Search Results right_code

Overview

The IGW.IGW_ROLE_RIGHTS table is a core security and access control entity within the Oracle E-Business Suite Grants Accounting module (IGW). It functions as a junction table, defining the specific rights or permissions granted to a given role. These rights directly control user access to various functionalities and data within the proposal management lifecycle. By associating a right code with a role identifier, the table establishes a granular security model, determining what actions a user assigned to a particular role can perform on a proposal. Its storage in the APPS_TS_SEED tablespace indicates it is part of the application's seed data foundation, typically populated during installation or patching, and is critical for the module's security infrastructure.

Key Information Stored

The table's structure is concise, centered on the relationship between a role and its permissions. The two primary business columns are ROLE_ID and RIGHT_CODE. ROLE_ID is a mandatory numeric identifier linking to a defined role in the IGW_ROLES table. RIGHT_CODE is a mandatory 30-character string representing the specific permission granted. As per the documentation, valid values for this column are sourced from the lookup type IGW_RIGHTS, which would contain codes such as 'CREATE', 'MODIFY', 'VIEW', 'APPROVE', or other module-specific actions. The remaining columns (LAST_UPDATE_DATE, LAST_UPDATED_BY, CREATION_DATE, CREATED_BY, LAST_UPDATE_LOGIN) are standard Oracle EBS "Who" columns for auditing data creation and changes. The table's primary key is a composite of ROLE_ID and RIGHT_CODE, enforcing uniqueness and preventing duplicate permission assignments for a single role.

Common Use Cases and Queries

The primary use case is administering and auditing role-based security for the Grants Accounting module. Common activities include querying all permissions for a specific role, identifying which roles hold a particular right, or troubleshooting user access issues. For instance, to audit the complete security matrix, one might join with IGW_ROLES to get role names. A typical query to list all rights for a specific role would be:

• SELECT r.role_name, rr.right_code FROM igw_role_rights rr, igw_roles r WHERE rr.role_id = r.role_id AND r.role_id = :p_role_id ORDER BY rr.right_code;

Conversely, to find all roles possessing a specific right (e.g., 'APPROVE'), the query would be:

• SELECT r.role_name FROM igw_role_rights rr, igw_roles r WHERE rr.role_id = r.role_id AND rr.right_code = 'APPROVE';

Reporting often involves aggregating this data to understand the security footprint or to validate configurations during upgrades or migrations.

Related Objects

IGW_ROLE_RIGHTS has a direct and essential relationship with the IGW_ROLES table, which stores the master definition of roles. The documented foreign key relationship shows that the ROLE_ID column in IGW_ROLE_RIGHTS references the ROLE_ID column in IGW.IGW_ROLES. This ensures referential integrity, meaning a right cannot be assigned to a non-existent role. The table is also referenced by the APPS synonym IGW_ROLE_RIGHTS, which is the standard access point for all application code and queries. The right codes themselves are validated against the lookup type IGW_RIGHTS, making that lookup a critical related metadata object for understanding the permissible values in the RIGHT_CODE column.