );
3021
3022 l_inst_dyn_sql :=
3023 ' AND ( grants.instance_type = :instance_type_instance ' ||
3024 ' AND grants.instance_pk1_value = :pk1_val ' ||
3025 ' AND ( grants.instance_pk2_value = :pk2_val OR' ||
3026 ' ( grants.instance_pk2_value = ''*NULL*'' AND :pk2_val is NULL )) '||
3027 ' AND ( grants.instance_pk3_value = :pk3_val OR '||
3028 ' ( grants.instance_pk3_value = ''*NULL*'' AND :pk3_val is NULL )) '||
3029 ' AND ( grants.instance_pk4_value = :pk4_val OR '||
3030 ' ( grants.instance_pk4_value = ''*NULL*'' AND :pk4_val is NULL )) '||
3031 ' AND ( grants.instance_pk5_value = :pk5_val OR '||
3032 ' ( grants.instance_pk5_value = ''*NULL*'' AND :pk5_val is NULL )) )';
3033
3034 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
3035 ,p_module => l_api_name
3036 ,p_message => 'Binds for inst dyn sql '||
3037 ' G_TYPE_INSTANCE: '||G_TYPE_INSTANCE||
3038 ' - p_parent_instance_pk1_value: '||p_parent_instance_pk1_value||
3039 ' - p_parent_instance_pk2_value: '||p_parent_instance_pk2_value||
3040 ' - p_parent_instance_pk2_value: '||p_parent_instance_pk2_value||
3041 ' - p_parent_instance_pk3_value: '||p_parent_instance_pk3_value||
3042 ' - p_parent_instance_pk3_value: '||p_parent_instance_pk3_value||
3043 ' - p_parent_instance_pk4_value: '||p_parent_instance_pk4_value||
3044 ' - p_parent_instance_pk4_value: '||p_parent_instance_pk4_value||
3045 ' - p_parent_instance_pk5_value: '||p_parent_instance_pk5_value||
3046 ' - p_parent_instance_pk5_value: '||p_parent_instance_pk5_value
3047 );
3048
3049 -- check whether it is empty set
3050 IF( LENGTH(l_instance_sets_list) > 0) THEN
3051 l_set_dyn_sql:=l_set_dyn_sql ||
3052 ' AND ( grants.instance_type = :instance_type_set ' ||
3053 ' AND grants.instance_set_id IN ('||l_instance_sets_list||' )) ';
3054 l_dynamic_sql := l_common_dyn_sql || l_inst_dyn_sql ||
3055 ' UNION ' ||
3056 l_common_dyn_sql || l_set_dyn_sql;
3057
3058 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
3059 ,p_module => l_api_name
3060 ,p_message => 'Dynamic sql with sets and without profile '||l_dynamic_sql
3061 );
3062 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
3063 ,p_module => l_api_name
3064 ,p_message => 'Binds for Dynamic sql with sets and without profile '||
3065 ' l_parent_object_id: '||l_parent_object_id||
3066 ' - l_user_name: '||l_user_name||
3067 ' - l_object_id: '||l_object_id||
3068 ' - l_parent_object_id: '||l_parent_object_id||
3069 ' - p_object_type: '||p_object_type||
3070 ' - G_TYPE_INSTANCE: '||G_TYPE_INSTANCE||
3071 ' - p_parent_instance_pk1_value: '||p_parent_instance_pk1_value||
3072 ' - p_parent_instance_pk2_value: '||p_parent_instance_pk2_value||
3073 ' - p_parent_instance_pk2_value: '||p_parent_instance_pk2_value||
3074 ' - p_parent_instance_pk3_value: '||p_parent_instance_pk3_value||
3075 ' - p_parent_instance_pk3_value: '||p_parent_instance_pk3_value||
3076 ' - p_parent_instance_pk4_value: '||p_parent_instance_pk4_value||
3077 ' - p_parent_instance_pk4_value: '||p_parent_instance_pk4_value||
3078 ' - p_parent_instance_pk5_value: '||p_parent_instance_pk5_value||
3079 ' - p_parent_instance_pk5_value: '||p_parent_instance_pk5_value||
3080 ' - l_parent_object_id: '||l_parent_object_id||
3081 ' - l_user_name: '||l_user_name||
3082 ' - l_object_id: '||l_object_id||
3083 ' - l_parent_object_id: '||l_parent_object_id||
3084 ' - p_object_type: '||p_object_type||
3085 ' - G_TYPE_SET: '||G_TYPE_SET
3086 );
3087
3088 ELSE
3089 l_dynamic_sql := l_common_dyn_sql || l_inst_dyn_sql;
3090 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
3091 ,p_module => l_api_name
3092 ,p_message => 'Dynamic sql without profile '||l_dynamic_sql
3093 );
3094 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
3095 ,p_module => l_api_name
3096 ,p_message => 'Binds for Dynamic sql '||
3097 ' l_parent_object_id: '||l_parent_object_id||
3098 ' - l_user_name: '||l_user_name||
3099 ' - l_object_id: '||l_object_id||
3100 ' - l_parent_object_id: '||l_parent_object_id||
3101 ' - p_object_type: '||p_object_type||
3102 ' - G_TYPE_INSTANCE: '||G_TYPE_INSTANCE||
3103 ' - p_parent_instance_pk1_value: '||p_parent_instance_pk1_value||
3104 ' - p_parent_instance_pk2_value: '||p_parent_instance_pk2_value||
3105 ' - p_parent_instance_pk2_value: '||p_parent_instance_pk2_value||
3106 ' - p_parent_instance_pk3_value: '||p_parent_instance_pk3_value||
3107 ' - p_parent_instance_pk3_value: '||p_parent_instance_pk3_value||
3108 ' - p_parent_instance_pk4_value: '||p_parent_instance_pk4_value||
3109 ' - p_parent_instance_pk4_value: '||p_parent_instance_pk4_value||
3110 ' - p_parent_instance_pk5_value: '||p_parent_instance_pk5_value||
3111 ' - p_parent_instance_pk5_value: '||p_parent_instance_pk5_value
3112 );
3113 END IF;
3114
3115 -------------------------------------------------
3116 -- we see if a profile option is set and if so --
3117 -- we add it to the other list of menus --
3118 -------------------------------------------------
3119 l_profile_role := getRole_mappedTo_profileOption(p_parent_object_name, p_user_name);
3120 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
3121 ,p_module => l_api_name
3122 ,p_message => 'profile role for '||p_parent_object_name||
3123 ' is: '||l_profile_role
3124 );
3125
3126 IF (l_profile_role is not null) THEN
3127 l_dynamic_sql:= l_dynamic_sql ||
3128 ' UNION ' ||
3129 ' SELECT DISTINCT fnd_functions.function_name ' ||
3130 ' FROM fnd_form_functions fnd_functions, ' ||
3131 ' fnd_menu_entries cmf, ' ||
3132 ' ego_obj_role_mappings mapping, ' ||
3133 ' fnd_menus menus ' ||
3134 ' WHERE menus.menu_name = :profile_role ' ||
3135 ' AND mapping.parent_role_id = menus.menu_id ' ||
3136 ' AND mapping.child_role_id = cmf.menu_id ' ||
3137 ' AND mapping.child_object_id = :profile_ch_object_id ' ||
3138 ' AND mapping.parent_object_id = :profile_parent_object_id ' ||
3139 ' AND mapping.child_object_type = :profile_ch_object_type ' ||
3140 ' AND cmf.function_id = fnd_functions.function_id ';
3141 END IF;
3142
3143 -- Step 4.
3144 -- execute the dynamic SQL and Collect all privileges
3145 l_index:=0;
3146 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
3147 ,p_module => l_api_name
3148 ,p_message => 'Final Dynamic sql '||l_dynamic_sql
3149 );
3150 IF( LENGTH(l_instance_sets_list) > 0) THEN
3151 IF l_profile_role IS NOT NULL THEN
3152 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
3153 ,p_module => l_api_name
3154 ,p_message => 'Binds for Final Dynamic sql: '||
3155 ' l_parent_object_id: '||l_parent_object_id||
3156 ' - l_user_name: '||l_user_name||
3157 ' - l_object_id: '||l_object_id||
3158 ' - l_parent_object_id: '||l_parent_object_id||
3159 ' - p_object_type: '||p_object_type||
3160 ' - G_TYPE_INSTANCE: '||G_TYPE_INSTANCE||
3161 ' - p_parent_instance_pk1_value: '||p_parent_instance_pk1_value||
3162 ' - p_parent_instance_pk2_value: '||p_parent_instance_pk2_value||
3163 ' - p_parent_instance_pk2_value: '||p_parent_instance_pk2_value||
3164 ' - p_parent_instance_pk3_value: '||p_parent_instance_pk3_value||
3165 ' - p_parent_instance_pk3_value: '||p_parent_instance_pk3_value||
3166 ' - p_parent_instance_pk4_value: '||p_parent_instance_pk4_value||
3167 ' - p_parent_instance_pk4_value: '||p_parent_instance_pk4_value||
3168 ' - p_parent_instance_pk5_value: '||p_parent_instance_pk5_value||
3169 ' - p_parent_instance_pk5_value: '||p_parent_instance_pk5_value||
3170 ' - l_parent_object_id: '||l_parent_object_id||
3171 ' - l_user_name: '||l_user_name||
3172 ' - l_object_id: '||l_object_id||
3173 ' - l_parent_object_id: '||l_parent_object_id||
3174 ' - p_object_type: '||p_object_type||
3175 ' - G_TYPE_SET: '||G_TYPE_SET||
3176 ' - l_profile_role: '||l_profile_role||
3177 ' - l_object_id: '||l_object_id||
3178 ' - l_parent_object_id: '||l_parent_object_id||
3179 ' - p_object_type: '||p_object_type
3180 );
3181 OPEN instance_set FOR l_dynamic_sql
3182 USING IN l_parent_object_id,
3183 IN l_user_name,
3184 IN l_object_id,
3185 IN l_parent_object_id,
3186 IN p_object_type,
3187 IN G_TYPE_INSTANCE,
3188 IN p_parent_instance_pk1_value,
3189 IN p_parent_instance_pk2_value,
3190 IN p_parent_instance_pk2_value,
3191 IN p_parent_instance_pk3_value,
3192 IN p_parent_instance_pk3_value,
3193 IN p_parent_instance_pk4_value,
3194 IN p_parent_instance_pk4_value,
3195 IN p_parent_instance_pk5_value,
3196 IN p_parent_instance_pk5_value,
3197 IN l_parent_object_id,
3198 IN l_user_name,
3199 IN l_object_id,
3200 IN l_parent_object_id,
3201 IN p_object_type,
3202 IN G_TYPE_SET,
3203 IN l_profile_role,
3204 IN l_object_id,
3205 IN l_parent_object_id,
3206 IN p_object_type;
3207 ELSE
3208 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
3209 ,p_module => l_api_name
3210 ,p_message => 'Binds for Final Dynamic sql: '||
3211 ' l_parent_object_id: '||l_parent_object_id||
3212 ' - l_user_name: '||l_user_name||
3213 ' - l_object_id: '||l_object_id||
3214 ' - l_parent_object_id: '||l_parent_object_id||
3215 ' - p_object_type: '||p_object_type||
3216 ' - G_TYPE_INSTANCE: '||G_TYPE_INSTANCE||
3217 ' - p_parent_instance_pk1_value: '||p_parent_instance_pk1_value||
3218 ' - p_parent_instance_pk2_value: '||p_parent_instance_pk2_value||
3219 ' - p_parent_instance_pk2_value: '||p_parent_instance_pk2_value||
3220 ' - p_parent_instance_pk3_value: '||p_parent_instance_pk3_value||
3221 ' - p_parent_instance_pk3_value: '||p_parent_instance_pk3_value||
3222 ' - p_parent_instance_pk4_value: '||p_parent_instance_pk4_value||
3223 ' - p_parent_instance_pk4_value: '||p_parent_instance_pk4_value||
3224 ' - p_parent_instance_pk5_value: '||p_parent_instance_pk5_value||
3225 ' - p_parent_instance_pk5_value: '||p_parent_instance_pk5_value||
3226 ' - l_parent_object_id: '||l_parent_object_id||
3227 ' - l_user_name: '||l_user_name||
3228 ' - l_object_id: '||l_object_id||
3229 ' - l_parent_object_id: '||l_parent_object_id||
3230 ' - p_object_type: '||p_object_type||
3231 ' - G_TYPE_SET: '||G_TYPE_SET
3232 );
3233 OPEN instance_set FOR l_dynamic_sql
3234 USING IN l_parent_object_id,
3235 IN l_user_name,
3236 IN l_object_id,
3237 IN l_parent_object_id,
3238 IN p_object_type,
3239 IN G_TYPE_INSTANCE,
3240 IN p_parent_instance_pk1_value,
3241 IN p_parent_instance_pk2_value,
3242 IN p_parent_instance_pk2_value,
3243 IN p_parent_instance_pk3_value,
3244 IN p_parent_instance_pk3_value,
3245 IN p_parent_instance_pk4_value,
3246 IN p_parent_instance_pk4_value,
3247 IN p_parent_instance_pk5_value,
3248 IN p_parent_instance_pk5_value,
3249 IN l_parent_object_id,
3250 IN l_user_name,
3251 IN l_object_id,
3252 IN l_parent_object_id,
3253 IN p_object_type,
3254 IN G_TYPE_SET;
3255 END IF;
3256 ELSE
3257 IF l_profile_role IS NOT NULL THEN
3258 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
3259 ,p_module => l_api_name
3260 ,p_message => 'Binds for Final Dynamic sql: '||
3261 ' l_parent_object_id: '||l_parent_object_id||
3262 ' - l_user_name: '||l_user_name||
3263 ' - l_object_id: '||l_object_id||
3264 ' - l_parent_object_id: '||l_parent_object_id||
3265 ' - p_object_type: '||p_object_type||
3266 ' - G_TYPE_INSTANCE: '||G_TYPE_INSTANCE||
3267 ' - p_parent_instance_pk1_value: '||p_parent_instance_pk1_value||
3268 ' - p_parent_instance_pk2_value: '||p_parent_instance_pk2_value||
3269 ' - p_parent_instance_pk2_value: '||p_parent_instance_pk2_value||
3270 ' - p_parent_instance_pk3_value: '||p_parent_instance_pk3_value||
3271 ' - p_parent_instance_pk3_value: '||p_parent_instance_pk3_value||
3272 ' - p_parent_instance_pk4_value: '||p_parent_instance_pk4_value||
3273 ' - p_parent_instance_pk4_value: '||p_parent_instance_pk4_value||
3274 ' - p_parent_instance_pk5_value: '||p_parent_instance_pk5_value||
3275 ' - p_parent_instance_pk5_value: '||p_parent_instance_pk5_value||
3276 ' - l_profile_role: '||l_profile_role||
3277 ' - l_object_id: '||l_object_id||
3278 ' - l_parent_object_id: '||l_parent_object_id||
3279 ' - p_object_type: '||p_object_type
3280 );
3281 OPEN instance_set FOR l_dynamic_sql
3282 USING IN l_parent_object_id,
3283 IN l_user_name,
3284 IN l_object_id,
3285 IN l_parent_object_id,
3286 IN p_object_type,
3287 IN G_TYPE_INSTANCE,
3288 IN p_parent_instance_pk1_value,
3289 IN p_parent_instance_pk2_value,
3290 IN p_parent_instance_pk2_value,
3291 IN p_parent_instance_pk3_value,
3292 IN p_parent_instance_pk3_value,
3293 IN p_parent_instance_pk4_value,
3294 IN p_parent_instance_pk4_value,
3295 IN p_parent_instance_pk5_value,
3296 IN p_parent_instance_pk5_value,
3297 IN l_profile_role,
3298 IN l_object_id,
3299 IN l_parent_object_id,
3300 IN p_object_type;
3301 ELSE
3302 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
3303 ,p_module => l_api_name
3304 ,p_message => 'Binds for Final Dynamic sql: '||
3305 ' l_parent_object_id: '||l_parent_object_id||
3306 ' - l_user_name: '||l_user_name||
3307 ' - l_object_id: '||l_object_id||
3308 ' - l_parent_object_id: '||l_parent_object_id||
3309 ' - p_object_type: '||p_object_type||
3310 ' - G_TYPE_INSTANCE: '||G_TYPE_INSTANCE||
3311 ' - p_parent_instance_pk1_value: '||p_parent_instance_pk1_value||
3312 ' - p_parent_instance_pk2_value: '||p_parent_instance_pk2_value||
3313 ' - p_parent_instance_pk2_value: '||p_parent_instance_pk2_value||
3314 ' - p_parent_instance_pk3_value: '||p_parent_instance_pk3_value||
3315 ' - p_parent_instance_pk3_value: '||p_parent_instance_pk3_value||
3316 ' - p_parent_instance_pk4_value: '||p_parent_instance_pk4_value||
3317 ' - p_parent_instance_pk4_value: '||p_parent_instance_pk4_value||
3318 ' - p_parent_instance_pk5_value: '||p_parent_instance_pk5_value||
3319 ' - p_parent_instance_pk5_value: '||p_parent_instance_pk5_value
3320 );
3321 OPEN instance_set FOR l_dynamic_sql
3322 USING IN l_parent_object_id,
3323 IN l_user_name,
3324 IN l_object_id,
3325 IN l_parent_object_id,
3326 IN p_object_type,
3327 IN G_TYPE_INSTANCE,
3328 IN p_parent_instance_pk1_value,
3329 IN p_parent_instance_pk2_value,
3330 IN p_parent_instance_pk2_value,
3331 IN p_parent_instance_pk3_value,
3332 IN p_parent_instance_pk3_value,
3333 IN p_parent_instance_pk4_value,
3334 IN p_parent_instance_pk4_value,
3335 IN p_parent_instance_pk5_value,
3336 IN p_parent_instance_pk5_value;
3337 END IF;
3338 END IF;
3339
3340 LOOP
3341 FETCH instance_set INTO l_privilege;
3342 EXIT WHEN instance_set%NOTFOUND;
3343 m_privilege_tbl (l_index):=l_privilege;
3344 l_index:=l_index+1;
3345 END LOOP;
3346 CLOSE instance_set;
3347
3348
3349 -- Step 5.
3350 -- get all the profile option privileges for the parent object type
3351 --and add to m_privilege_tbl
3352 get_role_functions
3353 (p_api_version => p_api_version
3354 ,p_role_name => l_profile_role
3355 ,x_return_status => x_return_status
3356 ,x_privilege_tbl => l_prof_privilege_tbl
3357 );
3358 IF (x_return_status = G_RETURN_SUCCESS) THEN
3359 IF (l_prof_privilege_tbl.COUNT > 0) THEN
3360 FOR i IN l_prof_privilege_tbl.first .. l_prof_privilege_tbl.last LOOP
3361 m_privilege_tbl(l_index) := l_prof_privilege_tbl(i);
3362 l_index:=l_index+1;
3363 END LOOP;
3364 END IF; -- x_prof_privilege_tbl >0
3365 END IF; --return status is T
3366 --end of getting privileges from profile option
3367
3368 -- last step, get object function list itself to append
3369 get_functions(p_api_version => 1.0,
3370 p_object_name => p_object_name,
3371 p_instance_pk1_value => p_instance_pk1_value,
3372 p_instance_pk2_value => p_instance_pk2_value,
3373 p_instance_pk3_value => p_instance_pk3_value,
3374 p_instance_pk4_value => p_instance_pk4_value,
3375 p_instance_pk5_value => p_instance_pk5_value,
3376 p_user_name => l_user_name,
3377 x_return_status => l_return_status,
3378 x_privilege_tbl => l_privilege_tbl);
3379
3380 l_privilege_tbl_count := l_privilege_tbl.COUNT;
3381 if (l_privilege_tbl_count > 0) then
3382 FOR i IN l_privilege_tbl.first .. l_privilege_tbl.last
3383 LOOP
3384 m_privilege_tbl(l_index):=l_privilege_tbl(i);
3385 l_index:=l_index+1;
3386 END LOOP;
3387 end if;
3388
3389 m_privilege_tbl_count := m_privilege_tbl.COUNT;
3390
3391 x_privilege_tbl := EGO_VARCHAR_TBL_TYPE();
3392
3393 x_index := 0;
3394 if (m_privilege_tbl_count > 0) then
3395 x_privilege_tbl.extend(m_privilege_tbl_count);
3396 FOR i IN m_privilege_tbl.first .. m_privilege_tbl.last LOOP
3397 x_privilege_tbl(i+1) := m_privilege_tbl(i);
3398 --x_index := x_index+1;
3399 END LOOP;
3400 end if;
3401
3402 -- last step done
3403 if(x_privilege_tbl.COUNT > 0) then
3404 x_return_status := G_RETURN_SUCCESS; /* Success */
3405 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
3406 ,p_module => l_api_name
3407 ,p_message => 'Returning Previleges '
3408 );
3409 FOR i in x_privilege_tbl.first .. x_privilege_tbl.last LOOP
3410 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
3411 ,p_module => l_api_name
3412 ,p_message => 'Index : '||i||' - privilege: '||x_privilege_tbl(i)
3413 );
3414 END LOOP;
3415 else
3416 x_return_status := G_RETURN_FAILURE; /* No functions */
3417 end if;
3418 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
3419 ,p_module => l_api_name
3420 ,p_message => 'Ending: with status: ' ||x_return_status
3421 );
3422
3423 EXCEPTION
3424 WHEN OTHERS THEN
3425 fnd_message.set_name('FND', 'SQL_PLSQL_ERROR');
3426 fnd_message.set_token('ROUTINE',G_PKG_NAME||l_api_name);
3427 fnd_message.set_token('ERRNO', SQLCODE);
3428 fnd_message.set_token('REASON', SQLERRM);
3429 x_return_status := G_RETURN_UNEXP_ERR;
3430 code_debug (p_log_level => G_DEBUG_LEVEL_UNEXPECTED
3431 ,p_module => l_api_name
3432 ,p_message => 'Ending: Returning OTHER ERROR '||SQLERRM
3433 );
3434 END get_inherited_functions;
3435
3436 --------------------------------------------------------
3437 ---- get_security_predicate
3438 --------------------------------------------------------
3439 PROCEDURE get_security_predicate
3440 (
3441 p_api_version IN NUMBER,
3442 p_function IN VARCHAR2 default null,
3443 p_object_name IN VARCHAR2,
3444 p_grant_instance_type IN VARCHAR2 DEFAULT 'UNIVERSAL',/* SET, INSTANCE*/
3445 p_user_name IN VARCHAR2 default null,
3446 /* stmnt_type: 'OTHER', 'BASE'=VPD, 'EXISTS'= for checking existence. */
3447 p_statement_type IN VARCHAR2 DEFAULT 'OTHER',
3448 p_pk1_alias IN VARCHAR2 DEFAULT NULL,
3449 p_pk2_alias IN VARCHAR2 DEFAULT NULL,
3450 p_pk3_alias IN VARCHAR2 DEFAULT NULL,
3451 p_pk4_alias IN VARCHAR2 DEFAULT NULL,
3452 p_pk5_alias IN VARCHAR2 DEFAULT NULL,
3453 x_predicate OUT NOCOPY VARCHAR2,
3454 x_return_status OUT NOCOPY VARCHAR2
3455 ) IS
3456 l_api_name CONSTANT VARCHAR2(30) := 'GET_SECURITY_PREDICATE';
3457
3458 -- On addition of any Required parameters the major version needs
3459 -- to change i.e. for eg. 1.X to 2.X.
3460 -- On addition of any Optional parameters the minor version needs
3461 -- to change i.e. for eg. X.6 to X.7.
3462 l_api_version CONSTANT NUMBER := 1.0;
3463 l_sysdate DATE := Sysdate;
3464 l_aggregate_predicate VARCHAR2(32767); /* Must match g_pred_buf_size*/
3465 l_instance_flag BOOLEAN DEFAULT TRUE;
3466 l_instance_set_flag BOOLEAN DEFAULT TRUE;
3467 l_set_predicates VARCHAR2(32767); /* Must match g_pred_buf_size*/
3468 l_db_object_name VARCHAR2(30);
3469 l_db_pk1_column VARCHAR2(61);
3470 l_db_pk2_column VARCHAR2(61);
3471 l_db_pk3_column VARCHAR2(61);
3472 l_db_pk4_column VARCHAR2(61);
3473 l_db_pk5_column VARCHAR2(61);
3474 l_pk_column_names VARCHAR2(512);
3475 l_pk_orig_column_names VARCHAR2(512);
3476 l_pk_orig_column_names_t VARCHAR2(513);
3477 l_orig_pk1_column VARCHAR2(61);
3478 l_orig_pk2_column VARCHAR2(61);
3479 l_orig_pk3_column VARCHAR2(61);
3480 l_orig_pk4_column VARCHAR2(61);
3481 l_orig_pk5_column VARCHAR2(61);
3482 l_type_converted_val_cols VARCHAR2(512);
3483 l_user_name VARCHAR2(80);
3484 -- l_orig_system VARCHAR2(48);
3485 l_orig_system_id NUMBER;
3486
3487 l_group_info VARCHAR2(32767); /* Must match g_pred_buf_size*/
3488 l_company_info VARCHAR2(32767); /* Must match g_pred_buf_size*/
3489 l_object_id NUMBER;
3490
3491 instance_set_grants_c DYNAMIC_CUR;
3492 l_dynamic_sql_1 VARCHAR2(32767);
3493 l_set_predicate_segment VARCHAR2(32767);
3494 l_prof_privilege_tbl EGO_VARCHAR_TBL_TYPE;
3495
3496 BEGIN
3497 SetGlobals();
3498 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
3499 ,p_module => l_api_name
3500 ,p_message => 'Started with 13 params '||
3501 ' p_api_version: '|| to_char(p_api_version) ||
3502 ' - p_function: '|| p_function ||
3503 ' - p_object_name: '|| p_object_name ||
3504 ' - p_grant_instance_type: '|| p_grant_instance_type ||
3505 ' - p_statement_type: '|| p_statement_type ||
3506 ' - p_pk1_alias: '|| p_pk1_alias ||
3507 ' - p_pk2_alias: '|| p_pk2_alias ||
3508 ' - p_pk3_alias: '|| p_pk3_alias ||
3509 ' - p_pk4_alias: '|| p_pk4_alias ||
3510 ' - p_pk5_alias: '|| p_pk5_alias
3511 );
3512
3513 -- check for call compatibility.
3514 if TRUNC(l_api_version) <> TRUNC(p_api_version) THEN
3515 fnd_message.set_name('FND', 'GENERIC-INTERNAL ERROR');
3516 fnd_message.set_token('ROUTINE', g_pkg_name || '.'|| l_api_name);
3517 fnd_message.set_token('REASON', 'Unsupported version '|| to_char(p_api_version)||
3518 ' passed to API; expecting version '||
3519 to_char(l_api_version));
3520 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
3521 ,p_module => l_api_name
3522 ,p_message => 'Returning as the call in incompatible '
3523 );
3524 x_return_status := G_RETURN_UNEXP_ERR; /* Unexpected Error */
3525 RETURN;
3526 END IF;
3527
3528 -- Check to make sure we're not using unsupported statement_type
3529 if (p_statement_type NOT IN ('BASE', 'OTHER', 'EXISTS')) then
3530 fnd_message.set_name('FND', 'GENERIC-INTERNAL ERROR');
3531 fnd_message.set_token('ROUTINE', g_pkg_name || '.'|| l_api_name);
3532 fnd_message.set_token('REASON', 'Unsupported p_statement_type: '|| p_statement_type);
3533 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
3534 ,p_module => l_api_name
3535 ,p_message => 'Returning as statement type is not supported'
3536 );
3537 x_return_status := G_RETURN_UNEXP_ERR; /* Unexpected Error */
3538 return;
3539 end if;
3540
3541 /* ### We haven't yet added support for NULL (all) function in arg. */
3542 /* ### Add that support since it is in the API. */
3543 if (p_function is NULL) then
3544 fnd_message.set_name('FND', 'GENERIC-INTERNAL ERROR');
3545 fnd_message.set_token('ROUTINE', g_pkg_name || '.'|| l_api_name);
3546 fnd_message.set_token('REASON', 'Support has not yet been added for passing NULL function.');
3547 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
3548 ,p_module => l_api_name
3549 ,p_message => 'Returning as mand parameter Function is not available '
3550 );
3551 x_return_status := G_RETURN_UNEXP_ERR; /* Unexpected Error */
3552 return;
3553 end if;
3554
3555 -- Check to make sure we're not using unsupported modes
3556 if ((p_grant_instance_type = 'SET')
3557 AND((p_pk1_alias is not NULL)
3558 OR (p_pk2_alias is not NULL)
3559 OR (p_pk3_alias is not NULL)
3560 OR (p_pk4_alias is not NULL)
3561 OR (p_pk5_alias is not NULL))) then
3562
3563 fnd_message.set_name('FND', 'GENERIC-INTERNAL ERROR');
3564 fnd_message.set_token('ROUTINE', g_pkg_name || '.'|| l_api_name);
3565 fnd_message.set_token('REASON', 'Unsupported mode arguments: '||
3566 ' p_grant_instance_type = SET.');
3567 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
3568 ,p_module => l_api_name
3569 ,p_message => 'Returning as incompatible combination for p_grant_instance_type = SET '
3570 );
3571 x_return_status := G_RETURN_UNEXP_ERR; /* Unexpected Error */
3572 return;
3573 end if;
3574
3575 /* We don't currently support BASE mode; we will have to change to */
3576 /* a pure OR statement when VPD becomes important. */
3577 if (p_statement_type = 'BASE') then
3578 fnd_message.set_name('FND', 'GENERIC-INTERNAL ERROR');
3579 fnd_message.set_token('ROUTINE', g_pkg_name || '.'|| l_api_name);
3580 fnd_message.set_token('REASON', 'Support has not yet been added for '|| 'p_statement_type = BASE.');
3581 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
3582 ,p_module => l_api_name
3583 ,p_message => 'Returning as incompatible statement_type = BASE '
3584 );
3585 x_return_status := G_RETURN_UNEXP_ERR; /* Unexpected Error */
3586 return;
3587 end if;
3588
3589 x_return_status := G_RETURN_SUCCESS; /* Assume Success */
3590 l_user_name := p_user_name;
3591 get_orig_key(x_user_name => l_user_name
3592 -- ,x_orig_system => l_orig_system
3593 ,x_orig_system_id => l_orig_system_id);
3594 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
3595 ,p_module => l_api_name
3596 ,p_message => 'l_user_name: '||l_user_name||
3597 -- ' - l_orig_system: '||l_orig_system||
3598 ' - l_orig_system_id: '||l_orig_system_id
3599 );
3600
3601 -----------------------------------------------------------------------------------
3602 --First we see if a profile option is set and if function exists --
3603 -- if so we return and empty predicate here itself without doing further query --
3604 -----------------------------------------------------------------------------------
3605
3606 getPrivilege_for_profileOption(p_api_version => p_api_version,
3607 p_object_name => p_object_name,
3608 p_user_name => p_user_name,
3609 x_privilege_tbl => l_prof_privilege_tbl,
3610 x_return_status => x_return_status);
3611
3612 IF (x_return_status = G_RETURN_SUCCESS) THEN
3613 IF (l_prof_privilege_tbl.COUNT > 0) THEN
3614 FOR i IN l_prof_privilege_tbl.first .. l_prof_privilege_tbl.last LOOP
3615 IF (l_prof_privilege_tbl(i) = p_function) THEN
3616 x_predicate := '';
3617 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
3618 ,p_module => l_api_name
3619 ,p_message => 'No need for predicate as user has privilege through profile '
3620 );
3621 RETURN;
3622 END IF; --if function match, returning empty predicate
3623 END LOOP;
3624 END IF; -- x_prof_privilege_tbl >0
3625 END IF; --return status is T
3626
3627 -- Step 1.
3628 -- check whether there is any grant for this use for any role that
3629 -- includes the given privilege
3630
3631 IF (p_grant_instance_type = G_TYPE_INSTANCE) THEN
3632 l_instance_set_flag:= FALSE;
3633 ELSIF (p_grant_instance_type = G_TYPE_SET) THEN
3634 l_instance_flag:= FALSE;
3635 END IF;
3636
3637 x_return_status := get_pk_information(p_object_name ,
3638 l_db_pk1_column ,
3639 l_db_pk2_column ,
3640 l_db_pk3_column ,
3641 l_db_pk4_column ,
3642 l_db_pk5_column ,
3643 l_pk_column_names ,
3644 l_type_converted_val_cols ,
3645 l_pk_orig_column_names,
3646 l_db_object_name,
3647 p_pk1_alias,
3648 p_pk2_alias,
3649 p_pk3_alias,
3650 p_pk4_alias,
3651 p_pk5_alias );
3652 if (x_return_status <> G_RETURN_SUCCESS) then
3653 /* There will be a message on the msg dict stack. */
3654 return; /* We will return the x_return_status as out param */
3655 end if;
3656
3657 l_object_id := get_object_id(p_object_name => p_object_name);
3658 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
3659 ,p_module => l_api_name
3660 ,p_message => 'l_object_id: '||l_object_id
3661 );
3662 l_company_info := get_company_info (p_party_id => l_orig_system_id);
3663 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
3664 ,p_module => l_api_name
3665 ,p_message => 'l_company_info: '||l_company_info
3666 );
3667 l_group_info := get_group_info(p_party_id => l_orig_system_id);
3668 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
3669 ,p_module => l_api_name
3670 ,p_message => 'l_group_info: '||l_group_info
3671 );
3672
3673 -- Step 2.
3674 l_aggregate_predicate := '';
3675 IF(l_instance_flag = TRUE) THEN
3676 if (p_statement_type = 'EXISTS') then
3677 l_aggregate_predicate := 'EXISTS ( SELECT ''X'' ';
3678 else
3679 l_aggregate_predicate := l_pk_column_names || ' IN ( SELECT ' ||l_type_converted_val_cols;
3680 end if;
3681
3682 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
3683 ,p_module => l_api_name
3684 ,p_message => 'l_aggregate_predicate : '||l_aggregate_predicate
3685 );
3686
3687
3688 if (p_statement_type = 'EXISTS') then
3689 --R12C Security Changes
3690 /* l_aggregate_predicate := l_aggregate_predicate ||
3691 ' FROM fnd_grants grants, fnd_form_functions functions, fnd_menu_entries cmf ' ||
3692 ' WHERE grants.INSTANCE_PK1_VALUE=to_char('||p_pk1_alias||')'; */
3693 if (p_object_name = 'EGO_CATALOG_GROUP') THEN
3694 l_aggregate_predicate := l_aggregate_predicate ||
3695 ' FROM fnd_grants grants, fnd_form_functions functions, fnd_menu_entries cmf, ego_item_cat_denorm_hier cathier ' ||
3696 ' WHERE grants.INSTANCE_PK1_VALUE=to_char(cathier.parent_catalog_group_id) AND cathier.child_catalog_group_id = to_char('||p_pk1_alias||')';
3697 else
3698 l_aggregate_predicate := l_aggregate_predicate ||
3699 ' FROM fnd_grants grants, fnd_form_functions functions, fnd_menu_entries cmf ' ||
3700 ' WHERE grants.INSTANCE_PK1_VALUE=to_char('||p_pk1_alias||')';
3701 end if;
3702 --R12C Security Changes
3703 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
3704 ,p_module => l_api_name
3705 ,p_message => 'l_aggregate_predicate : '||l_aggregate_predicate
3706 );
3707
3708 if(p_pk2_alias is not null) then
3709 l_aggregate_predicate := l_aggregate_predicate || ' AND grants.INSTANCE_PK2_VALUE=to_char('||p_pk2_alias||')';
3710 end if;
3711
3712 if(p_pk3_alias is not null) then
3713 l_aggregate_predicate := l_aggregate_predicate || ' AND grants.INSTANCE_PK3_VALUE=to_char('||p_pk3_alias||')';
3714 end if;
3715
3716 if(p_pk4_alias is not null) then
3717 l_aggregate_predicate := l_aggregate_predicate || ' AND grants.INSTANCE_PK4_VALUE=to_char('||p_pk4_alias||')';
3718 end if;
3719
3720 if(p_pk5_alias is not null) then
3721 l_aggregate_predicate := l_aggregate_predicate || ' AND grants.INSTANCE_PK5_VALUE=to_char('||p_pk5_alias||')';
3722 end if;
3723
3724 l_aggregate_predicate := l_aggregate_predicate ||
3725 ' AND grants.start_date <= sysdate ';
3726
3727 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
3728 ,p_module => l_api_name
3729 ,p_message => 'l_aggregate_predicate : '||l_aggregate_predicate
3730 );
3731 else
3732 l_aggregate_predicate := l_aggregate_predicate ||
3733 ' FROM fnd_grants grants, fnd_form_functions functions, fnd_menu_entries cmf ' ||
3734 ' WHERE grants.start_date <= sysdate ';
3735 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
3736 ,p_module => l_api_name
3737 ,p_message => 'l_aggregate_predicate : '||l_aggregate_predicate
3738 );
3739 end if;
3740
3741 l_aggregate_predicate :=
3742 l_aggregate_predicate ||
3743 ' AND (grants.end_date IS NULL OR grants.end_date >= sysdate) ' ||
3744 ' AND grants.instance_type = ''INSTANCE'' ' ||
3745 ' AND cmf.function_id = functions.function_id ' ||
3746 ' AND cmf.menu_id = grants.menu_id ' ||
3747 ' AND grants.object_id = ' || l_object_id ||
3748 ' AND functions.function_name = ''' || p_function || '''' ||
3749 ' AND ((grants.grantee_type = ''USER'' ' ||
3750 ' AND grants.grantee_key = '''||l_user_name||''')'||
3751 ' OR (grants.grantee_type = ''GROUP'' '||
3752 ' AND grants.grantee_key in ('|| l_group_info || ')) ' ||
3753 ' OR (grants.grantee_type = ''COMPANY'' '||
3754 ' AND grants.grantee_key in ('|| l_company_info || ')) ' ||
3755 ' OR (grants.grantee_type = ''GLOBAL'' ' ||
3756 ' AND grants.grantee_key in (''HZ_GLOBAL:-1000'', ''GLOBAL''))))';
3757 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
3758 ,p_module => l_api_name
3759 ,p_message => 'l_aggregate_predicate: '||l_aggregate_predicate
3760 );
3761 END IF;
3762 -- Step 3.
3763 l_set_predicates := '';
3764 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
3765 ,p_module => l_api_name
3766 ,p_message => 'l_set_predicates : '||l_set_predicates
3767 );
3768 IF (l_instance_set_flag = TRUE) THEN
3769 -------------------------------------------------------------------------------
3770 -- Now we build dynamic SQL using the work we just did to optimize the query --
3771 -------------------------------------------------------------------------------
3772 l_dynamic_sql_1 :=
3773 ' SELECT DISTINCT instance_sets.predicate ' ||
3774 ' FROM fnd_grants grants, fnd_form_functions functions, ' ||
3775 ' fnd_menu_entries cmf, fnd_object_instance_sets instance_sets ' ||
3776 ' WHERE grants.instance_type = :instance_type ' ||
3777 ' AND grants.start_date <= SYSDATE ' ||
3778 ' AND NVL(grants.end_date,SYSDATE) >= SYSDATE ' ||
3779 ' AND cmf.function_id = functions.function_id ' ||
3780 ' AND cmf.menu_id = grants.menu_id ' ||
3781 ' AND grants.instance_set_id = instance_sets.instance_set_id ' ||
3782 ' AND grants.object_id = :object_id ' ||
3783 ' AND functions.function_name = :function ' ||
3784 ' AND ((grants.grantee_type = ''USER'' ' ||
3785 ' AND grants.grantee_key = :grantee_key )' ||
3786 ' OR (grants.grantee_type = ''GROUP'' ' ||
3787 ' AND grants.grantee_key in ('||l_group_info||' ))' ||
3788 ' OR (grants.grantee_type = ''COMPANY'' ' ||
3789 ' AND grants.grantee_key in ( '||l_company_info||' ))' ||
3790 ' OR (grants.grantee_type = ''GLOBAL'' ' ||
3791 ' AND grants.grantee_key in (''HZ_GLOBAL:-1000'', ''GLOBAL''))) ';
3792 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
3793 ,p_module => l_api_name
3794 ,p_message => 'Binds for instance_set_grants_c '||
3795 ' G_TYPE_SET: '||G_TYPE_SET||
3796 ' - l_parent_object_id: '||l_object_id||
3797 ' - p_function: '||p_function||
3798 ' - l_user_name: '||l_user_name
3799 );
3800
3801 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
3802 ,p_module => l_api_name
3803 ,p_message => 'l_dynamic_sql_1 : '||l_dynamic_sql_1
3804 );
3805 OPEN instance_set_grants_c FOR l_dynamic_sql_1
3806 USING IN G_TYPE_SET,
3807 IN l_object_id,
3808 IN p_function,
3809 IN l_user_name;
3810 LOOP
3811 FETCH instance_set_grants_c into l_set_predicate_segment;
3812 EXIT WHEN instance_set_grants_c%NOTFOUND;
3813
3814 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
3815 ,p_module => l_api_name
3816 ,p_message => 'l_set_predicates : '||l_set_predicates
3817 );
3818 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
3819 ,p_module => l_api_name
3820 ,p_message => 'l_set_predicate_segment : '||l_set_predicate_segment
3821 );
3822 l_set_predicates := substrb(l_set_predicates ||
3823 l_set_predicate_segment ||
3824 ' OR ',
3825 1, g_pred_buf_size);
3826 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
3827 ,p_module => l_api_name
3828 ,p_message => 'l_set_predicates : '||l_set_predicates
3829 );
3830 END LOOP;
3831 CLOSE instance_set_grants_c;
3832 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
3833 ,p_module => l_api_name
3834 ,p_message => 'l_set_predicates: '||l_set_predicates
3835 );
3836
3837 IF(length(l_set_predicates) > 0) THEN
3838 -- strip off the trailing 'OR '
3839 l_set_predicates := substr(l_set_predicates, 1,
3840 length(l_set_predicates) - length('OR '));
3841
3842 IF(length(l_aggregate_predicate) > 0) THEN
3843 -- strip off the trailing ')'
3844 l_aggregate_predicate := substr(l_aggregate_predicate, 1,
3845 length(l_aggregate_predicate) - length(')'));
3846 if (p_statement_type = 'EXISTS') then
3847 l_pk_orig_column_names_t := l_pk_orig_column_names||',';
3848 l_orig_pk1_column := SUBSTR(l_pk_orig_column_names_t, 1, INSTR(l_pk_orig_column_names_t,',',1,1)-1);
3849 --R12C Security Changes
3850 /*l_aggregate_predicate := substrb(l_aggregate_predicate ||
3851 ' UNION ALL (SELECT ''X'' ' || ' FROM ' ||
3852 l_db_object_name || ' WHERE ' ||
3853 l_orig_pk1_column || '=' || p_pk1_alias, 1, g_pred_buf_size);*/
3854
3855 IF (p_object_name = 'EGO_ITEM') THEN
3856 l_aggregate_predicate := substrb(l_aggregate_predicate ||
3857 ' UNION ALL (SELECT ''X'' ' || ' FROM ' ||
3858 l_db_object_name ||', ego_item_cat_denorm_hier cathier WHERE item_catalog_group_id = cathier.child_catalog_group_id(+) AND ' ||
3859 l_orig_pk1_column || '=' || p_pk1_alias, 1, g_pred_buf_size);
3860
3861 ELSE
3862 l_aggregate_predicate := substrb(l_aggregate_predicate ||
3863 ' UNION ALL (SELECT ''X'' ' || ' FROM ' ||
3864 l_db_object_name || ' WHERE ' ||
3865 l_orig_pk1_column || '=' || p_pk1_alias, 1, g_pred_buf_size);
3866 END IF;
3867 --R12C Security Changes
3868
3869 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
3870 ,p_module => l_api_name
3871 ,p_message => 'l_set_predicates : '||l_set_predicates
3872 );
3873 if(p_pk2_alias is not null) then
3874 l_orig_pk2_column := SUBSTR(l_pk_orig_column_names_t, INSTR(l_pk_orig_column_names_t,',',1,1)+1, INSTR(l_pk_orig_column_names_t,',',1,2)-INSTR(l_pk_orig_column_names_t,',',1,1)-1 );
3875 l_aggregate_predicate := l_aggregate_predicate || ' AND ' || l_orig_pk2_column || '=' || p_pk2_alias;
3876 end if;
3877 if(p_pk3_alias is not null) then
3878 l_orig_pk3_column := SUBSTR(l_pk_orig_column_names_t, INSTR(l_pk_orig_column_names_t,',',1,2)+1, INSTR(l_pk_orig_column_names_t,',',1,3)-INSTR(l_pk_orig_column_names_t,',',1,2)-1 );
3879 l_aggregate_predicate := l_aggregate_predicate || ' AND ' || l_orig_pk3_column || '=' || p_pk3_alias;
3880 end if;
3881 if(p_pk4_alias is not null) then
3882 l_orig_pk4_column := SUBSTR(l_pk_orig_column_names_t, INSTR(l_pk_orig_column_names_t,',',1,3)+1, INSTR(l_pk_orig_column_names_t,',',1,4)-INSTR(l_pk_orig_column_names_t,',',1,3)-1 );
3883 l_aggregate_predicate := l_aggregate_predicate || ' AND ' || l_orig_pk4_column || '=' || p_pk4_alias;
3884 end if;
3885 if(p_pk5_alias is not null) then
3886 l_orig_pk5_column := SUBSTR(l_pk_orig_column_names, INSTR(l_pk_orig_column_names_t,',',1,4)+1 );
3887 l_aggregate_predicate := l_aggregate_predicate || ' AND ' || l_orig_pk5_column || '=' || p_pk5_alias;
3888 end if;
3889
3890 l_aggregate_predicate := substrb(l_aggregate_predicate ||
3891 ' AND ( ' ||
3892 l_set_predicates || ' ) ' ||
3893 '))',
3894 1, g_pred_buf_size);
3895
3896 else
3897 l_aggregate_predicate := substrb(l_aggregate_predicate ||
3898 ' UNION ALL (SELECT ' ||
3899 l_pk_orig_column_names || ' FROM ' ||
3900 l_db_object_name || ' WHERE ' ||
3901 l_set_predicates || '))',
3902 1, g_pred_buf_size);
3903 end if;
3904 ELSE
3905 l_aggregate_predicate:= l_set_predicates;
3906 END IF;
3907 END IF;
3908 END IF; -- end of if (l_instance_set_flag = TRUE) clause
3909
3910 x_predicate := l_aggregate_predicate;
3911
3912 if ((lengthb(l_aggregate_predicate) > g_vpd_buf_limit)
3913 AND (p_statement_type = 'BASE')) then
3914 FND_MESSAGE.SET_NAME('FND', 'GENERIC-INTERNAL ERROR');
3915 FND_MESSAGE.SET_TOKEN('ROUTINE', 'EGO_DATA_SECURITY.GET_SECURITY_PREDICATE');
3916 FND_MESSAGE.SET_TOKEN('REASON',
3917 'The predicate was longer than the database VPD limit of '||
3918 to_char(g_vpd_buf_limit)||' bytes for the predicate. ');
3919 x_return_status := 'L'; /* Indicate Error */
3920 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
3921 ,p_module => l_api_name
3922 ,p_message => 'Returning Status: '||x_return_status||' as predicate size is more'
3923 );
3924 end if;
3925 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
3926 ,p_module => l_api_name
3927 ,p_message => 'Returning Status: '||x_return_status
3928 );
3929 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
3930 ,p_module => l_api_name
3931 ,p_message => 'Returning Predicate: '||x_predicate
3932 );
3933
3934 EXCEPTION
3935 WHEN OTHERS THEN
3936 fnd_message.set_name('FND', 'SQL_PLSQL_ERROR');
3937 fnd_message.set_token('ROUTINE',G_PKG_NAME||l_api_name);
3938 fnd_message.set_token('ERRNO', SQLCODE);
3939 fnd_message.set_token('REASON', SQLERRM);
3940 code_debug (p_log_level => G_DEBUG_LEVEL_EXCEPTION
3941 ,p_module => l_api_name
3942 ,p_message => 'Returning EXCEPTION '||SQLERRM
3943 );
3944 x_return_status := G_RETURN_UNEXP_ERR;
3945 return;
3946 END get_security_predicate;
3947
3948 --------------------------------------------------------
3949 ---- get_sec_predicate_with_exists
3950 --------------------------------------------------------
3951 PROCEDURE get_sec_predicate_with_exists
3952 (
3953 p_api_version IN NUMBER,
3954 p_function IN VARCHAR2 default null,
3955 p_object_name IN VARCHAR2,
3956 p_grant_instance_type IN VARCHAR2 DEFAULT 'UNIVERSAL',/* SET, INSTANCE*/
3957 p_party_id IN NUMBER,
3958 /* stmnt_type: 'OTHER', 'BASE'=VPD, 'EXISTS'= for checking existence. */
3959 p_statement_type IN VARCHAR2 DEFAULT 'OTHER',
3960 p_pk1_alias IN VARCHAR2 DEFAULT NULL,
3961 p_pk2_alias IN VARCHAR2 DEFAULT NULL,
3962 p_pk3_alias IN VARCHAR2 DEFAULT NULL,
3963 p_pk4_alias IN VARCHAR2 DEFAULT NULL,
3964 p_pk5_alias IN VARCHAR2 DEFAULT NULL,
3965 x_predicate OUT NOCOPY varchar2,
3966 x_return_status OUT NOCOPY varchar2
3967 ) IS
3968 l_api_name CONSTANT VARCHAR2(50) := 'GET_SEC_PREDICATE_WITH_EXISTS';
3969
3970 -- On addition of any Required parameters the major version needs
3971 -- to change i.e. for eg. 1.X to 2.X.
3972 -- On addition of any Optional parameters the minor version needs
3973 -- to change i.e. for eg. X.6 to X.7.
3974 l_api_version CONSTANT NUMBER := 1.0;
3975 l_sysdate DATE := Sysdate;
3976 l_aggregate_predicate VARCHAR2(32767); /* Must match g_pred_buf_size*/
3977 l_instance_flag BOOLEAN DEFAULT TRUE;
3978 l_instance_set_flag BOOLEAN DEFAULT TRUE;
3979 l_set_predicates VARCHAR2(32767); /* Must match g_pred_buf_size*/
3980 l_db_object_name varchar2(30);
3981 l_db_pk1_column varchar2(61);
3982 l_db_pk2_column varchar2(61);
3983 l_db_pk3_column varchar2(61);
3984 l_db_pk4_column varchar2(61);
3985 l_db_pk5_column varchar2(61);
3986 l_pk_column_names varchar2(512);
3987 l_pk_orig_column_names varchar2(512);
3988 l_type_converted_val_cols varchar2(512);
3989 l_user_name varchar2(80);
3990 l_orig_system varchar2(48);
3991 l_orig_system_id NUMBER;
3992 l_sub_pred_clause varchar2(512);
3993
3994 l_group_info VARCHAR2(32767); /* Must match g_pred_buf_size*/
3995 l_company_info VARCHAR2(32767); /* Must match g_pred_buf_size*/
3996
3997 instance_set_grants_c DYNAMIC_CUR;
3998 l_dynamic_sql_1 VARCHAR2(32767);
3999 l_one_set_predicate VARCHAR2(32767);
4000 l_prof_privilege_tbl EGO_VARCHAR_TBL_TYPE;
4001
4002 CURSOR get_user_grantee_key (cp_party_id NUMBER)
4003 IS
4004 --SELECT decode (party_type,'PERSON','HZ_PARTY:'||party_id,'GROUP','HZ_GROUP:'||party_id,'ORGANIZATION','HZ_COMPANY:'||party_id) grantee_key
4005 SELECT party_type
4006 FROM hz_parties
4007 WHERE party_id=cp_party_id;
4008
4009 l_object_id number;
4010 p_user_name FND_GRANTS.grantee_key%TYPE;
4011 l_party_type VARCHAR2(30);
4012 BEGIN
4013 SetGlobals();
4014 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
4015 ,p_module => l_api_name
4016 ,p_message => 'Started with 13 params '||
4017 ' p_api_version: '|| to_char(p_api_version) ||
4018 ' - p_function: '|| p_function ||
4019 ' - p_object_name: '|| p_object_name ||
4020 ' - p_grant_instance_type: '|| p_grant_instance_type ||
4021 ' - p_party_id: '|| p_party_id ||
4022 ' - p_statement_type: '|| p_statement_type ||
4023 ' - p_pk1_alias: '|| p_pk1_alias ||
4024 ' - p_pk2_alias: '|| p_pk2_alias ||
4025 ' - p_pk3_alias: '|| p_pk3_alias ||
4026 ' - p_pk4_alias: '|| p_pk4_alias ||
4027 ' - p_pk5_alias: '|| p_pk5_alias
4028 );
4029
4030 x_return_status := G_RETURN_SUCCESS; /* Assume Success */
4031
4032 -- check for call compatibility.
4033 if TRUNC(l_api_version) <> TRUNC(p_api_version) THEN
4034 fnd_message.set_name('FND', 'GENERIC-INTERNAL ERROR');
4035 fnd_message.set_token('ROUTINE',
4036 g_pkg_name || '.'|| l_api_name);
4037 fnd_message.set_token('REASON',
4038 'Unsupported version '|| to_char(p_api_version)||
4039 ' passed to API; expecting version '||
4040 to_char(l_api_version));
4041 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
4042 ,p_module => l_api_name
4043 ,p_message => 'Returning as the call in incompatible '
4044 );
4045 x_return_status := G_RETURN_UNEXP_ERR; /* Unexpected Error */
4046 return;
4047 END IF;
4048
4049 -- Check to make sure we're not using unsupported statement_type
4050 if ((p_statement_type <> 'BASE') and (p_statement_type <> 'OTHER')
4051 AND (p_statement_type <> 'EXISTS')) then
4052 fnd_message.set_name('FND', 'GENERIC-INTERNAL ERROR');
4053 fnd_message.set_token('ROUTINE',
4054 g_pkg_name || '.'|| l_api_name);
4055 fnd_message.set_token('REASON',
4056 'Unsupported p_statement_type: '|| p_statement_type);
4057 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
4058 ,p_module => l_api_name
4059 ,p_message => 'Returning as statement type is not supported'
4060 );
4061 x_return_status := G_RETURN_UNEXP_ERR; /* Unexpected Error */
4062 return;
4063 end if;
4064
4065 /* ### We haven't yet added support for NULL (all) function in arg. */
4066 /* ### Add that support since it is in the API. */
4067 if (p_function is NULL) then
4068 fnd_message.set_name('FND', 'GENERIC-INTERNAL ERROR');
4069 fnd_message.set_token('ROUTINE',
4070 g_pkg_name || '.'|| l_api_name);
4071 fnd_message.set_token('REASON',
4072 'Support has not yet been added for passing NULL function.');
4073 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
4074 ,p_module => l_api_name
4075 ,p_message => 'Returning as mand parameter Function is not available '
4076 );
4077 x_return_status := G_RETURN_UNEXP_ERR; /* Unexpected Error */
4078 return;
4079 end if;
4080
4081
4082 -- Check to make sure we're not using unsupported modes
4083 if ((p_grant_instance_type = 'SET')
4084 AND((p_pk1_alias is not NULL)
4085 OR (p_pk2_alias is not NULL)
4086 OR (p_pk3_alias is not NULL)
4087 OR (p_pk4_alias is not NULL)
4088 OR (p_pk5_alias is not NULL))) then
4089
4090 fnd_message.set_name('FND', 'GENERIC-INTERNAL ERROR');
4091 fnd_message.set_token('ROUTINE', g_pkg_name || '.'|| l_api_name);
4092 fnd_message.set_token('REASON', 'Unsupported mode arguments: '||
4093 ' p_grant_instance_type = SET.');
4094 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
4095 ,p_module => l_api_name
4096 ,p_message => 'Returning as incompatible combination for p_grant_instance_type = SET '
4097 );
4098 x_return_status := G_RETURN_UNEXP_ERR; /* Unexpected Error */
4099 return;
4100 end if;
4101
4102 /* We don't currently support BASE mode; we will have to change to */
4103 /* a pure OR statement when VPD becomes important. */
4104 if (p_statement_type = 'BASE') then
4105 fnd_message.set_name('FND', 'GENERIC-INTERNAL ERROR');
4106 fnd_message.set_token('ROUTINE', g_pkg_name || '.'|| l_api_name);
4107 fnd_message.set_token('REASON', 'Support has not yet been added for '|| 'p_statement_type = BASE.');
4108 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
4109 ,p_module => l_api_name
4110 ,p_message => 'Returning as incompatible statement_type = BASE '
4111 );
4112 x_return_status := G_RETURN_UNEXP_ERR; /* Unexpected Error */
4113 return;
4114 end if;
4115
4116 -- Default the user name if not passed in.
4117 if(p_user_name is NULL) then
4118 l_user_name := G_USER_NAME;
4119 else
4120 l_user_name := p_user_name;
4121 end if;
4122
4123 -- Get the key columns from the user name
4124 -- We are not checking for NULL returns (meaning user not in wf_roles)
4125 -- because right now we allow checking of grants to users not in
4126 -- wf_roles.
4127
4128 IF(p_party_id=-1000) THEN
4129 l_party_type:='GLOBAL';
4130 ELSE
4131 OPEN get_user_grantee_key (cp_party_id=>p_party_id);
4132 FETCH get_user_grantee_key INTO l_party_type;
4133 CLOSE get_user_grantee_key;
4134 END IF;
4135 l_orig_system_id:=p_party_id;
4136 IF(l_party_type='GLOBAL') THEN
4137 l_orig_system:='HZ_GLOBAL';
4138 ELSIF(l_party_type='GROUP') THEN
4139 l_orig_system:='HZ_GROUP';
4140 ELSIF(l_party_type='ORGANIZATION') THEN
4141 l_orig_system:='HZ_COMPANY';
4142 ELSIF(l_party_type='PERSON') THEN
4143 l_orig_system:='HZ_PARTY';
4144 END IF;
4145 l_user_name:=l_orig_system||':'||l_orig_system_id;
4146
4147 -----------------------------------------------------------------------------------
4148 --First we see if a profile option is set and if function exists --
4149 -- if so we return and empty predicate here itself without doing further query --
4150 -----------------------------------------------------------------------------------
4151
4152 getPrivilege_for_profileOption(p_api_version => p_api_version,
4153 p_object_name => p_object_name,
4154 p_user_name => l_user_name,
4155 x_privilege_tbl => l_prof_privilege_tbl,
4156 x_return_status => x_return_status);
4157
4158 IF (x_return_status = G_RETURN_SUCCESS) THEN
4159 IF (l_prof_privilege_tbl.COUNT > 0) THEN
4160 FOR i IN l_prof_privilege_tbl.first .. l_prof_privilege_tbl.last LOOP
4161 IF (l_prof_privilege_tbl(i) = p_function) THEN
4162 x_predicate := '';
4163 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
4164 ,p_module => l_api_name
4165 ,p_message => 'No need for predicate as user has privilege through profile '
4166 );
4167 return;
4168 END IF; --if function match, returning empty predicate
4169 END LOOP;
4170 END IF; -- x_prof_privilege_tbl >0
4171 END IF; --return status is T
4172
4173 -- Step 1.
4174 -- check whether there is any grant for this use for any role that
4175 -- includes the given privilege
4176
4177 IF (p_grant_instance_type = G_TYPE_INSTANCE) THEN
4178 l_instance_set_flag:= FALSE;
4179 ELSIF (p_grant_instance_type = G_TYPE_SET) THEN
4180 l_instance_flag:= FALSE;
4181 END IF;
4182
4183 x_return_status := get_pk_information(p_object_name ,
4184 l_db_pk1_column ,
4185 l_db_pk2_column ,
4186 l_db_pk3_column ,
4187 l_db_pk4_column ,
4188 l_db_pk5_column ,
4189 l_pk_column_names ,
4190 l_type_converted_val_cols ,
4191 l_pk_orig_column_names,
4192 l_db_object_name,
4193 p_pk1_alias,
4194 p_pk2_alias,
4195 p_pk3_alias,
4196 p_pk4_alias,
4197 p_pk5_alias );
4198 if (x_return_status <> G_RETURN_SUCCESS) then
4199 /* There will be a message on the msg dict stack. */
4200 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
4201 ,p_module => l_api_name
4202 ,p_message => 'Returning FALSE as pk values are not correct'
4203 );
4204 return; /* We will return the x_return_status as out param */
4205 end if;
4206
4207 l_object_id :=get_object_id(p_object_name => p_object_name );
4208 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
4209 ,p_module => l_api_name
4210 ,p_message => 'l_object_id: '||l_object_id
4211 );
4212 l_group_info := get_group_info(p_party_id => l_orig_system_id);
4213 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
4214 ,p_module => l_api_name
4215 ,p_message => 'l_group_info: '||l_group_info
4216 );
4217 l_company_info := get_company_info (p_party_id => l_orig_system_id);
4218 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
4219 ,p_module => l_api_name
4220 ,p_message => 'l_company_info: '||l_company_info
4221 );
4222
4223 -- Step 2.
4224 l_aggregate_predicate := '';
4225 IF(l_instance_flag = TRUE) THEN
4226 if (p_statement_type = 'EXISTS') then
4227 l_aggregate_predicate := 'EXISTS (';
4228 else
4229 l_aggregate_predicate := l_pk_column_names || ' IN (';
4230 end if;
4231 --R12C Security Changes
4232 /*l_aggregate_predicate :=
4233 l_aggregate_predicate ||
4234 ' SELECT INSTANCE_PK1_VALUE' ||
4235 ' FROM fnd_grants grants, ' ||
4236 ' fnd_form_functions functions, ' ||
4237 ' fnd_menu_entries cmf ' ||
4238 ' WHERE grants.INSTANCE_PK1_VALUE=to_char('||p_pk1_alias||')'||
4239 ' AND NVL(grants.end_date,SYSDATE) >= SYSDATE ' ||
4240 ' AND grants.instance_type= ''INSTANCE'' ' ||
4241 ' AND cmf.function_id = functions.function_id ' ||
4242 ' AND cmf.menu_id = grants.menu_id ' ||
4243 ' AND grants.object_id = ' || l_object_id ||
4244 ' AND functions.function_name = ''' || p_function || '''' ||
4245 ' AND ( ( grants.grantee_type = ''USER'' ' ||
4246 ' AND grants.grantee_key = '''||l_user_name||''')'||
4247 ' OR ( grants.grantee_type = ''GROUP'' '||
4248 ' AND grants.grantee_key in '||
4249 ' ( '|| l_group_info || ')) ' ||
4250 ' OR ( grants.grantee_type = ''COMPANY'' '||
4251 ' AND grants.grantee_key in '||
4252 ' ( '|| l_company_info || ')) ' ||
4253 ' OR (grants.grantee_type = ''GLOBAL'' AND grants.grantee_key in (''HZ_GLOBAL:-1000'', ''GLOBAL'') )))';*/
4254 if (p_object_name = 'EGO_CATALOG_GROUP') THEN
4255 l_aggregate_predicate :=
4256 l_aggregate_predicate ||
4257 ' SELECT INSTANCE_PK1_VALUE' ||
4258 ' FROM fnd_grants grants, ' ||
4259 ' fnd_form_functions functions, ' ||
4260 ' fnd_menu_entries cmf, ' ||
4261 ' ego_item_cat_denorm_hier cathier ' ||
4262 ' WHERE grants.INSTANCE_PK1_VALUE=to_char(cathier.parent_catalog_group_id)' ||
4263 ' AND cathier.child_catalog_group_id = to_char('||p_pk1_alias||')' ||
4264 ' AND NVL(grants.end_date,SYSDATE) >= SYSDATE ' ||
4265 ' AND grants.instance_type= ''INSTANCE'' ' ||
4266 ' AND cmf.function_id = functions.function_id ' ||
4267 ' AND cmf.menu_id = grants.menu_id ' ||
4268 ' AND grants.object_id = ' || l_object_id ||
4269 ' AND functions.function_name = ''' || p_function || '''' ||
4270 ' AND ( ( grants.grantee_type = ''USER'' ' ||
4271 ' AND grants.grantee_key = '''||l_user_name||''')'||
4272 ' OR ( grants.grantee_type = ''GROUP'' '||
4273 ' AND grants.grantee_key in '||
4274 ' ( '|| l_group_info || ')) ' ||
4275 ' OR ( grants.grantee_type = ''COMPANY'' '||
4276 ' AND grants.grantee_key in '||
4277 ' ( '|| l_company_info || ')) ' ||
4278 ' OR (grants.grantee_type = ''GLOBAL'' AND grants.grantee_key in (''HZ_GLOBAL:-1000'', ''GLOBAL'') )))';
4279 else
4280 l_aggregate_predicate :=
4281 l_aggregate_predicate ||
4282 ' SELECT INSTANCE_PK1_VALUE' ||
4283 ' FROM fnd_grants grants, ' ||
4284 ' fnd_form_functions functions, ' ||
4285 ' fnd_menu_entries cmf ' ||
4286 ' WHERE grants.INSTANCE_PK1_VALUE=to_char('||p_pk1_alias||')'||
4287 ' AND NVL(grants.end_date,SYSDATE) >= SYSDATE ' ||
4288 ' AND grants.instance_type= ''INSTANCE'' ' ||
4289 ' AND cmf.function_id = functions.function_id ' ||
4290 ' AND cmf.menu_id = grants.menu_id ' ||
4291 ' AND grants.object_id = ' || l_object_id ||
4292 ' AND functions.function_name = ''' || p_function || '''' ||
4293 ' AND ( ( grants.grantee_type = ''USER'' ' ||
4294 ' AND grants.grantee_key = '''||l_user_name||''')'||
4295 ' OR ( grants.grantee_type = ''GROUP'' '||
4296 ' AND grants.grantee_key in '||
4297 ' ( '|| l_group_info || ')) ' ||
4298 ' OR ( grants.grantee_type = ''COMPANY'' '||
4299 ' AND grants.grantee_key in '||
4300 ' ( '|| l_company_info || ')) ' ||
4301 ' OR (grants.grantee_type = ''GLOBAL'' AND grants.grantee_key in (''HZ_GLOBAL:-1000'', ''GLOBAL'') )))';
4302 end if;
4303 --R12C Security Changes
4304 END IF;
4305
4306 -- Step 3.
4307 l_set_predicates:='';
4308 -- R12C Security Changes
4309 /*l_sub_pred_clause:= ' UNION ALL ( SELECT to_char('
4310 ||l_pk_orig_column_names || ') FROM ' ||
4311 l_db_object_name ||
4312 ' WHERE ' || l_pk_orig_column_names||'='||p_pk1_alias ||
4313 ' AND ';*/
4314 IF (p_object_name = 'EGO_ITEM') THEN
4315 l_sub_pred_clause:= ' UNION ALL ( SELECT to_char('
4316 ||l_pk_orig_column_names || ') FROM ' ||
4317 l_db_object_name ||
4318 ' , ego_item_cat_denorm_hier cathier WHERE ' || l_pk_orig_column_names||'='||p_pk1_alias ||
4319 ' AND ';
4320 ELSE
4321 l_sub_pred_clause:= ' UNION ALL ( SELECT to_char('
4322 ||l_pk_orig_column_names || ') FROM ' ||
4323 l_db_object_name ||
4324 ' WHERE ' || l_pk_orig_column_names||'='||p_pk1_alias ||
4325 ' AND ';
4326 END IF;
4327 -- R12C Security Changes
4328
4329 IF(l_instance_set_flag = TRUE) THEN
4330 l_dynamic_sql_1 :=
4331 ' SELECT DISTINCT instance_sets.predicate ' ||
4332 ' FROM fnd_grants grants, fnd_form_functions functions, ' ||
4333 ' fnd_menu_entries cmf, fnd_object_instance_sets instance_sets ' ||
4334 ' WHERE grants.instance_type = :instance_type ' ||
4335 ' AND grants.start_date <= SYSDATE ' ||
4336 ' AND NVL(grants.end_date,SYSDATE) >= SYSDATE ' ||
4337 ' AND cmf.function_id = functions.function_id ' ||
4338 ' AND cmf.menu_id = grants.menu_id ' ||
4339 ' AND grants.instance_set_id = instance_sets.instance_set_id ' ||
4340 ' AND grants.object_id = :object_id ' ||
4341 ' AND functions.function_name = :function ' ||
4342 ' AND ((grants.grantee_type = ''USER'' ' ||
4343 ' AND grants.grantee_key = :grantee_key )' ||
4344 ' OR (grants.grantee_type = ''GROUP'' ' ||
4345 ' AND grants.grantee_key in ( '||l_group_info||' ))' ||
4346 ' OR (grants.grantee_type = ''COMPANY'' ' ||
4347 ' AND grants.grantee_key in ( '||l_company_info||' ))' ||
4348 ' OR (grants.grantee_type = ''GLOBAL'' ' ||
4349 ' AND grants.grantee_key in (''HZ_GLOBAL:-1000'', ''GLOBAL''))) ';
4350 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
4351 ,p_module => l_api_name
4352 ,p_message => 'Binds for instance_set_grants_c '||
4353 ' G_TYPE_SET: '||G_TYPE_SET||
4354 ' - l_parent_object_id: '||l_object_id||
4355 ' - p_function: '||p_function||
4356 ' - l_user_name: '||l_user_name
4357 );
4358
4359 OPEN instance_set_grants_c FOR l_dynamic_sql_1
4360 USING IN G_TYPE_SET,
4361 IN l_object_id,
4362 IN p_function,
4363 IN l_user_name;
4364 LOOP
4365 FETCH instance_set_grants_c INTO l_one_set_predicate;
4366 EXIT WHEN instance_set_grants_c%NOTFOUND;
4367 l_set_predicates := l_set_predicates ||
4368 l_sub_pred_clause ||
4369 l_one_set_predicate ||')';
4370 END LOOP;
4371 CLOSE instance_set_grants_c;
4372 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
4373 ,p_module => l_api_name
4374 ,p_message => 'l_set_predicates: '||l_set_predicates
4375 );
4376
4377 IF( length(l_set_predicates ) >0) THEN
4378 -- strip off the trailing 'OR '
4379 /*l_set_predicates := substr(l_set_predicates, 1,
4380 length(l_set_predicates) - length('OR '));
4381 */
4382
4383 IF(length(l_aggregate_predicate) >0 ) THEN
4384 -- strip off the trailing ')'
4385 l_aggregate_predicate := substr(l_aggregate_predicate, 1,
4386 length(l_aggregate_predicate) - length(')'));
4387
4388 l_aggregate_predicate := substrb(
4389 l_aggregate_predicate ||
4390 l_set_predicates || ')', 1, g_pred_buf_size);
4391 ELSE
4392 l_aggregate_predicate:= l_set_predicates;
4393 END IF;
4394 END IF;
4395 END IF;
4396
4397 x_predicate := l_aggregate_predicate;
4398
4399 if ((lengthb(l_aggregate_predicate) > g_vpd_buf_limit)
4400 AND (p_statement_type = 'BASE'))then
4401 FND_MESSAGE.SET_NAME('FND', 'GENERIC-INTERNAL ERROR');
4402 FND_MESSAGE.SET_TOKEN('ROUTINE',
4403 'EGO_DATA_SECURITY.GET_SECURITY_PREDICATE');
4404 FND_MESSAGE.SET_TOKEN('REASON',
4405 'The predicate was longer than the database VPD limit of '||
4406 to_char(g_vpd_buf_limit)||' bytes for the predicate. ');
4407 x_return_status := 'L'; /* Indicate Error */
4408 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
4409 ,p_module => l_api_name
4410 ,p_message => 'Returning Status: '||x_return_status||' as predicate size is more'
4411 );
4412 end if;
4413 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
4414 ,p_module => l_api_name
4415 ,p_message => 'Returning Status: '||x_return_status
4416 );
4417 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
4418 ,p_module => l_api_name
4419 ,p_message => 'Returning Predicate: '||x_predicate
4420 );
4421
4422 EXCEPTION
4423 WHEN OTHERS THEN
4424 fnd_message.set_name('FND', 'SQL_PLSQL_ERROR');
4425 fnd_message.set_token('ROUTINE',G_PKG_NAME||l_api_name);
4426 fnd_message.set_token('ERRNO', SQLCODE);
4427 fnd_message.set_token('REASON', SQLERRM);
4428 x_return_status := G_RETURN_UNEXP_ERR;
4429 code_debug (p_log_level => G_DEBUG_LEVEL_EXCEPTION
4430 ,p_module => l_api_name
4431 ,p_message => 'Returning EXCEPTION '||SQLERRM
4432 );
4433 return;
4434 END get_sec_predicate_with_exists;
4435
4436 --------------------------------------------------------
4437 ---- get_sec_predicate_with_clause
4438 --------------------------------------------------------
4439 PROCEDURE get_sec_predicate_with_clause
4440 (
4441 p_api_version IN NUMBER,
4442 p_function IN VARCHAR2 default null,
4443 p_object_name IN VARCHAR2,
4444 p_grant_instance_type IN VARCHAR2 DEFAULT 'UNIVERSAL',/* SET, INSTANCE*/
4445 p_party_id IN NUMBER,
4446 p_append_inst_set_predicate IN VARCHAR2 default null,
4447 /* stmnt_type: 'OTHER', 'BASE'=VPD, 'EXISTS'= for checking existence. */
4448 p_statement_type IN VARCHAR2 DEFAULT 'OTHER',
4449 p_pk1_alias IN VARCHAR2 DEFAULT NULL,
4450 p_pk2_alias IN VARCHAR2 DEFAULT NULL,
4451 p_pk3_alias IN VARCHAR2 DEFAULT NULL,
4452 p_pk4_alias IN VARCHAR2 DEFAULT NULL,
4453 p_pk5_alias IN VARCHAR2 DEFAULT NULL,
4454 x_predicate OUT NOCOPY varchar2,
4455 x_return_status OUT NOCOPY varchar2
4456 ) IS
4457 l_api_name CONSTANT VARCHAR2(50) := 'GET_SEC_PREDICATE_WITH_CLAUSE';
4458
4459 -- On addition of any Required parameters the major version needs
4460 -- to change i.e. for eg. 1.X to 2.X.
4461 -- On addition of any Optional parameters the minor version needs
4462 -- to change i.e. for eg. X.6 to X.7.
4463 l_api_version CONSTANT NUMBER := 1.0;
4464 l_sysdate DATE := Sysdate;
4465 l_aggregate_predicate VARCHAR2(32767); /* Must match g_pred_buf_size*/
4466 l_instance_flag BOOLEAN DEFAULT TRUE;
4467 l_instance_set_flag BOOLEAN DEFAULT TRUE;
4468 l_set_predicates VARCHAR2(32767); /* Must match g_pred_buf_size*/
4469 l_db_object_name varchar2(30);
4470 l_db_pk1_column varchar2(61);
4471 l_db_pk2_column varchar2(61);
4472 l_db_pk3_column varchar2(61);
4473 l_db_pk4_column varchar2(61);
4474 l_db_pk5_column varchar2(61);
4475 l_pk_column_names varchar2(512);
4476 l_pk_orig_column_names varchar2(512);
4477 l_type_converted_val_cols varchar2(512);
4478 l_user_name varchar2(80);
4479 l_orig_system varchar2(48);
4480 l_orig_system_id NUMBER;
4481 l_sub_pred_clause varchar2(512);
4482
4483 l_group_info VARCHAR2(32767); /* Must match g_pred_buf_size*/
4484 l_company_info VARCHAR2(32767); /* Must match g_pred_buf_size*/
4485 l_prof_privilege_tbl EGO_VARCHAR_TBL_TYPE;
4486 l_dynamic_sql VARCHAR2(32767);
4487 instance_set_grants_c DYNAMIC_CUR;
4488 l_set_predicate VARCHAR2(32767);
4489
4490 CURSOR get_user_grantee_key (cp_party_id NUMBER) IS
4491 --SELECT decode (party_type,'PERSON','HZ_PARTY:'||party_id,'GROUP','HZ_GROUP:'||party_id,'ORGANIZATION','HZ_COMPANY:'||party_id) grantee_key
4492 SELECT party_type
4493 FROM hz_parties
4494 WHERE party_id=cp_party_id;
4495 l_object_id NUMBER;
4496 p_user_name FND_GRANTS.grantee_key%TYPE;
4497 l_party_type VARCHAR2(30);
4498 l_append_inst_set_predicate VARCHAR2(2000);
4499 BEGIN
4500
4501 SetGlobals();
4502 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
4503 ,p_module => l_api_name
4504 ,p_message => 'Started with 14 params '||
4505 ' p_api_version: '|| to_char(p_api_version) ||
4506 ' - p_function: '|| p_function ||
4507 ' - p_object_name: '|| p_object_name ||
4508 ' - p_grant_instance_type: '|| p_grant_instance_type ||
4509 ' - p_party_id: '|| p_party_id ||
4510 ' - p_append_inst_set_predicate: '|| p_append_inst_set_predicate ||
4511 ' - p_statement_type: '|| p_statement_type ||
4512 ' - p_pk1_alias: '|| p_pk1_alias ||
4513 ' - p_pk2_alias: '|| p_pk2_alias ||
4514 ' - p_pk3_alias: '|| p_pk3_alias ||
4515 ' - p_pk4_alias: '|| p_pk4_alias ||
4516 ' - p_pk5_alias: '|| p_pk5_alias
4517 );
4518
4519 -- check for call compatibility.
4520 if TRUNC(l_api_version) <> TRUNC(p_api_version) THEN
4521 fnd_message.set_name('FND', 'GENERIC-INTERNAL ERROR');
4522 fnd_message.set_token('ROUTINE',
4523 g_pkg_name || '.'|| l_api_name);
4524 fnd_message.set_token('REASON',
4525 'Unsupported version '|| to_char(p_api_version)||
4526 ' passed to API; expecting version '||
4527 to_char(l_api_version));
4528 x_return_status := G_RETURN_UNEXP_ERR; /* Unexpected Error */
4529 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
4530 ,p_module => l_api_name
4531 ,p_message => 'Returning as the call in incompatible '
4532 );
4533 return;
4534 END IF;
4535
4536 -- Check to make sure we're not using unsupported statement_type
4537 if ((p_statement_type <> 'BASE') and (p_statement_type <> 'OTHER')
4538 AND (p_statement_type <> 'EXISTS')) then
4539 fnd_message.set_name('FND', 'GENERIC-INTERNAL ERROR');
4540 fnd_message.set_token('ROUTINE',
4541 g_pkg_name || '.'|| l_api_name);
4542 fnd_message.set_token('REASON',
4543 'Unsupported p_statement_type: '|| p_statement_type);
4544 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
4545 ,p_module => l_api_name
4546 ,p_message => 'Returning as statement type is not supported'
4547 );
4548 x_return_status := G_RETURN_UNEXP_ERR; /* Unexpected Error */
4549 return;
4550 end if;
4551
4552 /* ### We haven't yet added support for NULL (all) function in arg. */
4553 /* ### Add that support since it is in the API. */
4554 if (p_function is NULL) then
4555 fnd_message.set_name('FND', 'GENERIC-INTERNAL ERROR');
4556 fnd_message.set_token('ROUTINE',
4557 g_pkg_name || '.'|| l_api_name);
4558 fnd_message.set_token('REASON',
4559 'Support has not yet been added for passing NULL function.');
4560 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
4561 ,p_module => l_api_name
4562 ,p_message => 'Returning as mand parameter Function is not available '
4563 );
4564 x_return_status := G_RETURN_UNEXP_ERR; /* Unexpected Error */
4565 return;
4566 end if;
4567
4568 -- Check to make sure we're not using unsupported modes
4569 if ((p_grant_instance_type = 'SET')
4570 AND((p_pk1_alias is not NULL)
4571 OR (p_pk2_alias is not NULL)
4572 OR (p_pk3_alias is not NULL)
4573 OR (p_pk4_alias is not NULL)
4574 OR (p_pk5_alias is not NULL))) then
4575 fnd_message.set_name('FND', 'GENERIC-INTERNAL ERROR');
4576 fnd_message.set_token('ROUTINE',
4577 g_pkg_name || '.'|| l_api_name);
4578 fnd_message.set_token('REASON',
4579 'Unsupported mode arguments: '||
4580 'p_statement_type = BASE or p_grant_instance_type = SET.');
4581 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
4582 ,p_module => l_api_name
4583 ,p_message => 'Returning as incompatible combination for p_grant_instance_type = SET '
4584 );
4585 x_return_status := G_RETURN_UNEXP_ERR; /* Unexpected Error */
4586 return;
4587 end if;
4588
4589 /* We don't currently support BASE mode; we will have to change to */
4590 /* a pure OR statement when VPD becomes important. */
4591 if (p_statement_type = 'BASE') then
4592 fnd_message.set_name('FND', 'GENERIC-INTERNAL ERROR');
4593 fnd_message.set_token('ROUTINE',
4594 g_pkg_name || '.'|| l_api_name);
4595 fnd_message.set_token('REASON',
4596 'Support has not yet been added for '||
4597 'p_statement_type = BASE.');
4598 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
4599 ,p_module => l_api_name
4600 ,p_message => 'Returning as incompatible statement_type = BASE '
4601 );
4602 x_return_status := G_RETURN_UNEXP_ERR; /* Unexpected Error */
4603 return;
4604 end if;
4605
4606 x_return_status := G_RETURN_SUCCESS; /* Assume Success */
4607 -- Default the user name if not passed in.
4608 if(p_user_name is NULL) then
4609 l_user_name := FND_GLOBAL.USER_NAME;
4610 else
4611 l_user_name := p_user_name;
4612 end if;
4613
4614 -- Get the key columns from the user name
4615 -- We are not checking for NULL returns (meaning user not in wf_roles)
4616 -- because right now we allow checking of grants to users not in
4617 -- wf_roles.
4618
4619 IF(p_party_id=-1000) THEN
4620 l_party_type:='GLOBAL';
4621 ELSE
4622 OPEN get_user_grantee_key (cp_party_id=>p_party_id);
4623 FETCH get_user_grantee_key INTO l_party_type;
4624 CLOSE get_user_grantee_key;
4625 END IF;
4626 l_orig_system_id:=p_party_id;
4627 IF(l_party_type='GLOBAL') THEN
4628 l_orig_system:='HZ_GLOBAL';
4629 ELSIF(l_party_type='GROUP') THEN
4630 l_orig_system:='HZ_GROUP';
4631 ELSIF(l_party_type='ORGANIZATION') THEN
4632 l_orig_system:='HZ_COMPANY';
4633 ELSIF(l_party_type='PERSON') THEN
4634 l_orig_system:='HZ_PARTY';
4635 END IF;
4636 l_user_name:=l_orig_system||':'||l_orig_system_id;
4637
4638 -----------------------------------------------------------------------------------
4639 --First we see if a profile option is set and if function exists --
4640 -- if so we return and empty predicate here itself without doing further query --
4641 -----------------------------------------------------------------------------------
4642
4643 getPrivilege_for_profileOption(p_api_version => p_api_version,
4644 p_object_name => p_object_name,
4645 p_user_name => l_user_name,
4646 x_privilege_tbl => l_prof_privilege_tbl,
4647 x_return_status => x_return_status);
4648
4649 IF (x_return_status = G_RETURN_SUCCESS) THEN
4650 IF (l_prof_privilege_tbl.COUNT > 0) THEN
4651 FOR i IN l_prof_privilege_tbl.first .. l_prof_privilege_tbl.last LOOP
4652 IF (l_prof_privilege_tbl(i) = p_function) THEN
4653 x_predicate := '';
4654 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
4655 ,p_module => l_api_name
4656 ,p_message => 'No need for predicate as user has privilege through profile '
4657 );
4658 RETURN;
4659 END IF; --if function match, returning empty predicate
4660 END LOOP;
4661 END IF; -- x_prof_privilege_tbl >0
4662 END IF; --return status is T
4663
4664 -- Step 1.
4665 -- check whether there is any grant for this use for any role that
4666 -- includes the given privilege
4667
4668 IF (p_grant_instance_type = G_TYPE_INSTANCE) THEN
4669 l_instance_set_flag:= FALSE;
4670 ELSIF (p_grant_instance_type = G_TYPE_SET) THEN
4671 l_instance_flag:= FALSE;
4672 END IF;
4673
4674 x_return_status := get_pk_information(p_object_name ,
4675 l_db_pk1_column ,
4676 l_db_pk2_column ,
4677 l_db_pk3_column ,
4678 l_db_pk4_column ,
4679 l_db_pk5_column ,
4680 l_pk_column_names ,
4681 l_type_converted_val_cols ,
4682 l_pk_orig_column_names,
4683 l_db_object_name,
4684 p_pk1_alias,
4685 p_pk2_alias,
4686 p_pk3_alias,
4687 p_pk4_alias,
4688 p_pk5_alias );
4689 if (x_return_status <> G_RETURN_SUCCESS) then
4690 /* There will be a message on the msg dict stack. */
4691 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
4692 ,p_module => l_api_name
4693 ,p_message => 'Returning FALSE as pk values are not correct'
4694 );
4695 return; /* We will return the x_return_status as out param */
4696 end if;
4697
4698 l_object_id :=get_object_id(p_object_name => p_object_name );
4699 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
4700 ,p_module => l_api_name
4701 ,p_message => 'l_object_id: '||l_object_id
4702 );
4703 l_group_info := get_group_info(p_party_id => l_orig_system_id);
4704 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
4705 ,p_module => l_api_name
4706 ,p_message => 'l_group_info: '||l_group_info
4707 );
4708 l_company_info := get_company_info (p_party_id => l_orig_system_id);
4709 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
4710 ,p_module => l_api_name
4711 ,p_message => 'l_company_info: '||l_company_info
4712 );
4713
4714 -- Step 2.
4715 l_aggregate_predicate := '';
4716 IF(l_instance_flag = TRUE) THEN
4717 if (p_statement_type = 'EXISTS') then
4718 l_aggregate_predicate := 'EXISTS (';
4719 else
4720 l_aggregate_predicate := 'to_char('||l_pk_column_names || ') IN (';
4721 end if;
4722 -- R12C Security Predicate
4723 /* l_aggregate_predicate :=
4724 l_aggregate_predicate ||
4725 ' SELECT INSTANCE_PK1_VALUE' ||
4726 ' FROM fnd_grants grants, ' ||
4727 ' fnd_form_functions functions, ' ||
4728 ' fnd_menu_entries cmf ' ||
4729 ' WHERE grants.start_date <= sysdate ' ||
4730 ' AND NVL(grants.end_date,SYSDATE) >= SYSDATE ' ||
4731 ' AND grants.instance_type= ''INSTANCE'' ' ||
4732 ' AND cmf.function_id = functions.function_id ' ||
4733 ' AND cmf.menu_id = grants.menu_id ' ||
4734 ' AND grants.object_id = ' || l_object_id ||
4735 ' AND functions.function_name = ''' || p_function || '''' ||
4736 ' AND ( ( grants.grantee_type = ''USER'' ' ||
4737 ' AND grants.grantee_key = '''||l_user_name||''')'||
4738 ' OR ( grants.grantee_type = ''GROUP'' '||
4739 ' AND grants.grantee_key in '||
4740 ' ( '|| l_group_info || ')) ' ||
4741 ' OR ( grants.grantee_type = ''COMPANY'' '||
4742 ' AND grants.grantee_key in '||
4743 ' ( '|| l_company_info || ')) ' ||
4744 ' OR (grants.grantee_type = ''GLOBAL'' AND grants.grantee_key in (''HZ_GLOBAL:-1000'', ''GLOBAL'') )))';*/
4745 if (p_object_name = 'EGO_CATALOG_GROUP') THEN
4746 l_aggregate_predicate := l_aggregate_predicate ||
4747 ' SELECT INSTANCE_PK1_VALUE' ||
4748 ' FROM fnd_grants grants, ' ||
4749 ' fnd_form_functions functions, ' ||
4750 ' fnd_menu_entries cmf, ' ||
4751 'ego_item_cat_denorm_hier cathier ' ||
4752 'WHERE grants.INSTANCE_PK1_VALUE=to_char(cathier.parent_catalog_group_id) '||
4753 'AND cathier.child_catalog_group_id = to_char('||p_pk1_alias||')' ||
4754 ' AND grants.start_date <= sysdate ' ||
4755 ' AND NVL(grants.end_date,SYSDATE) >= SYSDATE ' ||
4756 ' AND grants.instance_type= ''INSTANCE'' ' ||
4757 ' AND cmf.function_id = functions.function_id ' ||
4758 ' AND cmf.menu_id = grants.menu_id ' ||
4759 ' AND grants.object_id = ' || l_object_id ||
4760 ' AND functions.function_name = ''' || p_function || '''' ||
4761 ' AND ( ( grants.grantee_type = ''USER'' ' ||
4762 ' AND grants.grantee_key = '''||l_user_name||''')'||
4763 ' OR ( grants.grantee_type = ''GROUP'' '||
4764 ' AND grants.grantee_key in '||
4765 ' ( '|| l_group_info || ')) ' ||
4766 ' OR ( grants.grantee_type = ''COMPANY'' '||
4767 ' AND grants.grantee_key in '||
4768 ' ( '|| l_company_info || ')) ' ||
4769 ' OR (grants.grantee_type = ''GLOBAL'' AND grants.grantee_key in (''HZ_GLOBAL:-1000'', ''GLOBAL'') )))';
4770 else
4771 l_aggregate_predicate := l_aggregate_predicate ||
4772 ' SELECT INSTANCE_PK1_VALUE' ||
4773 ' FROM fnd_grants grants, ' ||
4774 ' fnd_form_functions functions, ' ||
4775 ' fnd_menu_entries cmf ' ||
4776 ' WHERE grants.start_date <= sysdate ' ||
4777 ' AND NVL(grants.end_date,SYSDATE) >= SYSDATE ' ||
4778 ' AND grants.instance_type= ''INSTANCE'' ' ||
4779 ' AND cmf.function_id = functions.function_id ' ||
4780 ' AND cmf.menu_id = grants.menu_id ' ||
4781 ' AND grants.object_id = ' || l_object_id ||
4782 ' AND functions.function_name = ''' || p_function || '''' ||
4783 ' AND ( ( grants.grantee_type = ''USER'' ' ||
4784 ' AND grants.grantee_key = '''||l_user_name||''')'||
4785 ' OR ( grants.grantee_type = ''GROUP'' '||
4786 ' AND grants.grantee_key in '||
4787 ' ( '|| l_group_info || ')) ' ||
4788 ' OR ( grants.grantee_type = ''COMPANY'' '||
4789 ' AND grants.grantee_key in '||
4790 ' ( '|| l_company_info || ')) ' ||
4791 ' OR (grants.grantee_type = ''GLOBAL'' AND grants.grantee_key in (''HZ_GLOBAL:-1000'', ''GLOBAL'') )))';
4792 end if;
4793 -- R12C Security Predicate
4794 END IF;
4795
4796 -- Step 3.
4797 l_set_predicates:='';
4798 -- R12C Security Changes
4799 /*l_sub_pred_clause:=' UNION ALL ( SELECT to_char(' ||
4800 l_pk_orig_column_names || ') FROM ' ||
4801 l_db_object_name || ' WHERE ';*/
4802 IF (p_object_name = 'EGO_ITEM') THEN
4803 l_sub_pred_clause:=' UNION ALL ( SELECT to_char(' ||
4804 l_pk_orig_column_names || ') FROM ' ||
4805 l_db_object_name || ', ego_item_cat_denorm_hier cathier WHERE item_catalog_group_id = cathier.child_catalog_group_id(+) AND ';
4806 ELSE
4807 l_sub_pred_clause:=' UNION ALL ( SELECT to_char(' ||
4808 l_pk_orig_column_names || ') FROM ' ||
4809 l_db_object_name || ' WHERE ';
4810 END IF;
4811
4812 -- R12C Security Changes
4813 IF(p_append_inst_set_predicate IS NULL) THEN
4814 l_append_inst_set_predicate:='';
4815 ELSE
4816 l_append_inst_set_predicate:=' AND '||p_append_inst_set_predicate;
4817 END IF;
4818
4819 IF(l_instance_set_flag = TRUE) THEN
4820 l_dynamic_sql :=
4821 ' SELECT DISTINCT instance_sets.predicate ' ||
4822 ' FROM fnd_grants grants, fnd_form_functions functions, ' ||
4823 ' fnd_menu_entries cmf, fnd_object_instance_sets instance_sets ' ||
4824 ' WHERE grants.instance_type = :instance_type ' ||
4825 ' AND grants.start_date <= SYSDATE ' ||
4826 ' AND NVL(grants.end_date,SYSDATE) >= SYSDATE ' ||
4827 ' AND cmf.function_id = functions.function_id ' ||
4828 ' AND cmf.menu_id = grants.menu_id ' ||
4829 ' AND grants.instance_set_id = instance_sets.instance_set_id ' ||
4830 ' AND grants.object_id = :object_id ' ||
4831 ' AND functions.function_name = :function ' ||
4832 ' AND ((grants.grantee_type = ''USER'' ' ||
4833 ' AND grants.grantee_key = :grantee_key )' ||
4834 ' OR (grants.grantee_type = ''GROUP'' ' ||
4835 ' AND grants.grantee_key in ( '||l_group_info||' ))' ||
4836 ' OR (grants.grantee_type = ''COMPANY'' ' ||
4837 ' AND grants.grantee_key in ( '||l_company_info||' ))' ||
4838 ' OR (grants.grantee_type = ''GLOBAL'' ' ||
4839 ' AND grants.grantee_key in (''HZ_GLOBAL:-1000'', ''GLOBAL''))) ';
4840
4841 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
4842 ,p_module => l_api_name
4843 ,p_message => 'Binds for instance_set_grants_c '||
4844 ' G_TYPE_SET: '||G_TYPE_SET||
4845 ' - l_parent_object_id: '||l_object_id||
4846 ' - p_function: '||p_function||
4847 ' - l_user_name: '||l_user_name
4848 );
4849
4850 OPEN instance_set_grants_c FOR l_dynamic_sql
4851 USING IN G_TYPE_SET,
4852 IN l_object_id,
4853 IN p_function,
4854 IN l_user_name;
4855 LOOP
4856 FETCH instance_set_grants_c into l_set_predicate;
4857 EXIT WHEN instance_set_grants_c%NOTFOUND;
4858 l_set_predicates := l_set_predicates ||l_sub_pred_clause||
4859 l_set_predicate ||
4860 l_append_inst_set_predicate||')';
4861 END LOOP;
4862 CLOSE instance_set_grants_c;
4863 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
4864 ,p_module => l_api_name
4865 ,p_message => 'l_set_predicates: '||l_set_predicates
4866 );
4867
4868 IF( length(l_set_predicates ) >0) THEN
4869 -- strip off the trailing 'OR '
4870 IF(length(l_aggregate_predicate) >0 ) THEN
4871 -- strip off the trailing ')'
4872 l_aggregate_predicate := substr(l_aggregate_predicate, 1,
4873 length(l_aggregate_predicate) - length(')'));
4874 l_aggregate_predicate := substrb(
4875 l_aggregate_predicate ||
4876 l_set_predicates || ')', 1, g_pred_buf_size);
4877 ELSE
4878 l_aggregate_predicate:= l_set_predicates;
4879 END IF;
4880 END IF;
4881 END IF;
4882
4883 x_predicate :=l_aggregate_predicate;
4884
4885 if ( (lengthb(l_aggregate_predicate) > g_vpd_buf_limit)
4886 AND (p_statement_type = 'BASE'))then
4887 FND_MESSAGE.SET_NAME('FND', 'GENERIC-INTERNAL ERROR');
4888 FND_MESSAGE.SET_TOKEN('ROUTINE','EGO_DATA_SECURITY.GET_SECURITY_PREDICATE');
4889 FND_MESSAGE.SET_TOKEN('REASON',
4890 'The predicate was longer than the database VPD limit of '||
4891 to_char(g_vpd_buf_limit)||' bytes for the predicate. ');
4892 x_return_status := 'L'; /* Indicate Error */
4893 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
4894 ,p_module => l_api_name
4895 ,p_message => 'Returning Status: '||x_return_status||' as predicate size is more'
4896 );
4897 end if;
4898
4899 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
4900 ,p_module => l_api_name
4901 ,p_message => 'Returning Status: '||x_return_status
4902 );
4903 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
4904 ,p_module => l_api_name
4905 ,p_message => 'Returning Predicate: '||x_predicate
4906 );
4907
4908 EXCEPTION
4909 WHEN OTHERS THEN
4910 fnd_message.set_name('FND', 'SQL_PLSQL_ERROR');
4911 fnd_message.set_token('ROUTINE',G_PKG_NAME||l_api_name);
4912 fnd_message.set_token('ERRNO', SQLCODE);
4913 fnd_message.set_token('REASON', SQLERRM);
4914 x_return_status := G_RETURN_UNEXP_ERR;
4915 code_debug (p_log_level => G_DEBUG_LEVEL_EXCEPTION
4916 ,p_module => l_api_name
4917 ,p_message => 'Returning EXCEPTION '||SQLERRM
4918 );
4919 return;
4920 END get_sec_predicate_with_clause;
4921
4922 --------------------------------------------------------
4923 ---- get_inherited_predicate
4924 --------------------------------------------------------
4925 PROCEDURE get_inherited_predicate
4926 (
4927 p_api_version IN NUMBER,
4928 p_function IN VARCHAR2 default null,
4929 p_object_name IN VARCHAR2,
4930 p_grant_instance_type IN VARCHAR2 DEFAULT 'UNIVERSAL',/* SET, INSTANCE*/
4931 p_user_name IN VARCHAR2 default null,
4932 /* statement_type: 'OTHER', 'BASE'=VPD, 'EXISTS'= to check existence*/
4933 p_statement_type IN VARCHAR2 DEFAULT 'OTHER',
4934 p_pk1_alias IN VARCHAR2 DEFAULT NULL,
4935 p_pk2_alias IN VARCHAR2 DEFAULT NULL,
4936 p_pk3_alias IN VARCHAR2 DEFAULT NULL,
4937 p_pk4_alias IN VARCHAR2 DEFAULT NULL,
4938 p_pk5_alias IN VARCHAR2 DEFAULT NULL,
4939 p_object_type IN VARCHAR2 default null,
4940 p_parent_object_tbl IN EGO_VARCHAR_TBL_TYPE,
4941 p_relationship_sql_tbl IN EGO_VARCHAR_TBL_TYPE,
4942 p_parent_obj_alias_tbl IN EGO_VARCHAR_TBL_TYPE,
4943 x_predicate OUT NOCOPY varchar2,
4944 x_return_status OUT NOCOPY varchar2
4945 )
4946 IS
4947 BEGIN
4948 --null;
4949
4950 EGO_DATA_SECURITY.get_inherited_predicate
4951 (
4952 p_api_version => p_api_version,
4953 p_function => p_function,
4954 p_object_name => p_object_name,
4955 p_grant_instance_type => p_grant_instance_type,
4956 p_user_name => p_user_name,
4957 p_statement_type => p_statement_type,
4958 p_pk1_alias => p_pk1_alias,
4959 p_pk2_alias => p_pk2_alias,
4960 p_pk3_alias => p_pk3_alias,
4961 p_pk4_alias => p_pk4_alias,
4962 p_pk5_alias => p_pk5_alias,
4963 p_object_type => p_object_type,
4964 p_parent_object_tbl => p_parent_object_tbl,
4965 p_relationship_sql_tbl => p_relationship_sql_tbl,
4966 p_parent_obj_pk1alias_tbl => p_parent_obj_alias_tbl,
4967 p_parent_obj_pk2alias_tbl => null,
4968 x_predicate => x_predicate,
4969 x_return_status => x_return_status
4970 );
4971
4972 END get_inherited_predicate;
4973
4974 --------------------------------------------------------
4975 ---- get_inherited_predicate
4976 --------------------------------------------------------
4977 PROCEDURE get_inherited_predicate
4978 (
4979 p_api_version IN NUMBER,
4980 p_function IN VARCHAR2 default null,
4981 p_object_name IN VARCHAR2,
4982 p_grant_instance_type IN VARCHAR2 DEFAULT 'UNIVERSAL',/* SET, INSTANCE*/
4983 p_user_name IN VARCHAR2 default null,
4984 /* statement_type: 'OTHER', 'BASE'=VPD, 'EXISTS'= to check existence*/
4985 p_statement_type IN VARCHAR2 DEFAULT 'OTHER',
4986 p_pk1_alias IN VARCHAR2 DEFAULT NULL,
4987 p_pk2_alias IN VARCHAR2 DEFAULT NULL,
4988 p_pk3_alias IN VARCHAR2 DEFAULT NULL,
4989 p_pk4_alias IN VARCHAR2 DEFAULT NULL,
4990 p_pk5_alias IN VARCHAR2 DEFAULT NULL,
4991 p_object_type IN VARCHAR2 default null,
4992 p_parent_object_tbl IN EGO_VARCHAR_TBL_TYPE,
4993 p_relationship_sql_tbl IN EGO_VARCHAR_TBL_TYPE,
4994 p_parent_obj_pk1alias_tbl IN EGO_VARCHAR_TBL_TYPE,
4995 p_parent_obj_pk2alias_tbl IN EGO_VARCHAR_TBL_TYPE,
4996 x_predicate OUT NOCOPY varchar2,
4997 x_return_status OUT NOCOPY varchar2
4998 ) IS
4999 l_clob_predicate CLOB;
5000 BEGIN
5001
5002 EGO_DATA_SECURITY.get_inherited_predicate
5003 (
5004 p_api_version => p_api_version,
5005 p_function => p_function,
5006 p_object_name => p_object_name,
5007 p_grant_instance_type => p_grant_instance_type,
5008 p_user_name => p_user_name,
5009 p_statement_type => p_statement_type,
5010 p_pk1_alias => p_pk1_alias,
5011 p_pk2_alias => p_pk2_alias,
5012 p_pk3_alias => p_pk3_alias,
5013 p_pk4_alias => p_pk4_alias,
5014 p_pk5_alias => p_pk5_alias,
5015 p_object_type => p_object_type,
5016 p_parent_object_tbl => p_parent_object_tbl,
5017 p_relationship_sql_tbl => p_relationship_sql_tbl,
5018 p_parent_obj_pk1alias_tbl => p_parent_obj_pk1alias_tbl,
5019 p_parent_obj_pk2alias_tbl => p_parent_obj_pk2alias_tbl,
5020 x_predicate => x_predicate,
5021 x_clob_predicate => l_clob_predicate,
5022 x_return_status => x_return_status
5023 );
5024
5025 END;
5026
5027 --------------------------------------------------------
5028 ---- get_inherited_predicate
5029 --------------------------------------------------------
5030 PROCEDURE get_inherited_predicate
5031 (
5032 p_api_version IN NUMBER,
5033 p_function IN VARCHAR2 default null,
5034 p_object_name IN VARCHAR2,
5035 p_grant_instance_type IN VARCHAR2 DEFAULT 'UNIVERSAL',/* SET, INSTANCE*/
5036 p_user_name IN VARCHAR2 default null,
5037 /* statement_type: 'OTHER', 'BASE'=VPD, 'EXISTS'= to check existence*/
5038 p_statement_type IN VARCHAR2 DEFAULT 'OTHER',
5039 p_pk1_alias IN VARCHAR2 DEFAULT NULL,
5040 p_pk2_alias IN VARCHAR2 DEFAULT NULL,
5041 p_pk3_alias IN VARCHAR2 DEFAULT NULL,
5042 p_pk4_alias IN VARCHAR2 DEFAULT NULL,
5043 p_pk5_alias IN VARCHAR2 DEFAULT NULL,
5044 p_object_type IN VARCHAR2 default null,
5045 p_parent_object_tbl IN EGO_VARCHAR_TBL_TYPE,
5046 p_relationship_sql_tbl IN EGO_VARCHAR_TBL_TYPE,
5047 p_parent_obj_pk1alias_tbl IN EGO_VARCHAR_TBL_TYPE,
5048 p_parent_obj_pk2alias_tbl IN EGO_VARCHAR_TBL_TYPE,
5049 x_predicate OUT NOCOPY varchar2,
5050 x_clob_predicate OUT NOCOPY CLOB, --gnanda:Added for Bug 4756970.
5051 x_return_status OUT NOCOPY varchar2
5052 ) IS
5053 l_api_name CONSTANT VARCHAR2(30) := 'GET_INHERITED_PREDICATE';
5054
5055 -- On addition of any Required parameters the major version needs
5056 -- to change i.e. for eg. 1.X to 2.X.
5057 -- On addition of any Optional parameters the minor version needs
5058 -- to change i.e. for eg. X.6 to X.7.
5059 l_api_version CONSTANT NUMBER := 1.0;
5060 l_sysdate DATE := Sysdate;
5061 l_aggregate_predicate VARCHAR2(32767); /* Must match g_pred_buf_size*/
5062 l_instance_flag BOOLEAN DEFAULT TRUE;
5063 l_instance_set_flag BOOLEAN DEFAULT TRUE;
5064 l_set_predicates VARCHAR2(32767); /* Must match g_pred_buf_size*/
5065 l_db_object_name VARCHAR2(30);
5066 l_db_pk1_column VARCHAR2(61);
5067 l_db_pk2_column VARCHAR2(61);
5068 l_db_pk3_column VARCHAR2(61);
5069 l_db_pk4_column VARCHAR2(61);
5070 l_db_pk5_column VARCHAR2(61);
5071
5072 l_orig_pk5_column VARCHAR2(61);
5073 l_pk_column_names VARCHAR2(512);
5074 l_pk_orig_column_names VARCHAR2(512);
5075 l_type_converted_val_cols VARCHAR2(512);
5076 l_user_name VARCHAR2(80);
5077 -- l_orig_system VARCHAR2(48);
5078 l_orig_system_id NUMBER;
5079 l_parent_object_table_count NUMBER;
5080 l_table_index NUMBER;
5081 l_parent_predicate VARCHAR2(32767); /* Must match g_pred_buf_size*/
5082 l_parent_object_id NUMBER;
5083 l_group_info VARCHAR2(32767); /* Must match g_pred_buf_size*/
5084 l_company_info VARCHAR2(32767); /* Must match g_pred_buf_size*/
5085 l_parent_role_info VARCHAR2(32767); /* Must match g_pred_buf_size*/
5086 l_child_role VARCHAR2(32767);
5087 l_profile_role VARCHAR2(32767);
5088 l_pk_alias_index NUMBER;
5089
5090 l_pk_orig_column_names_t VARCHAR2(513);
5091 l_orig_pk_column VARCHAR2(61);
5092
5093 l_one_set_predicate VARCHAR2(32767);
5094 l_sub_pred_clause VARCHAR2(32767);
5095 instance_set_grants_c DYNAMIC_CUR;
5096 l_dynamic_sql_1 VARCHAR2(32767);
5097
5098 parent_instance_set_grants_c DYNAMIC_CUR;
5099 l_dynamic_sql_2 VARCHAR2(32767);
5100
5101 l_profile_optionFound BOOLEAN DEFAULT FALSE;
5102 l_prof_privilege_tbl EGO_VARCHAR_TBL_TYPE;
5103
5104 l_parent_object_name VARCHAR2(100);
5105
5106 CURSOR parent_instance_set_grants_c2 (
5107 cp_user_name varchar2,
5108 cp_parent_object_id VARCHAR2,
5109 cp_group_info VARCHAR2,
5110 cp_company_info VARCHAR2,
5111 cp_function VARCHAR2,
5112 cp_object_id VARCHAR2
5113 )
5114 IS
5115 SELECT DISTINCT instance_sets.predicate
5116 FROM fnd_grants grants,
5117 fnd_object_instance_sets instance_sets
5118 WHERE grants.instance_type = 'SET'
5119 AND grants.start_date <= SYSDATE
5120 AND ( grants.end_date IS NULL
5121 OR grants.end_date >= SYSDATE )
5122 AND grants.instance_set_id = instance_sets.instance_set_id
5123 AND grants.object_id = cp_parent_object_id
5124 AND ( grants.menu_id in
5125 ( SELECT p.parent_role_id
5126 FROM fnd_menu_entries r, fnd_form_functions f,
5127 fnd_menus m, ego_obj_role_mappings p
5128 WHERE r.function_id = f.function_id
5129 AND r.menu_id = m.menu_id
5130 AND f.function_name = cp_function
5131 AND m.menu_id = p.child_role_id
5132 AND p.child_object_id = cp_object_id
5133 AND P.parent_object_id = cp_parent_object_id ))
5134 AND ( ( grants.grantee_type = 'USER'
5135 AND grants.grantee_key = cp_user_name)
5136 OR ( grants.grantee_type = 'GROUP'
5137 AND grants.grantee_key in
5138 ( cp_group_info ))
5139 OR ( grants.grantee_type = 'COMPANY'
5140 AND grants.grantee_key in
5141 ( cp_company_info ))
5142 OR (grants.grantee_type = 'GLOBAL'
5143 AND grants.grantee_key in ('HZ_GLOBAL:-1000', 'GLOBAL') ));
5144
5145 CURSOR parent_role_c (
5146 cp_function VARCHAR2,
5147 cp_object_id VARCHAR2,
5148 cp_parent_object_id VARCHAR2,
5149 cp_object_type VARCHAR2
5150 )
5151 IS
5152 SELECT DISTINCT p.parent_role_id
5153 FROM fnd_menu_entries r, fnd_form_functions f,
5154 fnd_menus m, ego_obj_role_mappings p
5155 WHERE r.function_id = f.function_id
5156 AND r.menu_id = m.menu_id
5157 AND f.function_name = cp_function
5158 AND m.menu_id = p.child_role_id
5159 AND p.child_object_id = cp_object_id
5160 AND P.parent_object_id = cp_parent_object_id
5161 AND p.child_object_type = cp_object_type;
5162
5163 CURSOR parent_role_c2 (
5164 cp_function VARCHAR2,
5165 cp_object_id VARCHAR2,
5166 cp_parent_object_id VARCHAR2
5167 )
5168 IS
5169 SELECT DISTINCT p.parent_role_id
5170 FROM fnd_menu_entries r, fnd_form_functions f,
5171 fnd_menus m, ego_obj_role_mappings p
5172 WHERE r.function_id = f.function_id
5173 AND r.menu_id = m.menu_id
5174 AND f.function_name = cp_function
5175 AND m.menu_id = p.child_role_id
5176 AND p.child_object_id = cp_object_id
5177 AND P.parent_object_id = cp_parent_object_id;
5178
5179 CURSOR mapped_role_c (cp_parent_role VARCHAR2,
5180 cp_parent_object_id VARCHAR2,
5181 cp_child_object_id VARCHAR2,
5182 cp_child_object_type VARCHAR2
5183 )
5184 IS
5185 select cm.menu_name from
5186 fnd_menus m, ego_obj_role_mappings r, fnd_menus cm
5187 where r.parent_role_id = m.menu_id and
5188 m.menu_name = cp_parent_role
5189 and r.parent_object_id = cp_parent_object_id
5190 and r.child_object_id = cp_child_object_id
5191 and r.child_object_type = cp_child_object_type
5192 and cm.MENU_ID = r.CHILD_ROLE_ID;
5193
5194 l_object_id number;
5195 BEGIN
5196 SetGlobals();
5197
5198 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
5199 ,p_module => l_api_name
5200 ,p_message => 'Started with 19 params '||
5201 ' p_api_version: '|| to_char(p_api_version) ||
5202 ' - p_function: '|| p_function ||
5203 ' - p_object_name: '|| p_object_name ||
5204 ' - p_grant_instance_type: '|| p_grant_instance_type ||
5205 ' - p_user_name: '|| p_user_name ||
5206 ' - p_statement_type: '|| p_statement_type ||
5207 ' - p_pk1_alias: '|| p_pk1_alias ||
5208 ' - p_pk2_alias: '|| p_pk2_alias ||
5209 ' - p_pk3_alias: '|| p_pk3_alias ||
5210 ' - p_pk4_alias: '|| p_pk4_alias ||
5211 ' - p_pk5_alias: '|| p_pk5_alias ||
5212 ' - p_object_type: '|| p_object_type
5213 );
5214 IF (p_parent_object_tbl.COUNT > 0) THEN
5215 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
5216 ,p_module => l_api_name
5217 ,p_message => 'Values from p_parent_object_tbl '
5218 );
5219 FOR i IN p_parent_object_tbl.first .. p_parent_object_tbl.last LOOP
5220 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
5221 ,p_module => l_api_name
5222 ,p_message => 'Value at '||i||' = '||p_parent_object_tbl(i)
5223 );
5224 END LOOP;
5225 ELSE
5226 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
5227 ,p_module => l_api_name
5228 ,p_message => 'No Values from p_parent_object_tbl '
5229 );
5230 END IF;
5231
5232 IF (p_relationship_sql_tbl.COUNT > 0) THEN
5233 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
5234 ,p_module => l_api_name
5235 ,p_message => 'Values from p_relationship_sql_tbl '
5236 );
5237 FOR i IN p_relationship_sql_tbl.first .. p_relationship_sql_tbl.last LOOP
5238 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
5239 ,p_module => l_api_name
5240 ,p_message => 'Value at '||i||' = '||p_relationship_sql_tbl(i)
5241 );
5242 END LOOP;
5243 ELSE
5244 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
5245 ,p_module => l_api_name
5246 ,p_message => 'No Values from p_relationship_sql_tbl '
5247 );
5248 END IF;
5249
5250 IF (p_parent_obj_pk1alias_tbl.COUNT > 0) THEN
5251 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
5252 ,p_module => l_api_name
5253 ,p_message => 'Values from p_parent_obj_pk1alias_tbl '
5254 );
5255 FOR i IN p_parent_obj_pk1alias_tbl.first .. p_parent_obj_pk1alias_tbl.last LOOP
5256 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
5257 ,p_module => l_api_name
5258 ,p_message => 'Value at '||i||' = '||p_parent_obj_pk1alias_tbl(i)
5259 );
5260 END LOOP;
5261 ELSE
5262 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
5263 ,p_module => l_api_name
5264 ,p_message => 'No Values from p_parent_obj_pk1alias_tbl '
5265 );
5266 END IF;
5267
5268 IF (p_parent_obj_pk2alias_tbl.COUNT > 0) THEN
5269 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
5270 ,p_module => l_api_name
5271 ,p_message => 'Values from p_parent_obj_pk2alias_tbl '
5272 );
5273 FOR i IN p_parent_obj_pk2alias_tbl.first .. p_parent_obj_pk2alias_tbl.last LOOP
5274 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
5275 ,p_module => l_api_name
5276 ,p_message => 'Value at '||i||' = '||p_parent_obj_pk2alias_tbl(i)
5277 );
5278 END LOOP;
5279 ELSE
5280 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
5281 ,p_module => l_api_name
5282 ,p_message => 'No Values from p_parent_obj_pk2alias_tbl '
5283 );
5284 END IF;
5285
5286 -- check for call compatibility.
5287 if TRUNC(l_api_version) <> TRUNC(p_api_version) THEN
5288 fnd_message.set_name('FND', 'GENERIC-INTERNAL ERROR');
5289 fnd_message.set_token('ROUTINE',
5290 g_pkg_name || '.'|| l_api_name);
5291 fnd_message.set_token('REASON',
5292 'Unsupported version '|| to_char(p_api_version)||
5293 ' passed to API; expecting version '||
5294 to_char(l_api_version));
5295 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
5296 ,p_module => l_api_name
5297 ,p_message => 'Returning as the call in incompatible '
5298 );
5299 x_return_status := G_RETURN_UNEXP_ERR; /* Unexpected Error */
5300 return;
5301 END IF;
5302
5303 -- Check to make sure we're not using unsupported statement_type
5304 if ((p_statement_type <> 'BASE') and (p_statement_type <> 'OTHER')
5305 AND (p_statement_type <> 'EXISTS')) then
5306 fnd_message.set_name('FND', 'GENERIC-INTERNAL ERROR');
5307 fnd_message.set_token('ROUTINE',
5308 g_pkg_name || '.'|| l_api_name);
5309 fnd_message.set_token('REASON',
5310 'Unsupported p_statement_type: '|| p_statement_type);
5311 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
5312 ,p_module => l_api_name
5313 ,p_message => 'Returning as statement type is not supported'
5314 );
5315 x_return_status := G_RETURN_UNEXP_ERR; /* Unexpected Error */
5316 return;
5317 end if;
5318
5319 /* ### We haven't yet added support for NULL (all) function in arg. */
5320 /* ### Add that support since it is in the API. */
5321 if (p_function is NULL) then
5322 fnd_message.set_name('FND', 'GENERIC-INTERNAL ERROR');
5323 fnd_message.set_token('ROUTINE',
5324 g_pkg_name || '.'|| l_api_name);
5325 fnd_message.set_token('REASON',
5326 'Support has not yet been added for passing NULL function.');
5327 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
5328 ,p_module => l_api_name
5329 ,p_message => 'Returning as mand parameter Function is not available '
5330 );
5331 x_return_status := G_RETURN_UNEXP_ERR; /* Unexpected Error */
5332 return;
5333 end if;
5334
5335 -- Check to make sure we're not using unsupported modes
5336 if ((p_grant_instance_type = 'SET')
5337 AND((p_pk1_alias is not NULL)
5338 OR (p_pk2_alias is not NULL)
5339 OR (p_pk3_alias is not NULL)
5340 OR (p_pk4_alias is not NULL)
5341 OR (p_pk5_alias is not NULL))) then
5342
5343 fnd_message.set_name('FND', 'GENERIC-INTERNAL ERROR');
5344 fnd_message.set_token('ROUTINE',
5345 g_pkg_name || '.'|| l_api_name);
5346 fnd_message.set_token('REASON',
5347 'Unsupported mode arguments: '||
5348 'p_statement_type = BASE or p_grant_instance_type = SET.');
5349 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
5350 ,p_module => l_api_name
5351 ,p_message => 'Returning as incompatible combination for p_grant_instance_type = SET '
5352 );
5353 x_return_status := G_RETURN_UNEXP_ERR; /* Unexpected Error */
5354 return;
5355 end if;
5356
5357 /* We don't currently support BASE mode; we will have to change to */
5358 /* a pure OR statement when VPD becomes important. */
5359 if (p_statement_type = 'BASE') then
5360 fnd_message.set_name('FND', 'GENERIC-INTERNAL ERROR');
5361 fnd_message.set_token('ROUTINE',
5362 g_pkg_name || '.'|| l_api_name);
5363 fnd_message.set_token('REASON',
5364 'Support has not yet been added for '||
5365 'p_statement_type = BASE.');
5366 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
5367 ,p_module => l_api_name
5368 ,p_message => 'Returning as incompatible statement_type = BASE '
5369 );
5370 x_return_status := G_RETURN_UNEXP_ERR; /* Unexpected Error */
5371 return;
5372 end if;
5373
5374 x_return_status := G_RETURN_SUCCESS; /* Assume Success */
5375 l_user_name := p_user_name;
5376 get_orig_key(x_user_name => l_user_name
5377 -- ,x_orig_system => l_orig_system
5378 ,x_orig_system_id => l_orig_system_id);
5379 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
5380 ,p_module => l_api_name
5381 ,p_message => 'l_user_name: '||l_user_name||
5382 -- ' - l_orig_system: '||l_orig_system||
5383 ' - l_orig_system_id: '||l_orig_system_id
5384 );
5385 -----------------------------------------------------------------------------------
5386 --First we see if a profile option is set and if function exists --
5387 -- if so we return and empty predicate here itself without doing further query --
5388 -----------------------------------------------------------------------------------
5389
5390 getPrivilege_for_profileOption(p_api_version => p_api_version,
5391 p_object_name => p_object_name,
5392 p_user_name => l_user_name,
5393 x_privilege_tbl => l_prof_privilege_tbl,
5394 x_return_status => x_return_status);
5395
5396 If (X_Return_Status = G_RETURN_SUCCESS) Then
5397 If (l_prof_privilege_tbl.Count > 0) Then
5398 For I In l_prof_privilege_tbl.First .. l_prof_privilege_tbl.Last Loop
5399 If (l_prof_privilege_tbl(I) = p_function) Then
5400 X_predicate := '';
5401 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
5402 ,p_module => l_api_name
5403 ,p_message => 'No need for predicate as user has privilege through profile '
5404 );
5405 return;
5406 End If; --If Function Match, Returning Empty Predicate
5407 End Loop;
5408 End If; -- X_Prof_Privilege_Tbl >0
5409 End If; --Return Status Is T
5410
5411 -- Step 1.
5412 -- check whether there is any grant for this use for any role that
5413 -- includes the given privilege
5414
5415 IF (p_grant_instance_type = G_TYPE_INSTANCE) THEN
5416 l_instance_set_flag:= FALSE;
5417 ELSIF (p_grant_instance_type = G_TYPE_SET) THEN
5418 l_instance_flag:= FALSE;
5419 END IF;
5420
5421 x_return_status := get_pk_information(p_object_name ,
5422 l_db_pk1_column ,
5423 l_db_pk2_column ,
5424 l_db_pk3_column ,
5425 l_db_pk4_column ,
5426 l_db_pk5_column ,
5427 l_pk_column_names ,
5428 l_type_converted_val_cols ,
5429 l_pk_orig_column_names,
5430 l_db_object_name,
5431 p_pk1_alias,
5432 p_pk2_alias,
5433 p_pk3_alias,
5434 p_pk4_alias,
5435 p_pk5_alias );
5436 if (x_return_status <> G_RETURN_SUCCESS) then
5437 /* There will be a message on the msg dict stack. */
5438 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
5439 ,p_module => l_api_name
5440 ,p_message => 'Returning FALSE as pk values are not correct'
5441 );
5442 return; /* We will return the x_return_status as out param */
5443 end if;
5444
5445 l_object_id :=get_object_id(p_object_name => p_object_name );
5446 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
5447 ,p_module => l_api_name
5448 ,p_message => 'l_object_id: '||l_object_id
5449 );
5450 l_group_info := get_group_info(p_party_id => l_orig_system_id);
5451 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
5452 ,p_module => l_api_name
5453 ,p_message => 'l_group_info: '||l_group_info
5454 );
5455 l_company_info := get_company_info (p_party_id => l_orig_system_id);
5456 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
5457 ,p_module => l_api_name
5458 ,p_message => 'l_company_info: '||l_company_info
5459 );
5460
5461 -- Step 2.
5462 l_aggregate_predicate := '';
5463 IF(l_instance_flag = TRUE) THEN
5464 if (p_statement_type = 'EXISTS') then
5465 l_aggregate_predicate := 'EXISTS (';
5466 else
5467 l_aggregate_predicate := l_pk_column_names || ' IN (';
5468 end if;
5469 l_aggregate_predicate :=
5470 l_aggregate_predicate ||
5471 ' SELECT '||l_type_converted_val_cols ||
5472 ' FROM fnd_grants grants, ' ||
5473 ' fnd_form_functions functions, ' ||
5474 ' fnd_menu_entries cmf ';
5475
5476 if (p_statement_type = 'EXISTS') then
5477 -- R12C Security Changes
5478 /* l_aggregate_predicate := l_aggregate_predicate ||
5479 ' WHERE grants.INSTANCE_PK1_VALUE=to_char('||p_pk1_alias||')'||
5480 ' AND grants.start_date <= sysdate '; */
5481 if (p_object_name = 'EGO_CATALOG_GROUP') THEN
5482 l_aggregate_predicate := l_aggregate_predicate || ' , ego_item_cat_denorm_hier cathier ' ||
5483 ' WHERE grants.INSTANCE_PK1_VALUE = to_char(cathier.parent_catalog_group_id)' ||
5484 ' AND cathier.child_catalog_group_id = to_char('||p_pk1_alias||')' ||
5485 ' AND grants.start_date <= sysdate ';
5486 else
5487 l_aggregate_predicate := l_aggregate_predicate ||
5488 ' WHERE grants.INSTANCE_PK1_VALUE=to_char('||p_pk1_alias||')'||
5489 ' AND grants.start_date <= sysdate ';
5490 end if;
5491 -- R12C Security Changes
5492 else
5493 l_aggregate_predicate := l_aggregate_predicate ||
5494 ' WHERE grants.start_date <= sysdate ';
5495 end if;
5496
5497 l_aggregate_predicate := l_aggregate_predicate ||
5498 ' AND ( grants.end_date IS NULL ' ||
5499 ' OR grants.end_date >= sysdate ) ' ||
5500 ' AND grants.instance_type= ''INSTANCE'' ' ||
5501 ' AND cmf.function_id = functions.function_id ' ||
5502 ' AND cmf.menu_id = grants.menu_id ' ||
5503 ' AND grants.object_id = ' || l_object_id ||
5504 ' AND functions.function_name = ''' || p_function || '''' ||
5505 ' AND ( ( grants.grantee_type = ''USER'' ' ||
5506 ' AND grants.grantee_key = '''||l_user_name||''')'||
5507 ' OR ( grants.grantee_type = ''GROUP'' '||
5508 ' AND grants.grantee_key in '||
5509 ' ( '|| l_group_info || ')) ' ||
5510 ' OR ( grants.grantee_type = ''COMPANY'' '||
5511 ' AND grants.grantee_key in '||
5512 ' ( '|| l_company_info || ')) ' ||
5513 ' OR (grants.grantee_type = ''GLOBAL'' AND grants.grantee_key in (''HZ_GLOBAL:-1000'', ''GLOBAL'') )))';
5514 END IF;
5515
5516 -- Step 3.
5517 l_set_predicates:='';
5518 l_sub_pred_clause:= ' UNION ALL ( SELECT '
5519 ||l_pk_orig_column_names || ' FROM ' ||
5520 l_db_object_name ||
5521 ' WHERE ' || l_pk_orig_column_names||'='||p_pk1_alias ||
5522 ' and ';
5523
5524 IF(l_instance_set_flag = TRUE) THEN
5525 l_dynamic_sql_1 :=
5526 ' SELECT DISTINCT instance_sets.predicate ' ||
5527 ' FROM fnd_grants grants, fnd_form_functions functions, ' ||
5528 ' fnd_menu_entries cmf, fnd_object_instance_sets instance_sets ' ||
5529 ' WHERE grants.instance_type = :instance_type ' ||
5530 ' AND grants.start_date <= SYSDATE ' ||
5531 ' AND NVL(grants.end_date,SYSDATE) >= SYSDATE ' ||
5532 ' AND cmf.function_id = functions.function_id ' ||
5533 ' AND cmf.menu_id = grants.menu_id ' ||
5534 ' AND grants.instance_set_id = instance_sets.instance_set_id ' ||
5535 ' AND grants.object_id = :object_id ' ||
5536 ' AND functions.function_name = :function ' ||
5537 ' AND ((grants.grantee_type = ''USER'' ' ||
5538 ' AND grants.grantee_key = :grantee_key )' ||
5539 ' OR (grants.grantee_type = ''GROUP'' ' ||
5540 ' AND grants.grantee_key in ( '||l_group_info||' ))' ||
5541 ' OR (grants.grantee_type = ''COMPANY'' ' ||
5542 ' AND grants.grantee_key in ( '||l_company_info||' ))' ||
5543 ' OR (grants.grantee_type = ''GLOBAL'' ' ||
5544 ' AND grants.grantee_key in (''HZ_GLOBAL:-1000'', ''GLOBAL''))) ';
5545 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
5546 ,p_module => l_api_name
5547 ,p_message => 'Binds for instance_set_grants_c '||
5548 ' G_TYPE_SET: '||G_TYPE_SET||
5549 ' - l_parent_object_id: '||l_object_id||
5550 ' - p_function: '||p_function||
5551 ' - l_user_name: '||l_user_name
5552 );
5553
5554 OPEN instance_set_grants_c FOR l_dynamic_sql_1
5555 USING IN G_TYPE_SET,
5556 IN l_object_id,
5557 IN p_function,
5558 IN l_user_name;
5559 LOOP
5560 FETCH instance_set_grants_c INTO l_one_set_predicate;
5561 EXIT WHEN instance_set_grants_c%NOTFOUND;
5562 l_set_predicates := l_set_predicates ||
5563 l_sub_pred_clause ||
5564 l_one_set_predicate ||')';
5565 END LOOP;
5566 CLOSE instance_set_grants_c;
5567
5568 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
5569 ,p_module => l_api_name
5570 ,p_message => 'l_set_predicates: '||l_set_predicates
5571 );
5572 IF( length(l_set_predicates ) >0) THEN
5573 IF(length(l_aggregate_predicate) >0 ) THEN
5574 -- strip off the trailing ')'
5575 l_aggregate_predicate := substr(l_aggregate_predicate, 1,
5576 length(l_aggregate_predicate) - length(')'));
5577 l_aggregate_predicate := substrb(
5578 l_aggregate_predicate ||
5579 l_set_predicates || ')', 1, g_pred_buf_size);
5580 ELSE
5581 l_aggregate_predicate:= l_set_predicates;
5582 END IF;
5583 END IF;
5584 END IF;
5585
5586 l_dynamic_sql_2 :=
5587 ' SELECT DISTINCT instance_sets.predicate '||
5588 ' FROM fnd_grants grants, '||
5589 ' fnd_object_instance_sets instance_sets,' ||
5590 ' fnd_form_functions F, fnd_menu_entries R, '||
5591 ' fnd_menus M, ego_obj_role_mappings P '||
5592 ' WHERE grants.instance_type = ''SET'' '||
5593 ' AND grants.start_date <= SYSDATE ' ||
5594 ' AND NVL(grants.end_date,SYSDATE) >= SYSDATE '||
5595 ' AND grants.instance_set_id = instance_sets.instance_set_id '||
5596 ' AND instance_sets.object_id = :parent_object_id ' ||
5597 ' AND grants.object_id = :parent_object_id1 ' ||
5598 ' AND grants.menu_id = p.parent_role_id ' ||
5599 ' AND r.function_id = f.function_id '||
5600 ' AND r.menu_id = m.menu_id ' ||
5601 ' AND f.function_name = :function_id '||
5602 ' AND m.menu_id = p.child_role_id ' ||
5603 ' AND p.child_object_id = :child_object_id '||
5604 ' AND p.parent_object_id = :parent_object_id2 '||
5605 ' AND p.child_object_type = :child_object_type ' ||
5606 ' AND ( ( grants.grantee_type = ''USER'' AND ' ||
5607 ' grants.grantee_key = :user_name ) '||
5608 ' OR (grants.grantee_type = ''GROUP'' AND '||
5609 ' grants.grantee_key in ( '||l_group_info||' ))' ||
5610 ' OR (grants.grantee_type = ''COMPANY'' AND '||
5611 ' grants.grantee_key in ( '||l_company_info||' ))' ||
5612 ' OR (grants.grantee_type = ''GLOBAL'' AND '||
5613 ' grants.grantee_key in (''HZ_GLOBAL:-1000'', ''GLOBAL'') ))';
5614
5615 l_aggregate_predicate := substr(l_aggregate_predicate, 1,
5616 length(l_aggregate_predicate) - length(')'));
5617
5618 l_parent_object_table_count := p_parent_object_tbl.COUNT;
5619
5620 FOR l_table_index IN 1..l_parent_object_table_count
5621 LOOP
5622
5623 x_return_status := get_pk_information(p_parent_object_tbl(l_table_index),
5624 l_db_pk1_column ,
5625 l_db_pk2_column ,
5626 l_db_pk3_column ,
5627 l_db_pk4_column ,
5628 l_db_pk5_column ,
5629 l_pk_column_names ,
5630 l_type_converted_val_cols ,
5631 l_pk_orig_column_names,
5632 l_db_object_name);
5633
5634 if (x_return_status <> G_RETURN_SUCCESS) then
5635 /* There will be a message on the msg dict stack. */
5636 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
5637 ,p_module => l_api_name
5638 ,p_message => 'Returning FALSE as pk values are not correct'
5639 );
5640 return; /* We will return the x_return_status as out param */
5641 end if;
5642
5643 l_parent_object_id :=get_object_id(
5644 p_object_name => p_parent_object_tbl(l_table_index)
5645 );
5646
5647 l_parent_object_name := p_parent_object_tbl(l_table_index); -- Bug 6143355
5648
5649
5650 l_parent_predicate := '';
5651 l_parent_predicate := 'UNION ALL( ' || p_relationship_sql_tbl(l_table_index) || '(';
5652 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
5653 ,p_module => l_api_name
5654 ,p_message => 'profile role for '||p_parent_object_tbl(l_table_index)||
5655 ' is: '||l_profile_role
5656 );
5657
5658 -----------------------------------------------------------------------------------
5659 --First we see if a profile option is set and if function exists --
5660 -- if so we return and predicate (select pkColumns from base table --
5661 -- eg: select inventory_item_id, organization_id from mtl_sys_items_b_ext --
5662 -----------------------------------------------------------------------------------
5663 l_profile_role := getRole_mappedTo_profileOption(p_parent_object_tbl(l_table_index), l_user_name);
5664
5665 l_profile_optionFound := FALSE;
5666 FOR mapped_roles_rec IN mapped_role_c (l_profile_role, l_parent_object_id, l_object_id, p_object_type)
5667 LOOP
5668 IF (l_profile_optionFound = FALSE) THEN
5669 l_child_role :=mapped_roles_rec.menu_name;
5670 get_role_functions
5671 (p_api_version => p_api_version
5672 ,p_role_name => l_child_role
5673 ,x_return_status => x_return_status
5674 ,x_privilege_tbl => l_prof_privilege_tbl
5675 );
5676
5677 IF (x_return_status = G_RETURN_SUCCESS) THEN
5678 IF (l_prof_privilege_tbl.COUNT > 0) THEN
5679 FOR i IN l_prof_privilege_tbl.first .. l_prof_privilege_tbl.last LOOP
5680 IF (l_prof_privilege_tbl(i) = p_function) THEN
5681 l_parent_predicate := l_parent_predicate || 'Select ' || l_pk_orig_column_names;
5682 l_parent_predicate := l_parent_predicate || ' FROM ' || l_db_object_name;
5683 l_parent_predicate := l_parent_predicate || ' )';
5684
5685 l_profile_optionFound := TRUE;
5686 END IF; --if function match, returning empty predicate
5687 END LOOP;
5688 END IF; -- x_prof_privilege_tbl >0
5689 END IF; --return status is T
5690 --ELSE
5691 -- how do we come out
5692 END IF; --if profile option is false
5693 END LOOP;
5694 -----------------------------------------------------------------------------------
5695 --END check of profile option --
5696 -----------------------------------------------------------------------------------
5697
5698 IF (l_profile_optionFound = FALSE) THEN
5699 -- start get parent role info
5700 l_parent_role_info := '';
5701 if( p_object_type is null) then
5702 FOR role_rec IN parent_role_c2 (p_function,
5703 l_object_id,
5704 l_parent_object_id)
5705 LOOP
5706 l_parent_role_info := l_parent_role_info ||
5707 role_rec.parent_role_id ||
5708 ' , ';
5709 END LOOP;
5710 else
5711 FOR role_rec IN parent_role_c (p_function,
5712 l_object_id,
5713 l_parent_object_id,
5714 p_object_type )
5715 LOOP
5716 l_parent_role_info := l_parent_role_info ||
5717 role_rec.parent_role_id ||
5718 ' , ';
5719 END LOOP;
5720 end if;
5721
5722 IF( length( l_parent_role_info ) >0) THEN
5723 -- strip off the trailing ', '
5724 l_parent_role_info := substr(l_parent_role_info, 1,
5725 length(l_parent_role_info) - length(', '));
5726 ELSE
5727 l_parent_role_info := 'NULL';
5728 END IF;
5729
5730 -- end get parent role info
5731 -- Step 2.
5732 IF(l_instance_flag = TRUE) THEN
5733 l_parent_predicate :=
5734 l_parent_predicate ||
5735 ' SELECT '||l_type_converted_val_cols ||
5736 ' FROM fnd_grants grants ';
5737
5738 if (p_statement_type = 'EXISTS') then
5739 l_parent_predicate := l_parent_predicate ||
5740 ' WHERE grants.INSTANCE_PK1_VALUE=to_char('|| p_parent_obj_pk1alias_tbl(l_table_index)||')';
5741
5742 --dbms_output.put_line('EGO_DATA_SECURITY: l_table_index ' || l_table_index);
5743
5744 --dbms_output.put_line('EGO_DATA_SECURITY: p_parent_obj_pk2alias_tbl ' || p_parent_obj_pk2alias_tbl(l_table_index));
5745 IF (p_parent_obj_pk2alias_tbl IS NOT NULL AND
5746 p_parent_obj_pk2alias_tbl.exists(l_table_index)) THEN
5747 --dbms_output.put_line('EGO_DATA_SECURITY: p_parent_obj_pk2alias_tbl in if statement');
5748 l_parent_predicate := l_parent_predicate ||
5749 ' AND grants.INSTANCE_PK2_VALUE= to_char('|| p_parent_obj_pk2alias_tbl(l_table_index)||')';
5750 END IF;
5751
5752 l_parent_predicate := l_parent_predicate || ' AND grants.start_date <= sysdate ';
5753
5754 else
5755 l_parent_predicate := l_parent_predicate ||' WHERE grants.start_date <= sysdate ';
5756
5757 end if;
5758
5759 l_parent_predicate := l_parent_predicate ||
5760 ' AND NVL(grants.end_date,SYSDATE) >= SYSDATE ' ||
5761 ' AND grants.instance_type= ''INSTANCE'' ' ||
5762 ' AND grants.object_id = ' || l_parent_object_id ||
5763 ' AND grants.menu_id in ( ' || l_parent_role_info || ') '||
5764 ' AND ( ( grants.grantee_type = ''USER'' AND ' ||
5765 ' grants.grantee_key = '''||l_user_name||''')'||
5766 ' OR ( grants.grantee_type = ''GROUP'' AND '||
5767 ' grants.grantee_key in ( '|| l_group_info || ')) ' ||
5768 ' OR ( grants.grantee_type = ''COMPANY'' AND '||
5769 ' grants.grantee_key in ( '|| l_company_info || ')) ' ||
5770 ' OR (grants.grantee_type = ''GLOBAL'' AND '||
5771 ' grants.grantee_key in (''HZ_GLOBAL:-1000'', ''GLOBAL'') )))';
5772 END IF;
5773
5774 -- Step 3.
5775 l_set_predicates:='';
5776 IF(l_instance_set_flag = TRUE) THEN
5777 if(p_object_type is null) then
5778 FOR instance_set_grants_rec IN parent_instance_set_grants_c2 (l_user_name,
5779 l_parent_object_id,
5780 l_group_info,
5781 l_company_info,
5782 p_function,
5783 l_object_id
5784 )
5785 LOOP
5786 l_set_predicates := substrb( l_set_predicates ||
5787 instance_set_grants_rec.predicate ||
5788 ' OR ',
5789 1, g_pred_buf_size);
5790 END LOOP;
5791 else
5792 OPEN parent_instance_set_grants_c FOR
5793 l_dynamic_sql_2 USING l_parent_object_id,
5794 l_parent_object_id,
5795 p_function,
5796 l_object_id,
5797 l_parent_object_id,
5798 p_object_type,
5799 l_user_name;
5800 LOOP
5801 FETCH parent_instance_set_grants_c INTO l_one_set_predicate;
5802 EXIT WHEN parent_instance_set_grants_c%NOTFOUND;
5803 l_set_predicates := substrb( l_set_predicates ||
5804 l_one_set_predicate ||
5805 ' OR ',
5806 1, g_pred_buf_size);
5807
5808 END LOOP;
5809 CLOSE parent_instance_set_grants_c;
5810
5811 end if;
5812
5813 IF( length(l_set_predicates ) >0) THEN
5814 -- strip off the trailing 'OR '
5815 l_set_predicates := substr(l_set_predicates, 1,
5816 length(l_set_predicates) - length('OR '));
5817
5818
5819 IF(length(l_parent_predicate) >0 ) THEN
5820
5821 -- strip off the trailing ')'
5822 l_parent_predicate := substr(l_parent_predicate, 1,
5823 length(l_parent_predicate) - length(')'));
5824
5825 if (p_statement_type = 'EXISTS') then
5826 l_pk_orig_column_names_t := l_pk_orig_column_names||',';
5827 l_orig_pk_column := SUBSTR(l_pk_orig_column_names_t, 1, INSTR(l_pk_orig_column_names_t,',',1,1)-1);
5828
5829 -- R12C Security Changes
5830 /*l_parent_predicate := substrb(
5831 l_parent_predicate ||
5832 ' UNION ALL ( SELECT ' ||l_pk_orig_column_names ||
5833 ' FROM ' || l_db_object_name ||
5834 ' WHERE ' || l_orig_pk_column || ' = ' || p_parent_obj_pk1alias_tbl(l_table_index)
5835 , 1, g_pred_buf_size); */
5836 IF (l_parent_object_name = 'EGO_ITEM') THEN
5837 l_parent_predicate := substrb(
5838 l_parent_predicate ||
5839 ' UNION ALL ( SELECT ' ||l_pk_orig_column_names ||
5840 ' FROM ' || l_db_object_name || ' , ego_item_cat_denorm_hier cathier '||
5841 ' WHERE item_catalog_group_id = cathier.child_catalog_group_id(+) AND ' || l_orig_pk_column || ' = ' || p_parent_obj_pk1alias_tbl(l_table_index)
5842 , 1, g_pred_buf_size);
5843 ELSE
5844 l_parent_predicate := substrb(
5845 l_parent_predicate ||
5846 ' UNION ALL ( SELECT ' ||l_pk_orig_column_names ||
5847 ' FROM ' || l_db_object_name ||
5848 ' WHERE ' || l_orig_pk_column || ' = ' || p_parent_obj_pk1alias_tbl(l_table_index)
5849 , 1, g_pred_buf_size);
5850 END IF;
5851
5852 -- R12C Security Changes
5853
5854
5855 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
5856 ,p_module => l_api_name
5857 ,p_message => 'Check the predicate' ||
5858 ' l_parent_predicate: ' || l_parent_predicate
5859 );
5860
5861 IF (p_parent_obj_pk2alias_tbl IS NOT NULL AND
5862 p_parent_obj_pk2alias_tbl.exists(l_table_index)) THEN
5863 l_orig_pk_column := SUBSTR(l_pk_orig_column_names_t, INSTR(l_pk_orig_column_names_t,',',1,2-1)+1, INSTR(l_pk_orig_column_names_t,',',1,2)-INSTR(l_pk_orig_column_names_t,',',1,2-1)-1 );
5864 l_parent_predicate := l_parent_predicate || ' AND ' || l_orig_pk_column || '=' || p_parent_obj_pk2alias_tbl(l_table_index);
5865
5866 END IF;
5867
5868 l_parent_predicate := substrb(l_parent_predicate ||
5869 ' AND ( ' ||
5870 l_set_predicates || ' ) ' ||
5871 '))',
5872 1, g_pred_buf_size);
5873
5874 else
5875 l_parent_predicate := substrb(l_parent_predicate ||
5876 ' UNION ALL ( SELECT '
5877 ||l_pk_orig_column_names || ' FROM ' ||
5878 l_db_object_name || ' WHERE '
5879 || l_set_predicates || '))',
5880 1, g_pred_buf_size);
5881
5882 end if;
5883 ELSE
5884 -- won't be here see l_parent_preidcate>0 anyway
5885 l_parent_predicate:= l_set_predicates;
5886
5887 END IF;
5888 END IF;
5889 END IF;
5890 END IF; -- if profile option not found
5891
5892 l_parent_predicate := l_parent_predicate ||')';
5893 l_aggregate_predicate := l_aggregate_predicate || l_parent_predicate;
5894
5895 END LOOP;
5896
5897 --finally
5898 l_aggregate_predicate := l_aggregate_predicate || ' )';
5899
5900 ------ ending new part
5901
5902 x_predicate :=l_aggregate_predicate;
5903 x_clob_predicate := l_aggregate_predicate;
5904
5905 if ( (lengthb(l_aggregate_predicate) > g_vpd_buf_limit)
5906 AND (p_statement_type = 'BASE'))then
5907 FND_MESSAGE.SET_NAME('FND', 'GENERIC-INTERNAL ERROR');
5908 FND_MESSAGE.SET_TOKEN('ROUTINE',
5909 'EGO_DATA_SECURITY.GET_SECURITY_PREDICATE');
5910 FND_MESSAGE.SET_TOKEN('REASON',
5911 'The predicate was longer than the database VPD limit of '||
5912 to_char(g_vpd_buf_limit)||' bytes for the predicate. ');
5913 x_return_status := 'L'; /* Indicate Error */
5914 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
5915 ,p_module => l_api_name
5916 ,p_message => 'Returning Status: '||x_return_status||' as predicate size is more'
5917 );
5918 end if;
5919
5920 EXCEPTION
5921 WHEN OTHERS THEN
5922 fnd_message.set_name('FND', 'SQL_PLSQL_ERROR');
5923 fnd_message.set_token('ROUTINE',G_PKG_NAME||l_api_name);
5924 fnd_message.set_token('ERRNO', SQLCODE);
5925 fnd_message.set_token('REASON', SQLERRM);
5926 x_return_status := G_RETURN_UNEXP_ERR;
5927 code_debug (p_log_level => G_DEBUG_LEVEL_EXCEPTION
5928 ,p_module => l_api_name
5929 ,p_message => 'Returning EXCEPTION '||SQLERRM
5930 );
5931 return;
5932 END get_inherited_predicate;
5933
5934
5935 --------------------------------------------------------
5936 ---- get_instances
5937 --------------------------------------------------------
5938 PROCEDURE get_instances
5939 (
5940 p_api_version IN NUMBER,
5941 p_function IN VARCHAR2 DEFAULT NULL,
5942 p_object_name IN VARCHAR2,
5943 p_user_name IN VARCHAR2 DEFAULT NULL,
5944 x_return_status OUT NOCOPY VARCHAR2,
5945 x_object_key_tbl OUT NOCOPY EGO_INSTANCE_TABLE_TYPE
5946 ) is
5947 l_api_name CONSTANT VARCHAR2(30) := 'GET_INSTANCES';
5948 l_predicate VARCHAR2(32767);
5949 l_dynamic_sql VARCHAR2(32767);
5950 l_db_object_name varchar2(30);
5951 l_db_pk1_column varchar2(30);
5952 l_db_pk2_column varchar2(30);
5953 l_db_pk3_column varchar2(30);
5954 l_db_pk4_column varchar2(30);
5955 l_db_pk5_column varchar2(30);
5956 l_pk_column_names varchar2(512);
5957 l_pk_orig_column_names varchar2(512);
5958 l_type_converted_val_cols varchar2(512);
5959 l_pk1_val varchar2(512);
5960 l_pk2_val varchar2(512);
5961 l_pk3_val varchar2(512);
5962 l_pk4_val varchar2(512);
5963 l_pk5_val varchar2(512);
5964 l_index number;
5965
5966 instances_cur DYNAMIC_CUR;
5967 BEGIN
5968 SetGlobals();
5969 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
5970 ,p_module => l_api_name
5971 ,p_message => 'Started with 6 params '||
5972 ' p_api_version: '|| to_char(p_api_version) ||
5973 ' - p_function: '|| p_function ||
5974 ' - p_object_name: '|| p_object_name ||
5975 ' - p_user_name: '|| p_user_name
5976 );
5977
5978 get_security_predicate(p_api_version => 1.0,
5979 p_function => p_function,
5980 p_object_name => p_object_name,
5981 p_grant_instance_type => G_TYPE_UNIVERSAL,
5982 p_user_name => p_user_name,
5983 x_predicate => l_predicate,
5984 x_return_status => x_return_status);
5985 if(x_return_status NOT IN (G_RETURN_SUCCESS, G_RETURN_FAILURE))then
5986 /* There will be a message on the msg dict stack. */
5987 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
5988 ,p_module => l_api_name
5989 ,p_message => 'Returning status as returned from get_security_predicate '||x_return_status
5990 );
5991 return; /* We will return the x_return_status as an out param */
5992 end if;
5993
5994 -- Get names and list of primary keys for this object.
5995 x_return_status := get_pk_information(p_object_name ,
5996 l_db_pk1_column ,
5997 l_db_pk2_column ,
5998 l_db_pk3_column ,
5999 l_db_pk4_column ,
6000 l_db_pk5_column ,
6001 l_pk_column_names ,
6002 l_type_converted_val_cols ,
6003 l_pk_orig_column_names,
6004 l_db_object_name );
6005 if (x_return_status <> G_RETURN_SUCCESS) then
6006 /* There will be a message on the msg dict stack. */
6007 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
6008 ,p_module => l_api_name
6009 ,p_message => 'PK informatino not available returning: '||x_return_status
6010 );
6011 return; /* We will return the x_return_status as out param */
6012 end if;
6013
6014 if (l_predicate is not NULL) then
6015 l_dynamic_sql :=
6016 'SELECT '|| l_pk_column_names ||
6017 ' FROM '|| l_db_object_name ||
6018 ' WHERE '||l_predicate||' ';
6019 else
6020 x_return_status := G_RETURN_FAILURE;
6021 return;
6022 end if;
6023
6024 l_index:=0;
6025 -- Run the statement,
6026 OPEN instances_cur FOR l_dynamic_sql;
6027 LOOP
6028 if(l_db_pk5_column is NOT NULL) then
6029 FETCH instances_cur INTO l_pk1_val,
6030 l_pk2_val,
6031 l_pk3_val,
6032 l_pk4_val,
6033 l_pk5_val;
6034 elsif(l_db_pk4_column is NOT NULL) then
6035 FETCH instances_cur INTO l_pk1_val,
6036 l_pk2_val,
6037 l_pk3_val,
6038 l_pk4_val;
6039 elsif(l_db_pk3_column is NOT NULL) then
6040 FETCH instances_cur INTO l_pk1_val,
6041 l_pk2_val,
6042 l_pk3_val;
6043 elsif(l_db_pk2_column is NOT NULL) then
6044 FETCH instances_cur INTO l_pk1_val,
6045 l_pk2_val;
6046 elsif(l_db_pk1_column is NOT NULL) then
6047 FETCH instances_cur INTO l_pk1_val;
6048 else
6049 x_return_status := G_RETURN_UNEXP_ERR;
6050 return; /* This will never happen since pk1 is reqd*/
6051 end if;
6052
6053 EXIT WHEN instances_cur%NOTFOUND;
6054 x_object_key_tbl(l_index).pk1_value := l_pk1_val;
6055 x_object_key_tbl(l_index).pk2_value := l_pk2_val;
6056 x_object_key_tbl(l_index).pk3_value := l_pk3_val;
6057 x_object_key_tbl(l_index).pk4_value := l_pk4_val;
6058 x_object_key_tbl(l_index).pk5_value := l_pk5_val;
6059 l_index:=l_index+1;
6060 END LOOP;
6061 CLOSE instances_cur;
6062 if(l_index > 0) then
6063 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
6064 ,p_module => l_api_name
6065 ,p_message => 'Returning success as instances found '
6066 );
6067 x_return_status := G_RETURN_SUCCESS; /* Success */
6068 else
6069 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
6070 ,p_module => l_api_name
6071 ,p_message => 'Returning failure as instances are not found '
6072 );
6073 x_return_status := G_RETURN_FAILURE; /* No instances */
6074 end if;
6075
6076 return;
6077
6078 EXCEPTION
6079 WHEN OTHERS THEN
6080 fnd_message.set_name('FND', 'SQL_PLSQL_ERROR');
6081 fnd_message.set_token('ROUTINE',G_PKG_NAME||l_api_name);
6082 fnd_message.set_token('ERRNO', SQLCODE);
6083 fnd_message.set_token('REASON', SQLERRM);
6084 code_debug (p_log_level => G_DEBUG_LEVEL_EXCEPTION
6085 ,p_module => l_api_name
6086 ,p_message => 'Returning EXCEPTION '||SQLERRM
6087 );
6088 x_return_status := G_RETURN_UNEXP_ERR;
6089 RETURN;
6090 end get_instances;
6091
6092
6093 --------------------------------------------------------
6094 ---- check_instance_in_set
6095 --------------------------------------------------------
6096 FUNCTION check_instance_in_set
6097 (
6098 p_api_version IN NUMBER,
6099 p_instance_set_name IN VARCHAR2,
6100 p_instance_pk1_value IN VARCHAR2,
6101 p_instance_pk2_value IN VARCHAR2 DEFAULT NULL,
6102 p_instance_pk3_value IN VARCHAR2 DEFAULT NULL,
6103 p_instance_pk4_value IN VARCHAR2 DEFAULT NULL,
6104 p_instance_pk5_value IN VARCHAR2 DEFAULT NULL
6105 ) return VARCHAR2 is
6106 l_api_name CONSTANT VARCHAR2(30) := 'CHECK_INSTANCE_IN_SET';
6107
6108 -- On addition of any Required parameters the major version needs
6109 -- to change i.e. for eg. 1.X to 2.X.
6110 -- On addition of any Optional parameters the minor version needs
6111 -- to change i.e. for eg. X.6 to X.7.
6112 l_api_version CONSTANT NUMBER := 1.0;
6113 l_dynamic_sql VARCHAR2(32767);
6114 l_predicate VARCHAR2(32767);
6115 l_object_name varchar2(30);
6116 l_pk1_vc_val varchar2(80);
6117 l_pk2_vc_val varchar2(80);
6118 l_pk3_vc_val varchar2(80);
6119 l_pk4_vc_val varchar2(80);
6120 l_pk5_vc_val varchar2(80);
6121 l_pk1_col_name varchar2(30);
6122 l_pk2_col_name varchar2(30);
6123 l_pk3_col_name varchar2(30);
6124 l_pk4_col_name varchar2(30);
6125 l_pk5_col_name varchar2(30);
6126 l_pk1_col_type varchar2(8);
6127 l_pk2_col_type varchar2(8);
6128 l_pk3_col_type varchar2(8);
6129 l_pk4_col_type varchar2(8);
6130 l_pk5_col_type varchar2(8);
6131 l_dummy_val varchar2(30);
6132
6133 instance_sets_cur DYNAMIC_CUR;
6134 begin
6135 SetGlobals();
6136 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
6137 ,p_module => l_api_name
6138 ,p_message => 'Started with 7 params '||
6139 ' p_api_version: '|| to_char(p_api_version) ||
6140 ' - p_instance_set_name: '|| p_instance_set_name ||
6141 ' - p_instance_pk1_value: '|| p_instance_pk1_value ||
6142 ' - p_instance_pk2_value: '|| p_instance_pk2_value ||
6143 ' - p_instance_pk3_value: '|| p_instance_pk3_value ||
6144 ' - p_instance_pk4_value: '|| p_instance_pk4_value ||
6145 ' - p_instance_pk5_value: '|| p_instance_pk5_value
6146 );
6147
6148 -- check for call compatibility.
6149 if TRUNC(l_api_version) <> TRUNC(p_api_version) THEN
6150 fnd_message.set_name('FND', 'GENERIC-INTERNAL ERROR');
6151 fnd_message.set_token('ROUTINE', g_pkg_name || '.'|| l_api_name);
6152 fnd_message.set_token('REASON',
6153 'Unsupported version '|| to_char(p_api_version)||
6154 ' passed to API; expecting version '||
6155 to_char(l_api_version));
6156 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
6157 ,p_module => l_api_name
6158 ,p_message => 'Returning as the call in incompatible '
6159 );
6160 return G_RETURN_UNEXP_ERR;/* Unexpected Error */
6161 END IF;
6162
6163 begin
6164 -- select predicate from fnd_grant_instances
6165 select s.predicate,
6166 o.database_object_name,
6167 o.pk1_column_name,
6168 o.pk2_column_name,
6169 o.pk3_column_name,
6170 o.pk4_column_name,
6171 o.pk5_column_name,
6172 o.pk1_column_type,
6173 o.pk2_column_type,
6174 o.pk3_column_type,
6175 o.pk4_column_type,
6176 o.pk5_column_type
6177 into l_predicate,
6178 l_object_name,
6179 l_pk1_col_name,
6180 l_pk2_col_name,
6181 l_pk3_col_name,
6182 l_pk4_col_name,
6183 l_pk5_col_name,
6184 l_pk1_col_type,
6185 l_pk2_col_type,
6186 l_pk3_col_type,
6187 l_pk4_col_type,
6188 l_pk5_col_type
6189 from fnd_objects o, fnd_object_instance_sets s
6190 where s.instance_set_name = p_instance_set_name
6191 and s.object_id = o.object_id;
6192 exception
6193 when no_data_found then
6194 fnd_message.set_name('FND', 'GENERIC-INTERNAL ERROR');
6195 fnd_message.set_token('ROUTINE', g_pkg_name || '.'|| l_api_name);
6196 fnd_message.set_token('REASON',
6197 'Data Error- couldn''t get predicate and/or object_name from '||
6198 'fnd_objects and fnd_object_instance_sets for instance set '||
6199 '"'||p_instance_set_name||'"');
6200 code_debug (p_log_level => G_DEBUG_LEVEL_EXCEPTION
6201 ,p_module => l_api_name
6202 ,p_message => 'The given data is not sufficient to find a valid instance set '
6203 );
6204 return G_RETURN_UNEXP_ERR;
6205 end;
6206
6207 -- Convert e.g. from ':n' to 'TO_NUMBER(:n)'
6208 l_pk1_vc_val := get_conv_from_char(':col1_value', l_pk1_col_type);
6209 l_pk2_vc_val := get_conv_from_char(':col2_value', l_pk2_col_type);
6210 l_pk3_vc_val := get_conv_from_char(':col3_value', l_pk3_col_type);
6211 l_pk4_vc_val := get_conv_from_char(':col4_value', l_pk4_col_type);
6212 l_pk5_vc_val := get_conv_from_char(':col5_value', l_pk5_col_type);
6213
6214 -- Construct dynamic sql statement that will return a row if
6215 -- there is a row in the base object table in the instance set,
6216 -- with the PK passed in.
6217 l_dynamic_sql :=
6218 'SELECT ''X'' FROM sys.dual WHERE EXISTS (' ||
6219 'SELECT ''X'''||
6220 ' FROM '|| l_object_name ||
6221 ' WHERE ';
6222 if (l_pk1_col_name is not NULL) then
6223 l_dynamic_sql := l_dynamic_sql ||
6224 ' ( ('||l_pk1_col_name||' = '||l_pk1_vc_val||')'||
6225 ' OR ( ('||l_pk1_col_name||' is NULL) '||
6226 ' AND ( :col1_value is NULL)))';
6227 end if;
6228 if (l_pk2_col_name is not NULL) then
6229 l_dynamic_sql := l_dynamic_sql ||
6230 ' AND ( ('||l_pk2_col_name||' = '||l_pk2_vc_val||')'||
6231 ' OR ( ('||l_pk2_col_name||' is NULL) '||
6232 ' AND ( :col2_value is NULL)))';
6233 end if;
6234 if (l_pk3_col_name is not NULL) then
6235 l_dynamic_sql := l_dynamic_sql ||
6236 ' AND ( ('||l_pk3_col_name||' = '||l_pk3_vc_val||')'||
6237 ' OR ( ('||l_pk3_col_name||' is NULL) '||
6238 ' AND ( :col3_value is NULL)))';
6239 end if;
6240 if (l_pk4_col_name is not NULL) then
6241 l_dynamic_sql := l_dynamic_sql ||
6242 ' AND ( ('||l_pk4_col_name||' = '||l_pk4_vc_val||')'||
6243 ' OR ( ('||l_pk4_col_name||' is NULL) '||
6244 ' AND ( :col4_value is NULL)))';
6245 end if;
6246 if (l_pk5_col_name is not NULL) then
6247 l_dynamic_sql := l_dynamic_sql ||
6248 ' AND ( ('||l_pk5_col_name||' = '||l_pk5_vc_val||')'||
6249 ' OR ( ('||l_pk5_col_name||' is NULL) '||
6250 ' AND ( :col5_value is NULL)))';
6251 end if;
6252 l_dynamic_sql := l_dynamic_sql ||
6253 ' AND '|| l_predicate ||')';
6254
6255 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
6256 ,p_module => l_api_name
6257 ,p_message => 'l_dynamic_sql '||l_dynamic_sql
6258 );
6259 -- Run the statement, binding in the pk column names and pk values.
6260 if (l_pk5_col_name is not NULL) then
6261 OPEN instance_sets_cur FOR l_dynamic_sql USING
6262 p_instance_pk1_value, p_instance_pk1_value,
6263 p_instance_pk2_value, p_instance_pk2_value,
6264 p_instance_pk3_value, p_instance_pk3_value,
6265 p_instance_pk4_value, p_instance_pk4_value,
6266 p_instance_pk5_value, p_instance_pk5_value;
6267 elsif (l_pk4_col_name is not NULL) then
6268 OPEN instance_sets_cur FOR l_dynamic_sql USING
6269 p_instance_pk1_value, p_instance_pk1_value,
6270 p_instance_pk2_value, p_instance_pk2_value,
6271 p_instance_pk3_value, p_instance_pk3_value,
6272 p_instance_pk4_value, p_instance_pk4_value;
6273 elsif (l_pk3_col_name is not NULL) then
6274 OPEN instance_sets_cur FOR l_dynamic_sql USING
6275 p_instance_pk1_value, p_instance_pk1_value,
6276 p_instance_pk2_value, p_instance_pk2_value,
6277 p_instance_pk3_value, p_instance_pk3_value;
6278 elsif (l_pk2_col_name is not NULL) then
6279 OPEN instance_sets_cur FOR l_dynamic_sql USING
6280 p_instance_pk1_value, p_instance_pk1_value,
6281 p_instance_pk2_value, p_instance_pk2_value;
6282 elsif (l_pk1_col_name is not NULL) then
6283 OPEN instance_sets_cur FOR l_dynamic_sql USING
6284 p_instance_pk1_value, p_instance_pk1_value;
6285 else
6286 return G_RETURN_UNEXP_ERR; /* This will never happen since pk1 is reqd*/
6287 end if;
6288
6289
6290 FETCH instance_sets_cur INTO l_dummy_val;
6291 IF(instance_sets_cur%NOTFOUND) THEN
6292 CLOSE instance_sets_cur;
6293 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
6294 ,p_module => l_api_name
6295 ,p_message => 'Returning failure as instance does not have the reqd function '
6296 );
6297 RETURN G_RETURN_FAILURE;
6298 ELSE
6299 CLOSE instance_sets_cur;
6300 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
6301 ,p_module => l_api_name
6302 ,p_message => 'Returning success as instance set has the reqd function '
6303 );
6304 RETURN G_RETURN_SUCCESS;
6305 END IF;
6306
6307 EXCEPTION
6308 WHEN OTHERS THEN
6309 fnd_message.set_name('FND', 'SQL_PLSQL_ERROR');
6310 fnd_message.set_token('ROUTINE',G_PKG_NAME||l_api_name);
6311 fnd_message.set_token('ERRNO', SQLCODE);
6312 fnd_message.set_token('REASON', SQLERRM);
6313 code_debug (p_log_level => G_DEBUG_LEVEL_UNEXPECTED
6314 ,p_module => l_api_name
6315 ,p_message => 'Ending: Returning OTHER ERROR '||SQLERRM
6316 );
6317 RETURN G_RETURN_UNEXP_ERR;
6318
6319 end check_instance_in_set;
6320
6321
6322 --------------------------------------------------------
6323 ---- Create_Role_Mapping
6324 --------------------------------------------------------
6325 PROCEDURE Create_Role_Mapping(
6326 p_api_version IN NUMBER
6327 ,p_parent_obj_name IN VARCHAR2
6328 ,p_parent_role_name IN VARCHAR2
6329 ,p_child_obj_name IN VARCHAR2
6330 ,p_child_object_type IN VARCHAR2
6331 ,p_child_role_name IN VARCHAR2
6332 ,p_owner IN NUMBER
6333 ,p_init_msg_list IN VARCHAR2 := fnd_api.g_FALSE
6334 ,p_commit IN VARCHAR2 := fnd_api.g_FALSE
6335 ,x_return_status OUT NOCOPY VARCHAR2
6336 ,x_errorcode OUT NOCOPY NUMBER
6337 ,x_msg_count OUT NOCOPY NUMBER
6338 ,x_msg_data OUT NOCOPY VARCHAR2
6339 ) IS
6340
6341 l_api_name CONSTANT VARCHAR2(30) := 'Create_Role_Mapping';
6342 --we don't use this yet, but eventually we might:
6343 --if we change required parameters, version goes from n.x to (n+1).x
6344 --if we change optional parameters, version goes from x.n to x.(n+1)
6345
6346 l_api_version CONSTANT NUMBER := 1.0;
6347
6348 -- General variables
6349 l_parent_obj_id fnd_objects.object_id%type;
6350 l_parent_role_id fnd_menus.menu_id%type;
6351 l_child_obj_id fnd_objects.object_id%type;
6352 l_child_role_id fnd_menus.menu_id%type;
6353
6354 l_Sysdate DATE := Sysdate;
6355 l_owner NUMBER;
6356
6357 BEGIN
6358 SetGlobals();
6359 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
6360 ,p_module => l_api_name
6361 ,p_message => 'Started with 13 params '||
6362 ' p_api_version: '|| p_api_version||
6363 ' - p_parent_obj_name: '||p_parent_obj_name||
6364 ' - p_parent_role_name: '||p_parent_role_name||
6365 ' - p_child_obj_name: '||p_child_obj_name||
6366 ' - p_child_object_type: '||p_child_object_type||
6367 ' - p_child_role_name: '||p_child_role_name||
6368 ' - p_owner: '||p_owner||
6369 ' - p_init_msg_list: '||p_init_msg_list||
6370 ' - p_commit: '||p_commit
6371 );
6372
6373 IF FND_API.TO_BOOLEAN(p_commit) THEN
6374 -- Standard Start of API savepoint
6375 SAVEPOINT Create_Role_Mapping_PUB;
6376 END IF;
6377
6378 IF NOT FND_API.Compatible_API_Call (l_api_version,
6379 p_api_version,
6380 l_api_name,
6381 G_PKG_NAME)
6382 THEN
6383 RAISE FND_API.G_EXC_UNEXPECTED_ERROR;
6384 END IF;
6385 -- Initialize API message list if necessary.
6386 -- Initialize message list if p_init_msg_list is set to TRUE.
6387 IF FND_API.to_Boolean( p_init_msg_list ) THEN
6388 FND_MSG_PUB.initialize;
6389 END IF;
6390
6391 IF (p_owner IS NULL OR p_owner = -1) THEN
6392 l_owner := EGO_SCTX.get_user_id();
6393 ELSE
6394 l_owner := p_owner;
6395 END IF;
6396
6397 l_parent_obj_id := get_object_id(p_object_name => p_parent_obj_name);
6398 l_child_obj_id := get_object_id(p_object_name => p_child_obj_name);
6399 l_parent_role_id := get_role_id(p_role_name => p_parent_role_name);
6400 l_child_role_id := get_role_id(p_role_name => p_child_role_name);
6401
6402 INSERT INTO EGO_OBJ_ROLE_MAPPINGS
6403 (
6404 PARENT_OBJECT_ID
6405 , PARENT_ROLE_ID
6406 , CHILD_OBJECT_ID
6407 , CHILD_OBJECT_TYPE
6408 , CHILD_ROLE_ID
6409 , LAST_UPDATE_DATE
6410 , LAST_UPDATED_BY
6411 , CREATION_DATE
6412 , CREATED_BY
6413 , LAST_UPDATE_LOGIN
6414 )
6415 VALUES
6416 (
6417 l_parent_obj_id
6418 , l_parent_role_id
6419 , l_child_obj_id
6420 , p_child_object_type
6421 , l_child_role_id
6422 , l_Sysdate
6423 , l_owner
6424 , l_Sysdate
6425 , l_owner
6426 , FND_GLOBAL.Login_id
6427 );
6428
6429 -- Standard check of p_commit.
6430 IF FND_API.To_Boolean( p_commit ) THEN
6431 COMMIT WORK;
6432 END IF;
6433
6434 x_return_status := FND_API.G_RET_STS_SUCCESS;
6435
6436 -----------------------------------
6437 -- Make a standard call to get message count
6438 -- and if count is 1, get message info.
6439 -- The client will directly display the x_msg_data (which is already
6440 -- translated) if the x_msg_count = 1;
6441 -- Else, i.e. if x_msg_count > 1, client will call the FND_MSG_PUB.Get
6442 -- Server-side procedure to access the messages, and consolidate them
6443 -- and display them all at once or display one message after another.
6444
6445 FND_MSG_PUB.Count_And_Get
6446 ( p_count => x_msg_count,
6447 p_data => x_msg_data
6448 );
6449 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
6450 ,p_module => l_api_name
6451 ,p_message => 'Returning 13 with params '||
6452 ' x_return_status: '|| x_return_status||
6453 ' - x_errorcode: '||x_errorcode||
6454 ' - x_msg_count: '||x_msg_count||
6455 ' - x_msg_data: '||x_msg_data
6456 );
6457
6458 EXCEPTION
6459 WHEN FND_API.G_EXC_ERROR THEN
6460 IF FND_API.TO_BOOLEAN(p_commit) THEN
6461 ROLLBACK TO Create_Role_Mapping_PUB;
6462 END IF;
6463 x_return_status := FND_API.G_RET_STS_ERROR;
6464 FND_MSG_PUB.Count_And_Get
6465 ( p_count => x_msg_count,
6466 p_data => x_msg_data
6467 );
6468 x_msg_data := 'Executing - '||G_PKG_NAME||'.'||l_api_name||' '||SQLERRM;
6469 code_debug (p_log_level => G_DEBUG_LEVEL_ERROR
6470 ,p_module => l_api_name
6471 ,p_message => 'Ending: Returning ERROR '||
6472 ' x_return_status: '|| x_return_status||
6473 ' - x_errorcode: '||x_errorcode||
6474 ' - x_msg_count: '||x_msg_count||
6475 ' - x_msg_data: '||x_msg_data
6476 );
6477 WHEN FND_API.G_EXC_UNEXPECTED_ERROR THEN
6478 IF FND_API.TO_BOOLEAN(p_commit) THEN
6479 ROLLBACK TO Create_Function_PUB;
6480 END IF;
6481 x_return_status := FND_API.G_RET_STS_UNEXP_ERROR;
6482 FND_MSG_PUB.Count_And_Get
6483 ( p_count => x_msg_count,
6484 p_data => x_msg_data
6485 );
6486 x_msg_data := 'Executing - '||G_PKG_NAME||'.'||l_api_name||' '||SQLERRM;
6487 code_debug (p_log_level => G_DEBUG_LEVEL_UNEXPECTED
6488 ,p_module => l_api_name
6489 ,p_message => 'Ending: Returning UNEXPECTED ERROR '||
6490 ' x_return_status: '|| x_return_status||
6491 ' - x_errorcode: '||x_errorcode||
6492 ' - x_msg_count: '||x_msg_count||
6493 ' - x_msg_data: '||x_msg_data
6494 );
6495 WHEN OTHERS THEN
6496 IF FND_API.TO_BOOLEAN(p_commit) THEN
6497 ROLLBACK TO Create_Function_PUB;
6498 END IF;
6499 x_return_status := FND_API.G_RET_STS_UNEXP_ERROR;
6500 IF FND_MSG_PUB.Check_Msg_Level
6501 (FND_MSG_PUB.G_MSG_LVL_UNEXP_ERROR)
6502 THEN
6503 FND_MSG_PUB.Add_Exc_Msg
6504 ( G_PKG_NAME,
6505 l_api_name
6506 );
6507 END IF;
6508 FND_MSG_PUB.Count_And_Get
6509 ( p_count => x_msg_count,
6510 p_data => x_msg_data
6511 );
6512 x_msg_data := 'Executing - '||G_PKG_NAME||'.'||l_api_name||' '||SQLERRM;
6513 code_debug (p_log_level => G_DEBUG_LEVEL_UNEXPECTED
6514 ,p_module => l_api_name
6515 ,p_message => 'Ending: Returning UNEXPECTED ERROR '||
6516 ' x_return_status: '|| x_return_status||
6517 ' - x_errorcode: '||x_errorcode||
6518 ' - x_msg_count: '||x_msg_count||
6519 ' - x_msg_data: '||x_msg_data
6520 );
6521
6522 END Create_Role_Mapping;
6523
6524
6525 --------------------------------------------------------
6526 ---- Create_Role_Mapping
6527 --------------------------------------------------------
6528 PROCEDURE Create_Role_Mapping(
6529 p_api_version IN NUMBER
6530 ,p_parent_obj_name IN VARCHAR2
6531 ,p_parent_role_name IN VARCHAR2
6532 ,p_child_obj_name IN VARCHAR2
6533 ,p_child_object_type IN VARCHAR2
6534 ,p_child_role_name IN VARCHAR2
6535 ,p_init_msg_list IN VARCHAR2 := fnd_api.g_FALSE
6536 ,p_commit IN VARCHAR2 := fnd_api.g_FALSE
6537 ,x_return_status OUT NOCOPY VARCHAR2
6538 ,x_errorcode OUT NOCOPY NUMBER
6539 ,x_msg_count OUT NOCOPY NUMBER
6540 ,x_msg_data OUT NOCOPY VARCHAR2
6541 ) IS
6542
6543 BEGIN
6544 SetGlobals();
6545 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
6546 ,p_module => 'Create_Role_Mapping 12'
6547 ,p_message => 'Started with 12 params '||
6548 ' p_api_version: '|| p_api_version||
6549 ' - p_parent_obj_name: '||p_parent_obj_name||
6550 ' - p_parent_role_name: '||p_parent_role_name||
6551 ' - p_child_obj_name: '||p_child_obj_name||
6552 ' - p_child_object_type: '||p_child_object_type||
6553 ' - p_child_role_name: '||p_child_role_name||
6554 ' - p_init_msg_list: '||p_init_msg_list||
6555 ' - p_commit: '||p_commit
6556 );
6557
6558 Create_Role_Mapping(
6559 p_api_version => p_api_version
6560 ,p_parent_obj_name => p_parent_obj_name
6561 ,p_parent_role_name => p_parent_role_name
6562 ,p_child_obj_name => p_child_obj_name
6563 ,p_child_object_type => p_child_object_type
6564 ,p_child_role_name => p_child_role_name
6565 ,p_owner => NULL
6566 ,p_init_msg_list => p_init_msg_list
6567 ,p_commit => p_commit
6568 ,x_return_status => x_return_status
6569 ,x_errorcode => x_errorcode
6570 ,x_msg_count => x_msg_count
6571 ,x_msg_data => x_msg_data
6572 );
6573 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
6574 ,p_module => 'Create_Role_Mapping'
6575 ,p_message => 'Returning 12 with params '||
6576 ' x_return_status: '|| x_return_status||
6577 ' - x_errorcode: '||x_errorcode||
6578 ' - x_msg_count: '||x_msg_count||
6579 ' - x_msg_data: '||x_msg_data
6580 );
6581
6582 END Create_Role_Mapping;
6583
6584 --------------------------------------------------------
6585 ---- Update_Role_Mapping
6586 --------------------------------------------------------
6587 PROCEDURE Update_Role_Mapping(
6588 p_api_version IN NUMBER
6589 ,p_parent_obj_name IN VARCHAR2
6590 ,p_parent_role_name IN VARCHAR2
6591 ,p_child_obj_name IN VARCHAR2
6592 ,p_child_object_type IN VARCHAR2
6593 ,p_child_role_name IN VARCHAR2
6594 ,p_owner IN NUMBER
6595 ,p_init_msg_list IN VARCHAR2 := fnd_api.g_FALSE
6596 ,p_commit IN VARCHAR2 := fnd_api.g_FALSE
6597 ,x_return_status OUT NOCOPY VARCHAR2
6598 ,x_errorcode OUT NOCOPY NUMBER
6599 ,x_msg_count OUT NOCOPY NUMBER
6600 ,x_msg_data OUT NOCOPY VARCHAR2
6601 ) IS
6602
6603 l_api_name CONSTANT VARCHAR2(30) := 'Update_Role_Mapping';
6604 --we don't use this yet, but eventually we might:
6605 --if we change required parameters, version goes from n.x to (n+1).x
6606 --if we change optional parameters, version goes from x.n to x.(n+1)
6607
6608 l_api_version CONSTANT NUMBER := 1.0;
6609 l_row_count NUMBER;
6610 l_curr_login_id NUMBER;
6611
6612 -- General variables
6613
6614 l_parent_obj_id fnd_objects.object_id%type;
6615 l_parent_role_id fnd_menus.menu_id%type;
6616 l_child_obj_id fnd_objects.object_id%type;
6617 l_child_role_id fnd_menus.menu_id%type;
6618 l_Sysdate DATE := Sysdate;
6619 l_owner NUMBER;
6620
6621 BEGIN
6622 SetGlobals();
6623 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
6624 ,p_module => l_api_name
6625 ,p_message => 'Started with 13 params '||
6626 ' p_api_version: '|| p_api_version||
6627 ' - p_parent_obj_name: '||p_parent_obj_name||
6628 ' - p_parent_role_name: '||p_parent_role_name||
6629 ' - p_child_obj_name: '||p_child_obj_name||
6630 ' - p_child_object_type: '||p_child_object_type||
6631 ' - p_child_role_name: '||p_child_role_name||
6632 ' - p_owner: '||p_owner||
6633 ' - p_init_msg_list: '||p_init_msg_list||
6634 ' - p_commit: '||p_commit
6635 );
6636 IF FND_API.TO_BOOLEAN(p_commit) THEN
6637 -- Standard Start of API savepoint
6638 SAVEPOINT Update_Role_Mapping_PUB;
6639 END IF;
6640
6641 -- Initialize API message list if necessary.
6642 -- Initialize message list if p_init_msg_list is set to TRUE.
6643 IF FND_API.to_Boolean( p_init_msg_list ) THEN
6644 FND_MSG_PUB.initialize;
6645 END IF;
6646
6647 IF NOT FND_API.Compatible_API_Call (l_api_version,
6648 p_api_version,
6649 l_api_name,
6650 G_PKG_NAME)
6651 THEN
6652 RAISE FND_API.G_EXC_UNEXPECTED_ERROR;
6653 END IF;
6654
6655 IF (p_owner IS NULL OR p_owner = -1) THEN
6656 l_owner := EGO_SCTX.get_user_id();
6657 ELSE
6658 l_owner := p_owner;
6659 END IF;
6660
6661 l_parent_obj_id := get_object_id(p_object_name => p_parent_obj_name);
6662 l_child_obj_id := get_object_id(p_object_name => p_child_obj_name);
6663 l_parent_role_id := get_role_id(p_role_name => p_parent_role_name);
6664 l_child_role_id := get_role_id(p_role_name => p_child_role_name);
6665 l_curr_login_id := FND_GLOBAL.Login_id;
6666 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
6667 ,p_module => l_api_name
6668 ,p_message => 'After obtaining parent and child ids '||
6669 ' l_parent_obj_id: '||l_parent_obj_id||
6670 ' - l_child_obj_id: '||l_child_obj_id||
6671 ' - l_parent_role_id: '||l_parent_role_id||
6672 ' - l_child_role_id: '||l_child_role_id
6673 );
6674
6675 IF (p_child_object_type is not null) THEN
6676 UPDATE EGO_OBJ_ROLE_MAPPINGS
6677 SET
6678 CHILD_ROLE_ID = l_child_role_id
6679 , LAST_UPDATE_DATE = l_Sysdate
6680 , LAST_UPDATED_BY = l_owner
6681 , LAST_UPDATE_LOGIN = l_curr_login_id
6682 WHERE
6683 PARENT_OBJECT_ID = l_parent_obj_id AND
6684 PARENT_ROLE_ID = l_parent_role_id AND
6685 CHILD_OBJECT_ID = l_child_obj_id AND
6686 CHILD_OBJECT_TYPE = p_child_object_type;
6687 ELSE
6688 UPDATE EGO_OBJ_ROLE_MAPPINGS
6689 SET
6690 CHILD_ROLE_ID = l_child_role_id
6691 , LAST_UPDATE_DATE = l_Sysdate
6692 , LAST_UPDATED_BY = l_owner
6693 , LAST_UPDATE_LOGIN = l_curr_login_id
6694 WHERE
6695 PARENT_OBJECT_ID = l_parent_obj_id AND
6696 PARENT_ROLE_ID = l_parent_role_id AND
6697 CHILD_OBJECT_ID = l_child_obj_id AND
6698 CHILD_OBJECT_TYPE is null;
6699 END IF;
6700
6701 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
6702 ,p_module => l_api_name
6703 ,p_message => 'After updating role mappings'
6704 );
6705
6706 -- Standard check of p_commit.
6707 IF FND_API.To_Boolean( p_commit ) THEN
6708 COMMIT WORK;
6709 END IF;
6710
6711 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
6712 ,p_module => l_api_name
6713 ,p_message => 'After committing the data'
6714 );
6715 x_return_status := FND_API.G_RET_STS_SUCCESS;
6716
6717 -- Make a standard call to get message count
6718 -- and if count is 1, get message info.
6719 -- The client will directly display the x_msg_data (which is already
6720 -- translated) if the x_msg_count = 1;
6721 -- Else, i.e. if x_msg_count > 1, client will call the FND_MSG_PUB.Get
6722 -- Server-side procedure to access the messages, and consolidate them
6723 -- and display them all at once or display one message after another.
6724
6725 FND_MSG_PUB.Count_And_Get
6726 ( p_count => x_msg_count,
6727 p_data => x_msg_data
6728 );
6729
6730 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
6731 ,p_module => 'Update_Role_Mapping '
6732 ,p_message => 'Returning 13 with params '||
6733 ' x_return_status: '|| x_return_status||
6734 ' - x_errorcode: '||x_errorcode||
6735 ' - x_msg_count: '||x_msg_count||
6736 ' - x_msg_data: '||x_msg_data
6737 );
6738
6739 EXCEPTION
6740 WHEN FND_API.G_EXC_ERROR THEN
6741 IF FND_API.TO_BOOLEAN(p_commit) THEN
6742 ROLLBACK TO Update_Role_Mapping_PUB;
6743 END IF;
6744 x_return_status := FND_API.G_RET_STS_ERROR;
6745 FND_MSG_PUB.Count_And_Get
6746 ( p_count => x_msg_count,
6747 p_data => x_msg_data
6748 );
6749 x_msg_data :='Executing - '||G_PKG_NAME||'.'||l_api_name||' '||SQLERRM;
6750 code_debug (p_log_level => G_DEBUG_LEVEL_ERROR
6751 ,p_module => l_api_name
6752 ,p_message => 'Ending: Returning UNEXPECTED ERROR '||
6753 ' x_return_status: '|| x_return_status||
6754 ' - x_errorcode: '||x_errorcode||
6755 ' - x_msg_count: '||x_msg_count||
6756 ' - x_msg_data: '||x_msg_data
6757 );
6758 WHEN FND_API.G_EXC_UNEXPECTED_ERROR THEN
6759 IF FND_API.TO_BOOLEAN(p_commit) THEN
6760 ROLLBACK TO Update_Role_Mapping_PUB;
6761 END IF;
6762 x_return_status := FND_API.G_RET_STS_UNEXP_ERROR;
6763 FND_MSG_PUB.Count_And_Get
6764 ( p_count => x_msg_count,
6765 p_data => x_msg_data
6766 );
6767 x_msg_data :='Executing - '||G_PKG_NAME||'.'||l_api_name||' '||SQLERRM;
6768 code_debug (p_log_level => G_DEBUG_LEVEL_UNEXPECTED
6769 ,p_module => l_api_name
6770 ,p_message => 'Ending: Returning UNEXPECTED ERROR '||
6771 ' x_return_status: '|| x_return_status||
6772 ' - x_errorcode: '||x_errorcode||
6773 ' - x_msg_count: '||x_msg_count||
6774 ' - x_msg_data: '||x_msg_data
6775 );
6776 WHEN OTHERS THEN
6777 IF FND_API.TO_BOOLEAN(p_commit) THEN
6778 ROLLBACK TO Update_Role_Mapping_PUB;
6779 END IF;
6780 x_return_status := FND_API.G_RET_STS_UNEXP_ERROR;
6781 IF FND_MSG_PUB.Check_Msg_Level
6782 (FND_MSG_PUB.G_MSG_LVL_UNEXP_ERROR)
6783 THEN
6784 FND_MSG_PUB.Add_Exc_Msg
6785 ( G_PKG_NAME,
6786 l_api_name
6787 );
6788 END IF;
6789 FND_MSG_PUB.Count_And_Get
6790 ( p_count => x_msg_count,
6791 p_data => x_msg_data
6792 );
6793 x_msg_data :='Executing - '||G_PKG_NAME||'.'||l_api_name||' '||SQLERRM;
6794 code_debug (p_log_level => G_DEBUG_LEVEL_UNEXPECTED
6795 ,p_module => l_api_name
6796 ,p_message => 'Ending: Returning OTHER ERROR '||
6797 ' x_return_status: '|| x_return_status||
6798 ' - x_errorcode: '||x_errorcode||
6799 ' - x_msg_count: '||x_msg_count||
6800 ' - x_msg_data: '||x_msg_data
6801 );
6802
6803 END Update_Role_Mapping;
6804
6805 --------------------------------------------------------
6806 ---- Update_Role_Mapping
6807 --------------------------------------------------------
6808 PROCEDURE Update_Role_Mapping(
6809 p_api_version IN NUMBER
6810 ,p_parent_obj_name IN VARCHAR2
6811 ,p_parent_role_name IN VARCHAR2
6812 ,p_child_obj_name IN VARCHAR2
6813 ,p_child_object_type IN VARCHAR2
6814 ,p_child_role_name IN VARCHAR2
6815 ,p_init_msg_list IN VARCHAR2 := fnd_api.g_FALSE
6816 ,p_commit IN VARCHAR2 := fnd_api.g_FALSE
6817 ,x_return_status OUT NOCOPY VARCHAR2
6818 ,x_errorcode OUT NOCOPY NUMBER
6819 ,x_msg_count OUT NOCOPY NUMBER
6820 ,x_msg_data OUT NOCOPY VARCHAR2
6821 ) IS
6822
6823 BEGIN
6824 SetGlobals();
6825 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
6826 ,p_module => 'Update_Role_Mapping'
6827 ,p_message => 'Started with 12 params '||
6828 ' p_api_version: '|| p_api_version||
6829 ' - p_parent_obj_name: '||p_parent_obj_name||
6830 ' - p_parent_role_name: '||p_parent_role_name||
6831 ' - p_child_obj_name: '||p_child_obj_name||
6832 ' - p_child_object_type: '||p_child_object_type||
6833 ' - p_child_role_name: '||p_child_role_name||
6834 ' - p_init_msg_list: '||p_init_msg_list||
6835 ' - p_commit: '||p_commit
6836 );
6837
6838 Update_Role_Mapping(
6839 p_api_version => p_api_version
6840 ,p_parent_obj_name => p_parent_obj_name
6841 ,p_parent_role_name => p_parent_role_name
6842 ,p_child_obj_name => p_child_obj_name
6843 ,p_child_object_type => p_child_object_type
6844 ,p_child_role_name => p_child_role_name
6845 ,p_owner => NULL
6846 ,p_init_msg_list => p_init_msg_list
6847 ,p_commit => p_commit
6848 ,x_return_status => x_return_status
6849 ,x_errorcode => x_errorcode
6850 ,x_msg_count => x_msg_count
6851 ,x_msg_data => x_msg_data
6852 );
6853 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
6854 ,p_module => 'Update_Role_Mapping'
6855 ,p_message => 'Returning 12 with params '||
6856 ' x_return_status: '|| x_return_status||
6857 ' - x_errorcode: '||x_errorcode||
6858 ' - x_msg_count: '||x_msg_count||
6859 ' - x_msg_data: '||x_msg_data
6860 );
6861
6862 END Update_Role_Mapping;
6863
6864 --------------------------------------------------------
6865 ---- Delete_Role_Mapping
6866 --------------------------------------------------------
6867 PROCEDURE Delete_Role_Mapping(
6868 p_api_version IN NUMBER
6869 ,p_parent_obj_name IN VARCHAR2
6870 ,p_parent_role_name IN VARCHAR2
6871 ,p_child_obj_name IN VARCHAR2
6872 ,p_child_object_type IN VARCHAR2
6873 ,p_init_msg_list IN VARCHAR2 := fnd_api.g_FALSE
6874 ,p_commit IN VARCHAR2 := fnd_api.g_FALSE
6875 ,x_return_status OUT NOCOPY VARCHAR2
6876 ,x_errorcode OUT NOCOPY NUMBER
6877 ,x_msg_count OUT NOCOPY NUMBER
6878 ,x_msg_data OUT NOCOPY VARCHAR2
6879 ) IS
6880
6881 l_api_name CONSTANT VARCHAR2(30) := 'Delete_Role_Mapping';
6882 --we don't use this yet, but eventually we might:
6883 --if we change required parameters, version goes from n.x to (n+1).x
6884 --if we change optional parameters, version goes from x.n to x.(n+1)
6885
6886 l_api_version CONSTANT NUMBER := 1.0;
6887 l_row_count NUMBER;
6888
6889 -- General variables
6890
6891 l_parent_obj_id fnd_objects.object_id%type;
6892 l_parent_role_id fnd_menus.menu_id%type;
6893 l_child_obj_id fnd_objects.object_id%type;
6894
6895 l_Sysdate DATE := Sysdate;
6896
6897 BEGIN
6898 SetGlobals();
6899 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
6900 ,p_module => l_api_name
6901 ,p_message => 'Started with 11 params '||
6902 ' p_api_version: '|| p_api_version||
6903 ' - p_parent_obj_name: '||p_parent_obj_name||
6904 ' - p_parent_role_name: '||p_parent_role_name||
6905 ' - p_child_obj_name: '||p_child_obj_name||
6906 ' - p_child_object_type: '||p_child_object_type||
6907 ' - p_init_msg_list: '||p_init_msg_list||
6908 ' - p_commit: '||p_commit
6909 );
6910
6911 IF FND_API.TO_BOOLEAN(p_commit) THEN
6912 -- Standard Start of API savepoint
6913 SAVEPOINT Delete_Role_Mapping_PUB;
6914 END IF;
6915
6916 -- Initialize API message list if necessary.
6917 -- Initialize message list if p_init_msg_list is set to TRUE.
6918 IF FND_API.to_Boolean( p_init_msg_list ) THEN
6919 FND_MSG_PUB.initialize;
6920 END IF;
6921
6922 IF NOT FND_API.Compatible_API_Call (l_api_version,
6923 p_api_version,
6924 l_api_name,
6925 G_PKG_NAME)
6926 THEN
6927 RAISE FND_API.G_EXC_UNEXPECTED_ERROR;
6928 END IF;
6929
6930 l_parent_obj_id := get_object_id(p_object_name => p_parent_obj_name);
6931 l_child_obj_id := get_object_id(p_object_name => p_child_obj_name);
6932 l_parent_role_id := get_role_id(p_role_name => p_parent_role_name);
6933
6934 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
6935 ,p_module => l_api_name
6936 ,p_message => 'After obtaining parent and child ids '||
6937 ' l_parent_obj_id: '||l_parent_obj_id||
6938 ' - l_child_obj_id: '||l_child_obj_id||
6939 ' - l_parent_role_id: '||l_parent_role_id
6940 );
6941
6942 IF (p_child_object_type is not null) THEN
6943 DELETE FROM EGO_OBJ_ROLE_MAPPINGS
6944 WHERE
6945 PARENT_OBJECT_ID = l_parent_obj_id AND
6946 PARENT_ROLE_ID = l_parent_role_id AND
6947 CHILD_OBJECT_ID = l_child_obj_id AND
6948 CHILD_OBJECT_TYPE = p_child_object_type;
6949 ELSE
6950 DELETE FROM EGO_OBJ_ROLE_MAPPINGS
6951 WHERE
6952 PARENT_OBJECT_ID = l_parent_obj_id AND
6953 PARENT_ROLE_ID = l_parent_role_id AND
6954 CHILD_OBJECT_ID = l_child_obj_id AND
6955 CHILD_OBJECT_TYPE is null;
6956 END IF;
6957
6958 -- Standard check of p_commit.
6959 IF FND_API.To_Boolean( p_commit ) THEN
6960 COMMIT WORK;
6961 END IF;
6962
6963 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
6964 ,p_module => l_api_name
6965 ,p_message => 'After committing the data'
6966 );
6967
6968 x_return_status := FND_API.G_RET_STS_SUCCESS;
6969
6970 -- Make a standard call to get message count and if count is 1,
6971 -- get message info.
6972
6973 FND_MSG_PUB.Count_And_Get
6974 ( p_count => x_msg_count,
6975 p_data => x_msg_data
6976 );
6977 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
6978 ,p_module => l_api_name
6979 ,p_message => 'Returning 11 with params '||
6980 ' x_return_status: '|| x_return_status||
6981 ' - x_errorcode: '||x_errorcode||
6982 ' - x_msg_count: '||x_msg_count||
6983 ' - x_msg_data: '||x_msg_data
6984 );
6985
6986 EXCEPTION
6987 WHEN FND_API.G_EXC_ERROR THEN
6988 IF FND_API.TO_BOOLEAN(p_commit) THEN
6989 ROLLBACK TO Delete_Role_Mapping_PUB;
6990 END IF;
6991 x_return_status := FND_API.G_RET_STS_ERROR;
6992 FND_MSG_PUB.Count_And_Get
6993 ( p_count => x_msg_count,
6994 p_data => x_msg_data
6995 );
6996 x_msg_data := 'Executing - '||G_PKG_NAME||'.'||l_api_name||' '||SQLERRM;
6997 code_debug (p_log_level => G_DEBUG_LEVEL_ERROR
6998 ,p_module => l_api_name
6999 ,p_message => 'Ending: Returning ERROR '||
7000 ' x_return_status: '|| x_return_status||
7001 ' - x_errorcode: '||x_errorcode||
7002 ' - x_msg_count: '||x_msg_count||
7003 ' - x_msg_data: '||x_msg_data
7004 );
7005 WHEN FND_API.G_EXC_UNEXPECTED_ERROR THEN
7006 IF FND_API.TO_BOOLEAN(p_commit) THEN
7007 ROLLBACK TO Delete_Role_Mapping_PUB;
7008 END IF;
7009 x_return_status := FND_API.G_RET_STS_UNEXP_ERROR;
7010 FND_MSG_PUB.Count_And_Get
7011 ( p_count => x_msg_count,
7012 p_data => x_msg_data
7013 );
7014 x_msg_data := 'Executing - '||G_PKG_NAME||'.'||l_api_name||' '||SQLERRM;
7015 code_debug (p_log_level => G_DEBUG_LEVEL_UNEXPECTED
7016 ,p_module => l_api_name
7017 ,p_message => 'Ending: Returning UNEXPECTED ERROR '||
7018 ' x_return_status: '|| x_return_status||
7019 ' - x_errorcode: '||x_errorcode||
7020 ' - x_msg_count: '||x_msg_count||
7021 ' - x_msg_data: '||x_msg_data
7022 );
7023 WHEN OTHERS THEN
7024 IF FND_API.TO_BOOLEAN(p_commit) THEN
7025 ROLLBACK TO Delete_Role_Mapping_PUB;
7026 END IF;
7027 x_return_status := FND_API.G_RET_STS_UNEXP_ERROR;
7028 IF FND_MSG_PUB.Check_Msg_Level
7029 (FND_MSG_PUB.G_MSG_LVL_UNEXP_ERROR)
7030 THEN
7031 FND_MSG_PUB.Add_Exc_Msg
7032 ( G_PKG_NAME,
7033 l_api_name
7034 );
7035 END IF;
7036 FND_MSG_PUB.Count_And_Get
7037 ( p_count => x_msg_count,
7038 p_data => x_msg_data
7039 );
7040 x_msg_data := 'Executing - '||G_PKG_NAME||'.'||l_api_name||' '||SQLERRM;
7041 code_debug (p_log_level => G_DEBUG_LEVEL_UNEXPECTED
7042 ,p_module => l_api_name
7043 ,p_message => 'Ending: Returning OTHER ERROR '||
7044 ' x_return_status: '|| x_return_status||
7045 ' - x_errorcode: '||x_errorcode||
7046 ' - x_msg_count: '||x_msg_count||
7047 ' - x_msg_data: '||x_msg_data
7048 );
7049
7050 END Delete_Role_Mapping;
7051
7052 --------------------------------------------------------
7053 ---- get_role_functions
7054 --------------------------------------------------------
7055 PROCEDURE get_role_functions
7056 (
7057 p_api_version IN NUMBER,
7058 p_role_name IN VARCHAR2,
7059 x_return_status OUT NOCOPY VARCHAR2,
7060 x_privilege_tbl OUT NOCOPY EGO_VARCHAR_TBL_TYPE
7061 )
7062 IS
7063
7064 l_api_name CONSTANT VARCHAR2(30) := 'GET_ROLE_FUNCTIONS';
7065
7066 -- On addition of any Required parameters the major version needs
7067 -- to change i.e. for eg. 1.X to 2.X.
7068 -- On addition of any Optional parameters the minor version needs
7069 -- to change i.e. for eg. X.6 to X.7.
7070 l_api_version CONSTANT NUMBER := 1.0;
7071
7072 l_index NUMBER;
7073
7074 l_privilege_tbl EGO_PRIVILEGE_NAME_TABLE_TYPE;
7075
7076 CURSOR role_function_c (cp_role_name VARCHAR2)
7077 IS
7078 SELECT functions.function_name
7079 FROM fnd_form_functions functions,
7080 fnd_menu_entries cmf,
7081 fnd_menus menus
7082 WHERE functions.function_id = cmf.function_id
7083 AND menus.menu_id = cmf.menu_id
7084 AND menus.menu_name = cp_role_name;
7085
7086
7087 BEGIN
7088 SetGlobals();
7089 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
7090 ,p_module => l_api_name
7091 ,p_message => 'Started with 4 params '||
7092 ' p_api_version: '|| p_api_version||
7093 ' - p_role_name: '||p_role_name
7094 );
7095 x_return_status := G_RETURN_SUCCESS; /* Assume Success */
7096
7097 x_privilege_tbl := EGO_VARCHAR_TBL_TYPE();
7098
7099 l_index := 0;
7100
7101 FOR privileges_rec IN role_function_c (p_role_name)
7102 LOOP
7103 l_privilege_tbl(l_index) := privileges_rec.function_name;
7104 l_index := l_index+1;
7105 END LOOP;
7106
7107 x_privilege_tbl.extend(l_privilege_tbl.COUNT);
7108
7109 if (l_privilege_tbl.COUNT > 0) then
7110
7111 FOR i IN l_privilege_tbl.first .. l_privilege_tbl.last LOOP
7112 x_privilege_tbl(i+1) := l_privilege_tbl(i);
7113
7114 END LOOP;
7115 end if;
7116
7117
7118 EXCEPTION
7119 WHEN OTHERS THEN
7120 fnd_message.set_name('FND', 'SQL_PLSQL_ERROR');
7121 fnd_message.set_token('ROUTINE',G_PKG_NAME||l_api_name);
7122 fnd_message.set_token('ERRNO', SQLCODE);
7123 fnd_message.set_token('REASON', SQLERRM);
7124 x_return_status := G_RETURN_UNEXP_ERR;
7125 code_debug (p_log_level => G_DEBUG_LEVEL_UNEXPECTED
7126 ,p_module => l_api_name
7127 ,p_message => 'Ending: Returning OTHER ERROR '||SQLERRM
7128 );
7129
7130 END get_role_functions;
7131
7132 --------------------------------------------------------
7133 ---- get_inherited_functions
7134 --------------------------------------------------------
7135 PROCEDURE get_inherited_functions
7136 (
7137 p_api_version IN NUMBER,
7138 p_object_name IN VARCHAR2,
7139 p_instance_pk1_value IN VARCHAR2,
7140 p_instance_pk2_value IN VARCHAR2 DEFAULT NULL,
7141 p_instance_pk3_value IN VARCHAR2 DEFAULT NULL,
7142 p_instance_pk4_value IN VARCHAR2 DEFAULT NULL,
7143 p_instance_pk5_value IN VARCHAR2 DEFAULT NULL,
7144 p_user_name IN VARCHAR2 DEFAULT NULL,
7145 p_object_type IN VARCHAR2 DEFAULT NULL,
7146 p_parent_object_name_tbl IN EGO_VARCHAR_TBL_TYPE,
7147 p_parent_object_sql_tbl IN EGO_VARCHAR_TBL_TYPE,
7148 x_return_status OUT NOCOPY VARCHAR2,
7149 x_privilege_tbl OUT NOCOPY EGO_VARCHAR_TBL_TYPE
7150 )
7151 IS
7152
7153 l_api_name CONSTANT VARCHAR2(30) := 'GET_INHERITED_FUNCTIONS';
7154
7155 -- On addition of any Required parameters the major version needs
7156 -- to change i.e. for eg. 1.X to 2.X.
7157 -- On addition of any Optional parameters the minor version needs
7158 -- to change i.e. for eg. X.6 to X.7.
7159 l_api_version CONSTANT NUMBER := 1.0;
7160 l_sysdate DATE := Sysdate;
7161
7162 l_index NUMBER;
7163 l_dynamic_sql VARCHAR2(32767);
7164 l_common_dyn_sql VARCHAR2(32767);
7165 l_set_dyn_sql VARCHAR2(32767);
7166 l_inst_dyn_sql VARCHAR2(32767);
7167
7168 l_instance_sets_list VARCHAR2(10000);
7169 l_privilege VARCHAR2(480);
7170 l_select_query_part VARCHAR2(3000);
7171 l_group_info VARCHAR2(32767); /* Must match g_pred_buf_size*/
7172 l_company_info VARCHAR2(32767); /* Must match g_pred_buf_size*/
7173
7174 l_db_object_name VARCHAR2(200);
7175 l_db_pk1_column VARCHAR2(200);
7176 l_db_pk2_column VARCHAR2(200);
7177 l_db_pk3_column VARCHAR2(200);
7178 l_db_pk4_column VARCHAR2(200);
7179 l_db_pk5_column VARCHAR2(200);
7180
7181 l_pk_column_names VARCHAR2(512);
7182 l_pk_orig_column_names VARCHAR2(512);
7183 l_type_converted_val_cols VARCHAR2(512);
7184 l_parent_object_id NUMBER;
7185 l_object_id NUMBER;
7186 l_user_name VARCHAR2(80);
7187 -- l_orig_system VARCHAR2(48);
7188 l_orig_system_id NUMBER;
7189
7190 l_return_status VARCHAR2(1);
7191 l_privilege_tbl EGO_PRIVILEGE_NAME_TABLE_TYPE;
7192 l_privilege_tbl_count NUMBER;
7193 l_privilege_tbl_index NUMBER;
7194 m_privilege_tbl EGO_PRIVILEGE_NAME_TABLE_TYPE;
7195 m_privilege_tbl_count NUMBER;
7196 m_privilege_tbl_index NUMBER;
7197 x_index NUMBER;
7198
7199 l_prof_privilege_tbl EGO_VARCHAR_TBL_TYPE;
7200 l_profile_role VARCHAR2(80);
7201
7202 l_parent_object_count NUMBER; /** ADDING A VARIABLE FOR COUNT ***/
7203
7204 instance_set DYNAMIC_CUR;
7205 candidate_sets_c DYNAMIC_CUR;
7206 l_dynamic_sql_1 VARCHAR2(32767);
7207 l_one_set_predicate VARCHAR2(32767);
7208 l_one_set_id NUMBER;
7209
7210 BEGIN
7211 SetGlobals();
7212 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
7213 ,p_module => l_api_name
7214 ,p_message => 'Started with 13 params '||
7215 ' p_api_version: '|| to_char(p_api_version) ||
7216 ' - p_object_name: '|| p_object_name ||
7217 ' - p_instance_pk1_value: '|| p_instance_pk1_value ||
7218 ' - p_instance_pk2_value: '|| p_instance_pk2_value ||
7219 ' - p_instance_pk3_value: '|| p_instance_pk3_value ||
7220 ' - p_instance_pk4_value: '|| p_instance_pk4_value ||
7221 ' - p_instance_pk5_value: '|| p_instance_pk5_value ||
7222 ' - p_user_name: '|| p_user_name ||
7223 ' - p_object_type: '|| p_object_type
7224 );
7225 FOR l_table_index IN 1..p_parent_object_name_tbl.COUNT LOOP
7226 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
7227 ,p_module => l_api_name
7228 ,p_message => ' p_parent_object_name_tbl('||l_table_index||
7229 '): '||p_parent_object_name_tbl(l_table_index)||
7230 ' - p_parent_object_sql_tbl('||l_table_index||
7231 '): '||p_parent_object_sql_tbl(l_table_index)
7232 );
7233 END LOOP;
7234
7235 -- check for call compatibility.
7236 IF TRUNC(l_api_version) <> TRUNC(p_api_version) THEN
7237 fnd_message.set_name('FND', 'GENERIC-INTERNAL ERROR');
7238 fnd_message.set_token('ROUTINE', g_pkg_name || '.'|| l_api_name);
7239 fnd_message.set_token('REASON', 'Unsupported version '||
7240 to_char(p_api_version)||
7241 ' passed to API; expecting version '||
7242 to_char(l_api_version));
7243 x_return_status := G_RETURN_UNEXP_ERR;
7244 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
7245 ,p_module => l_api_name
7246 ,p_message => 'Returning as the call in incompatible '
7247 );
7248 RETURN;
7249 END IF;
7250
7251 x_return_status := G_RETURN_SUCCESS; /* Assume Success */
7252 l_user_name := p_user_name;
7253 get_orig_key(x_user_name => l_user_name
7254 -- ,x_orig_system => l_orig_system
7255 ,x_orig_system_id => l_orig_system_id);
7256 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
7257 ,p_module => l_api_name
7258 ,p_message => 'l_user_name: '||l_user_name||
7259 -- ' - l_orig_system: '||l_orig_system||
7260 ' - l_orig_system_id: '||l_orig_system_id
7261 );
7262
7263 -- get All privileges of a user on a given object
7264
7265 --Step 1.
7266 -- get database object name and column
7267 -- cache the PK column name
7268 l_object_id := get_object_id(p_object_name => p_object_name);
7269 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
7270 ,p_module => l_api_name
7271 ,p_message => 'l_object_id: '||l_object_id
7272 );
7273 l_group_info := get_group_info(p_party_id => l_orig_system_id);
7274 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
7275 ,p_module => l_api_name
7276 ,p_message => 'l_group_info: '||l_group_info
7277 );
7278 l_company_info := get_company_info (p_party_id => l_orig_system_id);
7279 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
7280 ,p_module => l_api_name
7281 ,p_message => 'l_company_info: '||l_company_info
7282 );
7283
7284 -- GETTING THE COUNT OF PARENT OBJECTS HERE
7285 -- BEGINNING OF THE LOOP
7286 l_index:=0;
7287 FOR l_table_index IN 1..p_parent_object_name_tbl.COUNT LOOP
7288 -- Please clear all the variables in the start of the loop.
7289 -- For eg: pk2 columns may not exist for project..
7290 -- but the value may be retained from the before loop for items
7291 l_db_pk1_column := null;
7292 l_db_pk2_column := null;
7293 l_db_pk3_column := null;
7294 l_db_pk4_column := null;
7295 l_db_pk5_column := null;
7296 l_pk_column_names := null;
7297 l_type_converted_val_cols := null;
7298 l_pk_orig_column_names := null;
7299 l_db_object_name := null;
7300 x_return_status := get_pk_information
7301 (p_parent_object_name_tbl(l_table_index),
7302 l_db_pk1_column,
7303 l_db_pk2_column,
7304 l_db_pk3_column,
7305 l_db_pk4_column,
7306 l_db_pk5_column,
7307 l_pk_column_names,
7308 l_type_converted_val_cols,
7309 l_pk_orig_column_names,
7310 l_db_object_name);
7311
7312 IF (x_return_status <> G_RETURN_SUCCESS) THEN
7313 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
7314 ,p_module => l_api_name
7315 ,p_message => 'Error in obtaining PK information exiting'
7316 );
7317 /* There will be a message on the msg dict stack. */
7318 RETURN; /* We will return the x_return_status as out param */
7319 END IF;
7320
7321 -- Step 2.
7322 -- get instance set ids in which the given object_key exists
7323 -- as a set into l_instance_set
7324 -- R12C Security Changes
7325 /*l_select_query_part:= 'SELECT '|| l_pk_column_names ||
7326 ' FROM '|| l_db_object_name ||
7327 ' WHERE ('; */
7328 IF (p_object_name = 'EGO_ITEM') THEN
7329 l_select_query_part:= 'SELECT '|| l_pk_column_names ||
7330 ' FROM '|| l_db_object_name ||', ego_item_cat_denorm_hier cathier'||
7331 ' WHERE (';
7332 ELSE
7333 l_select_query_part:= 'SELECT '|| l_pk_column_names ||
7334 ' FROM '|| l_db_object_name ||
7335 ' WHERE (';
7336 END IF;
7337 -- R12C Security Changes
7338 if (l_db_pk1_column is not NULL) then
7339 l_select_query_part := l_select_query_part || l_db_pk1_column;
7340 end if;
7341 if (l_db_pk2_column is not NULL) then
7342 l_select_query_part := l_select_query_part || ',' || l_db_pk2_column;
7343 end if;
7344 if (l_db_pk3_column is not NULL) then
7345 l_select_query_part := l_select_query_part || ',' || l_db_pk3_column;
7346 end if;
7347 if (l_db_pk4_column is not NULL) then
7348 l_select_query_part := l_select_query_part || ',' || l_db_pk4_column;
7349 end if;
7350 if (l_db_pk5_column is not NULL) then
7351 l_select_query_part := l_select_query_part || ',' || l_db_pk5_column;
7352 end if;
7353
7354 /*** THIS IS WHERE THE QUERY IS APPENDED ***/
7355
7356 l_select_query_part := l_select_query_part || ') ';
7357 l_select_query_part := l_select_query_part ||' IN ' ||
7358 ' (' || p_parent_object_sql_tbl (l_table_index) || ') ';
7359
7360 -- R12C Secuirty Changes
7361 /*l_select_query_part := l_select_query_part || ' AND ';*/
7362 IF (p_object_name = 'EGO_ITEM') THEN
7363 l_select_query_part := l_select_query_part || ' AND item_catalog_group_id = cathier.child_catalog_group_id(+) AND ';
7364 ELSE
7365 l_select_query_part := l_select_query_part || ' AND ';
7366 END IF;
7367 -- R12C Secuirty Changes
7368
7369 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
7370 ,p_module => l_api_name
7371 ,p_message => l_select_query_part
7372 );
7373 l_parent_object_id := get_object_id(
7374 p_object_name => p_parent_object_name_tbl(l_table_index)
7375 );
7376 -------------------------------------------------------------------------------
7377 -- Now we build dynamic SQL using the work we just did to optimize the query --
7378 -------------------------------------------------------------------------------
7379 l_dynamic_sql_1 :=
7380 ' SELECT DISTINCT sets.instance_set_id, sets.predicate ' ||
7381 ' FROM fnd_grants grants, fnd_object_instance_sets sets' ||
7382 ' WHERE grants.object_id = :object_id ' ||
7383 ' AND grants.start_date <= SYSDATE ' ||
7384 ' AND NVL(grants.end_date, SYSDATE) >= SYSDATE ' ||
7385 ' AND grants.instance_type = :instance_type ' ||
7386 ' AND ( ( grants.grantee_type = ''USER'' AND ' ||
7387 ' grants.grantee_key = :user_name ) '||
7388 ' OR (grants.grantee_type = ''GROUP'' AND '||
7389 ' grants.grantee_key in ( '||l_group_info||' ))' ||
7390 ' OR (grants.grantee_type = ''COMPANY'' AND '||
7391 ' grants.grantee_key in ( '||l_company_info||' ))' ||
7392 ' OR (grants.grantee_type = ''GLOBAL'' AND '||
7393 ' grants.grantee_key in (''HZ_GLOBAL:-1000'', ''GLOBAL'') )) '||
7394 ' AND sets.instance_set_id = grants.instance_set_id ' ||
7395 ' AND sets.object_id = grants.object_id ';
7396 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
7397 ,p_module => l_api_name
7398 ,p_message => 'Binds for get the candidate sets '||
7399 ' l_parent_object_id: '||l_parent_object_id||
7400 ' - G_TYPE_SET: '||G_TYPE_SET||
7401 ' - l_user_name: '||l_user_name
7402 );
7403 l_instance_sets_list := '';
7404 OPEN candidate_sets_c FOR l_dynamic_sql_1
7405 USING IN l_parent_object_id,
7406 IN G_TYPE_SET,
7407 IN l_user_name;
7408 LOOP
7409 FETCH candidate_sets_c INTO l_one_set_id, l_one_set_predicate;
7410 EXIT WHEN candidate_sets_c%NOTFOUND;
7411
7412 l_dynamic_sql := l_select_query_part ||
7413 ' (' || l_one_set_predicate || ') ';
7414
7415 OPEN instance_set FOR l_dynamic_sql;
7416 IF (instance_set % FOUND ) THEN
7417 l_instance_sets_list := l_instance_sets_list || l_one_set_id || ',';
7418 END IF;
7419 END LOOP;
7420
7421 IF( length( l_instance_sets_list ) > 0) THEN
7422 -- strip off the trailing ', '
7423 l_instance_sets_list := SUBSTR(l_instance_sets_list, 1,
7424 length(l_instance_sets_list) - length(','));
7425 END IF;
7426
7427 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
7428 ,p_module => l_api_name
7429 ,p_message => ' Instance Sets List: '||l_instance_sets_list
7430 );
7431 -- Step 3.
7432 -- Form sql using the inst Ids
7433 l_common_dyn_sql := '';
7434 l_set_dyn_sql := '';
7435 l_inst_dyn_sql := '';
7436
7437 l_common_dyn_sql:=
7438 'SELECT DISTINCT fnd_functions.function_name ' ||
7439 ' FROM fnd_grants grants, ' ||
7440 ' fnd_form_functions fnd_functions, ' ||
7441 ' fnd_menu_entries cmf, '||
7442 ' ego_obj_role_mappings mapping '||
7443 ' WHERE grants.object_id = :object_id '||
7444 ' AND grants.start_date <= SYSDATE '||
7445 ' AND NVL(grants.end_date,SYSDATE) >= SYSDATE ' ||
7446 ' AND ( ( grants.grantee_type = ''USER'' AND ' ||
7447 ' grants.grantee_key = :user_name ) '||
7448 ' OR (grants.grantee_type = ''GROUP'' AND ' ||
7449 ' grants.grantee_key in ( '||l_group_info||' )) ' ||
7450 ' OR (grants.grantee_type = ''COMPANY'' AND ' ||
7451 ' grants.grantee_key in ( '||l_company_info||' )) ' ||
7452 ' OR (grants.grantee_type = ''GLOBAL'' AND ' ||
7453 ' grants.grantee_key in (''HZ_GLOBAL:-1000'', ''GLOBAL'') ))'||
7454 ' AND mapping.child_role_id = cmf.menu_id ' ||
7455 ' AND mapping.parent_role_id = grants.menu_id ' ||
7456 ' AND mapping.child_object_id = :child_object_id ' ||
7457 ' AND mapping.parent_object_id = :parent_object_id ' ||
7458 ' AND mapping.child_object_type = :object_type ' ||
7459 ' AND cmf.function_id = fnd_functions.function_id ';
7460
7461 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
7462 ,p_module => l_api_name
7463 ,p_message => 'Binds for common dyn sql '||
7464 ' l_parent_object_id: '||l_parent_object_id||
7465 ' - l_user_name: '||l_user_name||
7466 ' - l_object_id: '||l_object_id||
7467 ' - l_parent_object_id: '||l_parent_object_id||
7468 ' - p_object_type: '||p_object_type
7469 );
7470
7471 l_inst_dyn_sql := ' AND (grants.instance_type = :instanace_type AND (';
7472
7473 if (l_db_pk1_column is not NULL) then
7474 l_inst_dyn_sql := l_inst_dyn_sql ||' grants.instance_pk1_value';
7475 end if;
7476
7477 if (l_db_pk2_column is not NULL) then
7478 l_inst_dyn_sql := l_inst_dyn_sql || ',' ||'grants.instance_pk2_value';
7479 end if;
7480
7481 if (l_db_pk3_column is not NULL) then
7482 l_inst_dyn_sql := l_inst_dyn_sql || ',' ||'grants.instance_pk3_value';
7483 end if;
7484
7485 if (l_db_pk4_column is not NULL) then
7486 l_inst_dyn_sql := l_inst_dyn_sql || ',' ||'grants.instance_pk4_value';
7487 end if;
7488
7489 if (l_db_pk5_column is not NULL) then
7490 l_inst_dyn_sql := l_inst_dyn_sql || ',' ||'grants.instance_pk5_value';
7491 end if;
7492 l_inst_dyn_sql := l_inst_dyn_sql || ')';
7493 l_inst_dyn_sql := l_inst_dyn_sql || ' IN ('||p_parent_object_sql_tbl (l_table_index) ||')) ';
7494
7495 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
7496 ,p_module => l_api_name
7497 ,p_message => 'Binds for inst dyn sql '||
7498 ' G_TYPE_INSTANCE: '||G_TYPE_INSTANCE ||
7499 ' - p_parent_object_sql: '||p_parent_object_sql_tbl (l_table_index)
7500 );
7501
7502 l_dynamic_sql := l_common_dyn_sql || l_inst_dyn_sql;
7503 -- check whether it is empty set
7504 IF( LENGTH(l_instance_sets_list) > 0) THEN
7505 l_set_dyn_sql:=l_set_dyn_sql || ' AND ( ' ||
7506 ' grants.instance_type = :instance_type_set ' ||
7507 ' AND grants.instance_set_id IN ( '||l_instance_sets_list||' ) )';
7508 l_dynamic_sql:= l_dynamic_sql || ' UNION ' ||
7509 l_common_dyn_sql || l_set_dyn_sql;
7510 END IF;
7511 -------------------------------------------------
7512 -- we see if a profile option is set and if so --
7513 -- we add it to the other list of menus --
7514 -------------------------------------------------
7515 l_profile_role := getRole_mappedTo_profileOption
7516 (p_parent_object_name_tbl(l_table_index)
7517 ,p_user_name
7518 );
7519 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
7520 ,p_module => l_api_name
7521 ,p_message => 'profile role for '||p_parent_object_name_tbl(l_table_index)||
7522 ' is: '||l_profile_role
7523 );
7524
7525 IF (l_profile_role is not null) THEN
7526 l_dynamic_sql:= l_dynamic_sql ||' UNION ' ||
7527 ' SELECT DISTINCT fnd_functions.function_name ' ||
7528 ' FROM fnd_form_functions fnd_functions, ' ||
7529 ' fnd_menu_entries cmf, ' ||
7530 ' ego_obj_role_mappings mapping, ' ||
7531 ' fnd_menus menus ' ||
7532 ' WHERE menus.menu_name = :profile_role ' ||
7533 ' AND mapping.parent_role_id = menus.menu_id ' ||
7534 ' AND mapping.child_role_id = cmf.menu_id ' ||
7535 ' AND mapping.child_object_id = :profile_object_id ' ||
7536 ' AND mapping.parent_object_id = :profile_parent_object_id ' ||
7537 ' AND mapping.child_object_type = :profile_object_type ' ||
7538 ' AND cmf.function_id = fnd_functions.function_id ';
7539 END IF;
7540
7541 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
7542 ,p_module => l_api_name
7543 ,p_message => 'Final dynamic sql: '||l_dynamic_sql
7544 );
7545 -- Step 4.
7546 -- execute the dynamic SQL and Collect all privileges
7547 IF( LENGTH(l_instance_sets_list) > 0) THEN
7548 IF l_profile_role IS NOT NULL THEN
7549 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
7550 ,p_module => l_api_name
7551 ,p_message => 'Binds for Final dynamic sql '||
7552 ' l_parent_object_id: '||l_parent_object_id||
7553 ' - l_user_name: '||l_user_name||
7554 ' - l_object_id: '||l_object_id||
7555 ' - l_parent_object_id: '||l_parent_object_id||
7556 ' - p_object_type: '||p_object_type||
7557 ' - G_TYPE_INSTANCE: '||G_TYPE_INSTANCE ||
7558 ' - p_parent_object_sql: '||p_parent_object_sql_tbl (l_table_index)||
7559 ' - l_parent_object_id: '||l_parent_object_id||
7560 ' - l_user_name: '||l_user_name||
7561 ' - l_object_id: '||l_object_id||
7562 ' - l_parent_object_id: '||l_parent_object_id||
7563 ' - p_object_type: '||p_object_type||
7564 ' - G_TYPE_SET: '||G_TYPE_SET||
7565 ' - l_profile_role: '||l_profile_role||
7566 ' - l_object_id: '||l_object_id||
7567 ' - l_parent_object_id: '||l_parent_object_id||
7568 ' - p_object_type: '||p_object_type
7569 );
7570 OPEN instance_set FOR l_dynamic_sql
7571 USING IN l_parent_object_id,
7572 IN l_user_name,
7573 IN l_object_id,
7574 IN l_parent_object_id,
7575 IN p_object_type,
7576 IN G_TYPE_INSTANCE,
7577 IN l_parent_object_id,
7578 IN l_user_name,
7579 IN l_object_id,
7580 IN l_parent_object_id,
7581 IN p_object_type,
7582 IN G_TYPE_SET,
7583 IN l_profile_role,
7584 IN l_object_id,
7585 IN l_parent_object_id,
7586 IN p_object_type;
7587 ELSE
7588 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
7589 ,p_module => l_api_name
7590 ,p_message => 'Binds for Final dynamic sql '||
7591 ' l_parent_object_id: '||l_parent_object_id||
7592 ' - l_user_name: '||l_user_name||
7593 ' - l_object_id: '||l_object_id||
7594 ' - l_parent_object_id: '||l_parent_object_id||
7595 ' - p_object_type: '||p_object_type||
7596 ' - G_TYPE_INSTANCE: '||G_TYPE_INSTANCE ||
7597 ' - p_parent_object_sql: '||p_parent_object_sql_tbl (l_table_index)||
7598 ' - l_parent_object_id: '||l_parent_object_id||
7599 ' - l_user_name: '||l_user_name||
7600 ' - l_object_id: '||l_object_id||
7601 ' - l_parent_object_id: '||l_parent_object_id||
7602 ' - p_object_type: '||p_object_type||
7603 ' - G_TYPE_SET: '||G_TYPE_SET
7604 );
7605 OPEN instance_set FOR l_dynamic_sql
7606 USING IN l_parent_object_id,
7607 IN l_user_name,
7608 IN l_object_id,
7609 IN l_parent_object_id,
7610 IN p_object_type,
7611 IN G_TYPE_INSTANCE,
7612 -- IN p_parent_object_sql_tbl (l_table_index),
7613 IN l_parent_object_id,
7614 IN l_user_name,
7615 IN l_object_id,
7616 IN l_parent_object_id,
7617 IN p_object_type,
7618 IN G_TYPE_SET;
7619 END IF;
7620 ELSE
7621 IF l_profile_role IS NOT NULL THEN
7622 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
7623 ,p_module => l_api_name
7624 ,p_message => 'Binds for Final dynamic sql '||
7625 ' l_parent_object_id: '||l_parent_object_id||
7626 ' - l_user_name: '||l_user_name||
7627 ' - l_object_id: '||l_object_id||
7628 ' - l_parent_object_id: '||l_parent_object_id||
7629 ' - p_object_type: '||p_object_type||
7630 ' - G_TYPE_INSTANCE: '||G_TYPE_INSTANCE ||
7631 ' - p_parent_object_sql: '||p_parent_object_sql_tbl (l_table_index)||
7632 ' - l_profile_role: '||l_profile_role||
7633 ' - l_object_id: '||l_object_id||
7634 ' - l_parent_object_id: '||l_parent_object_id||
7635 ' - p_object_type: '||p_object_type
7636 );
7637 OPEN instance_set FOR l_dynamic_sql
7638 USING IN l_parent_object_id,
7639 IN l_user_name,
7640 IN l_object_id,
7641 IN l_parent_object_id,
7642 IN p_object_type,
7643 IN G_TYPE_INSTANCE,
7644 -- IN p_parent_object_sql_tbl (l_table_index),
7645 IN l_profile_role,
7646 IN l_object_id,
7647 IN l_parent_object_id,
7648 IN p_object_type;
7649 ELSE
7650 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
7651 ,p_module => l_api_name
7652 ,p_message => 'Binds for Final dynamic sql '||
7653 ' l_parent_object_id: '||l_parent_object_id||
7654 ' - l_user_name: '||l_user_name||
7655 ' - l_object_id: '||l_object_id||
7656 ' - l_parent_object_id: '||l_parent_object_id||
7657 ' - p_object_type: '||p_object_type||
7658 ' - G_TYPE_INSTANCE: '||G_TYPE_INSTANCE ||
7659 ' - p_parent_object_sql: '||p_parent_object_sql_tbl (l_table_index)
7660 );
7661 OPEN instance_set FOR l_dynamic_sql
7662 USING IN l_parent_object_id,
7663 IN l_user_name,
7664 IN l_object_id,
7665 IN l_parent_object_id,
7666 IN p_object_type,
7667 IN G_TYPE_INSTANCE;
7668 -- IN p_parent_object_sql_tbl (l_table_index);
7669 END IF;
7670 END IF;
7671
7672 LOOP
7673 FETCH instance_set INTO l_privilege;
7674 EXIT WHEN instance_set%NOTFOUND;
7675 m_privilege_tbl (l_index):=l_privilege;
7676 l_index:=l_index+1;
7677 END LOOP;
7678 CLOSE instance_set;
7679 END LOOP;
7680
7681 /********** ENDING THE LOOP STARTED WITH THE OBJECT COUNT ***************/
7682
7683
7684 -- Step 5.
7685 -- get all the profile option privileges for the parent object type
7686 --and add to m_privilege_tbl
7687 get_role_functions
7688 (p_api_version => p_api_version
7689 ,p_role_name => l_profile_role
7690 ,x_return_status => x_return_status
7691 ,x_privilege_tbl => l_prof_privilege_tbl
7692 );
7693 IF (x_return_status = G_RETURN_SUCCESS) THEN
7694 IF (l_prof_privilege_tbl.COUNT > 0) THEN
7695 FOR i IN l_prof_privilege_tbl.first .. l_prof_privilege_tbl.last LOOP
7696 m_privilege_tbl(l_index) := l_prof_privilege_tbl(i);
7697 l_index:=l_index+1;
7698 END LOOP;
7699 END IF; -- x_prof_privilege_tbl >0
7700 END IF; --return status is T
7701 --end of getting privileges from profile option
7702
7703 -- last step, get object function list itself to append
7704 get_functions(p_api_version => 1.0,
7705 p_object_name => p_object_name,
7706 p_instance_pk1_value => p_instance_pk1_value,
7707 p_instance_pk2_value => p_instance_pk2_value,
7708 p_instance_pk3_value => p_instance_pk3_value,
7709 p_instance_pk4_value => p_instance_pk4_value,
7710 p_instance_pk5_value => p_instance_pk5_value,
7711 p_user_name => l_user_name,
7712 x_return_status => l_return_status,
7713 x_privilege_tbl => l_privilege_tbl);
7714
7715 l_privilege_tbl_count := l_privilege_tbl.COUNT;
7716 if (l_privilege_tbl_count > 0) then
7717 FOR i IN l_privilege_tbl.first .. l_privilege_tbl.last LOOP
7718 m_privilege_tbl(l_index):=l_privilege_tbl(i);
7719 l_index:=l_index+1;
7720 END LOOP;
7721 END IF;
7722 m_privilege_tbl_count := m_privilege_tbl.COUNT;
7723 x_privilege_tbl := EGO_VARCHAR_TBL_TYPE();
7724 x_index := 0;
7725 if (m_privilege_tbl_count > 0) then
7726 x_privilege_tbl.extend(m_privilege_tbl_count);
7727 FOR i IN m_privilege_tbl.first .. m_privilege_tbl.last LOOP
7728 x_privilege_tbl(i+1) := m_privilege_tbl(i);
7729 --x_index := x_index+1;
7730 END LOOP;
7731 end if;
7732 -- last step done
7733
7734 if (l_index > 0) then
7735 x_return_status := G_RETURN_SUCCESS; /* Success */
7736 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
7737 ,p_module => l_api_name
7738 ,p_message => 'Returning previleges '
7739 );
7740 FOR i in x_privilege_tbl.first .. x_privilege_tbl.last LOOP
7741 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
7742 ,p_module => l_api_name
7743 ,p_message => 'Index : '||i||' - privilege: '||x_privilege_tbl(i)
7744 );
7745 END LOOP;
7746 else
7747 x_return_status := G_RETURN_FAILURE; /* No functions */
7748 end if;
7749 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
7750 ,p_module => l_api_name
7751 ,p_message => 'Completing with status '||x_return_status
7752 );
7753
7754 EXCEPTION
7755 WHEN OTHERS THEN
7756 fnd_message.set_name('FND', 'SQL_PLSQL_ERROR');
7757 fnd_message.set_token('ROUTINE',G_PKG_NAME||l_api_name);
7758 fnd_message.set_token('ERRNO', SQLCODE);
7759 fnd_message.set_token('REASON', SQLERRM);
7760 x_return_status := G_RETURN_UNEXP_ERR;
7761 code_debug (p_log_level => G_DEBUG_LEVEL_UNEXPECTED
7762 ,p_module => l_api_name
7763 ,p_message => 'Ending: Returning OTHER ERROR '||SQLERRM
7764 );
7765 END get_inherited_functions;
7766
7767 --------------------------------------------------------
7768 ---- check_inherited_function
7769 --------------------------------------------------------
7770 FUNCTION check_inherited_function
7771 (
7772 p_api_version IN NUMBER,
7773 p_function IN VARCHAR2,
7774 p_object_name IN VARCHAR2,
7775 p_instance_pk1_value IN VARCHAR2,
7776 p_instance_pk2_value IN VARCHAR2 DEFAULT NULL,
7777 p_instance_pk3_value IN VARCHAR2 DEFAULT NULL,
7778 p_instance_pk4_value IN VARCHAR2 DEFAULT NULL,
7779 p_instance_pk5_value IN VARCHAR2 DEFAULT NULL,
7780 p_parent_object_name_tbl IN EGO_VARCHAR_TBL_TYPE,
7781 p_parent_object_sql_tbl IN EGO_VARCHAR_TBL_TYPE,
7782 p_user_name IN VARCHAR2 DEFAULT NULL,
7783 p_object_type IN VARCHAR2 DEFAULT NULL
7784 )
7785 RETURN VARCHAR2 IS
7786
7787 l_api_version CONSTANT NUMBER := 1.0;
7788 l_api_name CONSTANT VARCHAR2(30) := 'CHECK_INHERITED_FUNCTION';
7789 l_sysdate DATE := Sysdate;
7790 l_predicate VARCHAR2(32767);
7791 -- l_orig_system VARCHAR2(48);
7792 l_orig_system_id NUMBER;
7793 l_dummy_id NUMBER;
7794 l_db_object_name VARCHAR2(30);
7795 l_db_pk1_column VARCHAR2(30);
7796 l_db_pk2_column VARCHAR2(30);
7797 l_db_pk3_column VARCHAR2(30);
7798 l_db_pk4_column VARCHAR2(30);
7799 l_db_pk5_column VARCHAR2(30);
7800 l_pk_column_names VARCHAR2(512);
7801 l_pk_orig_column_names VARCHAR2(512);
7802 l_type_converted_val_cols VARCHAR2(512);
7803 l_result VARCHAR2(1);
7804 l_return_status VARCHAR2(1);
7805 result VARCHAR2(30);
7806 l_own_result VARCHAR2(1);
7807 l_parent_object_table_count NUMBER;
7808 l_set_predicates VARCHAR2(32767);
7809 l_set_predicate_segment VARCHAR2(32767);
7810 l_group_info VARCHAR2(32767); /* Must match g_pred_buf_size*/
7811 l_company_info VARCHAR2(32767); /* Must match g_pred_buf_size*/
7812 l_menu_info VARCHAR2(32767); /* Must match g_pred_buf_size*/
7813 l_pk_values_string VARCHAR2(2000);
7814 l_pk2_value_query_string VARCHAR2(200);
7815 l_pk3_value_query_string VARCHAR2(200);
7816 l_pk4_value_query_string VARCHAR2(200);
7817 l_pk5_value_query_string VARCHAR2(200);
7818 l_parent_object_count NUMBER;
7819
7820 instance_sets_cur DYNAMIC_CUR;
7821 dynamic_sql VARCHAR2(32767);
7822 parent_instance_grants_c DYNAMIC_CUR;
7823 parent_instance_set_grants_c DYNAMIC_CUR;
7824 l_dynamic_sql_1 VARCHAR2(32767);
7825
7826 CURSOR menu_id_c (cp_function VARCHAR2, cp_object_id NUMBER,
7827 cp_object_type VARCHAR2, cp_parent_object_id NUMBER)
7828 IS
7829 select p.parent_role_id parent_role_id
7830 from fnd_menu_entries r, fnd_form_functions f,
7831 fnd_menus m, ego_obj_role_mappings p
7832 where r.function_id = f.function_id
7833 and r.menu_id = m.menu_id
7834 and f.function_name = cp_function
7835 and m.menu_id = p.child_role_id
7836 and p.child_object_id = cp_object_id
7837 and p.parent_object_id = cp_parent_object_id
7838 and p.child_object_type = cp_object_type;
7839
7840 l_object_id number;
7841 l_parent_object_id number;
7842 l_user_name varchar2(80);
7843
7844 l_profile_role VARCHAR2(30);
7845 BEGIN
7846 SetGlobals();
7847 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
7848 ,p_module => l_api_name
7849 ,p_message => 'Started with 12 params '||
7850 ' p_api_version: '|| to_char(p_api_version) ||
7851 ' - p_function: '|| p_function ||
7852 ' - p_object_name: '|| p_object_name ||
7853 ' - p_instance_pk1_value: '|| p_instance_pk1_value ||
7854 ' - p_instance_pk2_value: '|| p_instance_pk2_value ||
7855 ' - p_instance_pk3_value: '|| p_instance_pk3_value ||
7856 ' - p_instance_pk4_value: '|| p_instance_pk4_value ||
7857 ' - p_instance_pk5_value: '|| p_instance_pk5_value ||
7858 ' - p_user_name: '|| p_user_name ||
7859 ' - p_object_type: '|| p_object_type
7860 );
7861
7862 FOR l_table_index IN 1..p_parent_object_name_tbl.COUNT LOOP
7863 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
7864 ,p_module => l_api_name
7865 ,p_message => ' p_parent_object_name_tbl('||l_table_index||
7866 '): '||p_parent_object_name_tbl(l_table_index)||
7867 ' - p_parent_object_sql_tbl('||l_table_index||
7868 '): '||p_parent_object_sql_tbl(l_table_index)
7869 );
7870 END LOOP;
7871
7872 -- check for call compatibility.
7873 if TRUNC(l_api_version) <> TRUNC(p_api_version) THEN
7874 fnd_message.set_name('FND', 'GENERIC-INTERNAL ERROR');
7875 fnd_message.set_token('ROUTINE',
7876 g_pkg_name || '.'|| l_api_name);
7877 fnd_message.set_token('REASON',
7878 'Unsupported version '|| to_char(p_api_version)||
7879 ' passed to API; expecting version '||
7880 to_char(l_api_version));
7881 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
7882 ,p_module => l_api_name
7883 ,p_message => 'Returning as the call in incompatible '
7884 );
7885 return G_RETURN_UNEXP_ERR;
7886 end if;
7887
7888 l_user_name := p_user_name;
7889 get_orig_key(x_user_name => l_user_name
7890 -- ,x_orig_system => l_orig_system
7891 ,x_orig_system_id => l_orig_system_id);
7892 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
7893 ,p_module => l_api_name
7894 ,p_message => 'l_user_name: '||l_user_name||
7895 -- ' - l_orig_system: '||l_orig_system||
7896 ' - l_orig_system_id: '||l_orig_system_id
7897 );
7898
7899 --call check_function first to check its own security
7900 --won't check it if object_instance is -1
7901
7902 if (p_instance_pk1_value<>-1) then
7903 l_own_result := check_function(p_api_version=>1.0,
7904 p_function =>p_function,
7905 p_object_name =>p_object_name,
7906 p_instance_pk1_value => p_instance_pk1_value,
7907 p_instance_pk2_value => p_instance_pk2_value,
7908 p_instance_pk3_value => p_instance_pk3_value,
7909 p_instance_pk4_value => p_instance_pk4_value,
7910 p_instance_pk5_value => p_instance_pk5_value,
7911 p_user_name =>l_user_name);
7912
7913 if (l_own_result = G_RETURN_SUCCESS) then
7914 RETURN l_own_result;
7915 end if;
7916 end if;
7917
7918 l_object_id := get_object_id(p_object_name => p_object_name);
7919 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
7920 ,p_module => l_api_name
7921 ,p_message => 'l_object_id: '||l_object_id
7922 );
7923 l_group_info := get_group_info(p_party_id => l_orig_system_id);
7924 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
7925 ,p_module => l_api_name
7926 ,p_message => 'l_group_info: '||l_group_info
7927 );
7928 l_company_info := get_company_info (p_party_id => l_orig_system_id);
7929 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
7930 ,p_module => l_api_name
7931 ,p_message => 'l_company_info: '||l_company_info
7932 );
7933 /** BEGINNING OF THE LOOP ***/
7934 FOR l_table_index IN 1..p_parent_object_name_tbl.COUNT
7935 LOOP
7936
7937 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
7938 ,p_module => l_api_name
7939 ,p_message => 'processing loop '||l_table_index||
7940 ' for object '||p_parent_object_name_tbl(l_table_index)
7941 );
7942 l_parent_object_id := get_object_id(
7943 p_object_name => p_parent_object_name_tbl(l_table_index)
7944 );
7945 ---------------
7946 -- Menu Info --
7947 ---------------
7948 l_menu_info := '';
7949 FOR menu_rec IN menu_id_c(p_function, l_object_id,
7950 p_object_type,
7951 l_parent_object_id)
7952 LOOP
7953 l_menu_info := l_menu_info || menu_rec.parent_role_id || ' , ';
7954 END LOOP;
7955
7956 IF (length(l_menu_info) > 0) THEN
7957 -- strip off the trailing ', '
7958 l_menu_info := substr(l_menu_info, 1, length(l_menu_info) - length(', '));
7959 ELSE
7960 l_menu_info := 'NULL';
7961 END IF;
7962
7963 ------------------------------------------------------------------
7964 -- we see if a profile option is set and if so we add it to --
7965 -- the other list of menus --
7966 ------------------------------------------------------------------
7967 l_profile_role := getRole_mappedTo_profileOption
7968 (p_parent_object_name_tbl(l_table_index),
7969 p_user_name);
7970 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
7971 ,p_module => l_api_name
7972 ,p_message => 'profile role for '||p_parent_object_name_tbl(l_table_index)||
7973 ' is: '||l_profile_role
7974 );
7975
7976 IF (l_profile_role <> '') THEN
7977 l_dummy_id := get_role_id(l_profile_role);
7978 IF l_dummy_id IS NOT NULL THEN
7979 IF(l_menu_info = 'NULL') THEN
7980 l_menu_info := l_dummy_id;
7981 ELSE
7982 l_menu_info := l_menu_info || ', ' || l_dummy_id;
7983 END IF;
7984 END IF;
7985 END IF;
7986 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
7987 ,p_module => l_api_name
7988 ,p_message => 'l_menu_info: '||l_menu_info
7989 );
7990
7991 -------------------------------------------------------
7992 -- We set PK query strings based on values passed in --
7993 -- (NOTE: following bug 2865553, FND_GRANTS will not --
7994 -- have null PK column values, so I'm changing this --
7995 -- code to check for '*NULL*' instead of null. -Dylan--
7996 -------------------------------------------------------
7997 l_db_pk1_column := null;
7998 l_db_pk2_column := null;
7999 l_db_pk3_column := null;
8000 l_db_pk4_column := null;
8001 l_db_pk5_column := null;
8002 l_pk_column_names := null;
8003 l_type_converted_val_cols := null;
8004 l_pk_orig_column_names := null;
8005 l_db_object_name := null;
8006
8007 result := get_pk_information(p_parent_object_name_tbl(l_table_index),
8008 l_db_pk1_column,
8009 l_db_pk2_column, l_db_pk3_column,
8010 l_db_pk4_column, l_db_pk5_column,
8011 l_pk_column_names, l_type_converted_val_cols,
8012 l_pk_orig_column_names, l_db_object_name);
8013 l_pk_values_string := '(';
8014
8015 if (l_db_pk1_column is not NULL) then
8016 l_pk_values_string := l_pk_values_string || 'grants.instance_pk1_value';
8017 end if;
8018
8019 if (l_db_pk2_column is not NULL) then
8020 l_pk_values_string := l_pk_values_string || ',' || 'grants.instance_pk2_value';
8021 end if;
8022
8023 if (l_db_pk3_column is not NULL) then
8024 l_pk_values_string := l_pk_values_string || ',' || 'grants.instance_pk3_value';
8025 end if;
8026
8027 if (l_db_pk4_column is not NULL) then
8028 l_pk_values_string := l_pk_values_string || ',' || 'grants.instance_pk4_value';
8029 end if;
8030
8031 if (l_db_pk5_column is not NULL) then
8032 l_pk_values_string := l_pk_values_string || ',' || 'grants.instance_pk5_value';
8033 end if;
8034
8035 l_pk_values_string := l_pk_values_string || ')';
8036 l_pk_values_string := l_pk_values_string || ' IN ' || '(' || p_parent_object_sql_tbl(l_table_index) || ')';
8037 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
8038 ,p_module => l_api_name
8039 ,p_message => 'l_pk_values_string: '||l_pk_values_string
8040 );
8041
8042 -------------------------------------------------------------------------------
8043 -- Now we build dynamic SQL using the work we just did to optimize the query --
8044 -------------------------------------------------------------------------------
8045
8046 l_dynamic_sql_1 :=
8047 'SELECT ''X'' ' ||
8048 ' FROM fnd_grants grants ' ||
8049 ' WHERE grants.object_id = :object_id ' ||
8050 ' AND grants.start_date <= SYSDATE '||
8051 ' AND NVL(grants.end_date, SYSDATE) >= SYSDATE ' ||
8052 ' AND grants.instance_type = :instance_type ' ||
8053 ' AND ' || l_pk_values_string ||
8054 ' AND ( ( grants.grantee_type = ''USER'' AND ' ||
8055 ' grants.grantee_key = :user_name ) '||
8056 ' OR ( grants.grantee_type = ''GROUP'' AND '||
8057 ' grants.grantee_key in ( '||l_group_info||' ))' ||
8058 ' OR ( grants.grantee_type = ''COMPANY'' AND '||
8059 ' grants.grantee_key in ( '||l_company_info||' ))' ||
8060 ' OR (grants.grantee_type = ''GLOBAL'' AND '||
8061 ' grants.grantee_key in (''HZ_GLOBAL:-1000'', ''GLOBAL'') )) '||
8062 ' AND grants.menu_id IN (' || l_menu_info ||') ';
8063
8064 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
8065 ,p_module => l_api_name
8066 ,p_message => 'l_dynamic_sql_1: '||l_dynamic_sql_1
8067 );
8068 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
8069 ,p_module => l_api_name
8070 ,p_message => 'Binds for get parent_direct_grants : '||
8071 'l_parent_object_id: '||l_parent_object_id||
8072 ' - G_TYPE_INSTANCE: '||G_TYPE_INSTANCE||
8073 ' - l_user_name: '||l_user_name
8074 );
8075
8076 OPEN parent_instance_grants_c
8077 FOR l_dynamic_sql_1
8078 USING IN l_parent_object_id,
8079 IN G_TYPE_INSTANCE,
8080 IN l_user_name;
8081 FETCH parent_instance_grants_c INTO l_result;
8082 CLOSE parent_instance_grants_c;
8083
8084 IF (l_result = 'X') THEN
8085 RETURN G_RETURN_SUCCESS;
8086 ELSE
8087 ---------------------------------------------------------------------------------
8088 -- Now we build a second dynamic SQL to check instance sets (still optimizing) --
8089 ---------------------------------------------------------------------------------
8090 l_set_predicates := '';
8091 l_set_predicate_segment := '';
8092
8093 l_dynamic_sql_1 :=
8094 ' SELECT DISTINCT instance_sets.predicate ' ||
8095 ' FROM fnd_grants grants, fnd_object_instance_sets instance_sets ' ||
8096 ' WHERE grants.instance_type = :instance_type '||
8097 ' AND grants.start_date <= SYSDATE ' ||
8098 ' AND (grants.end_date IS NULL OR grants.end_date >= SYSDATE) ' ||
8099 ' AND grants.instance_set_id = instance_sets.instance_set_id ' ||
8100 ' AND grants.object_id = :parent_object_id '||
8101 ' AND ( ( grants.grantee_type = ''USER'' AND ' ||
8102 ' grants.grantee_key = :user_name ) '||
8103 ' OR ( grants.grantee_type = ''GROUP'' AND '||
8104 ' grants.grantee_key in ( '||l_group_info||' ))' ||
8105 ' OR ( grants.grantee_type = ''COMPANY'' AND '||
8106 ' grants.grantee_key in ( '||l_company_info||' ))' ||
8107 ' OR (grants.grantee_type = ''GLOBAL'' AND '||
8108 ' grants.grantee_key in (''HZ_GLOBAL:-1000'', ''GLOBAL'') )) '||
8109 ' AND grants.menu_id in (' || l_menu_info || ')';
8110
8111
8112 ----------------------------------------------------------------------
8113 -- Loop through the result set adding each segment to the predicate --
8114 ----------------------------------------------------------------------
8115
8116 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
8117 ,p_module => l_api_name
8118 ,p_message => 'l_dynamic_sql_1: '||l_dynamic_sql_1
8119 );
8120 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
8121 ,p_module => l_api_name
8122 ,p_message => 'Binds for get parent_instance_set_grants_c : '||
8123 'G_TYPE_SET: '||G_TYPE_SET||
8124 ' - l_parent_object_id: '||l_parent_object_id||
8125 ' - l_user_name: '||l_user_name
8126 );
8127
8128 OPEN parent_instance_set_grants_c
8129 FOR l_dynamic_sql_1
8130 USING IN G_TYPE_SET,
8131 IN l_parent_object_id,
8132 IN l_user_name;
8133 LOOP
8134 FETCH parent_instance_set_grants_c into l_set_predicate_segment;
8135 EXIT WHEN parent_instance_set_grants_c%NOTFOUND;
8136
8137 l_set_predicates := substrb(l_set_predicates ||
8138 l_set_predicate_segment ||
8139 ' OR ',
8140 1, g_pred_buf_size);
8141 END LOOP;
8142 CLOSE parent_instance_set_grants_c;
8143
8144 IF (length(l_set_predicates) > 0) THEN
8145 -- strip off the trailing 'OR'
8146 l_set_predicates := substr(l_set_predicates, 1,
8147 length(l_set_predicates) - length('OR '));
8148 END IF;
8149 -- finished by.a
8150 l_predicate := l_set_predicates;
8151
8152 IF (length(l_predicate) > 1) THEN
8153 dynamic_sql :=
8154 'SELECT ''X'' '||
8155 ' FROM '|| l_db_object_name ||
8156 ' WHERE (';
8157
8158 if (l_db_pk1_column is not NULL) then
8159 dynamic_sql := dynamic_sql ||
8160 l_db_pk1_column;
8161 end if;
8162
8163 if (l_db_pk2_column is not NULL) then
8164 dynamic_sql := dynamic_sql || ',' ||
8165 l_db_pk2_column ; /** db_pk2_column||' ,'; **/
8166 end if;
8167
8168 if (l_db_pk3_column is not NULL) then
8169 dynamic_sql := dynamic_sql || ',' ||
8170 l_db_pk3_column;
8171 end if;
8172
8173 if (l_db_pk4_column is not NULL) then
8174 dynamic_sql := dynamic_sql || ',' ||
8175 l_db_pk4_column;
8176 end if;
8177
8178 if (l_db_pk5_column is not NULL) then
8179 dynamic_sql := dynamic_sql || ',' ||
8180 l_db_pk5_column;
8181 end if;
8182
8183 dynamic_sql := dynamic_sql || ')' || 'IN' || '(';
8184 dynamic_sql := dynamic_sql || p_parent_object_sql_tbl (l_table_index) || ')';
8185 dynamic_sql := dynamic_sql || ' AND ('||l_predicate||') ';
8186
8187 code_debug (p_log_level => G_DEBUG_LEVEL_STATEMENT
8188 ,p_module => l_api_name
8189 ,p_message => 'Final dynamic Sql '||dynamic_sql
8190 );
8191 OPEN instance_sets_cur FOR dynamic_sql;
8192 FETCH instance_sets_cur INTO l_own_result;
8193 IF(instance_sets_cur%NOTFOUND) THEN
8194 CLOSE instance_sets_cur;
8195 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
8196 ,p_module => l_api_name
8197 ,p_message => 'Returning FAILURE as object not found in sets '
8198 );
8199 RETURN G_RETURN_FAILURE;
8200 ELSE
8201 CLOSE instance_sets_cur;
8202 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
8203 ,p_module => l_api_name
8204 ,p_message => 'Returning SUCCESS as object found in sets '
8205 );
8206 RETURN G_RETURN_SUCCESS;
8207 END IF;
8208 ELSE
8209 -- No predicate
8210 code_debug (p_log_level => G_DEBUG_LEVEL_PROCEDURE
8211 ,p_module => l_api_name
8212 ,p_message => 'Returning FAILURE as no predicate is found '
8213 );
8214 RETURN G_RETURN_FAILURE;
8215 END IF; -- End of if l_predicate length is greater than 0 else clause
8216 END IF; -- End of if l_result is 'X' else clause
8217 END LOOP;
8218
8219 EXCEPTION
8220 WHEN OTHERS THEN
8221 fnd_message.set_name('FND', 'SQL_PLSQL_ERROR');
8222 fnd_message.set_token('ROUTINE',G_PKG_NAME||l_api_name);
8223 fnd_message.set_token('ERRNO', SQLCODE);
8224 fnd_message.set_token('REASON', SQLERRM);
8225 code_debug (p_log_level => G_DEBUG_LEVEL_UNEXPECTED
8226 ,p_module => l_api_name
8227 ,p_message => 'Ending: Returning OTHER ERROR '||SQLERRM
8228 );
8229 RETURN G_RETURN_UNEXP_ERR;
8230 END check_inherited_function;
8231
8232 ----------------------------------------------------------------
8233 END EGO_DATA_SECURITY;