Translate

Thursday, 4 August 2011

Oracle: Concurrent Request Security

In previous releases of Oracle concurrent request access was controlled by the use of profile values, however in Release 12 access is controlled by the use of Roles. In these examples we will create two Roles; one which grants access to the output of concurrent programs based on Responsibility, and one which grants access to all outputs (for use by System Administrators).

First up we will create the Role for Responsibility based security.

Within the Functional Developer responsibility search for the Object named "Concurrent Requests", then select the 'Object Instance Sets' tab and create a new Instance Set:

Name: XXAPPS Responsibility Concurrent Access
Code: XXAPPS_RESP_CR_ACCESS
Description: Responsibility Concurrent Access
Predicate:
&TABLE_ALIAS.request_id IN ( SELECT request_id FROM fnd_concurrent_requests WHERE concurrent_program_id IN (SELECT fru.request_unit_id FROM fnd_responsibility_vl frv , fnd_request_groups frg , fnd_request_group_units fru WHERE frv.request_group_id = frg.request_group_id AND frg.request_group_id = fru.request_group_id AND fru.request_unit_type IN ('P', 'S') AND frv.responsibility_id = fnd_global.resp_id))

To assign this to all users create a new Grant:

Name: XXAPPS Responsibility Concurrent Access
Description: Access to view all concurrent requests in current responsibility
Grantee Type: All Users
Data Security > Object: Concurrent Requests
Data Context Type: Instance Set (select the Instance Set XXAPPS Responsibility Concurrent Access)
Permission Set: Request Operations


Now, create a new Instance Set for the System Administrator access:

Name: XXAPPS System Administrator Concurrent Access
Code: XXAPPS_SYS_ADMIN_CR_ACCESS
Description: System Administrator Concurrent Access
Predicate:
&TABLE_ALIAS.request_id IN (SELECT request_id FROM fnd_concurrent_requests)

This Instance Set will be assigned to named users, so we need to create a Role (within the User Management responsibility):


Role:-
Category: Miscellaneous
Role Code: XXAPPS_SYS_ADMIN_CR_ACCESS
Display Name: XXAPPS System Administrator Concurrent Access
Description: Access to view all concurrent requests
Application: XXAPPS Application

Grant:-
Name: XXAPPS System Administrator Concurrent Access
Description: Access to view all concurrent requests
Data Security > Object: Concurrent Requests
Data Context Type: Instance Set (select the Instance Set XXAPPS System Administrator Concurrent Access)
Permission Set: Request Operations
Tags: , , , , ,

2 comments:

  1. sjvista24 February 2012 at 03:56

    I'm interested in creating a grant for a user so that the user can see all concurrent request submitted within that application, not just the responcibility. That way a super-user would not need to change hats all the time.

    Any help in this grant statement would really be apprciated.

    Regards,
    Eric
    Denver

    ReplyDelete
    Replies
    1. Carl17 April 2012 at 19:29

      Hey Eric,

      You could return requests based on the application_id by using a query along the lines of:

      “ &TABLE_ALIAS.request_id IN (SELECT request_id FROM fnd_concurrent_requests where program_application_id = fnd_global.resp_appl_id) ”

      Hope this helps (and sorry for the slow response).

      Delete

Subscribe to: Post Comments (Atom)