1 PACKAGE BODY HR_SIGNON AS
2 /* $Header: hrsignon.pkb 120.2.12020000.3 2013/03/26 10:53:00 swrajapa ship $ */
3 -----------------------------------------------------------------------
4 -----------------------------------------------------------------------
5 -- PRIVATE FUNCTIONS
6 -----------------------------------------------------------------------
7 -----------------------------------------------------------------------
8 --
9 --------------------------------------------------------------------
10 --< Generic_Error >-------------------------------------------------
11 --------------------------------------------------------------------
12 --
13 -- Description:
14 --
15 --
16 --
17 PROCEDURE Generic_Error
18 (p_routine IN VARCHAR2
19 ,p_errcode IN NUMBER
20 ,p_errmsg IN VARCHAR2
21 )
22 IS
23 BEGIN
24 fnd_message.set_name('FND', 'SQL_PLSQL_ERROR');
25 fnd_message.set_token('ROUTINE', p_routine);
26 fnd_message.set_token('ERRNO', p_errcode);
27 fnd_message.set_token('REASON', p_errmsg);
28 fnd_message.raise_error;
29 END Generic_Error;
30 --
31 --------------------------------------------------------------------
32 --< Get_BG_ID >-----------------------------------------------------
33 --------------------------------------------------------------------
34 --
35 -- Description:
36 -- This function will return the business group to be used for
37 -- the session.
38 --
39 -- Depending on the setting of the 'ENABLE_SECURITY_GROUPS'
40 -- profile option the business group will be derived in one of
41 -- two ways:
42 --
43 -- ENABLE_SECURITY_GROUPS = 'Y'
44 -- Multi security groups can be used for the same responsibility.
45 -- The business group is derived by querying PER_BUSINESS_GROUPS
46 -- with the security group that the user selected at signon.
47 --
48 -- ENABLE_SECURITY_GROUPS = 'N'
49 -- Single security group model is in use, so the business group
50 -- is found by finding the value of the business group profile
51 -- set on the responsibility the user is logged into.
52 --
53 FUNCTION Get_BG_ID
54 (p_security_group_id IN NUMBER
55 ,p_responsibility_id IN NUMBER
56 ,p_resp_app_id IN NUMBER
57 )
58 RETURN NUMBER
59 IS
60 --
61 l_business_group_id NUMBER DEFAULT NULL;
62 --
63 BEGIN
64 --
65 -- Find the business group (if there is one)
66 --
67 --
68 -- If the enable security groups profile is set to Y then retrieve
69 -- the business group by scanning the per_business_group view with
70 -- the supplied security_group_id
71 --
72 hr_utility.set_location('Entering Get_BG_ID:',10);
73 --fnd_log.string(1,'HR','Entering Get_BG_ID:'||'10');
74
75
76 BEGIN
77 SELECT business_group_id
78 INTO l_business_group_id
79 FROM per_business_groups
80 WHERE security_group_id = to_char(p_security_group_id);
81
82 hr_utility.set_location('l_business_group_id: '||l_business_group_id,20);
83 --fnd_log.string(1,'HR','l_business_group_id: '||l_business_group_id);
84
85 EXCEPTION
86 WHEN no_data_found THEN
87
88 hr_utility.set_location('not found l_business_group_id: '||l_business_group_id,30);
89 --fnd_log.string(1,'HR','not found l_business_group_id: '||l_business_group_id);
90
91 l_business_group_id := NULL;
92 END;
93
94 -- This is required to handle model 2 of multi tenancy (PEO)
95 -- i.e. the security group corresponds to the enterprise rather than the
96 -- business group.
97 -- Note:
98 -- 1. For model 1 of multi tenancy (BPO) this is not required as the
99 -- security group corresponds to the business group.
100 -- 2. By the time this method is called the enterprise OLS context should
101 -- have been set.
102 IF l_business_group_id is null AND
103 hr_multi_tenancy_pkg.is_multi_tenant_system THEN
104 l_business_group_id := hr_multi_tenancy_pkg.get_bus_grp_from_sec_grp
105 (p_security_group_id => p_security_group_id);
106 END IF;
107 --
108 hr_utility.set_location('Leaving Get_BG_ID:',100);
109 --fnd_log.string(1,'HR','Leaving Get_BG_ID:'||' 100');
110 RETURN l_business_group_id;
111 --
112 END Get_BG_ID;
113 --
114 --------------------------------------------------------------------
115 --< Check_Business_Group_Lockout >----------------------------------
116 --------------------------------------------------------------------
117 --
118 -- Description:
119 -- Checks if the specified business group has been 'locked out'.
120 --
121 -- This is a feature used by the Data Migrator project for
122 -- Fidelity.
123 --
124 -- When a specific business group is being migrated, a database
125 -- profile is set with its ID - if a user then tries to login to
126 -- this business group whilst the migration is in progress then
127 -- they will not be permitted to enter any HR forms since we null
128 -- the profile options for business group and security profile.
129 --
130 PROCEDURE Check_Business_Group_Lockout
131 (p_business_group_id IN NUMBER
132 ,p_security_group_id IN NUMBER
133 ,p_sg_enabled IN BOOLEAN
134 )
135 IS
136 --
137 -- Data migrator BG lockout cursor
138 --
139 CURSOR c_chk_bg_locked (l_business_group_id IN NUMBER)
140 IS
141 SELECT 'Y'
142 FROM per_business_groups
143 WHERE security_group_id = to_char(p_security_group_id)
144 AND business_group_id = l_business_group_id;
145 --
146 l_bg_lockout NUMBER DEFAULT NULL;
147 l_exists VARCHAR2(1);
148 l_lockout_exception EXCEPTION;
149 --
150 BEGIN
151 hr_utility.set_location('Entering Check_Business_Group_Lockout:',10);
152 --fnd_log.string(1,'HR','Entering Check_Business_Group_Lockout:'||' 10');
153 --
154 --
155 -- Get the value for the data migratior business group lockout
156 -- profile
157 --
158 l_bg_lockout :=
159 TO_NUMBER(fnd_profile.value('HR_DM_BG_LOCKOUT'));
160 hr_utility.set_location('l_bg_lockout: '||l_bg_lockout,20);
161 -- fnd_log.string(1,'HR','l_bg_lockout: '||l_bg_lockout);
162 --
163 -- If the profile has been set (ie. a migration is in progress)
164 -- then do some checking
165 --
166 IF l_bg_lockout IS NOT NULL THEN
167 --
168 -- Now check if the business group the current user is trying to
169 -- log into is currently locked (ie. it is being migrated)
170 --
171 IF (p_sg_enabled) THEN
172
173 OPEN c_chk_bg_locked(l_bg_lockout);
174 --
175 FETCH c_chk_bg_locked INTO l_exists;
176 --
177 IF c_chk_bg_locked%FOUND THEN
178 CLOSE c_chk_bg_locked;
179 --
180 -- Set the BG/SP profiles to null to ensure that no
181 -- business group specific data can be entered by the user
182 --
183 fnd_profile.put
184 (name => 'PER_SECURITY_PROFILE_ID'
185 ,val => NULL
186 );
187 fnd_profile.put
188 (name => 'PER_BUSINESS_GROUP_ID'
189 ,val => NULL
190 );
191 hr_utility.set_location('BG locked: ',30);
192 -- fnd_log.string(1,'HR','BG locked: '||'30');
193 --
194 -- Now raise an exception to break out of this procedure
195 --
196 RAISE l_lockout_exception;
197 END IF;
198 --
199 CLOSE c_chk_bg_locked;
200 ELSE
201 IF (l_bg_lockout = p_business_group_id) THEN
202 --
203 -- Set the BG/SP profiles to null to ensure that no
204 -- business group specific data can be entered by the user
205 --
206 fnd_profile.put
207 (name => 'PER_SECURITY_PROFILE_ID'
208 ,val => NULL
209 );
210 fnd_profile.put
211 (name => 'PER_BUSINESS_GROUP_ID'
212 ,val => NULL
213 );
214 hr_utility.set_location('BG Unlocked: ',40);
215 --fnd_log.string(1,'HR','BG Unlocked: '||'40');
216 --
217 -- Now raise an exception to break out of this procedure
218 --
219 RAISE l_lockout_exception;
220 END IF;
221 END IF;
222 END IF;
223 --
224 hr_utility.set_location('Leaving Check_Business_Group_Lockout:',100);
225 --fnd_log.string(1,'HR','Leaving Check_Business_Group_Lockout:'||' 100');
226 EXCEPTION
227 WHEN OTHERS THEN
228 hr_utility.set_location('Leaving with error'||sqlerrm||sqlcode,101);
229 -- fnd_log.string(1,'HR','Leaving with error'||sqlerrm||sqlcode);
230 RAISE;
231 END Check_Business_Group_Lockout;
232 --
233 -----------------------------------------------------------------------
234 --< Get_SP_ID >--------------------------------------------------------
235 -----------------------------------------------------------------------
236 --
237 -- Description:
238 -- This function will return the security profile to be used for
239 -- the session.
240 --
241 -- Unlike in R11 we no longer determine the security profile for a
242 -- session by inspecting the relavent profile option at resp/site
243 -- level.
244 --
245 -- For R11i all security profile assignments are maintained through
246 -- the 'assign security profiles' form, and are stored in the
247 -- PER_SEC_PROFILE_ASSIGNMENTS table.
248 --
249 --
250 FUNCTION Get_SP_ID
251 (p_user_id IN NUMBER
252 ,p_responsibility_id IN NUMBER
253 ,p_resp_app_id IN NUMBER
254 ,p_business_group_id IN NUMBER
255 ,p_security_group_id IN NUMBER
256 )
257 RETURN NUMBER
258 IS
259 --
260 CURSOR c_get_sp_assignment
261 IS
262 SELECT p1.security_profile_id
263 FROM per_sec_profile_assignments p1
264 ,per_security_profiles p2
265 WHERE p1.security_profile_id = p2.security_profile_id
266 AND p1.user_id = p_user_id
267 AND p1.responsibility_id = p_responsibility_id
268 AND p1.responsibility_application_id = p_resp_app_id
269 AND p1.business_group_id = p_business_group_id
270 AND p1.security_group_id = p_security_group_id
271 -- AND SYSDATE BETWEEN p1.start_date -- modified for the bug 6344997
272 AND trunc(SYSDATE) BETWEEN p1.start_date
273 AND NVL(p1.end_date, hr_general.END_OF_TIME);
274 --
275 CURSOR c_get_implicit_sp
276 IS
277 SELECT MIN(security_profile_id)
278 FROM per_security_profiles
279 WHERE business_group_id = p_business_group_id
280 AND view_all_flag = 'Y';
281 --
282 l_security_profile_id NUMBER DEFAULT NULL;
283 --
284 BEGIN
285 hr_utility.set_location('Entering Get_SP_ID:',10);
286 --fnd_log.string(1,'HR','Entering Get_SP_ID:'||' 10');
287 --
288 -- First of all try and get the security_profile_id by scanning
289 -- for active security profile assignments
290 --
291 OPEN c_get_sp_assignment;
292 --
293 FETCH c_get_sp_assignment INTO l_security_profile_id;
294 --
295 IF c_get_sp_assignment%NOTFOUND THEN
296 --
297 l_security_profile_id := NULL;
298 --
299 END IF;
300 hr_utility.set_location('l_security_profile_id: '||l_security_profile_id,20);
301 --fnd_log.string(1,'HR','l_security_profile_id: '||l_security_profile_id);
302 --
303 CLOSE c_get_sp_assignment;
304 --
305 IF l_security_profile_id IS NOT NULL THEN
306 hr_utility.set_location('l_security_profile_id: '||l_security_profile_id,30);
307 --fnd_log.string(1,'HR','l_security_profile_id: '||l_security_profile_id);
308 hr_utility.set_location('Leaving: ',80);
309 --fnd_log.string(1,'HR','Leaving: 80');
310 RETURN l_security_profile_id;
311 END IF;
312 --
313 -- There is no assignment - try and find the id of the view all
314 -- profile for the business group
315 --
316 OPEN c_get_implicit_sp;
317 --
318 FETCH c_get_implicit_sp INTO l_security_profile_id;
319 --
320 IF c_get_implicit_sp%NOTFOUND THEN
321 --
322 l_security_profile_id := NULL;
323 --
324 END IF;
325 hr_utility.set_location('l_security_profile_id: '||l_security_profile_id,90);
326 -- fnd_log.string(1,'HR','l_security_profile_id: '||l_security_profile_id);
327 --
328 CLOSE c_get_implicit_sp;
329 --
330 hr_utility.set_location('Leaving Get_SP_ID: ',100);
331 --fnd_log.string(1,'HR','Leaving Get_SP_ID:'||'100');
332 RETURN l_security_profile_id;
333 --
334 END Get_SP_ID;
335 --
336 -----------------------------------------------------------------------
337 --< Set_Profile_Values >-----------------------------------------------
338 -----------------------------------------------------------------------
339 --
340 -- Description:
341 -- This procedure sets the values for the PER_SECURITY_PROFILE_ID
342 -- and PER_BUSINESS_GROUP_ID profiles in the server-side profile
343 -- cache.
344 --
345 -- Note: The values set here will override any database settings
346 -- that exist for these profiles.
347 --
348 PROCEDURE Set_Profile_Values
349 (p_business_group_id IN NUMBER
350 ,p_security_profile_id IN NUMBER
351 )
352 IS
353 --
354 BEGIN
355 hr_utility.set_location('Entering Set_Profile_Values:',10);
356 -- fnd_log.string(1,'HR','Entering Set_Profile_Values:'||' 10');
357 --
358 fnd_profile.put(name => 'PER_SECURITY_PROFILE_ID'
359 ,val => p_security_profile_id
360 );
361 fnd_profile.put(name => 'PER_BUSINESS_GROUP_ID'
362 ,val => p_business_group_id
363 );
364 --
365 hr_utility.set_location('Leaving Set_Profile_Values:',100);
366 --fnd_log.string(1,'HR','Leaving Set_Profile_Values:'||' 100');
367 END Set_Profile_Values;
368 --
369 -----------------------------------------------------------------------
370 --< Security_Groups_Enabled >------------------------------------------
371 -----------------------------------------------------------------------
372 --
373 -- Description:
374 -- This function checks whether or not security groups are enabled.
375 -- This is done by primarily checking the profile
376 -- ENABLE_SECURITY_GROUPS. If this is set then an additional check
377 -- is made to ensure that the enable security groups concurrent
378 -- program has been run - this is done by querying the
379 -- per_business_groups view for any business groups (other than the
380 -- setup business group) with a security_group_id of 0.
381 -- Note: any business groups created whilst security groups are not
382 -- enabled have a default value of 0.
383 --
384 FUNCTION Security_Groups_Enabled
385 RETURN VARCHAR2
386 IS
387 --
388 l_dummy VARCHAR2(1);
389 --
390 CURSOR c_check_sec_process_run
391 IS
392 SELECT 'Y'
393 FROM per_business_groups
394 WHERE business_group_id <> 0
395 AND security_group_id = '0';
396 --
397 BEGIN
398 --
399 hr_utility.set_location('Entering Security_Groups_Enabled:',10);
400 -- fnd_log.string(1,'HR','Entering Security_Groups_Enabled:'||'10');
401 -- check if the enable_security_groups profile is set to 'Y'
402 IF fnd_profile.value('ENABLE_SECURITY_GROUPS') = 'Y' THEN
403 -- profile is enabled... make sure that the enable security groups
404 -- concurrent process has been run... otherwise return false else
405 -- the HR security initialization code will fail
406 --
407 -- to tell if the concurrent process has been run we can just look
408 -- for any business groups other than the setup business group that
409 -- have a security group ID of 0.
410 hr_utility.set_location('Security_Groups_Enabled:',20);
411 --fnd_log.string(1,'HR','Security_Groups_Enabled:'||'20');
412 OPEN c_check_sec_process_run;
413 --
414 FETCH c_check_sec_process_run INTO l_dummy;
415 --
416 IF c_check_sec_process_run%NOTFOUND THEN
417 --
418 hr_utility.set_location('l_dummy: '||l_dummy,30);
419 --fnd_log.string(1,'HR','l_dummy: '||l_dummy);
420 CLOSE c_check_sec_process_run;
421 hr_utility.set_location('Leaving Security_Groups_Enabled: ',80);
422 --fnd_log.string(1,'HR','Leaving Security_Groups_Enabled: 80');
423 RETURN 'Y';
424 --
425 ELSE
426 --
427 hr_utility.set_location('l_dummy'||l_dummy,85);
428 -- fnd_log.string(1,'HR','l_dummy'||l_dummy);
429 CLOSE c_check_sec_process_run;
430 hr_utility.set_location('Leaving Security_Groups_Enabled:',90);
431 --fnd_log.string(1,'HR','Leaving Security_Groups_Enabled: 90');
432 RETURN 'N';
433 --
434 END IF;
435 ELSE
436 -- profile is not enabled, so return false
437 hr_utility.set_location('Leaving Security_Groups_Enabled: ',100);
438 --fnd_log.string(1,'HR','Leaving Security_Groups_Enabled: '||'100');
439 RETURN 'N';
440 END IF;
441 --
442 END Security_Groups_Enabled;
443 --
444 -----------------------------------------------------------------------
445 --< Get_Security_Profile_ID >------------------------------------------
446 -----------------------------------------------------------------------
447 --
448 -- Description:
449 -- This function returns the security profile to be used for a
450 -- session, given the user/resp/app/security group that the user
451 -- has signed into.
452 --
453 -- Depending whether or not multiple security groups are enabled
454 -- for the application, the business group and security profile
455 -- profile options may also be setup here.
456 --
457 -- Arguments
458 -- p_user_id User ID for the session
459 -- p_responsibility_id Responsibility ID for the session
460 -- p_application_id Responsibility application ID for the session
461 -- p_security_group_id Security group ID for the session
462 --
463 -- Returns
464 -- Security profile ID to use for the session (this value is used
465 -- to setup the cached global in fnd_client_info)
466 --
467 FUNCTION Get_Security_Profile_ID
468 (p_user_id IN NUMBER
469 ,p_responsibility_id IN NUMBER
470 ,p_application_id IN NUMBER
471 ,p_security_group_id IN NUMBER
472 ) RETURN NUMBER
473 IS
474 --
475 l_business_group_id NUMBER DEFAULT NULL;
476 l_security_profile_id NUMBER DEFAULT NULL;
477 --
478 BEGIN
479 /* fnd_log.string(1,'HR','Entering Get_Security_Profile_ID:'||'10');
480 fnd_log.string(1,'HR','p_user_id:'||p_user_id);
481 fnd_log.string(1,'HR','p_responsibility_id:'||p_responsibility_id);
482 fnd_log.string(1,'HR','p_application_id:'||p_application_id);
483 fnd_log.string(1,'HR','p_security_group_id:'||p_security_group_id);*/
484 hr_utility.set_location('Entering Get_Security_Profile_ID:',10);
485 hr_utility.set_location('p_user_id:'||p_user_id,20);
486 hr_utility.set_location('p_responsibility_id:'||p_responsibility_id,30);
487 hr_utility.set_location('p_application_id:'||p_application_id,40);
488 hr_utility.set_location('p_security_group_id:'||p_security_group_id,50);
489
490
491 --
492 -- Retrieve the value for the ENABLE_SECURITY_GROUPS profile option.
493 -- If this is enabled then the business group for the session is
494 -- derived from the security group that the user selected at login.
495 -- If security groups are enabled then the security profile assignment
496 -- for the session is found by querying PER_SEC_PROFILE_ASSIGNMENTS
497 -- and if no explicit assignment exists then default view-all profile
498 -- for the business group is assigned.
499 --
500 -- If security groups are not enabled then the business group and
501 -- security profile are assigned by setting the profile options and
502 -- as such no processing will be done here.
503 --
504 IF Security_Groups_Enabled = 'Y' THEN
505 --
506 -- Retrieve the business group to be used for the session.
507 --
508 l_business_group_id
509 := Get_BG_ID
510 (p_security_group_id => p_security_group_id
511 ,p_responsibility_id => p_responsibility_id
512 ,p_resp_app_id => p_application_id
513 );
514 --
515 hr_utility.set_location('l_business_group_id: '||l_business_group_id,60);
516 -- fnd_log.string(1,'HR','l_business_group_id: '||l_business_group_id);
517
518 IF l_business_group_id IS NOT NULL THEN
519 --
520 -- Check if the business group has been 'locked out'.
521 -- This is a feature used by the Data Migrator project for Fidelity.
522 -- When a specific business group is being migrated, a database
523 -- profile is set with its ID - if a user then tries to login to this
524 -- business group whilst the migration is in progress then they will
525 -- not be permitted to enter any HR forms since we null the profile
526 -- options for business group and security profile.
527 --
528
529 /*fnd_log.string(1,'HR','Business group id not null'||'30');
530
531 fnd_log.string(1,'HR','before lockout:'||'30');*/
532 hr_utility.set_location('Business group id not null',30);
533 hr_utility.set_location('before lockout:',30);
534
535 Check_Business_Group_Lockout
536 (p_business_group_id => l_business_group_id
537 ,p_security_group_id => p_security_group_id
538 ,p_sg_enabled => TRUE
539 );
540 hr_utility.set_location('after lockout:',40);
541 --fnd_log.string(1,'HR','after lockout:'||'40');
542 --
543 -- Get the security profile for the session.
544 -- Unlike in R11 we no longer determine the security profile for a
545 -- session by inspecting the relavent profile option at resp/site
546 -- level.
547 -- For R11i all security profile assignments are maintained through
548 -- the 'assign security profiles' form, and are stored in the
549 -- PER_SEC_PROFILE_ASSIGNMENTS table.
550 --
551 l_security_profile_id
552 := Get_SP_ID
553 (p_user_id => p_user_id
554 ,p_responsibility_id => p_responsibility_id
555 ,p_resp_app_id => p_application_id
556 ,p_business_group_id => l_business_group_id
557 ,p_security_group_id => p_security_group_id
558 );
559 hr_utility.set_location('l_security_profile_id: '||l_security_profile_id,40);
560 --fnd_log.string(1,'HR','l_security_profile_id: '||l_security_profile_id);
561 --
562 -- Store the retrieved values for the BG/SP profile options in the
563 -- server-side cache.
564 --
565 Set_Profile_Values
566 (p_business_group_id => l_business_group_id
567 ,p_security_profile_id => l_security_profile_id
568 );
569 hr_utility.set_location('security_profile_id: '|| fnd_profile.value('PER_SECURITY_PROFILE_ID'),50);
570 hr_utility.set_location('business_group_id: '||fnd_profile.value('PER_BUSINESS_GROUP_ID'),50);
571 /*fnd_log.string(1,'HR','security_profile_id: '|| fnd_profile.value('PER_SECURITY_PROFILE_ID'));
572 fnd_log.string(1,'HR','business_group_id: '||fnd_profile.value('PER_BUSINESS_GROUP_ID'));*/
573 ELSE
574 --
575 -- The site level defaults will be used for this session so
576 -- retrieve the value from the profile cache now..
577 --
578 hr_utility.set_location('Business group id is null',60);
579 --fnd_log.string(1,'HR','Business group id is null'||'40');
580 l_security_profile_id
581 := TO_NUMBER(fnd_profile.value('PER_SECURITY_PROFILE_ID'));
582 hr_utility.set_location('l_security_profile_id:'||l_security_profile_id,60);
583 -- fnd_log.string(1,'HR','l_security_profile_id:'||l_security_profile_id);
584 --
585 END IF;
586 ELSE
587 BEGIN
588 hr_utility.set_location('before lockout: ',80);
589 -- fnd_log.string(1,'HR','before lockout: 80');
590 Check_Business_Group_Lockout
591 (p_business_group_id =>
592 TO_NUMBER(fnd_profile.value('PER_BUSINESS_GROUP_ID'))
593 ,p_security_group_id => 0
594 ,p_sg_enabled => FALSE
595 );
596 hr_utility.set_location('after lockout: ',85);
597 -- fnd_log.string(1,'HR','after lockout: 85');
598 --
599 l_security_profile_id
600 := TO_NUMBER(fnd_profile.value('PER_SECURITY_PROFILE_ID'));
601 hr_utility.set_location('l_security_profile_id: '||l_security_profile_id,90);
602 --fnd_log.string(1,'HR','l_security_profile_id: '||l_security_profile_id);
603 EXCEPTION
604 WHEN OTHERS THEN
605 NULL;
606 END;
607 END IF;
608 hr_utility.set_location('Leaving Get_Security_Profile_ID:',100);
609
610 --fnd_log.string(1,'HR','Leaving Get_Security_Profile_ID:'||' 100');
611 RETURN l_security_profile_id;
612 --
613 END Get_Security_Profile_ID;
614 --
615 -----------------------------------------------------------------------
616 ------------------------< derive_legislation >-------------------------
617 -----------------------------------------------------------------------
618 --
619 PROCEDURE derive_legislation IS
620 --
621 l_leg_code varchar2(150);
622 l_business_group_id number(15);
623 --
624 BEGIN
625 hr_utility.set_location('Entering derive_legislation:',10);
626 -- fnd_log.string(1,'HR','Entering derive_legislation:'||' 10');
627 --
628 l_leg_code := hr_api.return_legislation_code(
629 fnd_profile.value('PER_BUSINESS_GROUP_ID'));
630 --
631 --
632 hr_utility.set_location('l_leg_code: '||l_leg_code,20);
633 --fnd_log.string(1,'HR','l_leg_code: '||l_leg_code);
634 hr_api.set_legislation_context(l_leg_code);
635 --
636 hr_utility.set_location('Leaving derive_legislation:',100);
637 -- fnd_log.string(1,'HR','Leaving derive_legislation:'||' 100');
638 EXCEPTION
639 WHEN NO_DATA_FOUND THEN
640 null;
641 --
642 END derive_legislation;
643 --
644 -----------------------------------------------------------------------
645 -----------------------------------------------------------------------
646 -- PUBLIC FUNCTIONS
647 -----------------------------------------------------------------------
648 -----------------------------------------------------------------------
649 --
650 -----------------------------------------------------------------------
651 --< Initialize_HR_Security >-------------------------------------------
652 -----------------------------------------------------------------------
653 --
654 -- Description:
655 -- This procedure is called during initialization of applications
656 -- that use the HR secure user functionality. It determines the
657 -- security profile and business group to use for the session based
658 -- on the user_id, responsibility_id, application_id and
659 -- security_group_id of the session and set the appropriate profile
660 -- values.
661 --
662 -- Arguments
663 -- None.
664 --
665 PROCEDURE Initialize_HR_Security
666 IS
667 --
668 l_security_profile_id NUMBER;
669 l_null_row per_security_profiles%rowtype;
670 --
671 BEGIN
672 hr_utility.set_location('Entering Initialize_HR_Security:',10);
673 -- fnd_log.string(1,'HR','Entering Initialize_HR_Security:'||'10');
674 --
675 -- 2876315
676 --
677 session_context := fnd_global.session_context ;
678 hr_utility.set_location('session_context: '||session_context,20);
679 -- fnd_log.string(1,'HR','session_context: '||session_context);
680
681 -- HR Multi Tenancy Addition:- Bug 7501793
682 if hr_multi_tenancy_pkg.is_multi_tenant_system then
683 hr_multi_tenancy_pkg.set_context(null);
684 end if;
685
686 --
687 -- Reset the package global just in case the initialization fails
688 -- since we want to prevent the old value being used in a different
689 -- session.
690 --
691 g_hr_security_profile := l_null_row;
692 --
693 -- Get the security profile to use for this session - note that this
694 -- function call will transparently set the profile values for
695 -- PER_SECURITY_PROFILE_ID and PER_BUSINESS_GROUP_ID.
696 --
697 /* fnd_log.string(1,'HR','fnd_global.user_id: '||fnd_global.user_id);
698 fnd_log.string(1,'HR','fnd_global.resp_id: '||fnd_global.resp_id);
699 fnd_log.string(1,'HR','fnd_global.resp_appl_id: '||fnd_global.resp_appl_id);
700 fnd_log.string(1,'HR','fnd_global.security_group_id: '||fnd_global.security_group_id);*/
701 hr_utility.set_location('fnd_global.user_id: '||fnd_global.user_id,30);
702 hr_utility.set_location('fnd_global.resp_id: '||fnd_global.resp_id,30);
703 hr_utility.set_location('fnd_global.resp_appl_id: '||fnd_global.resp_appl_id,30);
704 hr_utility.set_location('fnd_global.security_group_id: '||fnd_global.security_group_id,30);
705
706 l_security_profile_id :=
707 Get_Security_Profile_ID
708 (fnd_global.user_id
709 ,fnd_global.resp_id
710 ,fnd_global.resp_appl_id
711 ,fnd_global.security_group_id
712 );
713 hr_utility.set_location('l_security_profile_id: '||l_security_profile_id,40);
714 --fnd_log.string(1,'HR','l_security_profile_id: '||l_security_profile_id);
715 --
716 -- If a security profile was found/returned then populate the package
717 -- level global variable with the appropriate row for the ID
718 -- from per_security_profiles.
719 --
720 IF l_security_profile_id IS NOT NULL THEN
721 BEGIN
722 select *
723 into hr_signon.g_hr_security_profile
724 from per_security_profiles
725 where security_profile_id = l_security_profile_id;
726 EXCEPTION
727 when NO_DATA_FOUND then
728 --
729 -- Ignore NO_DATA_FOUND error if context=0
730 --
731 if l_security_profile_id = 0 then
732 null;
733 else
734 raise;
735 end if;
736 END;
737 ELSE
738 null;
739 END IF;
740 --
741 -- call private procedure to identify legislation_code from bg_id
742 -- and call hr_api to setup the application context
743 -- HR_ESSION_DATA namespace LEG_CODE with the session's legislation_code.
744 --
745 derive_legislation;
746 hr_utility.set_location('Leaving Initialize_HR_Security: ',100);
747 --fnd_log.string(1,'HR','Leaving Initialize_HR_Security: '||'100');
748
749 EXCEPTION
750 WHEN OTHERS THEN
751 hr_utility.set_location('Leaving with error '||sqlcode||sqlerrm,110);
752 -- fnd_log.string(1,'HR','Leaving with error '||sqlcode||sqlerrm);
753 generic_error('HR_SIGNON.INITIALIZE_HR_SECURITY', sqlcode, sqlerrm);
754 END Initialize_HR_Security;
755 --
756 END HR_SIGNON;