Oracle Application Server Portal PL/SQL API Reference

Overview

Package

Object Type

Deprecated

Index

Help

Oracle Application Server Portal PL/SQL API Reference - 10.1.2

PREV PACKAGE NEXT PACKAGE

FRAMES NO FRAMES

SUMMARY: EXCEPTION | TYPE | CONSTANT | VARIABLE | FUNCTION/PROCEDURE

DETAIL: EXCEPTION | TYPE | CONSTANT | VARIABLE | FUNCTION/PROCEDURE

Package wwsec_api

This package contains procedures and functions for administering OracleAS Portal 10G security. Using these security APIs you can perform the following operations:

User maintenance (create user profile entries, activate portal access, update user properties, delete user profile entries, and other associated tasks).
Group maintenance (create, activate, update, delete groups, and other associated tasks).
Access control (grant, check, copy, update, remove user/group privileges, and other associated tasks).

Note that the user-related APIs create user profile entries in the portal repository, so that the other APIs can obtain a user ID with which other actions may be performed. An actual authenticatable user identity is not created by the add_portal_user API. Rather, this needs to be accomplished by using Oracle Internet Directory (OID) utilities.

Scope:: Public
Since:: Oracle9iAS Portal 3.0.6.6.5

Exception Summary
`ACCESS_DENIED_EXCEPTION` A user does not have sufficient privileges to execute a routine.
`CIRCULAR_REFERENCE_EXCEPTION` The reference path refers back to the first element in the path, for example, a group owns a group that owns the first group.
`DEPRECATED_API_EXCEPTION` The API has been deprecated.
`DUPLICATE_GRANTEE_EXCEPTION` The specified grantee exists.
`DUPLICATE_GROUP_EXCEPTION` A referenced group name exists.
`GROUP_MEMBER_EXCEPTION` A referenced group or user is already a member of the list.
`GROUP_NOT_FOUND_EXCEPTION` A referenced group was not found.
`GROUP_NOT_UNIQUE_EXCEPTION` Another group exists with the same name.
`INVALID_ARGUMENT_EXCEPTION` A specified argument is invalid.
`INVALID_AUTH_FUNC_EXCEPTION` The specified authorization function is ill-formed or undefined.
`INVALID_GRP_NAME_EXCEPTION` The specified group name is not valid.
`INVALID_PERSON_ID_EXCEPTION` A user referenced by ID does not exist.
`INVALID_SITE_EXCEPTION` A referenced site does not exist.
`LDAP_CONNECTION_EXCEPTION` An error occurred while connecting to the OID server.
`NO_ACCESSIBLE_OBJECT_EXCEPTION` The referenced object does not exist.
`NO_MANAGER_EXCEPTION` No manager ID exists for the new OracleAS Portal 10G user being registered, or there is no manager name on file for a referenced OracleAS Portal 10G user.
`ORG_NOT_EXIST_EXCEPTION` The specified organization does not exist.
`UNEXPECTED_EXCEPTION` An undefined exception condition exists.
`USER_EXISTS_EXCEPTION` Another user exists with the same identifier.
`USER_NOT_DELETABLE_EXCEPTION` The user cannot be deleted.
`USER_NOT_FOUND_EXCEPTION` A referenced user does not exist.
`VALUE_ERROR_EXCEPTION` An invalid parameter was passed to the API.

Type Summary
`array` This array receives varchar2 data from various security methods.	`table`
`grantee_array` An array of grantee_record(s).	`table`
`grantee_record` A record structure containing the details of a grantee of a privilege.	`record`
`idarray` This array receives number data from various security methods.	`table`
`list_array` An array containing a list of groups.	`table`
`list_member_array` An array of list_member_record records returned by the wwsec_api.	`table`
`list_member_record` A record structure containing the details of members of a group.	`record`
`list_record` A record structure containing details of a group.	`record`
`privilege_array` An array containing the list of privileges appropriate for assignment on a particular object type.	`table`
`username_type` Subtype for representing user names.	`subtype`

Constant Summary
`ACCESS_PRIV`	`wwsec_sys_priv$.privilege%type`
`ADD_CUSTOM_PRIV`	`wwsec_sys_priv$.privilege%type`
`ALL_OBJECTS` This constant is used for the object instance identifier (name) for the global privileges (ANY_XXXX).	`wwsec_sys_priv$.name%type`
`ANYGROUP_CREATE`	`number`
`ANYGROUP_MANAGE`	`number`
`ANYGROUP_OBJ`	`wwsec_sys_priv$.object_type_name%type`
`ANYLOG_EDIT`	`number`
`ANYLOG_MANAGE`	`number`
`ANYLOG_OBJ`	`wwsec_sys_priv$.object_type_name%type`
`ANYLOG_VIEW`	`number`
`ANYPAGE_ADD_ONLY_CUSTOM_CNT`	`number`
`ANYPAGE_CREATE`	`number`
`ANYPAGE_FULL_CUSTOM_CNT`	`number`
`ANYPAGE_HIDE_SHOW_CUSTOM_CNT`	`number`
`ANYPAGE_MANAGE`	`number`
`ANYPAGE_MANAGE_CNT`	`number`
`ANYPAGE_MANAGE_CNT_WITH_APP`	`number`
`ANYPAGE_MANAGE_STYLE`	`number`
`ANYPAGE_OBJ`	`wwsec_sys_priv$.object_type_name%type`
`ANYPAGE_STYLE_CUSTOM`	`number`
`ANYPAGE_VIEW`	`number`
`ANYPORTLET_ACCESS`	`number`
`ANYPORTLET_EDIT`	`number`
`ANYPORTLET_EXECUTE`	`number`
`ANYPORTLET_MANAGE`	`number`
`ANYPORTLET_OBJ`	`wwsec_sys_priv$.object_type_name%type`
`ANYPORTLET_PUBLISH`	`number`
`ANYPROVIDER_CREATE`	`number`
`ANYPROVIDER_EDIT`	`number`
`ANYPROVIDER_EXECUTE`	`number`
`ANYPROVIDER_MANAGE`	`number`
`ANYPROVIDER_OBJ`	`wwsec_sys_priv$.object_type_name%type`
`ANYPROVIDER_PUBLISH`	`number`
`ANYSCHEMA_CREATE`	`number`
`ANYSCHEMA_INSERT`	`number`
`ANYSCHEMA_MANAGE`	`number`
`ANYSCHEMA_MODIFY`	`number`
`ANYSCHEMA_OBJ`	`wwsec_sys_priv$.object_type_name%type`
`ANYSCHEMA_VIEW`	`number`
`ANYSITE_CREATE`	`number`
`ANYSITE_MANAGE`	`number`
`ANYSITE_MANAGE_CLASSIFICATION`	`number`
`ANYSITE_MANAGE_STYLE`	`number`
`ANYSITE_MANAGE_TEMPLATE`	`number`
`ANYSITE_MANAGE_TRANSLATION`	`number`
`ANYSITE_OBJ`	`wwsec_sys_priv$.object_type_name%type`
`ANYSITE_VIEW`	`number`
`ANYSTYLE_CREATE`	`number`
`ANYSTYLE_MANAGE`	`number`
`ANYSTYLE_OBJ`	`wwsec_sys_priv$.object_type_name%type`
`ANYSTYLE_PUBLISH`	`number`
`ANYSTYLE_VIEW`	`number`
`ANYTRANSPORTSET_EXECUTE`	`number`
`ANYTRANSPORTSET_MANAGE`	`number`
`ANYTRANSPORTSET_OBJ`	`wwsec_sys_priv$.object_type_name%type`
`ANYUSER_CREATE`	`number`
`ANYUSER_MANAGE`	`number`
`ANYUSER_OBJ`	`wwsec_sys_priv$.object_type_name%type`
`CREATE_PRIV`	`wwsec_sys_priv$.privilege%type`
`CUSTOMIZE_PRIV`	`wwsec_sys_priv$.privilege%type`
`DOCUMENT_MANAGE`	`number`
`DOCUMENT_OBJ`	`wwsec_sys_priv$.object_type_name%type`
`DOCUMENT_OWN`	`number`
`DOCUMENT_VIEW`	`number`
`EDIT_PRIV`	`wwsec_sys_priv$.privilege%type`
`EXECUTE_PRIV`	`wwsec_sys_priv$.privilege%type`
`FULL_CUSTOM_PRIV`	`wwsec_sys_priv$.privilege%type`
`GLOBAL_GROUP`	`number(1)`
`GRANTEE_GROUP`	`wwsec_sys_priv$.grantee_type%type`
`GRANTEE_USER`	`wwsec_sys_priv$.grantee_type%type`
`GROUP_AUTHENTICATED_USERS`	`number(1)`
`GROUP_DBA`	`number(1)`
`GROUP_IPORTAL_ADMINISTRATORS`	`number(1)`
`GROUP_OBJ`	`wwsec_sys_priv$.object_type_name%type`
`GROUP_OWN`	`number`
`GROUP_PORTAL_PUBLISHERS`	`number(1)`
`GROUP_TYPE_LIST`	`wwsec_group$.group_type%type`
`GROUP_TYPE_ORG`	`wwsec_group$.group_type%type`
`GROUP_WEBDB_ADMINISTRATORS`	`number(1)`
`HIDDEN`	`number(1)`
`HIDE_SHOW_CUSTOM_PRIV`	`wwsec_sys_priv$.privilege%type`
`INSERT_PRIV`	`wwsec_sys_priv$.privilege%type`
`ITEM_MANAGE`	`number`
`ITEM_OBJ`	`wwsec_sys_priv$.object_type_name%type`
`ITEM_OWN`	`number`
`ITEM_VIEW`	`number`
`LOV_EDIT`	`number`
`LOV_EXECUTE`	`number`
`LOV_OBJ`	`wwsec_sys_priv$.object_type_name%type`
`MANAGE_CLASSIFICATION_PRIV`	`wwsec_sys_priv$.privilege%type`
`MANAGE_CNT_PRIV`	`wwsec_sys_priv$.privilege%type`
`MANAGE_CNT_WITH_APP_PRIV`	`wwsec_sys_priv$.privilege%type`
`MANAGE_PRIV`	`wwsec_sys_priv$.privilege%type`
`MANAGE_STYLE_PRIV`	`wwsec_sys_priv$.privilege%type`
`MANAGE_TEMPLATE_PRIV`	`wwsec_sys_priv$.privilege%type`
`MEMBER_TYPE_GROUP`	`wwsec_member$.member_type%type`
`MEMBER_TYPE_USER`	`wwsec_member$.member_type%type`
`MENU_EXECUTE`	`number`
`MENU_OBJ`	`wwsec_sys_priv$.object_type_name%type`
`MODIFY_PRIV`	`wwsec_sys_priv$.privilege%type`
`NAVBAR_OBJ`	`wwsec_sys_priv$.object_type_name%type`
`NAVBAR_OWN`	`number`
`NO_PRIVILEGE`	`number`
`NOT_HIDDEN`	`number(1)`
`NOT_OWNER`	`number(1)`
`OWN_PRIV`	`wwsec_sys_priv$.privilege%type`
`OWNER`	`number(1)`
`PAGE_ADD_ONLY_CUSTOM_CNT`	`number`
`PAGE_FULL_CUSTOM_CNT`	`number`
`PAGE_HIDE_SHOW_CUSTOM_CNT`	`number`
`PAGE_MANAGE`	`number`
`PAGE_MANAGE_CNT`	`number`
`PAGE_MANAGE_CNT_WITH_APP`	`number`
`PAGE_MANAGE_STYLE`	`number`
`PAGE_OBJ`	`wwsec_sys_priv$.object_type_name%type`
`PAGE_STYLE_CUSTOM`	`number`
`PAGE_VIEW`	`number`
`PORTLET_ACCESS`	`number`
`PORTLET_EDIT`	`number`
`PORTLET_EXECUTE`	`number`
`PORTLET_MANAGE`	`number`
`PORTLET_NON_LOCAL_ACCESS`	`number`
`PORTLET_NON_LOCAL_EXECUTE`	`number`
`PORTLET_NON_LOCAL_MANAGE`	`number`
`PORTLET_NON_LOCAL_PUBLISH`	`number`
`PORTLET_NONLOCAL_OBJ`	`wwsec_sys_priv$.object_type_name%type`
`PORTLET_OBJ`	`wwsec_sys_priv$.object_type_name%type`
`PORTLET_PUBLISH`	`number`
`PROVIDER_EDIT`	`number`
`PROVIDER_EXECUTE`	`number`
`PROVIDER_MANAGE`	`number`
`PROVIDER_OBJ`	`wwsec_sys_priv$.object_type_name%type`
`PROVIDER_PUBLISH`	`number`
`PUBLISH_PRIV`	`wwsec_sys_priv$.privilege%type`
`SCHEMA_ADMIN`	`number(1)`
`SCHEMA_BROWSEIN`	`number`
`SCHEMA_BUILDIN`	`number`
`SCHEMA_OBJ`	`wwsec_sys_priv$.object_type_name%type`
`SCHEMA_OWNER`	`number(1)`
`SEARCH_SUBTYPE_GROUP`	`varchar2(30)`
`SEARCH_SUBTYPE_USER`	`varchar2(30)`
`SEARCH_TYPE_UG`	`varchar2(30)`
`SITE_MANAGE`	`number`
`SITE_MANAGE_CLASSIFICATION`	`number`
`SITE_MANAGE_STYLE`	`number`
`SITE_MANAGE_TEMPLATE`	`number`
`SITE_MANAGE_TRANSLATION`	`number`
`SITE_OBJ`	`wwsec_sys_priv$.object_type_name%type`
`SITE_SEPARATOR` Separator used for object names that include multiple identifiers.	`varchar2(1)`
`SITE_VIEW`	`number`
`STYLE_CUSTOM_PRIV`	`wwsec_sys_priv$.privilege%type`
`USER_PUBLIC`	`number(1)`
`VIEW_PRIV`	`wwsec_sys_priv$.privilege%type`
`WORKFLOW_EXECUTE`	`number`
`WORKFLOW_MANAGE`	`number`
`WORKFLOW_STATUS`	`number`
`WORKFLOW_STATUS_AND_EXECUTE`	`number`

Variable Summary
`empty` An instance of an empty array of varchar2s for initialization.	`array`
`emptyidarray` An instance of an empty array of numbers for initialization.	`idarray`

Function/Procedure Summary
`accessible_objects` Gets a list of objects accessible to a user, checking for a specific privilege.	`array`
`accessible_objects` Gets a list of objects accessible to a user, checking for a number of privileges.	`array`
`activate_portal_user` Activates an existing but inactive OracleAS Portal 10G user.
`add_group_to_list` Adds a group as a member to another group.
`add_portal_user` Adds a Portal profile entry to the OracleAS Portal 10G repository.	`number`
`add_user_to_list` Adds a user to a group.
`clear_package_cache` Clears the package level cache.
`copy_privileges` Copies all privileges from a source object to a destination object.
`create_list` Creates a group in OID and returns the corresponding group profile ID for the portal.	`number`
`db_user` Returns the database schema name to which the user is associated, given the name of an OracleAS Portal 10G user.	`varchar2`
`deactivate_portal_user` Deactivates an OracleAS Portal 10G user.
`delete_group_from_list` Deletes a group from the list of members of another group.
`delete_list` Deletes a group from OID and any associated references to the group.
`delete_portal_user` Deletes an OracleAS Portal 10G user profile entry from the portal schema, given a user name.
`delete_user_from_list` Deletes a user from the membership list of a group.
`get_authorization_function` Gets the name of the function used for function-based authorization.	`varchar2`
`get_defaultgroup` Returns the default group for a specified user.	`number`
`get_granted_group_privilege` Gets the highest privilege that a group has on a given object.	`varchar2`
`get_granted_user_priv_code` Gets the granted privilege code that a user has on a given object.	`number`
`get_granted_user_privilege` Gets the highest privilege that the user has on the specified object.	`varchar2`
`get_list_members` Deprecated. As of Oracle9iAS Portal 9.0.2, since the groups are maintained in OID that does not support an API to read the membership information if the number of members becomes very large. Gets a list of the members of a group of type 'LIST' when given a group id.	`wwsec_api.list_member_array`
`get_manager` Returns the user name of a specified user's manager.	`varchar2`
`get_member_record` Deprecated. As of Oracle9iAS Portal 9.0.2, since the membership information is maintained in OID and there is no member ID attribute, which is required as an input parameter for this function. Gets a member's record from the wwsec_member$ table.	`wwsec_member$%rowtype`
`get_privilege_level` Checks the highest privilege that a user has on a given object.	`number`
`get_public_objects` Gets a list of objects granted to PUBLIC.	`array`
`grantee_list` Returns a list of grantees for a named object and specified owner.	`grantee_array`
`group_id` Gets the group ID for a specified group name.	`number`
`group_info` Returns group information, given a group ID.	`wwsec_group$%rowtype`
`group_name` Returns the group name when given a group ID.	`varchar2`
`has_privilege` Checks whether a user has a certain privilege.	`boolean`
`has_privilege` Checks whether a user has one of a list of privileges.	`boolean`
`has_privilege` Checks whether a specified user has a specified privilege.	`boolean`
`id` Returns a person ID, given a user name or Globally Unique Identifier (GUID).	`number`
`id_sso` Returns a person ID, given a user name or GUID and also validates that a user exists in the OID Server and OracleAS Portal 10G.	`number`
`is_group_owner` Deprecated. As of Oracle9iAS Portal 9.0.2, since the membership information is maintained in OID and there is no member id attribute, which is required as an input parameter for this function. Checks whether a member is a group's owner.	`number`
`is_privilege_at_least` Checks whether a specified user, or group to which a user belongs, has a privilege on a specified object that is at least as high as the privilege specified.	`boolean`
`is_privileged_by_auth_function` Checks the authorization by calling the authorization function.	`boolean`
`is_user_in_direct_group` Checks whether a user was individually granted membership in a specific group.	`boolean`
`is_user_in_group` Checks whether a user belongs to a specific group.	`boolean`
`list_id` Gets the group ID of a list within a site.	`number`
`lists` Deprecated. As of Oracle9iAS Portal 9.0.2, since the groups are stored in OID and are not scoped by site ID Gets a list of list type groups.	`wwsec_api.list_array`
`modify_portal_user` Updates personal and business-related information relating to an OracleAS Portal 10G user.
`person_info` Returns user information, given a person ID.	`wwsec_person%rowtype`
`person_info` Returns user information, given a user name.	`wwsec_person%rowtype`
`privilege_list` Returns a list of privileges for a specified object_type_name.	`privilege_array`
`publish_group` Deprecated. As of Oracle9iAS Portal 9.0.2, as groups are stored in OID which does not support this property Sets the group to be publishable or nonpublishable.
`remove_group_acl` Removes a group's privileges.
`remove_user_acl` Removes a specified privilege from a user.
`set_authorization_function` Sets the name of a function to be used for function-based authorization.
`set_defaultgroup` Sets the default group for a specified user.
`set_group_acl` Creates an entry in the Access Control List that grants a privilege on a specified object to a specified group.
`set_user_acl` Gives a user a specified privilege in the OracleAS Portal 10G.
`update_group_acl` Changes a group's privilege in the Access Control List.
`update_group_owner` Modifies group-ownership for a group that is a member of another group.
`update_list` Updates general information for a specified group.
`update_user_acl` Changes a user's privilege in the Access Control List.
`update_user_owner` Modifies group-ownership for a user.
`user_in_groups` Deprecated. As of Oracle9iAS Portal 9.0.2, since groups are now stored in OID and do not necessarily have a local shadow entry with an ID Returns a list of group IDs when given a user name.	`idarray`
`user_name` Returns a user name, given a person ID.	`varchar2`
`users_in_group` Deprecated. As of Oracle9iAS Portal 9.0.2, since the group memberships are being maintained in OID and implementation of this API becomes prohibitive. OID does not provide a direct API to return the members of a group, so recursive calls would have to be made to the directory to get the users who are indirect members. This function is not being used anywhere in the Portal code. Gets the list of all the users in a specific group.	`array`

Exception Detail

ACCESS_DENIED_EXCEPTION

ACCESS_DENIED_EXCEPTION exception

A user does not have sufficient privileges to execute a routine.

CIRCULAR_REFERENCE_EXCEPTION

CIRCULAR_REFERENCE_EXCEPTION exception

The reference path refers back to the first element in the path, for example, a group owns a group that owns the first group.

DEPRECATED_API_EXCEPTION

DEPRECATED_API_EXCEPTION exception

The API has been deprecated.

DUPLICATE_GRANTEE_EXCEPTION

DUPLICATE_GRANTEE_EXCEPTION exception

The specified grantee exists.

DUPLICATE_GROUP_EXCEPTION

DUPLICATE_GROUP_EXCEPTION exception

A referenced group name exists.

GROUP_MEMBER_EXCEPTION

GROUP_MEMBER_EXCEPTION exception

A referenced group or user is already a member of the list.

GROUP_NOT_FOUND_EXCEPTION

GROUP_NOT_FOUND_EXCEPTION exception

A referenced group was not found.

GROUP_NOT_UNIQUE_EXCEPTION

GROUP_NOT_UNIQUE_EXCEPTION exception

Another group exists with the same name.

INVALID_ARGUMENT_EXCEPTION

INVALID_ARGUMENT_EXCEPTION exception

A specified argument is invalid.

INVALID_AUTH_FUNC_EXCEPTION

INVALID_AUTH_FUNC_EXCEPTION exception

The specified authorization function is ill-formed or undefined.

INVALID_GRP_NAME_EXCEPTION

INVALID_GRP_NAME_EXCEPTION exception

The specified group name is not valid.

INVALID_PERSON_ID_EXCEPTION

INVALID_PERSON_ID_EXCEPTION exception

A user referenced by ID does not exist.

INVALID_SITE_EXCEPTION

INVALID_SITE_EXCEPTION exception

A referenced site does not exist.

LDAP_CONNECTION_EXCEPTION

LDAP_CONNECTION_EXCEPTION exception

An error occurred while connecting to the OID server.

NO_ACCESSIBLE_OBJECT_EXCEPTION

NO_ACCESSIBLE_OBJECT_EXCEPTION exception

The referenced object does not exist.

NO_MANAGER_EXCEPTION

NO_MANAGER_EXCEPTION exception

No manager ID exists for the new OracleAS Portal 10G user being registered, or there is no manager name on file for a referenced OracleAS Portal 10G user.

ORG_NOT_EXIST_EXCEPTION

ORG_NOT_EXIST_EXCEPTION exception

The specified organization does not exist.

UNEXPECTED_EXCEPTION

UNEXPECTED_EXCEPTION exception

An undefined exception condition exists.

USER_EXISTS_EXCEPTION

USER_EXISTS_EXCEPTION exception

Another user exists with the same identifier.

USER_NOT_DELETABLE_EXCEPTION

USER_NOT_DELETABLE_EXCEPTION exception

The user cannot be deleted.

USER_NOT_FOUND_EXCEPTION

USER_NOT_FOUND_EXCEPTION exception

A referenced user does not exist.

VALUE_ERROR_EXCEPTION

VALUE_ERROR_EXCEPTION exception

An invalid parameter was passed to the API.

Type Detail

array

type array is table of varchar2(2000) index by binary_integer

This array receives varchar2 data from various security methods.

grantee_array

type grantee_array is table of grantee_record index by binary_integer

An array of grantee_record(s).

grantee_record

type grantee_record is record (
    grantee_type wwsec_sys_priv$.grantee_type%type,
    grantee_id number,
    grantee_name wwsec_person$.user_name%type,
    privilege wwsec_sys_priv$.privilege%type
)

A record structure containing the details of a grantee of a privilege.

Fields:: grantee_type - indicates whether the privilege is granted to a 'USER' or a 'GROUP'; grantee_id - the numeric identifier of the grantee - which may be a user id or a group id; grantee_name - the name of the user or group represented by this entry; privilege - the privilege granted to the user or group
Since:: 3.0.6.6.5

idarray

type idarray is table of number index by binary_integer

This array receives number data from various security methods.

list_array

type list_array is table of list_record index by binary_integer

An array containing a list of groups.

list_member_array

type list_member_array is table of list_member_record index by binary_integer

An array of list_member_record records returned by the wwsec_api.get_list_members function.

list_member_record

type list_member_record is record (
    id wwsec_member$.id%type,
    group_id wwsec_member$.group_id%type,
    member_type wwsec_member$.member_type%type,
    member_group_id wwsec_member$.member_group_id%type,
    member_person_id wwsec_member$.member_person_id%type
)

A record structure containing the details of members of a group.

Fields:: id - an identifier for the member entry; group_id - the identifier for the group to which this membership belongs; member_type - indicates whether this membership entry is for a GROUP member or a USER member; member_group_id - contains the identifier of the member group if the member_type is GROUP; and is 0 otherwise; member_person_id - contains the identifier of the member user if the member_type is USER; and is 0 otherwise

list_record

type list_record is record (
    group_id wwsec_group$.id%type,
    siteid wwsec_group$.site_id%type,
    name wwsec_group$.name%type,
    description wwsec_group$.description%type
)

A record structure containing details of a group.

Fields:: group_id - the portal's numeric identifier for the group; siteid - the numeric identifier for the content area to which the group may be scoped; or 0 if not locally scoped; name - the name of the group; description - a free-text description of the group
Since:: Oracle9iAS Portal 3.0.6.6.5

privilege_array

type privilege_array is table of wwsec_privilege$%rowtype index by binary_integer

An array containing the list of privileges appropriate for assignment on a particular object type.

username_type

subtype username_type is wwsec_person$.user_name%type

Subtype for representing user names.

Constant Detail

ACCESS_PRIV

ACCESS_PRIV constant wwsec_sys_priv$.privilege%type := 'ACCESS'

ADD_CUSTOM_PRIV

ADD_CUSTOM_PRIV constant wwsec_sys_priv$.privilege%type := 'ADD_ONLY_CUSTOM_CONTENT'

ALL_OBJECTS

ALL_OBJECTS constant wwsec_sys_priv$.name%type := 'ALL_OBJECTS'

This constant is used for the object instance identifier (name) for the global privileges (ANY_XXXX).

ANYGROUP_CREATE

ANYGROUP_CREATE constant number := 100

ANYGROUP_MANAGE

ANYGROUP_MANAGE constant number := 200

ANYGROUP_OBJ

ANYGROUP_OBJ constant wwsec_sys_priv$.object_type_name%type := 'ANY_GROUP'

ANYLOG_EDIT

ANYLOG_EDIT constant number := 200

ANYLOG_MANAGE

ANYLOG_MANAGE constant number := 300

ANYLOG_OBJ

ANYLOG_OBJ constant wwsec_sys_priv$.object_type_name%type := 'ANY_LOG'

ANYLOG_VIEW

ANYLOG_VIEW constant number := 100

ANYPAGE_ADD_ONLY_CUSTOM_CNT

ANYPAGE_ADD_ONLY_CUSTOM_CNT constant number := 500

ANYPAGE_CREATE

ANYPAGE_CREATE constant number := 100

ANYPAGE_FULL_CUSTOM_CNT

ANYPAGE_FULL_CUSTOM_CNT constant number := 600

ANYPAGE_HIDE_SHOW_CUSTOM_CNT

ANYPAGE_HIDE_SHOW_CUSTOM_CNT constant number := 400

ANYPAGE_MANAGE

ANYPAGE_MANAGE constant number := 1000

ANYPAGE_MANAGE_CNT

ANYPAGE_MANAGE_CNT constant number := 900

ANYPAGE_MANAGE_CNT_WITH_APP

ANYPAGE_MANAGE_CNT_WITH_APP constant number := 800

ANYPAGE_MANAGE_STYLE

ANYPAGE_MANAGE_STYLE constant number := 700

ANYPAGE_OBJ

ANYPAGE_OBJ constant wwsec_sys_priv$.object_type_name%type := 'ANY_PAGE'

ANYPAGE_STYLE_CUSTOM

ANYPAGE_STYLE_CUSTOM constant number := 300

ANYPAGE_VIEW

ANYPAGE_VIEW constant number := 200

ANYPORTLET_ACCESS

ANYPORTLET_ACCESS constant number := 200

ANYPORTLET_EDIT

ANYPORTLET_EDIT constant number := 400

ANYPORTLET_EXECUTE

ANYPORTLET_EXECUTE constant number := 300

ANYPORTLET_MANAGE

ANYPORTLET_MANAGE constant number := 500

ANYPORTLET_OBJ

ANYPORTLET_OBJ constant wwsec_sys_priv$.object_type_name%type := 'ANY_PORTLET'

ANYPORTLET_PUBLISH

ANYPORTLET_PUBLISH constant number := 100

ANYPROVIDER_CREATE

ANYPROVIDER_CREATE constant number := 100

ANYPROVIDER_EDIT

ANYPROVIDER_EDIT constant number := 400

ANYPROVIDER_EXECUTE

ANYPROVIDER_EXECUTE constant number := 200

ANYPROVIDER_MANAGE

ANYPROVIDER_MANAGE constant number := 500

ANYPROVIDER_OBJ

ANYPROVIDER_OBJ constant wwsec_sys_priv$.object_type_name%type := 'ANY_PROVIDER'

ANYPROVIDER_PUBLISH

ANYPROVIDER_PUBLISH constant number := 300

ANYSCHEMA_CREATE

ANYSCHEMA_CREATE constant number := 100

ANYSCHEMA_INSERT

ANYSCHEMA_INSERT constant number := 300

ANYSCHEMA_MANAGE

ANYSCHEMA_MANAGE constant number := 500

ANYSCHEMA_MODIFY

ANYSCHEMA_MODIFY constant number := 400

ANYSCHEMA_OBJ

ANYSCHEMA_OBJ constant wwsec_sys_priv$.object_type_name%type := 'ANY_SCHEMA'

ANYSCHEMA_VIEW

ANYSCHEMA_VIEW constant number := 200

ANYSITE_CREATE

ANYSITE_CREATE constant number := 100

ANYSITE_MANAGE

ANYSITE_MANAGE constant number := 700

ANYSITE_MANAGE_CLASSIFICATION

ANYSITE_MANAGE_CLASSIFICATION constant number := 500

ANYSITE_MANAGE_STYLE

ANYSITE_MANAGE_STYLE constant number := 300

ANYSITE_MANAGE_TEMPLATE

ANYSITE_MANAGE_TEMPLATE constant number := 400

ANYSITE_MANAGE_TRANSLATION

ANYSITE_MANAGE_TRANSLATION constant number := 600

ANYSITE_OBJ

ANYSITE_OBJ constant wwsec_sys_priv$.object_type_name%type := 'ANY_SITE'

ANYSITE_VIEW

ANYSITE_VIEW constant number := 200

ANYSTYLE_CREATE

ANYSTYLE_CREATE constant number := 100

ANYSTYLE_MANAGE

ANYSTYLE_MANAGE constant number := 400

ANYSTYLE_OBJ

ANYSTYLE_OBJ constant wwsec_sys_priv$.object_type_name%type := 'ANY_STYLE'

ANYSTYLE_PUBLISH

ANYSTYLE_PUBLISH constant number := 200

ANYSTYLE_VIEW

ANYSTYLE_VIEW constant number := 300

ANYTRANSPORTSET_EXECUTE

ANYTRANSPORTSET_EXECUTE constant number := 200

ANYTRANSPORTSET_MANAGE

ANYTRANSPORTSET_MANAGE constant number := 500

ANYTRANSPORTSET_OBJ

ANYTRANSPORTSET_OBJ constant wwsec_sys_priv$.object_type_name%type := 'ANY_TRANSPORTSET'

ANYUSER_CREATE

ANYUSER_CREATE constant number := 100

ANYUSER_MANAGE

ANYUSER_MANAGE constant number := 200

ANYUSER_OBJ

ANYUSER_OBJ constant wwsec_sys_priv$.object_type_name%type := 'ANY_USER'

CREATE_PRIV

CREATE_PRIV constant wwsec_sys_priv$.privilege%type := 'CREATE'

CUSTOMIZE_PRIV

CUSTOMIZE_PRIV constant wwsec_sys_priv$.privilege%type := 'CUSTOMIZE'

DOCUMENT_MANAGE

DOCUMENT_MANAGE constant number := 200

DOCUMENT_OBJ

DOCUMENT_OBJ constant wwsec_sys_priv$.object_type_name%type := 'DOCUMENT'

DOCUMENT_OWN

DOCUMENT_OWN constant number := 300

DOCUMENT_VIEW

DOCUMENT_VIEW constant number := 100

EDIT_PRIV

EDIT_PRIV constant wwsec_sys_priv$.privilege%type := 'EDIT'

EXECUTE_PRIV

EXECUTE_PRIV constant wwsec_sys_priv$.privilege%type := 'EXECUTE'

FULL_CUSTOM_PRIV

FULL_CUSTOM_PRIV constant wwsec_sys_priv$.privilege%type := 'FULL_CUSTOM_CONTENT'

GLOBAL_GROUP

GLOBAL_GROUP constant number(1) := 0

GRANTEE_GROUP

GRANTEE_GROUP constant wwsec_sys_priv$.grantee_type%type := 'GROUP'

GRANTEE_USER

GRANTEE_USER constant wwsec_sys_priv$.grantee_type%type := 'USER'

GROUP_AUTHENTICATED_USERS

GROUP_AUTHENTICATED_USERS constant number(1) := 0

GROUP_DBA

GROUP_DBA constant number(1) := 1

GROUP_IPORTAL_ADMINISTRATORS

GROUP_IPORTAL_ADMINISTRATORS constant number(1) := GROUP_WEBDB_ADMINISTRATORS

GROUP_OBJ

GROUP_OBJ constant wwsec_sys_priv$.object_type_name%type := 'GROUP'

GROUP_OWN

GROUP_OWN constant number := 100

GROUP_PORTAL_PUBLISHERS

GROUP_PORTAL_PUBLISHERS constant number(1) := 3

GROUP_TYPE_LIST

GROUP_TYPE_LIST constant wwsec_group$.group_type%type := 'LIST'

GROUP_TYPE_ORG

GROUP_TYPE_ORG constant wwsec_group$.group_type%type := 'ORG'

GROUP_WEBDB_ADMINISTRATORS

GROUP_WEBDB_ADMINISTRATORS constant number(1) := 2

HIDDEN

HIDDEN constant number(1) := 1

HIDE_SHOW_CUSTOM_PRIV

HIDE_SHOW_CUSTOM_PRIV constant wwsec_sys_priv$.privilege%type := 'HIDE_SHOW_CUSTOM_CONTENT'

INSERT_PRIV

INSERT_PRIV constant wwsec_sys_priv$.privilege%type := 'INSERT'

ITEM_MANAGE

ITEM_MANAGE constant number := 200

ITEM_OBJ

ITEM_OBJ constant wwsec_sys_priv$.object_type_name%type := 'ITEM'

ITEM_OWN

ITEM_OWN constant number := 300

ITEM_VIEW

ITEM_VIEW constant number := 100

LOV_EDIT

LOV_EDIT constant number := 200

LOV_EXECUTE

LOV_EXECUTE constant number := 100

LOV_OBJ

LOV_OBJ constant wwsec_sys_priv$.object_type_name%type := 'LOV'

MANAGE_CLASSIFICATION_PRIV

MANAGE_CLASSIFICATION_PRIV constant wwsec_sys_priv$.privilege%type := 'MANAGE_CLASSIFICATION'

MANAGE_CNT_PRIV

MANAGE_CNT_PRIV constant wwsec_sys_priv$.privilege%type := 'MANAGE_CONTENT'

MANAGE_CNT_WITH_APP_PRIV

MANAGE_CNT_WITH_APP_PRIV constant wwsec_sys_priv$.privilege%type := 'MANAGE_CONTENT_WITH_APPROVAL'

MANAGE_PRIV

MANAGE_PRIV constant wwsec_sys_priv$.privilege%type := 'MANAGE'

MANAGE_STYLE_PRIV

MANAGE_STYLE_PRIV constant wwsec_sys_priv$.privilege%type := 'MANAGE_STYLE'

MANAGE_TEMPLATE_PRIV

MANAGE_TEMPLATE_PRIV constant wwsec_sys_priv$.privilege%type := 'MANAGE_TEMPLATE'

MEMBER_TYPE_GROUP

MEMBER_TYPE_GROUP constant wwsec_member$.member_type%type := 'GROUP'

MEMBER_TYPE_USER

MEMBER_TYPE_USER constant wwsec_member$.member_type%type := 'USER'

MENU_EXECUTE

MENU_EXECUTE constant number := 100

MENU_OBJ

MENU_OBJ constant wwsec_sys_priv$.object_type_name%type := 'MENU'

MODIFY_PRIV

MODIFY_PRIV constant wwsec_sys_priv$.privilege%type := 'MODIFY'

NAVBAR_OBJ

NAVBAR_OBJ constant wwsec_sys_priv$.object_type_name%type := 'NAVBAR'

NAVBAR_OWN

NAVBAR_OWN constant number := 100

NO_PRIVILEGE

NO_PRIVILEGE constant number := 0

NOT_HIDDEN

NOT_HIDDEN constant number(1) := 0

NOT_OWNER

NOT_OWNER constant number(1) := 0

OWN_PRIV

OWN_PRIV constant wwsec_sys_priv$.privilege%type := 'OWN'

OWNER

OWNER constant number(1) := 1

PAGE_ADD_ONLY_CUSTOM_CNT

PAGE_ADD_ONLY_CUSTOM_CNT constant number := 400

PAGE_FULL_CUSTOM_CNT

PAGE_FULL_CUSTOM_CNT constant number := 500

PAGE_HIDE_SHOW_CUSTOM_CNT

PAGE_HIDE_SHOW_CUSTOM_CNT constant number := 300

PAGE_MANAGE

PAGE_MANAGE constant number := 900

PAGE_MANAGE_CNT

PAGE_MANAGE_CNT constant number := 800

PAGE_MANAGE_CNT_WITH_APP

PAGE_MANAGE_CNT_WITH_APP constant number := 700

PAGE_MANAGE_STYLE

PAGE_MANAGE_STYLE constant number := 600

PAGE_OBJ

PAGE_OBJ constant wwsec_sys_priv$.object_type_name%type := 'PAGE'

PAGE_STYLE_CUSTOM

PAGE_STYLE_CUSTOM constant number := 200

PAGE_VIEW

PAGE_VIEW constant number := 100

PORTLET_ACCESS

PORTLET_ACCESS constant number := 200

PORTLET_EDIT

PORTLET_EDIT constant number := 400

PORTLET_EXECUTE

PORTLET_EXECUTE constant number := 300

PORTLET_MANAGE

PORTLET_MANAGE constant number := 500

PORTLET_NON_LOCAL_ACCESS

PORTLET_NON_LOCAL_ACCESS constant number := 200

PORTLET_NON_LOCAL_EXECUTE

PORTLET_NON_LOCAL_EXECUTE constant number := 300

PORTLET_NON_LOCAL_MANAGE

PORTLET_NON_LOCAL_MANAGE constant number := 500

PORTLET_NON_LOCAL_PUBLISH

PORTLET_NON_LOCAL_PUBLISH constant number := 100

PORTLET_NONLOCAL_OBJ

PORTLET_NONLOCAL_OBJ constant wwsec_sys_priv$.object_type_name%type := 'PORTLET_NON_LOCAL'

PORTLET_OBJ

PORTLET_OBJ constant wwsec_sys_priv$.object_type_name%type := 'PORTLET'

PORTLET_PUBLISH

PORTLET_PUBLISH constant number := 100

PROVIDER_EDIT

PROVIDER_EDIT constant number := 400

PROVIDER_EXECUTE

PROVIDER_EXECUTE constant number := 200

PROVIDER_MANAGE

PROVIDER_MANAGE constant number := 500

PROVIDER_OBJ

PROVIDER_OBJ constant wwsec_sys_priv$.object_type_name%type := 'PROVIDER'

PROVIDER_PUBLISH

PROVIDER_PUBLISH constant number := 300

PUBLISH_PRIV

PUBLISH_PRIV constant wwsec_sys_priv$.privilege%type := 'PUBLISH'

SCHEMA_ADMIN

SCHEMA_ADMIN constant number(1) := 1

SCHEMA_BROWSEIN

SCHEMA_BROWSEIN constant number := 100

SCHEMA_BUILDIN

SCHEMA_BUILDIN constant number := 200

SCHEMA_OBJ

SCHEMA_OBJ constant wwsec_sys_priv$.object_type_name%type := 'SCHEMA'

SCHEMA_OWNER

SCHEMA_OWNER constant number(1) := 0

SEARCH_SUBTYPE_GROUP

SEARCH_SUBTYPE_GROUP constant varchar2(30) := 'GROUP'

SEARCH_SUBTYPE_USER

SEARCH_SUBTYPE_USER constant varchar2(30) := 'USER'

SEARCH_TYPE_UG

SEARCH_TYPE_UG constant varchar2(30) := 'USERGROUP'

SITE_MANAGE

SITE_MANAGE constant number := 600

SITE_MANAGE_CLASSIFICATION

SITE_MANAGE_CLASSIFICATION constant number := 400

SITE_MANAGE_STYLE

SITE_MANAGE_STYLE constant number := 200

SITE_MANAGE_TEMPLATE

SITE_MANAGE_TEMPLATE constant number := 300

SITE_MANAGE_TRANSLATION

SITE_MANAGE_TRANSLATION constant number := 500

SITE_OBJ

SITE_OBJ constant wwsec_sys_priv$.object_type_name%type := 'SITE'

SITE_SEPARATOR

SITE_SEPARATOR constant varchar2(1) := '/'

Separator used for object names that include multiple identifiers.

SITE_VIEW

SITE_VIEW constant number := 100

STYLE_CUSTOM_PRIV

STYLE_CUSTOM_PRIV constant wwsec_sys_priv$.privilege%type := 'STYLE_CUSTOM'

USER_PUBLIC

USER_PUBLIC constant number(1) := 2

VIEW_PRIV

VIEW_PRIV constant wwsec_sys_priv$.privilege%type := 'VIEW'

WORKFLOW_EXECUTE

WORKFLOW_EXECUTE constant number := 300

WORKFLOW_MANAGE

WORKFLOW_MANAGE constant number := 400

WORKFLOW_STATUS

WORKFLOW_STATUS constant number := 100

WORKFLOW_STATUS_AND_EXECUTE

WORKFLOW_STATUS_AND_EXECUTE constant number := 200

Variable Detail

empty

empty array

An instance of an empty array of varchar2s for initialization.

emptyidarray

emptyidarray idarray

An instance of an empty array of numbers for initialization.

Function/Procedure Detail

accessible_objects

function accessible_objects(
    p_object_type_name in varchar2,
    p_privilege in varchar2,
    p_owner in varchar2 default wwctx_api . get_product_schema
) return array

Gets a list of objects accessible to a user, checking for a specific privilege.

Returns a list of accessible objects of a single object type and single privilege level to which a specified user, or a specified group that the user belongs to, has privileges.

Example:

 declare
     l_array wwsec_api.array;
 begin
     l_array := wwsec_api.accessible_objects
     (
         p_object_type_name => wwsec_api.PAGE_OBJ,
         p_privilege        => wwsec_api.OWN_PRIV
     );
 end;

Parameters:: p_object_type_name - the type of object, e.g., ADMIN, FOLDER, ITEM, etc.; p_privilege - the privilege required on the object; p_owner - the name of the schema that owns the Access Control List entry, or another name space discriminator
Returns:: an array containing a list of objects of a specified type, and on which a specified privilege has been granted to a user or a group to which the user belongs
Exceptions:: NO_ACCESSIBLE_OBJECT_EXCEPTION - if no such object exists
Since:: Oracle9iAS Portal 3.0.6.6.5

accessible_objects

function accessible_objects(
    p_object_type_name in varchar2,
    p_privilege_array in wwsec_api.array,
    p_owner in varchar2 default wwctx_api . get_product_schema
) return array

Gets a list of objects accessible to a user, checking for a number of privileges.

This routine returns a list of accessible objects that the user has one or more of a specified set of privileges over.

Example:

 declare
     l_objects wwsec_api.array;
     l_priv_array wwsec_api.array;
 begin
     l_priv_array(1):= wwsec_api.MANAGE_PRIV;
     l_priv_array(2):= wwsec_api.CREATE_PRIV;
     (
         p_object_type_name => wwsec_api.PAGE_OBJ,
         p_privilege_array  => l_priv_array
     );
 end;

Parameters:: p_object_type_name - the type of object, e.g., ADMIN, FOLDER, ITEM, etc.; p_privilege_array - the list of privileges need to be checked; p_owner - the name of the schema that owns the Access Control List entry, or another name space discriminator
Returns:: an array of objects of a specified type to which the user, or a group to which the user belongs, has specified privileges
Exceptions:: NO_ACCESSIBLE_OBJECT_EXCEPTION - if no such object exists
Since:: Oracle9iAS Portal 3.0.6.6.5

activate_portal_user

procedure activate_portal_user(
    p_user_name in varchar2
)

Activates an existing but inactive OracleAS Portal 10G user.

Note: Sets portal_user to 'Y' in the OracleAS Portal 10G user record.

Example:

 begin
     wwsec_api.activate_portal_user
     (
         p_user_name => 'USER1'
     );
 end;

Parameters:: p_user_name - the user name of an existing user whose account should be activated
Exceptions:: USER_NOT_FOUND_EXCEPTION - if a Portal User Profile entry for a user with username p_user_name does not exist, even though the user may be present in OID; ACCESS_DENIED_EXCEPTION - if the user who initiates the calling routine has insufficient authority to execute the routine
Since:: Oracle9iAS Portal 3.0.6.6.5

add_group_to_list

procedure add_group_to_list(
    p_group_id in number,
    p_to_group_id in number,
    p_is_owner in number
)

Adds a group as a member to another group.

This routine adds a group to a list type group and sets privileges if the members of the group are to be owners of the group to which they are being added.

Example:

 wwsec_api.add_group_to_list(
     p_group_id    => wwsec_api.group_id('POWER_USERS'),
     p_to_group_id => wwsec_api.group_id('PORTAL_DEVELOPERS'),
     p_is_owner    => wwsec_api.OWNER
 );

Parameters:: p_group_id - the portal's identifier for the group to be added as a member; p_to_group_id - the portal's identifier for the group to which the other group should be added as a member; p_is_owner - flag indicates whether or not the group should be added as an owner of the group
Exceptions:: GROUP_NOT_FOUND_EXCEPTION - if one of the referenced groups doesn't exist; GROUP_MEMBER_EXCEPTION - if the group is already a member of the other group; ACCESS_DENIED_EXCEPTION - if the caller is not an owner of the group or does not have a global privilege to edit groups; CIRCULAR_REFERENCE_EXCEPTION - if the group is being added to itself.; LDAP_CONNECTION_EXCEPTION - if the portal cannot connect to OID
Since:: Oracle9iAS Portal 3.0.6.6.5

add_portal_user

function add_portal_user(
    p_user_name in varchar2,
    p_db_user in varchar2 default null,
    p_empno in varchar2 default null,
    p_display_personal_info in varchar2 default 'n',
    p_last_name in varchar2 default null,
    p_first_name in varchar2 default null,
    p_middle_name in varchar2 default null,
    p_known_as in varchar2 default null,
    p_maiden_name in varchar2 default null,
    p_date_of_birth in varchar2 default null,
    p_email in varchar2 default null,
    p_work_phone in varchar2 default null,
    p_home_phone in varchar2 default null,
    p_mobile_phone in varchar2 default null,
    p_pager in varchar2 default null,
    p_fax in varchar2 default null,
    p_office_addr1 in varchar2 default null,
    p_office_addr2 in varchar2 default null,
    p_office_addr3 in varchar2 default null,
    p_office_city in varchar2 default null,
    p_office_state in varchar2 default null,
    p_office_zip in varchar2 default null,
    p_office_country in varchar2 default null,
    p_home_addr1 in varchar2 default null,
    p_home_addr2 in varchar2 default null,
    p_home_addr3 in varchar2 default null,
    p_home_city in varchar2 default null,
    p_home_state in varchar2 default null,
    p_home_zip in varchar2 default null,
    p_home_country in varchar2 default null,
    p_organization in varchar2 default null,
    p_title in varchar2 default null,
    p_spending_limit in number default null,
    p_hiredate in varchar2 default null,
    p_source in varchar2 default null,
    p_manager_user_name in varchar2 default null,
    p_portal_user in varchar2 default 'y'
) return number

Adds a Portal profile entry to the OracleAS Portal 10G repository.

In Oracle9iAS Portal 9.0.2 (or later) this function can be used to add a user profile for a user that exists in Oracle Internet Directory (OID). The user must already exist in OID before this function is called. The result of this function is that the user attributes are updated based on the values that are passed. A local entry for the user is also created in the Portal. This local entry can then be used to grant appropriate privileges to access various Portal objects.

Example:

 declare
     l_id number;
 begin
     l_id := wwsec_api.add_portal_user
     (
       p_User_Name     => 'JWDOE',
       p_Empno         => '123-45-6789',
       p_Display_Personal_Info  => 'Y',
       p_Last_Name     => 'Doe',
       p_First_Name    => 'John',
       p_Middle_Name   => 'Wilson',
       p_Known_As      => 'John',
       p_Date_Of_Birth => '15-MAR-1968',
       p_Email         => 'jdoe@abc.com',
       p_Work_Phone    => '(123) 456-7890',
       p_Home_Phone    => '(234) 567-8901',
       p_Mobile_Phone  => '(345) 678-9012',
       p_Pager         => '(456) 789-0123',
       p_Fax           => '(567) 890-1234',
       p_Office_Addr1  => '123 First St',
       p_Office_City   => 'Washington',
       p_Office_State  => 'DC',
       p_Office_Zip    => '20001',
       p_Office_Country => 'USA',
       p_Home_Addr1    => '234 Second St',
       p_Home_City     => 'Washington',
       p_Home_State    => 'DC',
       p_Home_Zip      => '20001',
       p_Home_Country  => 'USA',
       p_Title         => 'Not Assigned',
       p_Hiredate      => '01-Oct-2000',
       p_Manager_User_Name => 'GHTHOMAS',
       p_Portal_User   => 'Y'
     );
 end;

Parameters:: p_User_Name - the user name of the user being added to OracleAS Portal 10G; p_DB_User - a database user name; p_Empno - an employee number; p_Display_Personal_Info - enter Y or N to choose to display personal information; p_Last_Name - the user's family name; p_First_Name - the user's given name; p_Middle_Name - the user's middle name; p_Known_As - the user's nickname; p_Maiden_Name - the user's maiden name (if applicable); p_Date_Of_Birth - the user's date of birth. Note: Use the date format 'DD-MON-YYYY' format (the month is not case sensitive).; p_Email - the user's e-mail address; p_Work_Phone - the user's work phone number; p_Home_Phone - the user's home phone number; p_Mobile_Phone - the user's mobile phone number; p_Pager - the user's pager number; p_Fax - the user's fax number; p_Office_Addr1 - the first line of the user's office address; p_Office_Addr2 - the second line of the user's office address; p_Office_Addr3 - the third line of the user's office address; p_Office_City - the city in which the user's office is located; p_Office_State - the state in which the user's office is located; p_Office_Zip - the zip code for the person's office; p_Office_Country - the country in which the user's office is located; p_Home_Addr1 - the first line of the user's home address; p_Home_Addr2 - the second line of the user's home address.; p_Home_Addr3 - the third line of the user's home address; p_Home_City - the user's home city; p_Home_State - the user's home state; p_Home_Zip - the user's home zip code; p_Home_Country - the user's home country; p_Organization - the user's organization. Note: This parameter is currently ignored. The organization value is always taken from the subscriber.; p_Title - the user's job title; p_Spending_Limit - the user's spending limit Note: This parameter is currently ignored.; p_Hiredate - the user's date of hire Note: Use the date format 'DD-MON-YYYY' (the month is not case sensitive).; p_Source - the source of user information (via bulkload or UI) Note: This parameter is currently ignored.; p_Manager_User_Name - the user name of the user's manager; p_Portal_User - (Y/N) indicates whether the user is an active OracleAS Portal 10G user
Returns:: this function returns a person ID
Exceptions:: NO_MANAGER_EXCEPTION - if the user's manager's user ID is not entered; ACCESS_DENIED_EXCEPTION - if the user who initiates the calling routine has insufficient authority to execute the routine; UNEXPECTED_EXCEPTION - if a problem occurs for which an exception has not been defined; USER_EXISTS_EXCEPTION - if a local user profile already exists in the portal schema; USER_NOT_FOUND_EXCEPTION - if the user does not exist in OID; LDAP_CONNECTION_EXCEPTION - if the portal cannot connect to OID
Since:: Oracle9iAS Portal 3.0.6.6.5

add_user_to_list

procedure add_user_to_list(
    p_person_id in number,
    p_to_group_id in number,
    p_is_owner in number
)

Adds a user to a group.

This routine adds a user to a group and sets privileges if the user is to be an owner of the group. In Oracle9iAS Portal 9.0.2 or later, this API makes an API call to OID to update the group in the directory.

Example:

 wwsec_api.add_user_to_list(
     p_person_id   => wwsec_api.id('JDOE'),
     p_to_group_id => wwsec_api.group_id('PORTAL_DEVELOPERS'),
     p_is_owner    => wwsec_api.OWNER
 );

Parameters:: p_person_id - the portal's identifier for the user; p_to_group_id - the portal's identifier for the group to which the user should be added; p_is_owner - flag indicates whether or not the user should be added as an owner of the group
Exceptions:: INVALID_PERSON_ID_EXCEPTION - if the specified p_person_id doesn't exist; GROUP_NOT_FOUND_EXCEPTION - if the specified group doesn't exist; ACCESS_DENIED_EXCEPTION - if the caller is not an owner of the group or does not have a global privilege to edit groups; GROUP_MEMBER_EXCEPTION - if the user specified by p_person_id is already a member of the group; LDAP_CONNECTION_EXCEPTION - if the portal cannot connect to OID
Since:: Oracle9iAS Portal 3.0.6.6.5

clear_package_cache

procedure clear_package_cache

Clears the package level cache.

The package wwsec_api maintains its own internal cache to improve performance of the APIs. Resetting these cached values can degrade the performance of these APIs. However, if an application needs to reset the state of the package variables for some reason then this procedure can be used.

It clears all the values held in package level variables so that these values can be obtained from the database when they are accessed the next time around. This is useful when switching context from one subscriber to another, since the settings for each subscriber can be different from others.

Example:

 begin
     wwsec_api.clear_package_cache;
 end;

Since:: Oracle9iAS Portal 9.0.2.5

copy_privileges

procedure copy_privileges(
    p_object_type in varchar2,
    p_object_from in varchar2,
    p_object_to in varchar2,
    p_owner in varchar2 default wwctx_api . get_product_schema
)

Copies all privileges from a source object to a destination object.

This procedure copies all privileges granted on object_from to object_to. The source object must exist, and must be of type p_obj_type. ACL entries are then created for the object_to referenced, but no checks are made to ensure that the object exists.

Example:

 begin
     copy_privileges(
         p_object_type => wwsec_api.PAGE_OBJ,
         p_object_from => '1/1'
         p_object_to   => '1/399'
     );
 end;

Parameters:: p_object_type - the ACL object_type name constant for the source object; p_object_from - the unique name of the source object; p_object_to - the unique name of the destination object; p_owner - the name of the schema that owns the Access Control List entry, or another name space discriminator
Exceptions:: ACCESS_DENIED_EXCEPTION - if then caller has no authority; VALUE_ERROR_EXCEPTION - if object_from is the same as object_to
Since:: Oracle9iAS Portal 3.0.6.6.5

create_list

function create_list(
    p_name in varchar2,
    p_site_id in number default global_group,
    p_description in varchar2 default null,
    p_hidden_group in number default not_hidden,
    p_hidden_members in number default not_hidden
) return number

Creates a group in OID and returns the corresponding group profile ID for the portal. This function is provided primarily for backward compatibility support for the API.

Note: This API will create the group entry in the associated Oracle Internet Directory. If the group creation succeeds in OID, then the group will be created, regardless of the eventual state of the PL/SQL transaction in the OracleAS Portal 10G repository. E.g., if the PL/SQL API transaction is rolled back, the group will still remain in OID.

Example:

     l_groupid number;
     l_groupid := wwsec_api.create_list(
         p_name          => 'DEVELOPER',
         p_description   => 'This is a group for developers'
     );

Parameters:: p_name - a name for the new group
Note: the p_name must be unique for the site in which it is created and unique among global groups.; p_site_id - the unique identifier for the site in which the group will be created
Note: This parameter is ignored in Oracle9iAS Portal 9.0.2 and later.; p_description - a description of the new group; p_hidden_group - indicates if the new group is hidden from users and groups (except those who are owners of the new group); p_hidden_members - this parameter is not used
Returns:: this function returns a group ID
Exceptions:: DUPLICATE_GROUP_EXCEPTION - if a group with the same name exists; INVALID_GRP_NAME_EXCEPTION - if the group name is invalid; ACCESS_DENIED_EXCEPTION - if the user who initiates the calling routine has insufficient authority to execute the routine; LDAP_CONNECTION_EXCEPTION - if the portal cannot connect to OID
Since:: Oracle9iAS Portal 3.0.6.6.5

db_user

function db_user(
    p_user_name in varchar2
) return varchar2

Returns the database schema name to which the user is associated, given the name of an OracleAS Portal 10G user. The procedures that are invoked through modplsql are invoked by the database schema returned by this function, for the specified user.

Example:

 declare
     l_dbuser varchar2;
 begin
     l_dbuser := wwsec_api.db_user(
         p_user_name => 'USER1'
     );
 end;

Parameters:: p_user_name - the name of an OracleAS Portal 10G user
Returns:: the name of the database schema associated with this user
Purity:: WNDS
Exceptions:: USER_NOT_FOUND_EXCEPTION - if the user name is not found
Since:: Oracle9iAS Portal 3.0.6.6.5

deactivate_portal_user

procedure deactivate_portal_user(
    p_user_name in varchar2
)

Deactivates an OracleAS Portal 10G user. This prevents the person from logging on to OracleAS Portal 10G.

Note: Sets portal_user to 'N' in the OracleAS Portal 10G user record.

Example:

 begin
     wwsec_api.deactivate_portal_user
     (
       p_user_name => 'USER1'
     );
 end;

Parameters:: p_user_name - the user name of the OracleAS Portal 10G user whose account is to be deactivated
Exceptions:: USER_NOT_FOUND_EXCEPTION - if a Portal User Profile entry for a user with username p_user_name does not exist, even though the user may be present in OID; ACCESS_DENIED_EXCEPTION - if the user who initiates the calling routine has insufficient authority to execute the routine
Since:: Oracle9iAS Portal 3.0.6.6.5

delete_group_from_list

procedure delete_group_from_list(
    p_group_id in number,
    p_member_group_id in number
)

Deletes a group from the list of members of another group.

A group may contain members which are users or other groups. This procedure removes a specified group from the list of members of another specified group.

Example:

 wwsec_api.delete_group_from_list(
     p_group_id        => wwsec_api.group_id ('GROUP1'),
     p_member_group_id => wwsec_api.group_id ('SUBGROUP1')
 );

Parameters:: p_group_id - the portal's identifier for the group; p_member_group_id - the portal's identifier for the member user
Exceptions:: GROUP_NOT_FOUND_EXCEPTION - if the referenced group doesn't exist; ACCESS_DENIED_EXCEPTION - if the caller is not an owner of the group or does not have a global privilege to edit groups; LDAP_CONNECTION_EXCEPTION - if the portal cannot connect to OID
Since:: Oracle9iAS Portal 3.0.6.6.5

delete_list

procedure delete_list(
    p_groupid in number
)

Deletes a group from OID and any associated references to the group.

Note: Only an owner of a group can delete a group.

Example:

    wwsec_api.delete_list(
       p_group_id => 13
 );

Parameters:: p_groupid - the ID of the group to be deleted
See Also:: create_list
Exceptions:: GROUP_NOT_FOUND_EXCEPTION - if the specified group doesn't exist; ACCESS_DENIED_EXCEPTION - if the user who initiates the calling routine has insufficient authority to execute the routine; LDAP_CONNECTION_EXCEPTION - if the portal cannot connect to OID
Since:: Oracle9iAS Portal 3.0.6.6.5

delete_portal_user

procedure delete_portal_user(
    p_user_name in varchar2
)

Deletes an OracleAS Portal 10G user profile entry from the portal schema, given a user name. The user entry in OID remains unaffected.

This procedure effectively removes the user's privileges in the portal, along with their preferences.

Example:

    wwsec_api.delete_portal_user
     (
       p_user_name => 'USER1'
     );

Parameters:: p_user_name - the user name of the OracleAS Portal 10G user to be deleted
Exceptions:: ACCESS_DENIED_EXCEPTION - if the user who initiates a calling routine has insufficient authority to execute the routine; USER_NOT_FOUND_EXCEPTION - if the user name is not found; USER_NOT_DELETABLE_EXCEPTION - if the user name may not be deleted
Since:: Oracle9iAS Portal 3.0.6.6.5

delete_user_from_list

procedure delete_user_from_list(
    p_group_id in number,
    p_member_person_id in number
)

Deletes a user from the membership list of a group.

Example:

 wwsec_api.delete_user_from_list(
     p_group_id         => wwsec_api.group_id('POWER_USERS'),
     p_member_person_id => wwsec_api.id('JDOE')
 );

Parameters:: p_group_id - the portal's identifier for the group; p_member_person_id - the portal's identifier for the member user
Exceptions:: GROUP_NOT_FOUND_EXCEPTION - if the referenced group doesn't exist or the user doesn't exist; ACCESS_DENIED_EXCEPTION - if the caller is not an owner of the group or does not have a global privilege to edit groups; LDAP_CONNECTION_EXCEPTION - if the portal cannot connect to OID
Since:: Oracle9iAS Portal 3.0.6.6.5

get_authorization_function

function get_authorization_function(
    p_object_type_name in varchar2,
    p_owner in varchar2 default wwctx_api . get_product_schema,
    p_name in varchar2
) return varchar2

Gets the name of the function used for function-based authorization.

This routine returns the function registered to perform authorization for a specified object.

Example:

 declare
     l_function varchar2(92);
 begin
     l_function := wwsec_api.get_authorization_function(
         p_object_type_name => wwsec_api.ITEM_OBJ,
         p_name             => '1/123'
     );

Parameters:: p_object_type_name - the type of object, e.g., ADMIN, FOLDER, ITEM, etc.; p_owner - the 'owner' of the ACL entry, used to resolve namespace collisions; p_name - the reference to the object
Returns:: the name of the function being used for the given object type
Purity:: WNDS
See Also:: set_authorization_function
Since:: Oracle9iAS Portal 9.0.2

get_defaultgroup

function get_defaultgroup(
    p_username in varchar2 default wwctx_api . get_user
) return number

Returns the default group for a specified user. If no default group is stored for the specified user, the function returns null.

Note: The default group is the group that the preference system uses if no user-level preferences are specified for a given setting.

Example:

 declare
     l_defaultgroupid number;
 begin
     l_defaultgroupid := wwsec_api.get_defaultgroup
     (
         p_username => 'USER1'
     );
 end;

Parameters:: p_username - the name of the user whose default group is being requested
Returns:: the default group ID for the specified user, or null if no default group is stored
See Also:: set_default_group
Since:: Oracle9iAS Portal 3.0.6.6.5

get_granted_group_privilege

function get_granted_group_privilege(
    p_group_id in number,
    p_object_type_name in varchar2,
    p_name in varchar2,
    p_owner in varchar2 default wwctx_api . get_product_schema
) return varchar2

Gets the highest privilege that a group has on a given object.

Example:

 declare
     l_priv varchar2;
 begin
     l_priv := wwsec_api.get_granted_group_privilege(
         p_group_id         => 12,
         p_object_type_name => wwsec_api.PAGE_OBJ,
         p_name             => '0/156
     );
 end;

Parameters:: p_group_id - the ID of the group; p_object_type_name - the type of object, e.g. ADMIN, FOLDER, ITEM, etc.; p_name - the reference to the object; p_owner - the 'owner' of the ACL entry, used to resolve namespace collisions
Returns:: the privilege of the highest granted privilege to the group, or null if no privileges are granted to the group for the specified object
Purity:: WNDS
Since:: Oracle9iAS Portal 3.0.6.6.5

get_granted_user_priv_code

function get_granted_user_priv_code(
    p_user_id in number,
    p_object_type_name in varchar2,
    p_name in varchar2,
    p_owner in varchar2 default wwctx_api . get_product_schema
) return number

Gets the granted privilege code that a user has on a given object.

Note: This function returns NO_PRIVILEGE if the user has not been granted a privilege on the given object. This is different from get_granted_user_privilege, which returns null in this case. We cannot change the behavior of get_granted_user_privilege because it is a public API.

Parameters:: p_user_id - the portal's identifier for the user; p_object_type_name - the type of object, e.g., ADMIN, FOLDER, ITEM, etc.; p_name - the reference to the object; p_owner - the name of the schema that owns the Access Control List entry, or another name space discriminator to resolve namespace collisions
Returns:: the privilege code granted to the user, or NO_PRIVILEGE if no privilege is granted to the user for the specified object.
Purity:: WNDS
Since:: Oracle9iAS Portal 9.0.2.5

get_granted_user_privilege

function get_granted_user_privilege(
    p_user_id in number,
    p_object_type_name in varchar2,
    p_name in varchar2,
    p_owner in varchar2 default wwctx_api . get_product_schema
) return varchar2

Gets the highest privilege that the user has on the specified object.

Example:

 declare
     l_priv varchar2;
 begin
     l_priv := wwsec_api.get_granted_user_privilege
     (
         p_user_id          => wwsec_api.id('JDOE'),
         p_object_type_name => wwsec_api.QBEFORM_OBJ,
         p_name             => '33'
     );
 end;

Parameters:: p_user_id - the portal's identifier for the user; p_object_type_name - the type of object, e.g. ADMIN, FOLDER, ITEM, etc.; p_name - the reference to the object; p_owner - the name of the schema that owns the Access Control List entry, or another name space discriminator to resolve namespace collisions
Returns:: the privilege granted to the user, or null if no privileges are granted to the user
Purity:: WNDS
Since:: Oracle9iAS Portal 3.0.6.6.5

get_list_members

function get_list_members(
    p_group_id in number
) return wwsec_api.list_member_array

Deprecated. As of Oracle9iAS Portal 9.0.2, since the groups are maintained in OID that does not support an API to read the membership information if the number of members becomes very large.

Gets a list of the members of a group of type 'LIST' when given a group id.

Parameters:: p_group_id - the unique identifier for the group
Returns:: an array of list_member_record
Exceptions:: DEPRECATED_API_EXCEPTION - if invoked
Since:: Oracle9iAS Portal 3.0.6.6.5

get_manager

function get_manager(
    p_user_name in varchar2
) return varchar2

Returns the user name of a specified user's manager. If no manager is found, the function returns null.

Example:

 declare
     l_manager wwsec_person.user_name%type;
 begin
     l_manager := wwsec_api.get_manager
     (
       p_user_name => 'user1'
     );
 end;

Parameters:: p_user_name - the name of the user whose manager is being queried
Returns:: the manager's user name for the specified user, or null if the user has no manager
Exceptions:: USER_NOT_FOUND_EXCEPTION - if the user specified is not found
Since:: Oracle9iAS Portal 3.0.6.6.5

get_member_record

function get_member_record(
    p_member_id in number
) return wwsec_member$%rowtype

Deprecated. As of Oracle9iAS Portal 9.0.2, since the membership information is maintained in OID and there is no member ID attribute, which is required as an input parameter for this function.

Gets a member's record from the wwsec_member$ table.

Parameters:: p_member_id - the member ID
Returns:: a row of the member in the wwsec_member$ table
Exceptions:: DEPRECATED_API_EXCEPTION - if invoked
Since:: Oracle9iAS Portal 3.0.6.6.5

get_privilege_level

function get_privilege_level(
    p_object_type_name in varchar2,
    p_name in varchar2,
    p_owner in varchar2 default wwctx_api . get_product_schema,
    p_reqd_auth_level in number default wwctx_api . required_authentication_level,
    p_check_public_user in boolean default true
) return number

Checks the highest privilege that a user has on a given object.

This function returns the highest privilege that a user has on a given object, taking into account all groups that the user belongs to and including direct grants.

Example:

 declare
     l_priv number;
 begin
     l_priv := wwsec_api.get_privilege_level
     (
         p_object_type_name => wwsec_api.PAGE_OBJ,
         p_name             => '0/156'
     );
 end;

Parameters:: p_object_type_name - the type of object, e.g. ADMIN, FOLDER, ITEM, etc.; p_name - the reference to the object; p_owner - the 'owner' of the ACL entry, used to resolve namespace collisions; p_reqd_auth_level - the minimum authentication level required; p_check_public_user - TRUE if privileges granted to the public user should be checked (i.e. a user has a privilege if it is granted to the user, the user's groups, or the public user). Default TRUE.
Returns:: the privilege_code of the highest granted privilege to the user, or null if no privileges are granted to the user for the specified object.
Purity:: WNDS
Since:: Oracle9iAS Portal 3.0.6.6.5

get_public_objects

function get_public_objects(
    p_object_type_name in varchar2,
    p_privilege in varchar2 default null,
    p_owner in varchar2 default wwctx_api . get_product_schema
) return array

Gets a list of objects granted to PUBLIC. This API returns a list of objects of the specified type and owner and optionally of the specified privilege that are granted to PUBLIC.

Example:

 declare
     v_names array;
 begin
     v_names := wwsec_api.get_public_objects(
         p_object_type_name => wwsec_api.PAGE_OBJ,
         p_privilege => wwsec_api.MANAGE_PRIV
     );
 end;

Parameters:: p_object_type_name - the type of object requested; p_privilege - an optional privilege to check for; p_owner - the owner of the ACL entry
Returns:: an array of object names granted to PUBLIC
Since:: Oracle9iAS Portal 3.0.6.6.5

grantee_list

function grantee_list(
    p_object_type_name in varchar2,
    p_name in varchar2,
    p_owner in varchar2 default wwctx_api . get_product_schema
) return grantee_array

Returns a list of grantees for a named object and specified owner.

Call this routine to return a list of users who have been granted privileges on a specific object, given an object type and an object name.

Example:

 declare
     l_grantees wwsec_api.grantee_array;
 begin
     l_grantees := wwsec_api.grantee_list
     (
         p_object_type_name => wwsec_api.PAGE_OBJ,
         p_name             => '0/156'
     );
 end;

Parameters:: p_object_type_name - the type of object, e.g., ADMIN, FOLDER, ITEM, etc.; p_name - the reference to the object; p_owner - the name of the schema that owns the Access Control List entry, or another name space discriminator
Returns:: an array of grantee user IDs
Since:: Oracle9iAS Portal 3.0.6.6.5

group_id

function group_id(
    p_name in varchar2
) return number

Gets the group ID for a specified group name.

Call this function to return a group ID based on a specified group name. It does not require a site identifier.

In Oracle9iAS Portal 9.0.2 or later, the function checks the group in the local group repository in the Portal schema. If a local shadow entry is not found, it queries the Oracle Internet Directory (OID) to get the group information and creates a local shadow entry. It always returns the ID of the local shadow entry.

Example:

 declare
     l_groupid number;
 begin
     l_groupid := wwsec_api.group_id(
         p_name => 'PORTAL_ADMIN'
     );
 end;

Parameters:: p_name - the common name of the group
Returns:: the portal's identifier of the group
See Also:: wwsec_api.list_id
Exceptions:: GROUP_NOT_FOUND_EXCEPTION - if the name cannot be found; VALUE_ERROR_EXCEPTION - if p_name is null; LDAP_CONNECTION_EXCEPTION - if the API is unable to connect with the OID server; wwsec_oid.MULTIPLE_MATCHES_FOUND - if the specified group name is not unique when searching OID from the configured group search base
Since:: Oracle9iAS Portal 3.0.6.6.5

group_info

function group_info(
    p_group_id in number
) return wwsec_group$%rowtype

Returns group information, given a group ID. Call this function to get the information about a group, excluding the membership information. The 'guid' and 'dn' attributes were added in Oracle9iAS Portal 9.0.2.

Example:

 declare
     l_group_rec wwsec_group$%rowtype;
 begin
     l_group_rec := wwsec_api.group_info
     (
         p_group_id => wwsec_api.group_id('PORTAL_DEVELOPERS')
     );
     dbms_output.put_line('subscriber_id = '||l_group_rec.subscriber_id );
     dbms_output.put_line('id = '||l_group_rec.id );
     dbms_output.put_line('name = '||l_group_rec.name );
     dbms_output.put_line('description = '||l_group_rec.description );
     dbms_output.put_line('hidden_group = '||l_group_rec.hidden_group );
     dbms_output.put_line('deletable = '||l_group_rec.deletable );
     dbms_output.put_line('guid = '||l_group_rec.guid );
     dbms_output.put_line('dn = '||l_group_rec.dn );
 end;

Parameters:: p_group_id - the portal's identifier for the group
Returns:: a row of group information including SUBSCRIBER_ID, ID, NAME, DESCRIPTION, HIDDEN_GROUP, DELETABLE, GUID and DN columns.
Exceptions:: GROUP_NOT_FOUND_EXCEPTION - if referenced group doesn't exist; wwsec_oid.MULTIPLE_MATCHES_FOUND - if the specified group name is not unique when searching OID from the configured group search base; LDAP_CONNECTION_EXCEPTION - if the portal cannot connect to OID
Since:: Oracle9iAS Portal 3.0.6.6.5

group_name

function group_name(
    p_group_id in number
) return varchar2

Returns the group name when given a group ID.

Example:

 declare
     l_groupname wwsec_group$.name%type;
 begin
     l_groupname := wwsec_api.group_name(
         p_group_id => 123
     )
 end;

Parameters:: p_group_id - the portal's identifier for the group
Returns:: the group name
Exceptions:: GROUP_NOT_FOUND_EXCEPTION - if the specified p_group_id could not be found
Since:: Oracle9iAS Portal 3.0.6.6.5

has_privilege

function has_privilege(
    p_object_type_name in varchar2,
    p_name in varchar2,
    p_privilege in varchar2,
    p_owner in varchar2 default wwctx_api . get_product_schema,
    p_reqd_auth_level in number default wwctx_api . required_authentication_level,
    p_check_public_user in boolean default true
) return boolean

Checks whether a user has a certain privilege. This routine returns TRUE if the user or any group the user belongs to has been granted a certain privilege in the OracleAS Portal 10G repository, and returns FALSE otherwise.

Example:

 declare
     l_is_allowed boolean;
 begin
     l_is_allowed := wwsec_api.has_privilege
     (
         p_object_type_name => wwsec_api.PAGE_OBJ,
         p_name             => '0/156',
         p_privilege        => wwsec_api.OWN_PRIV
     );
 end;

Parameters:: p_object_type_name - the type of object, e.g., ADMIN, FOLDER, ITEM, etc.; p_name - the reference to the object; p_privilege - the privilege that needs to be checked; p_owner - the 'owner' of the ACL entry, used to resolve namespace collisions; p_reqd_auth_level - the minimum authentication level required; p_check_public_user - TRUE if privileges granted to the public user should be checked (i.e. a user has a privilege if it is granted to the user, the user's groups, or the public user). Default TRUE.
Returns:: TRUE if the user has the specified privilege, FALSE otherwise
Purity:: WNDS
Since:: Oracle9iAS Portal 3.0.6.6.5

has_privilege

function has_privilege(
    p_object_type_name in varchar2,
    p_name in varchar2,
    p_privilege_array in wwsec_api.array,
    p_owner in varchar2 default wwctx_api . get_product_schema,
    p_reqd_auth_level in number default wwctx_api . required_authentication_level,
    p_check_public_user in boolean default true
) return boolean

Checks whether a user has one of a list of privileges. This routine returns TRUE if the user or the group the user belongs to has at least one of a list of privileges in ACL table, and returns FALSE otherwise.

Example:

 declare
     l_is_allowed boolean;
     l_priv_array wwsec_api.array;
 begin
     l_priv_array(1):= wwsec_api.MANAGE_PRIV;
     l_priv_array(2):= wwsec_api.CREATE_PRIV;
     l_is_allowed := wwsec_api.has_privilege
     (
         p_object_type_name => wwsec_api.PAGE_OBJ,
         p_name             => '0/156',
         p_privilege_array  => l_priv_array
     );
 end;

Parameters:: p_object_type_name - the type of object, e.g., ADMIN, FOLDER, ITEM, etc.; p_name - the reference to the object; p_privilege_array - the list of privileges; p_owner - the owner of the privilege object; p_reqd_auth_level - the minimum authentication level required; p_check_public_user - TRUE if privileges granted to the public user should be checked (i.e. a user has a privilege if it is granted to the user, the user's groups, or the public user). Default TRUE.
Returns:: TRUE if the user has the specified privilege, FALSE otherwise
Purity:: WNDS
Since:: Oracle9iAS Portal 3.0.6.6.5

has_privilege

function has_privilege(
    p_object_type_name in varchar2,
    p_name in varchar2,
    p_privilege_code in number,
    p_owner in varchar2 default wwctx_api . get_product_schema,
    p_reqd_auth_level in number default wwctx_api . required_authentication_level,
    p_check_public_user in boolean default true
) return boolean

Checks whether a specified user has a specified privilege.

This version uses a privilege code, instead of the privileges string, for better performance. This routine returns TRUE if the user or the group the user belongs to has a certain privilege in ACL table, and returns FALSE otherwise.

Example:

 declare
     l_is_allowed boolean;
 begin
     l_is_allowed := wwsec_api.has_privilege(
         p_object_type_name => wwsec_api.PAGE_OBJ,
         p_name             => '0/156',
         p_privilege_code   => wwsec_api.MANAGE_PRIV
     );
 end;

Parameters:: p_object_type_name - the type of object, e.g., ADMIN, FOLDER, ITEM, etc.; p_name - the reference to the object; p_privilege_code - the privilege code that needs to be checked.; p_owner - the 'owner' of the ACL entry, used to resolve namespace collisions; p_reqd_auth_level - the minimum authentication level required; p_check_public_user - TRUE if privileges granted to the public user should be checked (i.e. a user has a privilege if it is granted to the user, the user's groups, or the public user). Default TRUE.
Returns:: TRUE if the user has the specified privilege, FALSE otherwise
Purity:: WNDS
Since:: Oracle9iAS Portal 3.0.6.6.5

id

function id(
    p_user_name in varchar2,
    p_userguid in varchar2 default null
) return number

Returns a person ID, given a user name or Globally Unique Identifier (GUID).

Example:

 declare
     l_id number;
 begin
     l_id := wwsec_api.id(
         p_user_name => 'user1'
     );
 end;

Parameters:: p_user_name - the user name of the OracleAS Portal 10G user; p_userguid - the global unique identifier (GUID) used to identify the user in OID. It is an optional parameter and when specified takes precedence over p_user_name. Note that this parameter is available in OracleAS Portal 10G 9.0.2 or later.
Returns:: a person identifier if a profile entry exists for the user in the portal
See Also:: wwsec_api.id_sso
Purity:: WNDS
Exceptions:: USER_NOT_FOUND_EXCEPTION - if the user name is not found in the Portal's profile table
Since:: Oracle9iAS Portal 3.0.6.6.5

id_sso

function id_sso(
    p_username in varchar2,
    p_userguid in varchar2 default null
) return number

Returns a person ID, given a user name or GUID and also validates that a user exists in the OID Server and OracleAS Portal 10G.

It also creates a shadow entry in OracleAS Portal 10G (if one does not exist) before returning the person ID.

Example:

 declare
     l_id number;
 begin
     l_id := wwsec_api.id_sso(
         p_username => 'user1'
     );
 end;

Parameters:: p_username - the user name of the OracleAS Portal 10G user; p_userguid - the global unique identifier (GUID) used to identify the user in OID. It is an optional parameter and when specified takes precedence over p_user_name. Note that this parameter is available in Oracle9iAS Portal 9.0.2 or later.
Returns:: a person ID
See Also:: wwsec_api.id
Exceptions:: USER_NOT_FOUND_EXCEPTION - if the user name is not found in the portal profile or in OID.; UNEXPECTED_EXCEPTION - if any other exception condition occurs
Since:: Oracle9iAS Portal 3.0.6.6.5

is_group_owner

function is_group_owner(
    p_member_id in number
) return number

Deprecated. As of Oracle9iAS Portal 9.0.2, since the membership information is maintained in OID and there is no member id attribute, which is required as an input parameter for this function.

Checks whether a member is a group's owner. This routine returns 1 when the member is the group's owner, 0 otherwise.

Parameters:: p_member_id - The identifier of the member record from the group. The member ID can be obtained from the list_member_record obtained from a call to wwsec_api.get_list_members.
Returns:: 1 when the member is the group's owner; 0 otherwise
See Also:: wwsec_api.get_list_members
Exceptions:: DEPRECATED_API_EXCEPTION - if invoked
Since:: Oracle9iAS Portal 3.0.6.6.5

is_privilege_at_least

function is_privilege_at_least(
    p_object_type_name in varchar2,
    p_name in varchar2,
    p_privilege_code in number,
    p_owner in varchar2 default wwctx_api . get_product_schema,
    p_reqd_auth_level in number default wwctx_api . required_authentication_level,
    p_check_public_user in boolean default true
) return boolean

Checks whether a specified user, or group to which a user belongs, has a privilege on a specified object that is at least as high as the privilege specified. This check assumes that privileges are defined hierarchically, and that the highest privilege has the highest privilege code.

This routine returns TRUE if the user or the group the user belongs to has at least a certain privilege on a given object, and returns FALSE otherwise.

Example:

 declare
     l_return boolean;
 begin
     wwsec_api.is_privilege_at_least(
         p_object_type_name => wwsec_oid.PAGE_OBJ,
         p_name             => l_name,
         p_privilege_code   => wwsec_api.ANYLOG_MANAGE
     );
 end;

Parameters:: p_object_type_name - the type of object, e.g., ADMIN, FOLDER, ITEM, etc.; p_name - the reference to the object; p_privilege_code - the minimum privilege code required; p_owner - the 'owner' of the ACL entry, used to resolve namespace collisions; p_reqd_auth_level - the minimum authentication level required; p_check_public_user - TRUE if privileges granted to the public user should be checked (i.e. a user has a privilege if it is granted to the user, the user's groups, or the public user). Default TRUE.
Returns:: TRUE if the user has at least the specified privilege, FALSE otherwise
Purity:: WNDS
Since:: Oracle9iAS Portal 3.0.6.6.5

is_privileged_by_auth_function

function is_privileged_by_auth_function(
    p_object_type_name in varchar2,
    p_name in varchar2,
    p_privilege_code in varchar2,
    p_owner in varchar2 default wwctx_api . get_product_schema,
    p_reqd_auth_level in number default wwctx_api . required_authentication_level,
    p_auth_function in varchar2 default null
) return boolean

Checks the authorization by calling the authorization function.

This routine calls the authorization function for the given objects and returns the value that is returned by this authorization function.

Parameters:: p_object_type_name - the type of object, e.g., ADMIN, FOLDER, ITEM, etc.; p_name - the reference to the object; p_privilege_code - the privilege code that needs to be checked; p_owner - the 'owner' of the ACL entry, used to resolve namespace collisions; p_reqd_auth_level - the minimum authentication level required; p_auth_function - name of the authorization function including the schema and the package name as [schema].[package].[function]. This is an optional parameter. If it is not passed then its value is obtained by calling get_authorization_function.
Returns:: the value returned by the authorization function
Purity:: WNDS
See Also:: set_authorization_function; get_authorization_function
Since:: Oracle9iAS Portal 9.0.2

is_user_in_direct_group

function is_user_in_direct_group(
    p_person_id in number,
    p_group_id in number
) return boolean

Checks whether a user was individually granted membership in a specific group.

Call this function to check if a user is individually (directly) registered as a member of a specific group. If the specified user's membership in the specified group is the result of the user's membership in another group that is a member of the specified group (an indirect membership), this function returns FALSE.

For example, a user can have an individual membership in the OracleAS Portal 10G Administrators group, or can have a membership in the OracleAS Portal 10G Administrators group by being a member of the DBA group, which is a member of the OracleAS Portal 10G Administrators group. If a membership in DBA causes this user to be a member of OracleAS Portal 10G Administrators, this function would return FALSE. If the user has a direct membership in OracleAS Portal 10G Administrators, this function would return TRUE.

Example:

 declare
     l_is_direct_member boolean;
 begin
     l_is_direct_member := wwsec_api.is_user_in_direct_group(
         p_person_id => wwsec_api.id('JDOE'),
         p_group_id  => wwsec_api.group_id('DBA_GROUP')
     );
 end;

Parameters:: p_person_id - the portal's identifier for the user; p_group_id - the portal's identifier for the group
Returns:: TRUE or FALSE indicating whether or not the user is a direct member
Exceptions:: GROUP_NOT_FOUND_EXCEPTION - if the referenced group doesn't exist; LDAP_CONNECTION_EXCEPTION - if the portal cannot connect to OID
Since:: Oracle9iAS Portal 3.0.6.6.5

is_user_in_group

function is_user_in_group(
    p_person_id in number,
    p_group_id in number
) return boolean

Checks whether a user belongs to a specific group.

Call this routine to determine if a user is a member of a specified group. This function can be used to resolve nested memberships. For example, if a user U is a member of a group A, which, in turn, is a member of group B, then user U is also considered a member of group B. This function returns TRUE, if p_person_id refers to user U and p_group_id refers to either group A or group B.

Example:

 declare
     l_is_member boolean;
 begin
     l_is_member := wwsec_api.is_user_in_group(
         p_person_id => wwsec_api.id ('USER1'),
         p_group_id  => wwsec_api.group_id ('GROUP1')
     );
 end;

Parameters:: p_person_id - the portal's identifier for the user; p_group_id - the portal's identifier for the group
Returns:: TRUE or FALSE indicating whether or not the user is a member
Exceptions:: GROUP_NOT_FOUND_EXCEPTION - if the referenced group doesn't exist; LDAP_CONNECTION_EXCEPTION - if the portal cannot connect to OID
Since:: Oracle9iAS Portal 3.0.6.6.5

list_id

function list_id(
    p_group_name in varchar2,
    p_site_id in number default null
) return number

Gets the group ID of a list within a site.

This routine returns the group ID of a group that is registered to be scoped to a particular content area.

Example:

 declare
     l_groupid number;
 begin
     l_groupid := wwsec_api.list_id(
         p_group_name => 'PORTAL_ADMIN'
     );
 end;

Parameters:: p_group_name - the name of the group; p_site_id - the site_id of the content area to which group p_group_name is scoped. In Oracle9iAS Portal 9.0.2 or later, this parameter is ignored, as scoping to a content area is no longer supported.
Returns:: group ID of the group p_group_name
See Also:: wwsec_api.group_id
Exceptions:: GROUP_NOT_FOUND_EXCEPTION - if the name cannot be found; VALUE_ERROR_EXCEPTION - if p_name is null; LDAP_CONNECTION_EXCEPTION - if the API is unable to connect with the OID server; wwsec_oid.MULTIPLE_MATCHES_FOUND - if the specified group name is not unique when searching OID from the configured group search base
Since:: Oracle9iAS Portal 3.0.6.6.5

lists

function lists(
    p_siteid in number default null
) return wwsec_api.list_array

Deprecated. As of Oracle9iAS Portal 9.0.2, since the groups are stored in OID and are not scoped by site ID

Gets a list of list type groups. This function gets a group of 'LIST' type groups when given a site ID.

Parameters:: p_siteid - the site ID
Returns:: a list of groups of type 'LIST' in the array of list_record
Exceptions:: DEPRECATED_API_EXCEPTION - if invoked
Since:: Oracle9iAS Portal 3.0.6.6.5

modify_portal_user

procedure modify_portal_user(
    p_user_name in varchar2,
    p_db_user in varchar2 default wwctx_api . get_public_schema,
    p_portal_user in varchar2 default 'y',
    p_display in varchar2 default 'y',
    p_display_personal_info in varchar2 default 'n',
    p_notification_preference in varchar2 default 'mailhtml',
    p_empno in varchar2 default null,
    p_last_name in varchar2 default null,
    p_first_name in varchar2 default null,
    p_middle_name in varchar2 default null,
    p_known_as in varchar2 default null,
    p_maiden_name in varchar2 default null,
    p_date_of_birth in varchar2 default null,
    p_email in varchar2 default null,
    p_work_phone in varchar2 default null,
    p_home_phone in varchar2 default null,
    p_mobile_phone in varchar2 default null,
    p_pager in varchar2 default null,
    p_fax in varchar2 default null,
    p_office_addr1 in varchar2 default null,
    p_office_addr2 in varchar2 default null,
    p_office_addr3 in varchar2 default null,
    p_office_city in varchar2 default null,
    p_office_state in varchar2 default null,
    p_office_zip in varchar2 default null,
    p_office_country in varchar2 default null,
    p_home_addr1 in varchar2 default null,
    p_home_addr2 in varchar2 default null,
    p_home_addr3 in varchar2 default null,
    p_home_city in varchar2 default null,
    p_home_state in varchar2 default null,
    p_home_zip in varchar2 default null,
    p_home_country in varchar2 default null,
    p_organization in varchar2 default null,
    p_title in varchar2 default null,
    p_spending_limit in number default null,
    p_hiredate in varchar2 default null,
    p_source in varchar2 default null,
    p_manager_user_name in varchar2 default null
)

Updates personal and business-related information relating to an OracleAS Portal 10G user.

Note: In Oracle9iAS Portal 9.0.2 (or later) this function can be used to modify a user profile for a user that exists in Oracle Internet Directory (OID).

Example:

 declare
     l_id number;
 begin
     l_id := wwsec_api.modify_portal_user
     (
     p_User_Name   => 'JWDOE',
     p_Portal_User => 'Y',
     p_Display     => 'Y',
     p_Display_Personal_Info => 'Y',
     p_Notification_Preference => 'MAILHTML',
     p_Empno       => '123-45-6789',
     p_Last_Name   => 'Doe',
     p_First_Name  => 'John',
     p_Middle_Name => 'Wilson',
     p_Known_As    => 'John',
     p_Date_Of_Birth => '15-MAR-1968',
     p_Email       => 'jdoe@abc.com',
     p_Work_Phone  => '(123) 456-7890',
     p_Home_Phone  => '(234) 567-8901',
     p_Mobile_Phone => '(345) 678-9012',
     p_Pager       => '(456) 789-0123',
     p_Fax         => '(567) 890-1234',
     p_Office_Addr1    => '123 First St',
     p_Office_City     => 'Washington',
     p_Office_State    => 'DC',
     p_Office_Zip      => '20001',
     p_Office_Country  => 'USA',
     p_Home_Addr1      => '234 Second St',
     p_Home_City       => 'Washington',
     p_Home_State      => 'DC',
     p_Home_Zip        => '20001',
     p_Home_Country    => 'USA',
     p_Title           => 'Not Assigned',
     p_Hiredate        => '01-Oct-2000',
     p_Manager_User_Name => 'GHTHOMAS'
     );
 end;

Parameters:: p_User_Name - the user name of the OracleAS Portal 10G user whose account is to be modified; p_DB_User - a database user name; p_Portal_User - indicates whether the user is an active OracleAS Portal 10G user; p_Display - indicates whether the user will be displayed in a workflow; p_Display_Personal_Info - enter Y or N to choose to display personal information; p_Notification_Preference - a workflow notification method. Valid values are:
MAILHTML - send HTML mail
MAILTEXT - send text mail
MAILATTH - send as attachment
QUERY - don't notify, will query
SUMMARY - send summary information only; p_Empno - an employee number; p_Last_Name - the user's family name; p_First_Name - the user's given name; p_Middle_Name - the user's middle name; p_Known_As - the user's nickname; p_Maiden_Name - the user's maiden name (if applicable); p_Date_Of_Birth - the user's date of birth. Note: Use the date format 'DD-MON-YYYY' format (the month is not case sensitive).; p_Email - the user's e-mail address; p_Work_Phone - the user's work phone number; p_Home_Phone - the user's home phone number; p_Mobile_Phone - the user's mobile phone number; p_Pager - the user's pager number; p_Fax - the user's fax number; p_Office_Addr1 - the first line of the user's office address; p_Office_Addr2 - the second line of the user's office address; p_Office_Addr3 - the third line of the user's office address; p_Office_City - the city in which the user's office is located; p_Office_State - the state in which the user's office is located; p_Office_Zip - the zip code for the person's office; p_Office_Country - the country in which the user's office is located; p_Home_Addr1 - the first line of the user's home address; p_Home_Addr2 - the second line of the user's home address; p_Home_Addr3 - the third line of the user's home address; p_Home_City - the user's home city; p_Home_State - the user's home state; p_Home_Zip - the user's home zip code; p_Home_Country - the user's home country; p_Organization - the user's organization. Note: This parameter is not supported in OID and is currently ignored. The organization value is always taken from the subscriber.; p_Title - the user's job title.; p_Spending_Limit - the user's spending limit. Note: This parameter is not supported in OID and is currently ignored.; p_Hiredate - the user's date of hire. Note: Use the date format 'DD-MON-YYYY' format (the month is not case sensitive).; p_Source - the source of user information (via bulkload or UI). Note: This parameter is not supported in OID and is currently ignored.; p_Manager_User_Name - the user name of the user's manager
Exceptions:: NO_MANAGER_EXCEPTION - if the user's manager's user ID is not entered; ACCESS_DENIED_EXCEPTION - if the user who initiates the calling routine has insufficient authority to execute the routine; USER_NOT_FOUND_EXCEPTION - if the user does not exist in OID; LDAP_CONNECTION_EXCEPTION - if the portal cannot connect to OID
Since:: Oracle9iAS Portal 3.0.6.6.5

person_info

function person_info(
    p_person_id in number
) return wwsec_person%rowtype

Returns user information, given a person ID.

Example:

 declare
    l_person_rec wwsec_person%rowtype;
 begin
    l_person_rec := wwsec_api.person_info
    (
       p_person_id => 787633
    );
 end;

Returns:: person information
Exceptions:: INVALID_PERSON_ID_EXCEPTION - if the ID specified does not exist; UNEXPECTED_EXCEPTION - if a problem occurs for which an exception has not been defined; USER_NOT_FOUND_EXCEPTION - if the user does not exist in OID; LDAP_CONNECTION_EXCEPTION - if the portal cannot connect to OID
Since:: Oracle9iAS Portal 3.0.6.6.5

person_info

function person_info(
    p_user_name in varchar2
) return wwsec_person%rowtype

Returns user information, given a user name.

Example:

 declare
     l_person_rec wwsec_person%rowtype;
 begin
     l_person_rec := wwsec_api.person_info
     (
       p_user_name => 'USER1'
     );
 end;

Returns:: person information
Exceptions:: USER_NOT_FOUND_EXCEPTION - if the user name is not found; UNEXPECTED_EXCEPTION - if a problem occurs for which an exception has not been defined; LDAP_CONNECTION_EXCEPTION - if the portal cannot connect to OID
Since:: Oracle9iAS Portal 3.0.6.6.5

privilege_list

function privilege_list(
    p_object_type_name in varchar2
) return privilege_array

Returns a list of privileges for a specified object_type_name.

Example:

 declare
     l_privileges wwsec_api.privilege_array;
 begin
     l_privileges := wwsec_api.privilege_list
     (
         p_object_type_name => wwsec_api.PAGE_OBJ,
         p_name             => '0/156'
     );
 end;

Parameters:: p_object_type_name - the type of object, e.g., ADMIN, FOLDER, ITEM, etc.
Returns:: an array containing all of the privileges currently granted on a specified object
Since:: Oracle9iAS Portal 3.0.6.6.5

publish_group

procedure publish_group(
    p_groupid in number,
    p_publishable in boolean
)

Deprecated. As of Oracle9iAS Portal 9.0.2, as groups are stored in OID which does not support this property

Sets the group to be publishable or nonpublishable.

Parameters:: p_groupid - the portal's identifier for the group
Exceptions:: DEPRECATED_API_EXCEPTION - if this function is invoked
Since:: Oracle9iAS Portal 3.0.6.6.5

remove_group_acl

procedure remove_group_acl(
    p_object_type_name in varchar2,
    p_name in varchar2,
    p_group_id in number default null,
    p_privilege in varchar2 default null,
    p_owner in varchar2 default wwctx_api . get_product_schema,
    p_disable_invalidations in boolean default false
)

Removes a group's privileges.

Call this API to perform one of three possible operations:

If NULL or nothing is passed into the p_privilege parameter, then all privileges for the given group, object_type_name, and name are removed.
If a value is passed into p_privilege, the specified privilege is removed.
If group_id is null, the privilege is removed for all groups.

Example:

 wwsec_api.remove_group_acl(
     p_object_type_name => wwsec_api.PAGE_OBJ,
     p_name             => '0/156',
     p_group_id         => 3,
     p_privilege        => wwsec_api.MANAGE_PRIV
 );

Parameters:: p_object_type_name - the type of object, e.g., ADMIN, FOLDER, ITEM, etc.; p_name - the reference to the object; p_group_id - the portal's identifier for a group; p_privilege - the privilege to be granted. this should exist in WWSEC_PRIVILEGE$; p_owner - the owner of the ACL entry; p_disable_invalidations - controls whether cache invalidations are disabled when removing the group ACL
Exceptions:: ACCESS_DENIED_EXCEPTION - if the caller has insufficient privileges
Since:: Oracle9iAS Portal 3.0.6.6.5

remove_user_acl

procedure remove_user_acl(
    p_object_type_name in varchar2,
    p_name in varchar2,
    p_person_id in number default null,
    p_privilege in varchar2 default null,
    p_owner in varchar2 default wwctx_api . get_product_schema,
    p_disable_invalidations in boolean default false
)

Removes a specified privilege from a user. Removes all privileges for a given user, object_type_name, and name if null or if nothing is passed into p_privilege. If p_privilege is specified and p_person_id is null, this procedure removes the specified privilege for all persons.

Example:

 wwsec_api.remove_user_acl(
     p_object_type_name => wwsec_api.GROUP_OBJ,
     p_name             => '0/156',
     p_person_id        => 3,
     p_privilege        => wwsec_api.MANAGE_PRIV
 );

Parameters:: p_object_type_name - - the type of secured object, referenced by the security API constants that end with '_OBJ'. For example, wwsec_api.GROUP_OBJ, wwsec_api.PAGE_OBJ, etc.; p_name - the reference to the object; p_person_id - the portal's identifier for a user; p_privilege - the privilege to be granted. this should exist in WWSEC_PRIVILEGE$; p_owner - the owner of the ACL entry, used for avoiding namespace collisions; p_disable_invalidations - controls whether cache invalidations are disabled when setting the user ACL
Exceptions:: ACCESS_DENIED_EXCEPTION - if the caller has insufficient privileges
Since:: Oracle9iAS Portal 3.0.6.6.5

set_authorization_function

procedure set_authorization_function(
    p_object_type_name in varchar2,
    p_owner in varchar2 default wwctx_api . get_product_schema,
    p_name in varchar2,
    p_authorization_function in varchar2
)

Sets the name of a function to be used for function-based authorization.

This procedure creates an entry in the authorization function table. It updates the entry if it already exists and deletes it if p_authorization_function is null. The authorization function is executed to evaluate whether the current user is authorized to perform the action on the specified object.

Example:

 begin
     wwsec_api.set_authorization_function(
         p_object_type_name       => wwsec_api.ANYSCHEMA_OBJ,
         p_name                   => wwsec_api.ALL_OBJECTS,
         p_authorization_function => 'SCOTT.TEST_PKG.IS_DBA'
     );
 end;

Parameters:: p_object_type_name - the type of object, e.g., ADMIN, FOLDER, ITEM, etc., should exist in WWSEC_PRIV_OBJECT_TYPE$; p_owner - the 'owner' of the ACL entry, used to resolve namespace collisions; p_name - the reference to the object; p_authorization_function - name of the authorization function including the schema and the package name as [schema].[package].[function]. This is the name of the function that would check the privilege. The specified authorization function must exist when this API is invoked. This function must implement an interface where it accepts five parameters with names p_object_type_name, p_name, p_privilege_code, p_owner, and p_reqd_auth_level. In addition, the authorization function must have a purity level of a minimum of WNDS. A null value for p_authorization_function disables the function based security for the object.
See Also:: get_authorization_function
Exceptions:: INVALID_AUTH_FUNC_EXCEPTION - if the function doesn't exist
Since:: Oracle9iAS Portal 9.0.2

set_defaultgroup

procedure set_defaultgroup(
    p_groupid in number,
    p_username in varchar2 default wwctx_api . get_user
)

Sets the default group for a specified user.

Note: The default group is the group that the preference system uses if no user-level preferences are specified for a given setting.

Example:

    wwsec_api.set_defaultgroup(
       p_groupid   => wwsec_api.group_id ('PORTAL_ADMIN'),
       p_username  => 'USER1'
    );

Parameters:: p_groupid - the unique identifier for the default group, or null if no preference; p_username - the name of the user for whom the default group should be defined
See Also:: get_default_group
Exceptions:: UNEXPECTED_EXCEPTION - if a problem occurs for which an exception has not been defined; LDAP_CONNECTION_EXCEPTION - if the portal cannot connect to OID; ACCESS_DENIED_EXCEPTION - if user has insufficient privileges
Since:: Oracle9iAS Portal 3.0.6.6.5

set_group_acl

procedure set_group_acl(
    p_group_id in number,
    p_object_type_name in varchar2,
    p_owner in varchar2 default wwctx_api . get_product_schema,
    p_name in varchar2,
    p_privilege in varchar2,
    p_disable_invalidations in boolean default false
)

Creates an entry in the Access Control List that grants a privilege on a specified object to a specified group.

Example:

 wwsec_api.set_group_acl(
     p_group_id         => wwsec_api.group_id('MYGROUP'),
     p_object_type_name => wwsec_api.ANYSITE_OBJ,
     p_name             => wwsec_api.ALL_OBJECTS,
     p_privilege        => wwsec_api.CREATE_PRIV
 );

This example shows how to programmatically grant group MYGROUP with the global privilege to create page groups.

Parameters:: p_group_id - the numeric ID for a group profile; p_object_type_name - - the type of secured object, referenced by the security API constants that end with '_OBJ'. For example, wwsec_api.GROUP_OBJ, wwsec_api.PAGE_OBJ, etc.; p_owner - the owner of the ACL entry, used for avoiding namespace collisions, typically the product schema; p_name - - is an object-type-specific reference to the object on which privilege is being granted.; p_privilege - - the privilege to be granted. Defined by a security API constant that ends with '_PRIV'. For example, wwsec_api.OWN_PRIV, wwsec_api.VIEW_PRIV, etc.; p_disable_invalidations - controls whether cache invalidations are disabled when setting the group ACL
See Also:: wwsec_api.set_user_acl
Exceptions:: GROUP_NOT_FOUND_EXCEPTION - if the group doesn't exist; ACCESS_DENIED_EXCEPTION - if the caller has insufficient privileges
Since:: Oracle9iAS Portal 3.0.6.6.5

set_user_acl

procedure set_user_acl(
    p_person_id in number,
    p_object_type_name in varchar2,
    p_owner in varchar2 default wwctx_api . get_product_schema,
    p_name in varchar2,
    p_privilege in varchar2,
    p_disable_invalidations in boolean default false
)

Gives a user a specified privilege in the OracleAS Portal 10G. This API creates an entry in the Portal's access control list (ACL) that grants a privilege on a given object to a specified user.

Example:

 wwsec_api.set_user_acl(
     p_person_id        => wwsec_api.id('JDOE'),
     p_object_type_name => wwsec_api.ANYPAGE_OBJ,
     p_name             => wwsec_api.ALL_OBJECTS,
     p_privilege        => wwsec_api.MANAGE_STYLE_PRIV
 );

This example shows how to programmatically grant user JDOE with the global privilege to manage styles on any page.

Parameters:: p_person_id - the portal's identifier for the user; p_object_type_name - - the type of secured object, referenced by the security API constants that end with '_OBJ'. For example, wwsec_api.GROUP_OBJ, wwsec_api.PAGE_OBJ, etc.; p_owner - the owner of the ACL entry, used for avoiding namespace collisions, typically the product schema.; p_name - - is an object-type-specific reference to the object on which privilege is being granted.; p_privilege - - the privilege to be granted. Defined by a security API constant that ends with '_PRIV'. For example, wwsec_api.OWN_PRIV, wwsec_api.VIEW_PRIV, etc.; p_disable_invalidations - controls whether cache invalidations are disabled when setting the user ACL
See Also:: set_group_acl
Exceptions:: USER_NOT_FOUND_EXCEPTION - if the user doesn't exist; ACCESS_DENIED_EXCEPTION - if the caller does not have the privilege to manage the specified object
Since:: Oracle9iAS Portal 3.0.6.6.5

update_group_acl

procedure update_group_acl(
    p_object_type_name in varchar2,
    p_name in varchar2,
    p_grantee_group_id in number,
    p_privilege in varchar2,
    p_owner in varchar2 default wwctx_api . get_product_schema,
    p_disable_invalidations in boolean default false
)

Changes a group's privilege in the Access Control List.

Example:

 wwsec_api.update_group_acl(
     p_object_type_name => wwsec_api.ANYSITE_OBJ,
     p_name             => wwsec_api.ALL_OBJECTS,
     p_grantee_group_id => wwsec_api.group_id('MYGROUP'),
     p_privilege        => wwsec_api.CREATE_PRIV
 );

This example shows how to programmatically grant group MYGROUP with the global privilege to create page groups.

Parameters:: p_object_type_name - - the type of secured object, referenced by the security API constants that end with '_OBJ'. For example, wwsec_api.GROUP_OBJ, wwsec_api.PAGE_OBJ, etc.; p_name - - is an object-type-specific reference to the object on which privilege is being granted.; p_grantee_group_id - the portal's identifier for a group; p_privilege - - the privilege to be granted. Defined by a security API constant that ends with '_PRIV'. For example, wwsec_api.OWN_PRIV, wwsec_api.VIEW_PRIV, etc.; p_owner - an owner of the ACL entry, used for avoiding namespace collisions; p_disable_invalidations - controls whether cache invalidations are disabled when updating the group ACL
Exceptions:: ACCESS_DENIED_EXCEPTION - if the caller has insufficient privileges
Since:: Oracle9iAS Portal 3.0.6.6.5

update_group_owner

procedure update_group_owner(
    p_group_id in number,
    p_member_group_id in number,
    p_is_owner in number
)

Modifies group-ownership for a group that is a member of another group.

Call this procedure to perform one of two operations, depending on the value of p_is_owner:

Make a group (that is a member of p_group_id) an owner of the group and update the member's privileges accordingly.
Remove group owner privileges for a member group that is an owner of the specified group.

Example:

 wwsec_api.update_group_owner(
     p_group_id        => wwsec_api.group_id('POWER_USERS'),
     p_member_group_id => wwsec_api.group_id('PORTAL_DEVELOPERS'),
     p_is_owner        => wwsec_api.NOT_OWNER
 );

Parameters:: p_group_id - the portal's identifier for the group; p_member_group_id - the portal's identifier for the member group; p_is_owner - indicates whether or not the member group should be made an owner or not
Exceptions:: GROUP_NOT_FOUND_EXCEPTION - if the referenced group doesn't exist; ACCESS_DENIED_EXCEPTION - if the caller is not an owner of the group or does not have a global privilege to edit groups; LDAP_CONNECTION_EXCEPTION - if the portal cannot connect to OID
Since:: Oracle9iAS Portal 3.0.6.6.5

update_list

procedure update_list(
    p_groupid in number,
    p_siteid in number default global_group,
    p_name in varchar2,
    p_description in varchar2 default null,
    p_hidden_group in number,
    p_hidden_members in number default null
)

Updates general information for a specified group.

Example:

 wwsec_api.update_list
 (
     p_groupid      => 2,
     p_name         => 'DEVELOPER',
     p_description  => 'Development Team',
     p_hidden_group => wwsec_api.NOT_HIDDEN
 );

Parameters:: p_groupid - the unique identifier for a group; p_name - the name of the group; p_description - a description of the group; p_hidden_group - indicates if the group is hidden from users and groups except those who are owners of the group; p_hidden_members - this parameter is not used
Exceptions:: GROUP_NOT_FOUND_EXCEPTION - if the p_groupid doesn't exist; ACCESS_DENIED_EXCEPTION - if the caller does not own the group, or does not have the global privileges to edit a group; INVALID_GRP_NAME_EXCEPTION - if the group name is invalid; LDAP_CONNECTION_EXCEPTION - if the portal cannot connect to OID
Since:: Oracle9iAS Portal 3.0.6.6.5

update_user_acl

procedure update_user_acl(
    p_object_type_name in varchar2,
    p_name in varchar2,
    p_grantee_user_id in number,
    p_privilege in varchar2,
    p_owner in varchar2 default wwctx_api . get_product_schema,
    p_disable_invalidations in boolean default false
)

Changes a user's privilege in the Access Control List.

Call this routine to update a user's privilege in the Access Control List.

Example:

 wwsec_api.update_user_acl(
     p_object_type_name => wwsec_api.ANYPAGE_OBJ,
     p_name             => wwsec_api.ALL_OBJECTS,
     p_grantee_user_id  => wwsec_api.id('JDOE'),
     p_privilege        => wwsec_api.MANAGE_STYLE_PRIV
 );

This example shows how to programmatically grant user JDOE with the global privilege to manage styles on any page.

Parameters:: p_object_type_name - - the type of secured object, referenced by the security API constants that end with '_OBJ'. For example, wwsec_api.GROUP_OBJ, wwsec_api.PAGE_OBJ, etc.; p_name - - is an object-type-specific reference to the object on which privilege is being granted.; p_grantee_user_id - the portal's identifier for a user; p_privilege - - the privilege to be granted. Defined by a security API constant that ends with '_PRIV'. For example, wwsec_api.OWN_PRIV, wwsec_api.VIEW_PRIV, etc.; p_owner - owner of the ACL entry, used for avoiding namespace collisions; p_disable_invalidations - controls whether cache invalidations are disabled when setting the user ACL
Exceptions:: ACCESS_DENIED_EXCEPTION - if the caller has insufficient privileges
Since:: Oracle9iAS Portal 3.0.6.6.5

update_user_owner

procedure update_user_owner(
    p_group_id in number,
    p_member_person_id in number,
    p_is_owner in number
)

Modifies group-ownership for a user.

Call this procedure to perform one of two operations, depending on the value of p_is_owner:

Make a user an owner of the group and update the user's privileges accordingly.
Remove group owner privileges for a user who is currently an owner of the p_group_id.

Example:

 wwsec_api.update_user_owner(
     p_group_id            => wwsec_api.group_id('POWER_USERS'),
     p_member_person_id    => wwsec_api.id('JDOE'),
     p_is_owner            => wwsec_api.NOT_OWNER
 );

Parameters:: p_group_id - the portal's identifier for the group; p_member_person_id - the portal's identifier for the user; p_is_owner - indicates whether or not the user should be made an owner
Exceptions:: GROUP_NOT_FOUND_EXCEPTION - if the referenced group doesn't exist; INVALID_PERSON_ID_EXCEPTION - if p_member_person_id doesn't exist; ACCESS_DENIED_EXCEPTION - if the caller is not an owner of the group or does not have a global privilege to edit groups; LDAP_CONNECTION_EXCEPTION - if the portal cannot connect to OID
Since:: Oracle9iAS Portal 3.0.6.6.5

user_in_groups

function user_in_groups(
    p_user_name in varchar2
) return idarray

Deprecated. As of Oracle9iAS Portal 9.0.2, since groups are now stored in OID and do not necessarily have a local shadow entry with an ID

Returns a list of group IDs when given a user name.

Parameters:: p_user_name - the name of the user whose group memberships are being requested
Returns:: an array of group Ids that the user belongs to
Exceptions:: DEPRECATED_API_EXCEPTION - if invoked
Since:: Oracle9iAS Portal 3.0.6.6.5

user_name

function user_name(
    p_id in number
) return varchar2

Returns a user name, given a person ID.

Example:

 declare
     l_user_name varchar2 (30);
 begin
     l_user_name := wwsec_api.user_name
     (
       p_id => 16782
     );
 end;

Parameters:: p_id - a unique identifying number for a person
Returns:: a user name for the specified ID
Exceptions:: INVALID_PERSON_ID_EXCEPTION - if the specified person_id does not exist; UNEXPECTED_EXCEPTION - if any other exception condition occurs
Since:: Oracle9iAS Portal 3.0.6.6.5

users_in_group

function users_in_group(
    p_group_id in number
) return array

Deprecated. As of Oracle9iAS Portal 9.0.2, since the group memberships are being maintained in OID and implementation of this API becomes prohibitive. OID does not provide a direct API to return the members of a group, so recursive calls would have to be made to the directory to get the users who are indirect members. This function is not being used anywhere in the Portal code.

Gets the list of all the users in a specific group.

Parameters:: p_group_id - the portal's identifier for the group
Returns:: an array of user names
Exceptions:: DEPRECATED_API_EXCEPTION - if invoked
Since:: Oracle9iAS Portal 3.0.6.6.5

Overview

Package

Object Type

Deprecated

Index

Help

Oracle Application Server Portal PL/SQL API Reference - 10.1.2

PREV PACKAGE NEXT PACKAGE

FRAMES NO FRAMES

SUMMARY: EXCEPTION | TYPE | CONSTANT | VARIABLE | FUNCTION/PROCEDURE

DETAIL: EXCEPTION | TYPE | CONSTANT | VARIABLE | FUNCTION/PROCEDURE