1 PACKAGE qp_security AUTHID CURRENT_USER AS
2 /* $Header: QPXSECUS.pls 120.1 2005/08/19 16:10:12 spgopal noship $ */
3 /*#
4 * This package contains a function to determine functional object access for a
5 * user.
6 *
7 * @rep:scope public
8 * @rep:product QP
9 * @rep:displayname Object Security
10 * @rep:category BUSINESS_ENTITY QP_PRICE_LIST
11 * @rep:category BUSINESS_ENTITY QP_PRICE_MODIFIER
12 */
13
14 C_PKG_NAME CONSTANT VARCHAR2(30) := 'QP_SECURITY';
15 C_TYPE_SET CONSTANT VARCHAR2(30) := 'SET';
16 G_SECURITY_CONTROL_PROFILE CONSTANT VARCHAR2(100) := 'QP_SECURITY_CONTROL';
17 G_SECURITY_DEFAULT_VIEWONLY CONSTANT VARCHAR2(100) := 'QP_SECURITY_DEFAULT_VIEWONLY';
18 G_SECURITY_DEFAULT_MAINTAIN CONSTANT VARCHAR2(100):= 'QP_SECURITY_DEFAULT_MAINTAIN';
19 G_SECURITY_ON CONSTANT VARCHAR2(5) := 'ON';
20 G_SECURITY_OFF CONSTANT VARCHAR2(5) := 'OFF';
21
22 G_SECURITY_LEVEL_NONE CONSTANT VARCHAR2(10) := 'NONE';
23 G_SECURITY_LEVEL_OU CONSTANT VARCHAR2(10) := 'OU';
24 G_SECURITY_LEVEL_USER CONSTANT VARCHAR2(10) := 'USER';
25 G_SECURITY_LEVEL_RESP CONSTANT VARCHAR2(10) := 'RESP';
26 G_SECURITY_LEVEL_GLOBAL CONSTANT VARCHAR2(10) := 'GLOBAL';
27
28 G_GRANTEE_OU CONSTANT VARCHAR2(10) := 'OU';
29 G_GRANTEE_USER CONSTANT VARCHAR2(10) := 'USER';
30 G_GRANTEE_RESP CONSTANT VARCHAR2(10) := 'RESP';
31
32 G_VIEW CONSTANT VARCHAR2(1) := 'V';
33 G_MAINTAIN CONSTANT VARCHAR2(1) := 'M';
34
35 G_FUNCTION_VIEW CONSTANT VARCHAR2(20) := 'QP_SECU_VIEW';
36 G_FUNCTION_COPY CONSTANT VARCHAR2(20) := 'QP_SECU_COPY';
37 G_FUNCTION_UPDATE CONSTANT VARCHAR2(20) := 'QP_SECU_UPDATE';
38 G_FUNCTION_DELETE CONSTANT VARCHAR2(20) := 'QP_SECU_DELETE';
39
40 G_PRICELIST_OBJECT CONSTANT VARCHAR2(5) := 'PRL';
41 G_MODIFIER_OBJECT CONSTANT VARCHAR2(5) := 'MOD';
42 G_AGREEMENT_OBJECT CONSTANT VARCHAR2(5) := 'AGR';
43 G_FORMULA_OBJECT CONSTANT VARCHAR2(5) := 'FOR';
44
45 G_PRICELIST_TYPE CONSTANT VARCHAR2(30) := 'PRL';
46 G_MODIFIER_SUR CONSTANT VARCHAR2(30) := 'SLT';
47 G_MODIFIER_PRO CONSTANT VARCHAR2(30) := 'PRO';
48 G_MODIFIER_DLT CONSTANT VARCHAR2(30) := 'DLT';
49 G_MODIFIER_DEL CONSTANT VARCHAR2(30) := 'DEL';
50 G_MODIFIER_CHARGES CONSTANT VARCHAR2(30) :='CHARGES';
51 G_AGREEMENT_TYPE CONSTANT VARCHAR2(30) := 'AGR';
52 G_AUTHORIZED CONSTANT VARCHAR2(1) := 'T';
53 G_DENIED CONSTANT VARCHAR2(1) := 'F';
54 G_ERROR CONSTANT VARCHAR2(1) := 'E';
55 G_UN_ERROR CONSTANT VARCHAR2(1) := 'U';
56
57 G_YES CONSTANT VARCHAR2(1) := 'Y';
58 G_NO CONSTANT VARCHAR2(1) := 'N';
59
60 G_FUNCTION_NAME_CACHE VARCHAR2(30) := null;
61 G_FUNCTION_ID_CACHE NUMBER := null;
62
63 G_OBJECT_ID_CACHE NUMBER := null;
64 G_INSTANCE_TYPE_CACHE qp_grants.instance_type%TYPE := null;--VARCHAR2(5) := null;
65
66 G_USER_NAME VARCHAR2(240) := null;
67 G_RESP_ID NUMBER := null;
68 G_ORG_ID NUMBER := null;
69 G_USER_ID NUMBER := null;
70 --G_MENU_MAINTAIN_ID NUMBER := null;
71
72 Procedure Set_Grants(p_user_name IN VARCHAR2,
73 p_resp_id IN NUMBER,
74 p_org_id IN NUMBER
75 );
76
77 FUNCTION security_on
78 RETURN VARCHAR2;
79
80 FUNCTION GET_OBJECT_ID_FOR_INSTANCE(p_instance_type IN VARCHAR2 default null)
81 RETURN NUMBER;
82
83 /*#
84 * This API is used to check if a specific user, logging in with a specific
85 * responsibility and within a specific operating unit, has functional access to
86 * a specific pricing object or not.
87 *
88 * @param p_function_name the level of access for which to check: either
89 * 'QP_SECU_VIEW' or 'QP_SECU_UPDATE'
90 * @param p_instance_type the type of the object: either 'PRL' for standard price
91 * list, 'MOD' for modifier list, or 'AGR' for agreement
92 * price list
93 * @param p_instance_pk1 the list_header_id from qp_list_headers_b for the object
94 * @param p_instance_pk2 not used
95 * @param p_instance_pk3 not used
96 * @param p_user_name the user name
97 * @param p_resp_id the responsibility
98 * @param p_org_id the operating unit
99 *
100 * @return T if the user has access to the object, F if the user does not have
101 * access to the object, and E-<error message> if an error occurred
102 * within the API
103 *
104 * @rep:displayname Check Function
105 */
106 FUNCTION check_function(
107 p_function_name IN VARCHAR2,
108 p_instance_type IN VARCHAR2,
109 p_instance_pk1 IN NUMBER,
110 p_instance_pk2 IN NUMBER default null,
111 p_instance_pk3 IN NUMBER default null,
112 p_user_name IN VARCHAR2 default null,
113 p_resp_id IN NUMBER default null,
114 p_org_id IN NUMBER default null
115 )
116 RETURN VARCHAR2;
117
118 FUNCTION auth_instances(
119 p_function_name IN VARCHAR2,
120 p_instance_type IN VARCHAR2 default null,
121 p_user_name IN VARCHAR2 default G_USER_NAME,
122 p_resp_id IN NUMBER default G_RESP_ID,
123 p_org_id IN NUMBER default G_ORG_ID
124 ) RETURN system.qp_inst_pk_vals;
125
126 PROCEDURE create_default_grants(
127 p_instance_type IN VARCHAR2,
128 p_instance_pk1 IN NUMBER,
129 p_instance_pk2 IN NUMBER default null,
130 p_instance_pk3 IN NUMBER default null,
131 p_user_name IN VARCHAR2 default null,
132 p_resp_id IN NUMBER default null,
133 p_org_id IN NUMBER default null,
134 x_return_status OUT NOCOPY VARCHAR2);
135
136 ---------------vpd----------------
137 FUNCTION qp_v_sec (owner VARCHAR2, objname VARCHAR2)
138 RETURN VARCHAR2;
139
140 FUNCTION qp_vl_sec (owner VARCHAR2, objname VARCHAR2)
141 RETURN VARCHAR2;
142
143 FUNCTION GET_USER_ID (l_user_name IN VARCHAR2 default FND_GLOBAL.USER_NAME)
144 RETURN NUMBER;
145
146 FUNCTION GET_ORG_ID
147 RETURN NUMBER;
148
149 FUNCTION GET_RESP_ID
150 RETURN NUMBER;
151
152 FUNCTION GET_MENU_MAINTAIN_ID
153 RETURN NUMBER;
154
155 FUNCTION GET_UPDATE_ALLOWED (p_object_name IN VARCHAR2, p_list_header_id IN NUMBER)
156 RETURN VARCHAR2;
157
158 --------------vpd----------------
159
160
161 -------------moac vpd --------------
162 --added for MOAC
163 --this will be the VPD policy for the secured synonym qp_list_headers_b
164 --
165 -- Name
166 -- qp_org_security
167 --
168 -- Purpose
169 -- This function implements the security policy for the Multi-Org
170 -- Access Control mechanism for QP_LIST_HEADERS_B.
171 -- It is automatically called by the oracle
172 -- server whenever a secured table or view is referenced by a SQL
173 -- statement. Products should not call this function directly.
174 --
175 -- The security policy function is expected to return a predicate
176 -- (a WHERE clause) that will control which records can be accessed
177 -- or modified by the SQL statement. After incorporating the
178 -- predicate, the server will parse, optimize and execute the
179 -- modified statement.
180 --
181 -- Arguments
182 -- obj_schema - the schema that owns the secured object
183 -- obj_name - the name of the secured object
184 --
185
186 FUNCTION QP_ORG_SECURITY(obj_schema VARCHAR2,
187 obj_name VARCHAR2) RETURN VARCHAR2;
188
189 -------------moac vpd --------------
190
191 END qp_security;