is_privilege_at_least function

Related topics

Contained in package wwsec_api.

Call this function to determine if the specified user, or the group to which the user belongs, has at least a certain privilege on a given object.

This function assumes that privilege codes are defined hierarchically, and that the highest privilege code number represents the highest privilege level.

Note: Higher level privileges subsume lower level privileges on the same object.

function is_privilege_at_least

(

p_object_type_name in varchar2,

p_name in varchar2,

p_privilege_code in number,

p_owner in varchar2 default wwctx_api.get_product_schema

p_reqd_auth_level in NUMBER default wwctx_api.REQUIRED_AUTHENTICATION_LEVEL

)

return boolean;

Version: Oracle Portal 3.0.6.6.5 or later

Parameters:

p_object_type_name

The name of the type of object referenced.

Note: These names are object_type_name constants. For example, ADMIN_OBJ, ITEM_OBJ, or another object type name.

Datatype: in varchar2

p_name

The unique name of the specific object.

Datatype: in varchar2

p_privilege_code

The minimum privilege code needed by the grantee.

Datatype: in number

p_owner

The name of the schema that owns the Access Control List entry, or another name space discriminator.

Datatype: in varchar2
Default: wwctx_api.get_product_schema

p_reqd_auth_level

The minimum authentication level that a calling function requires in order to pass a privilege check.

The API fails the authorization check if the current authentication level (returned by wwctx_api.get_authentication_level) is less than the value of this parameter.

Note: If the object is granted PUBLIC access, the authentication level is not checked at all.

The default value for this parameter is REQUIRED_AUTHENTICATION_LEVEL and this is equivalent to PUBLIC_AUTHENTICATION. This implies that the user must be authenticated by the Single Sign-On Server for the authorization check to pass.

Portlets that require authorization fail the authorization check for a weakly authenticated user. If a portlet wants to display itself to a weakly authenticated user, it should pass p_reqd_auth_level as WEAK_AUTHENTICATION while invoking the authorization APIs.

Note: This parameter is available in Oracle Portal 3.0.9 or later.

Datatype: number
Default: wwctx_api.REQUIRED_AUTHENTICATION_LEVEL

Returns:

This function returns TRUE if the user, or a group that the user belongs to, has at least the privilege specified on a given object, or FALSE if not.

Exceptions:

This function raises no exceptions.

Example:

l_return boolean;
wwsec_api.is_privilege_at_least
(

p_object_type_name => PAGE_OBJ,
p_name => '0/156',
p_privilege_code => 300
p_reqd_auth_level=>wwctx_api.REQUIRED_AUTHENTICATION_LEVEL

);

Version: Oracle Portal 3.0.6.6.5 or later
Parameters:
p_object_type_name	The name of the type of object referenced. Note: These names are object_type_name constants. For example, ADMIN_OBJ, ITEM_OBJ, or another object type name. Datatype: in varchar2
p_name	The unique name of the specific object. Datatype: in varchar2
p_privilege_code	The minimum privilege code needed by the grantee. Datatype: in number
p_owner	The name of the schema that owns the Access Control List entry, or another name space discriminator. Datatype: in varchar2 Default: wwctx_api.get_product_schema
p_reqd_auth_level	The minimum authentication level that a calling function requires in order to pass a privilege check. The API fails the authorization check if the current authentication level (returned by wwctx_api.get_authentication_level) is less than the value of this parameter. Note: If the object is granted PUBLIC access, the authentication level is not checked at all. The default value for this parameter is REQUIRED_AUTHENTICATION_LEVEL and this is equivalent to PUBLIC_AUTHENTICATION. This implies that the user must be authenticated by the Single Sign-On Server for the authorization check to pass. Portlets that require authorization fail the authorization check for a weakly authenticated user. If a portlet wants to display itself to a weakly authenticated user, it should pass p_reqd_auth_level as WEAK_AUTHENTICATION while invoking the authorization APIs. Note: This parameter is available in Oracle Portal 3.0.9 or later. Datatype: number Default: wwctx_api.REQUIRED_AUTHENTICATION_LEVEL
Returns: This function returns TRUE if the user, or a group that the user belongs to, has at least the privilege specified on a given object, or FALSE if not. Exceptions: This function raises no exceptions. Example: l_return boolean; wwsec_api.is_privilege_at_least ( p_object_type_name => PAGE_OBJ, p_name => '0/156', p_privilege_code => 300 p_reqd_auth_level=>wwctx_api.REQUIRED_AUTHENTICATION_LEVEL );

Related topics
Security API package	PDK PL/SQL API Reference - Home