Package wwsec_api

This package contains procedures and functions for administering OracleAS Portal 10G security. Using these security APIs you can perform the following operations:

• User maintenance (create user profile entries, activate portal access, update user properties, delete user profile entries, and other associated tasks).
• Group maintenance (create, activate, update, delete groups, and other associated tasks).
• Access control (grant, check, copy, update, remove user/group privileges, and other associated tasks).

Scope:

Public

Since:

Oracle9iAS Portal 3.0.6.6.5

ACCESS_DENIED_EXCEPTION

ACCESS_DENIED_EXCEPTION exception

A user does not have sufficient privileges to execute a routine.

CIRCULAR_REFERENCE_EXCEPTION

CIRCULAR_REFERENCE_EXCEPTION exception

The reference path refers back to the first element in the path, for example, a group owns a group that owns the first group.

DEPRECATED_API_EXCEPTION

DEPRECATED_API_EXCEPTION exception

The API has been deprecated.

DUPLICATE_GRANTEE_EXCEPTION

DUPLICATE_GRANTEE_EXCEPTION exception

The specified grantee exists.

DUPLICATE_GROUP_EXCEPTION

DUPLICATE_GROUP_EXCEPTION exception

A referenced group name exists.

GROUP_MEMBER_EXCEPTION

GROUP_MEMBER_EXCEPTION exception

A referenced group or user is already a member of the list.

GROUP_NOT_FOUND_EXCEPTION

GROUP_NOT_FOUND_EXCEPTION exception

A referenced group was not found.

GROUP_NOT_UNIQUE_EXCEPTION

GROUP_NOT_UNIQUE_EXCEPTION exception

Another group exists with the same name.

INVALID_ARGUMENT_EXCEPTION

INVALID_ARGUMENT_EXCEPTION exception

A specified argument is invalid.

INVALID_AUTH_FUNC_EXCEPTION

INVALID_AUTH_FUNC_EXCEPTION exception

The specified authorization function is ill-formed or undefined.

INVALID_GRP_NAME_EXCEPTION

INVALID_GRP_NAME_EXCEPTION exception

The specified group name is not valid.

INVALID_PERSON_ID_EXCEPTION

INVALID_PERSON_ID_EXCEPTION exception

A user referenced by ID does not exist.

INVALID_SITE_EXCEPTION

INVALID_SITE_EXCEPTION exception

A referenced site does not exist.

LDAP_CONNECTION_EXCEPTION

LDAP_CONNECTION_EXCEPTION exception

An error occurred while connecting to the OID server.

NO_ACCESSIBLE_OBJECT_EXCEPTION

NO_ACCESSIBLE_OBJECT_EXCEPTION exception

The referenced object does not exist.

NO_MANAGER_EXCEPTION

NO_MANAGER_EXCEPTION exception

No manager ID exists for the new OracleAS Portal 10G user being registered, or there is no manager name on file for a referenced OracleAS Portal 10G user.

ORG_NOT_EXIST_EXCEPTION

ORG_NOT_EXIST_EXCEPTION exception

The specified organization does not exist.

UNEXPECTED_EXCEPTION

UNEXPECTED_EXCEPTION exception

An undefined exception condition exists.

USER_EXISTS_EXCEPTION

USER_EXISTS_EXCEPTION exception

Another user exists with the same identifier.

USER_NOT_DELETABLE_EXCEPTION

USER_NOT_DELETABLE_EXCEPTION exception

The user cannot be deleted.

USER_NOT_FOUND_EXCEPTION

USER_NOT_FOUND_EXCEPTION exception

A referenced user does not exist.

VALUE_ERROR_EXCEPTION

VALUE_ERROR_EXCEPTION exception

An invalid parameter was passed to the API.

array

type array is table of varchar2(2000) index by binary_integer

This array receives varchar2 data from various security methods.

grantee_array

type grantee_array is table of grantee_record index by binary_integer

An array of grantee_record(s).

grantee_record

type grantee_record is record (
    grantee_type wwsec_sys_priv$.grantee_type%type,
    grantee_id number,
    grantee_name wwsec_person$.user_name%type,
    privilege wwsec_sys_priv$.privilege%type
)

A record structure containing the details of a grantee of a privilege.

Fields:

grantee_type - indicates whether the privilege is granted to a 'USER' or a 'GROUP'

grantee_id - the numeric identifier of the grantee - which may be a user id or a group id

grantee_name - the name of the user or group represented by this entry

privilege - the privilege granted to the user or group

Since:

3.0.6.6.5

idarray

type idarray is table of number index by binary_integer

This array receives number data from various security methods.

list_array

type list_array is table of list_record index by binary_integer

An array containing a list of groups.

list_member_array

type list_member_array is table of list_member_record index by binary_integer

An array of list_member_record records returned by the wwsec_api.get_list_members function.

list_member_record

type list_member_record is record (
    id wwsec_member$.id%type,
    group_id wwsec_member$.group_id%type,
    member_type wwsec_member$.member_type%type,
    member_group_id wwsec_member$.member_group_id%type,
    member_person_id wwsec_member$.member_person_id%type
)

A record structure containing the details of members of a group.

Fields:

id - an identifier for the member entry

group_id - the identifier for the group to which this membership belongs

member_type - indicates whether this membership entry is for a GROUP member or a USER member

member_group_id - contains the identifier of the member group if the member_type is GROUP; and is 0 otherwise

member_person_id - contains the identifier of the member user if the member_type is USER; and is 0 otherwise

list_record

type list_record is record (
    group_id wwsec_group$.id%type,
    siteid wwsec_group$.site_id%type,
    name wwsec_group$.name%type,
    description wwsec_group$.description%type
)

A record structure containing details of a group.

Fields:

group_id - the portal's numeric identifier for the group

siteid - the numeric identifier for the content area to which the group may be scoped; or 0 if not locally scoped

name - the name of the group

description - a free-text description of the group

Since:

Oracle9iAS Portal 3.0.6.6.5

privilege_array

type privilege_array is table of wwsec_privilege$%rowtype index by binary_integer

An array containing the list of privileges appropriate for assignment on a particular object type.

username_type

subtype username_type is wwsec_person$.user_name%type

Subtype for representing user names.

ACCESS_PRIV

ACCESS_PRIV constant wwsec_sys_priv$.privilege%type := 'ACCESS'

ADD_CUSTOM_PRIV

ADD_CUSTOM_PRIV constant wwsec_sys_priv$.privilege%type := 'ADD_ONLY_CUSTOM_CONTENT'

ALL_OBJECTS

ALL_OBJECTS constant wwsec_sys_priv$.name%type := 'ALL_OBJECTS'

This constant is used for the object instance identifier (name) for the global privileges (ANY_XXXX).

ANYGROUP_CREATE

ANYGROUP_CREATE constant number := 100

ANYGROUP_MANAGE

ANYGROUP_MANAGE constant number := 200

ANYGROUP_OBJ

ANYGROUP_OBJ constant wwsec_sys_priv$.object_type_name%type := 'ANY_GROUP'

ANYLOG_EDIT

ANYLOG_EDIT constant number := 200

ANYLOG_MANAGE

ANYLOG_MANAGE constant number := 300

ANYLOG_OBJ

ANYLOG_OBJ constant wwsec_sys_priv$.object_type_name%type := 'ANY_LOG'

ANYLOG_VIEW

ANYLOG_VIEW constant number := 100

ANYPAGE_ADD_ONLY_CUSTOM_CNT

ANYPAGE_ADD_ONLY_CUSTOM_CNT constant number := 500

ANYPAGE_CREATE

ANYPAGE_CREATE constant number := 100

ANYPAGE_FULL_CUSTOM_CNT

ANYPAGE_FULL_CUSTOM_CNT constant number := 600

ANYPAGE_HIDE_SHOW_CUSTOM_CNT

ANYPAGE_HIDE_SHOW_CUSTOM_CNT constant number := 400

ANYPAGE_MANAGE

ANYPAGE_MANAGE constant number := 1000

ANYPAGE_MANAGE_CNT

ANYPAGE_MANAGE_CNT constant number := 900

ANYPAGE_MANAGE_CNT_WITH_APP

ANYPAGE_MANAGE_CNT_WITH_APP constant number := 800

ANYPAGE_MANAGE_STYLE

ANYPAGE_MANAGE_STYLE constant number := 700

ANYPAGE_OBJ

ANYPAGE_OBJ constant wwsec_sys_priv$.object_type_name%type := 'ANY_PAGE'

ANYPAGE_STYLE_CUSTOM

ANYPAGE_STYLE_CUSTOM constant number := 300

ANYPAGE_VIEW

ANYPAGE_VIEW constant number := 200

ANYPORTLET_ACCESS

ANYPORTLET_ACCESS constant number := 200

ANYPORTLET_EDIT

ANYPORTLET_EDIT constant number := 400

ANYPORTLET_EXECUTE

ANYPORTLET_EXECUTE constant number := 300

ANYPORTLET_MANAGE

ANYPORTLET_MANAGE constant number := 500

ANYPORTLET_OBJ

ANYPORTLET_OBJ constant wwsec_sys_priv$.object_type_name%type := 'ANY_PORTLET'

ANYPORTLET_PUBLISH

ANYPORTLET_PUBLISH constant number := 100

ANYPROVIDER_CREATE

ANYPROVIDER_CREATE constant number := 100

ANYPROVIDER_EDIT

ANYPROVIDER_EDIT constant number := 400

ANYPROVIDER_EXECUTE

ANYPROVIDER_EXECUTE constant number := 200

ANYPROVIDER_MANAGE

ANYPROVIDER_MANAGE constant number := 500

ANYPROVIDER_OBJ

ANYPROVIDER_OBJ constant wwsec_sys_priv$.object_type_name%type := 'ANY_PROVIDER'

ANYPROVIDER_PUBLISH

ANYPROVIDER_PUBLISH constant number := 300

ANYSCHEMA_CREATE

ANYSCHEMA_CREATE constant number := 100

ANYSCHEMA_INSERT

ANYSCHEMA_INSERT constant number := 300

ANYSCHEMA_MANAGE

ANYSCHEMA_MANAGE constant number := 500

ANYSCHEMA_MODIFY

ANYSCHEMA_MODIFY constant number := 400

ANYSCHEMA_OBJ

ANYSCHEMA_OBJ constant wwsec_sys_priv$.object_type_name%type := 'ANY_SCHEMA'

ANYSCHEMA_VIEW

ANYSCHEMA_VIEW constant number := 200

ANYSITE_CREATE

ANYSITE_CREATE constant number := 100

ANYSITE_MANAGE

ANYSITE_MANAGE constant number := 700

ANYSITE_MANAGE_CLASSIFICATION

ANYSITE_MANAGE_CLASSIFICATION constant number := 500

ANYSITE_MANAGE_STYLE

ANYSITE_MANAGE_STYLE constant number := 300

ANYSITE_MANAGE_TEMPLATE

ANYSITE_MANAGE_TEMPLATE constant number := 400

ANYSITE_MANAGE_TRANSLATION

ANYSITE_MANAGE_TRANSLATION constant number := 600

ANYSITE_OBJ

ANYSITE_OBJ constant wwsec_sys_priv$.object_type_name%type := 'ANY_SITE'

ANYSITE_VIEW

ANYSITE_VIEW constant number := 200

ANYSTYLE_CREATE

ANYSTYLE_CREATE constant number := 100

ANYSTYLE_MANAGE

ANYSTYLE_MANAGE constant number := 400

ANYSTYLE_OBJ

ANYSTYLE_OBJ constant wwsec_sys_priv$.object_type_name%type := 'ANY_STYLE'

ANYSTYLE_PUBLISH

ANYSTYLE_PUBLISH constant number := 200

ANYSTYLE_VIEW

ANYSTYLE_VIEW constant number := 300

ANYTRANSPORTSET_EXECUTE

ANYTRANSPORTSET_EXECUTE constant number := 200

ANYTRANSPORTSET_MANAGE

ANYTRANSPORTSET_MANAGE constant number := 500

ANYTRANSPORTSET_OBJ

ANYTRANSPORTSET_OBJ constant wwsec_sys_priv$.object_type_name%type := 'ANY_TRANSPORTSET'

ANYUSER_CREATE

ANYUSER_CREATE constant number := 100

ANYUSER_MANAGE

ANYUSER_MANAGE constant number := 200

ANYUSER_OBJ

ANYUSER_OBJ constant wwsec_sys_priv$.object_type_name%type := 'ANY_USER'

CREATE_PRIV

CREATE_PRIV constant wwsec_sys_priv$.privilege%type := 'CREATE'

CUSTOMIZE_PRIV

CUSTOMIZE_PRIV constant wwsec_sys_priv$.privilege%type := 'CUSTOMIZE'

DOCUMENT_MANAGE

DOCUMENT_MANAGE constant number := 200

DOCUMENT_OBJ

DOCUMENT_OBJ constant wwsec_sys_priv$.object_type_name%type := 'DOCUMENT'

DOCUMENT_OWN

DOCUMENT_OWN constant number := 300

DOCUMENT_VIEW

DOCUMENT_VIEW constant number := 100

EDIT_PRIV

EDIT_PRIV constant wwsec_sys_priv$.privilege%type := 'EDIT'

EXECUTE_PRIV

EXECUTE_PRIV constant wwsec_sys_priv$.privilege%type := 'EXECUTE'

FULL_CUSTOM_PRIV

FULL_CUSTOM_PRIV constant wwsec_sys_priv$.privilege%type := 'FULL_CUSTOM_CONTENT'

GLOBAL_GROUP

GLOBAL_GROUP constant number(1) := 0

GRANTEE_GROUP

GRANTEE_GROUP constant wwsec_sys_priv$.grantee_type%type := 'GROUP'

GRANTEE_USER

GRANTEE_USER constant wwsec_sys_priv$.grantee_type%type := 'USER'

GROUP_AUTHENTICATED_USERS

GROUP_AUTHENTICATED_USERS constant number(1) := 0

GROUP_DBA

GROUP_DBA constant number(1) := 1

GROUP_IPORTAL_ADMINISTRATORS

GROUP_IPORTAL_ADMINISTRATORS constant number(1) := GROUP_WEBDB_ADMINISTRATORS

GROUP_OBJ

GROUP_OBJ constant wwsec_sys_priv$.object_type_name%type := 'GROUP'

GROUP_OWN

GROUP_OWN constant number := 100

GROUP_PORTAL_PUBLISHERS

GROUP_PORTAL_PUBLISHERS constant number(1) := 3

GROUP_TYPE_LIST

GROUP_TYPE_LIST constant wwsec_group$.group_type%type := 'LIST'

GROUP_TYPE_ORG

GROUP_TYPE_ORG constant wwsec_group$.group_type%type := 'ORG'

GROUP_WEBDB_ADMINISTRATORS

GROUP_WEBDB_ADMINISTRATORS constant number(1) := 2

HIDDEN

HIDDEN constant number(1) := 1

HIDE_SHOW_CUSTOM_PRIV

HIDE_SHOW_CUSTOM_PRIV constant wwsec_sys_priv$.privilege%type := 'HIDE_SHOW_CUSTOM_CONTENT'

INSERT_PRIV

INSERT_PRIV constant wwsec_sys_priv$.privilege%type := 'INSERT'

ITEM_MANAGE

ITEM_MANAGE constant number := 200

ITEM_OBJ

ITEM_OBJ constant wwsec_sys_priv$.object_type_name%type := 'ITEM'

ITEM_OWN

ITEM_OWN constant number := 300

ITEM_VIEW

ITEM_VIEW constant number := 100

LOV_EDIT

LOV_EDIT constant number := 200

LOV_EXECUTE

LOV_EXECUTE constant number := 100

LOV_OBJ

LOV_OBJ constant wwsec_sys_priv$.object_type_name%type := 'LOV'

MANAGE_CLASSIFICATION_PRIV

MANAGE_CLASSIFICATION_PRIV constant wwsec_sys_priv$.privilege%type := 'MANAGE_CLASSIFICATION'

MANAGE_CNT_PRIV

MANAGE_CNT_PRIV constant wwsec_sys_priv$.privilege%type := 'MANAGE_CONTENT'

MANAGE_CNT_WITH_APP_PRIV

MANAGE_CNT_WITH_APP_PRIV constant wwsec_sys_priv$.privilege%type := 'MANAGE_CONTENT_WITH_APPROVAL'

MANAGE_PRIV

MANAGE_PRIV constant wwsec_sys_priv$.privilege%type := 'MANAGE'

MANAGE_STYLE_PRIV

MANAGE_STYLE_PRIV constant wwsec_sys_priv$.privilege%type := 'MANAGE_STYLE'

MANAGE_TEMPLATE_PRIV

MANAGE_TEMPLATE_PRIV constant wwsec_sys_priv$.privilege%type := 'MANAGE_TEMPLATE'

MEMBER_TYPE_GROUP

MEMBER_TYPE_GROUP constant wwsec_member$.member_type%type := 'GROUP'

MEMBER_TYPE_USER

MEMBER_TYPE_USER constant wwsec_member$.member_type%type := 'USER'

MENU_EXECUTE

MENU_EXECUTE constant number := 100

MENU_OBJ

MENU_OBJ constant wwsec_sys_priv$.object_type_name%type := 'MENU'

MODIFY_PRIV

MODIFY_PRIV constant wwsec_sys_priv$.privilege%type := 'MODIFY'

NAVBAR_OBJ

NAVBAR_OBJ constant wwsec_sys_priv$.object_type_name%type := 'NAVBAR'

NAVBAR_OWN

NAVBAR_OWN constant number := 100

NO_PRIVILEGE

NO_PRIVILEGE constant number := 0

NOT_HIDDEN

NOT_HIDDEN constant number(1) := 0

NOT_OWNER

NOT_OWNER constant number(1) := 0

OWN_PRIV

OWN_PRIV constant wwsec_sys_priv$.privilege%type := 'OWN'

OWNER

OWNER constant number(1) := 1

PAGE_ADD_ONLY_CUSTOM_CNT

PAGE_ADD_ONLY_CUSTOM_CNT constant number := 400

PAGE_FULL_CUSTOM_CNT

PAGE_FULL_CUSTOM_CNT constant number := 500

PAGE_HIDE_SHOW_CUSTOM_CNT

PAGE_HIDE_SHOW_CUSTOM_CNT constant number := 300

PAGE_MANAGE

PAGE_MANAGE constant number := 900

PAGE_MANAGE_CNT

PAGE_MANAGE_CNT constant number := 800

PAGE_MANAGE_CNT_WITH_APP

PAGE_MANAGE_CNT_WITH_APP constant number := 700

PAGE_MANAGE_STYLE

PAGE_MANAGE_STYLE constant number := 600

PAGE_OBJ

PAGE_OBJ constant wwsec_sys_priv$.object_type_name%type := 'PAGE'

PAGE_STYLE_CUSTOM

PAGE_STYLE_CUSTOM constant number := 200

PAGE_VIEW

PAGE_VIEW constant number := 100

PORTLET_ACCESS

PORTLET_ACCESS constant number := 200

PORTLET_EDIT

PORTLET_EDIT constant number := 400

PORTLET_EXECUTE

PORTLET_EXECUTE constant number := 300

PORTLET_MANAGE

PORTLET_MANAGE constant number := 500

PORTLET_NON_LOCAL_ACCESS

PORTLET_NON_LOCAL_ACCESS constant number := 200

PORTLET_NON_LOCAL_EXECUTE

PORTLET_NON_LOCAL_EXECUTE constant number := 300

PORTLET_NON_LOCAL_MANAGE

PORTLET_NON_LOCAL_MANAGE constant number := 500

PORTLET_NON_LOCAL_PUBLISH

PORTLET_NON_LOCAL_PUBLISH constant number := 100

PORTLET_NONLOCAL_OBJ

PORTLET_NONLOCAL_OBJ constant wwsec_sys_priv$.object_type_name%type := 'PORTLET_NON_LOCAL'

PORTLET_OBJ

PORTLET_OBJ constant wwsec_sys_priv$.object_type_name%type := 'PORTLET'

PORTLET_PUBLISH

PORTLET_PUBLISH constant number := 100

PROVIDER_EDIT

PROVIDER_EDIT constant number := 400

PROVIDER_EXECUTE

PROVIDER_EXECUTE constant number := 200

PROVIDER_MANAGE

PROVIDER_MANAGE constant number := 500

PROVIDER_OBJ

PROVIDER_OBJ constant wwsec_sys_priv$.object_type_name%type := 'PROVIDER'

PROVIDER_PUBLISH

PROVIDER_PUBLISH constant number := 300

PUBLISH_PRIV

PUBLISH_PRIV constant wwsec_sys_priv$.privilege%type := 'PUBLISH'

SCHEMA_ADMIN

SCHEMA_ADMIN constant number(1) := 1

SCHEMA_BROWSEIN

SCHEMA_BROWSEIN constant number := 100

SCHEMA_BUILDIN

SCHEMA_BUILDIN constant number := 200

SCHEMA_OBJ

SCHEMA_OBJ constant wwsec_sys_priv$.object_type_name%type := 'SCHEMA'

SCHEMA_OWNER

SCHEMA_OWNER constant number(1) := 0

SEARCH_SUBTYPE_GROUP

SEARCH_SUBTYPE_GROUP constant varchar2(30) := 'GROUP'

SEARCH_SUBTYPE_USER

SEARCH_SUBTYPE_USER constant varchar2(30) := 'USER'

SEARCH_TYPE_UG

SEARCH_TYPE_UG constant varchar2(30) := 'USERGROUP'

SITE_MANAGE

SITE_MANAGE constant number := 600

SITE_MANAGE_CLASSIFICATION

SITE_MANAGE_CLASSIFICATION constant number := 400

SITE_MANAGE_STYLE

SITE_MANAGE_STYLE constant number := 200

SITE_MANAGE_TEMPLATE

SITE_MANAGE_TEMPLATE constant number := 300

SITE_MANAGE_TRANSLATION

SITE_MANAGE_TRANSLATION constant number := 500

SITE_OBJ

SITE_OBJ constant wwsec_sys_priv$.object_type_name%type := 'SITE'

SITE_SEPARATOR

SITE_SEPARATOR constant varchar2(1) := '/'

Separator used for object names that include multiple identifiers.

SITE_VIEW

SITE_VIEW constant number := 100

STYLE_CUSTOM_PRIV

STYLE_CUSTOM_PRIV constant wwsec_sys_priv$.privilege%type := 'STYLE_CUSTOM'

USER_PUBLIC

USER_PUBLIC constant number(1) := 2

VIEW_PRIV

VIEW_PRIV constant wwsec_sys_priv$.privilege%type := 'VIEW'

WORKFLOW_EXECUTE

WORKFLOW_EXECUTE constant number := 300

WORKFLOW_MANAGE

WORKFLOW_MANAGE constant number := 400

WORKFLOW_STATUS

WORKFLOW_STATUS constant number := 100

WORKFLOW_STATUS_AND_EXECUTE

WORKFLOW_STATUS_AND_EXECUTE constant number := 200

empty

empty array

An instance of an empty array of varchar2s for initialization.

emptyidarray

emptyidarray idarray

An instance of an empty array of numbers for initialization.

accessible_objects

function accessible_objects(
    p_object_type_name in varchar2,
    p_privilege in varchar2,
    p_owner in varchar2 default wwctx_api . get_product_schema
) return array

Gets a list of objects accessible to a user, checking for a specific privilege.

Returns a list of accessible objects of a single object type and single privilege level to which a specified user, or a specified group that the user belongs to, has privileges.

Example:

 declare
     l_array wwsec_api.array;
 begin
     l_array := wwsec_api.accessible_objects
     (
         p_object_type_name => wwsec_api.PAGE_OBJ,
         p_privilege        => wwsec_api.OWN_PRIV
     );
 end;
 

Parameters:

p_object_type_name - the type of object, e.g., ADMIN, FOLDER, ITEM, etc.

p_privilege - the privilege required on the object

p_owner - the name of the schema that owns the Access Control List entry, or another name space discriminator

Returns:

an array containing a list of objects of a specified type, and on which a specified privilege has been granted to a user or a group to which the user belongs

Exceptions:

NO_ACCESSIBLE_OBJECT_EXCEPTION - if no such object exists

Since:

Oracle9iAS Portal 3.0.6.6.5

accessible_objects

function accessible_objects(
    p_object_type_name in varchar2,
    p_privilege_array in wwsec_api.array,
    p_owner in varchar2 default wwctx_api . get_product_schema
) return array

Gets a list of objects accessible to a user, checking for a number of privileges.

This routine returns a list of accessible objects that the user has one or more of a specified set of privileges over.

Example:

 declare
     l_objects wwsec_api.array;
     l_priv_array wwsec_api.array;
 begin
     l_priv_array(1):= wwsec_api.MANAGE_PRIV;
     l_priv_array(2):= wwsec_api.CREATE_PRIV;
     (
         p_object_type_name => wwsec_api.PAGE_OBJ,
         p_privilege_array  => l_priv_array
     );
 end;
 

Parameters:

p_object_type_name - the type of object, e.g., ADMIN, FOLDER, ITEM, etc.

p_privilege_array - the list of privileges need to be checked

p_owner - the name of the schema that owns the Access Control List entry, or another name space discriminator

Returns:

an array of objects of a specified type to which the user, or a group to which the user belongs, has specified privileges

Exceptions:

NO_ACCESSIBLE_OBJECT_EXCEPTION - if no such object exists

Since:

Oracle9iAS Portal 3.0.6.6.5

activate_portal_user

procedure activate_portal_user(
    p_user_name in varchar2
) 

Activates an existing but inactive OracleAS Portal 10G user.

Note: Sets portal_user to 'Y' in the OracleAS Portal 10G user record.

Example:

 begin
     wwsec_api.activate_portal_user
     (
         p_user_name => 'USER1'
     );
 end;
 

Parameters:

p_user_name - the user name of an existing user whose account should be activated

Exceptions:

USER_NOT_FOUND_EXCEPTION - if a Portal User Profile entry for a user with username p_user_name does not exist, even though the user may be present in OID

ACCESS_DENIED_EXCEPTION - if the user who initiates the calling routine has insufficient authority to execute the routine

Since:

Oracle9iAS Portal 3.0.6.6.5

add_group_to_list

procedure add_group_to_list(
    p_group_id in number,
    p_to_group_id in number,
    p_is_owner in number
) 

Adds a group as a member to another group.

This routine adds a group to a list type group and sets privileges if the members of the group are to be owners of the group to which they are being added.

Example:

 wwsec_api.add_group_to_list(
     p_group_id    => wwsec_api.group_id('POWER_USERS'),
     p_to_group_id => wwsec_api.group_id('PORTAL_DEVELOPERS'),
     p_is_owner    => wwsec_api.OWNER
 );
 

Parameters:

p_group_id - the portal's identifier for the group to be added as a member

p_to_group_id - the portal's identifier for the group to which the other group should be added as a member

p_is_owner - flag indicates whether or not the group should be added as an owner of the group

Exceptions:

GROUP_NOT_FOUND_EXCEPTION - if one of the referenced groups doesn't exist

GROUP_MEMBER_EXCEPTION - if the group is already a member of the other group

ACCESS_DENIED_EXCEPTION - if the caller is not an owner of the group or does not have a global privilege to edit groups

CIRCULAR_REFERENCE_EXCEPTION - if the group rolls up into itself at some point of the group membership chain

LDAP_CONNECTION_EXCEPTION - if the portal cannot connect to OID

Since:

Oracle9iAS Portal 3.0.6.6.5

add_portal_user

function add_portal_user(
    p_user_name in varchar2,
    p_db_user in varchar2 default null,
    p_empno in varchar2 default null,
    p_display_personal_info in varchar2 default 'n',
    p_last_name in varchar2 default null,
    p_first_name in varchar2 default null,
    p_middle_name in varchar2 default null,
    p_known_as in varchar2 default null,
    p_maiden_name in varchar2 default null,
    p_date_of_birth in varchar2 default null,
    p_email in varchar2 default null,
    p_work_phone in varchar2 default null,
    p_home_phone in varchar2 default null,
    p_mobile_phone in varchar2 default null,
    p_pager in varchar2 default null,
    p_fax in varchar2 default null,
    p_office_addr1 in varchar2 default null,
    p_office_addr2 in varchar2 default null,
    p_office_addr3 in varchar2 default null,
    p_office_city in varchar2 default null,
    p_office_state in varchar2 default null,
    p_office_zip in varchar2 default null,
    p_office_country in varchar2 default null,
    p_home_addr1 in varchar2 default null,
    p_home_addr2 in varchar2 default null,
    p_home_addr3 in varchar2 default null,
    p_home_city in varchar2 default null,
    p_home_state in varchar2 default null,
    p_home_zip in varchar2 default null,
    p_home_country in varchar2 default null,
    p_organization in varchar2 default null,
    p_title in varchar2 default null,
    p_spending_limit in number default null,
    p_hiredate in varchar2 default null,
    p_source in varchar2 default null,
    p_manager_user_name in varchar2 default null,
    p_portal_user in varchar2 default 'y'
) return number

Adds a Portal profile entry to the OracleAS Portal 10G repository.

In Oracle9iAS Portal 9.0.2 (or later) this function can be used to add a user profile for a user that exists in Oracle Internet Directory (OID). The user must already exist in OID before this function is called. The result of this function is that the user attributes are updated based on the values that are passed. A local entry for the user is also created in the Portal. This local entry can then be used to grant appropriate privileges to access various Portal objects.

Example:

 declare
     l_id number;
 begin
     l_id := wwsec_api.add_portal_user
     (
       p_User_Name     => 'JWDOE',
       p_Empno         => '123-45-6789',
       p_Display_Personal_Info  => 'Y',
       p_Last_Name     => 'Doe',
       p_First_Name    => 'John',
       p_Middle_Name   => 'Wilson',
       p_Known_As      => 'John',
       p_Date_Of_Birth => '15-MAR-1968',
       p_Email         => 'jdoe@abc.com',
       p_Work_Phone    => '(123) 456-7890',
       p_Home_Phone    => '(234) 567-8901',
       p_Mobile_Phone  => '(345) 678-9012',
       p_Pager         => '(456) 789-0123',
       p_Fax           => '(567) 890-1234',
       p_Office_Addr1  => '123 First St',
       p_Office_City   => 'Washington',
       p_Office_State  => 'DC',
       p_Office_Zip    => '20001',
       p_Office_Country => 'USA',
       p_Home_Addr1    => '234 Second St',
       p_Home_City     => 'Washington',
       p_Home_State    => 'DC',
       p_Home_Zip      => '20001',
       p_Home_Country  => 'USA',
       p_Title         => 'Not Assigned',
       p_Hiredate      => '01-Oct-2000',
       p_Manager_User_Name => 'GHTHOMAS',
       p_Portal_User   => 'Y'
     );
 end;
 

Parameters:

p_User_Name - the user name of the user being added to OracleAS Portal 10G

p_DB_User - a database user name

p_Empno - an employee number

p_Display_Personal_Info - enter Y or N to choose to display personal information

p_Last_Name - the user's family name

p_First_Name - the user's given name

p_Middle_Name - the user's middle name

p_Known_As - the user's nickname

p_Maiden_Name - the user's maiden name (if applicable)

p_Date_Of_Birth - the user's date of birth. Note: Use the date format 'DD-MON-YYYY' format (the month is not case sensitive).

p_Email - the user's e-mail address

p_Work_Phone - the user's work phone number

p_Home_Phone - the user's home phone number

p_Mobile_Phone - the user's mobile phone number

p_Pager - the user's pager number

p_Fax - the user's fax number

p_Office_Addr1 - the first line of the user's office address

p_Office_Addr2 - the second line of the user's office address

p_Office_Addr3 - the third line of the user's office address

p_Office_City - the city in which the user's office is located

p_Office_State - the state in which the user's office is located

p_Office_Zip - the zip code for the person's office

p_Office_Country - the country in which the user's office is located

p_Home_Addr1 - the first line of the user's home address

p_Home_Addr2 - the second line of the user's home address.

p_Home_Addr3 - the third line of the user's home address

p_Home_City - the user's home city

p_Home_State - the user's home state

p_Home_Zip - the user's home zip code

p_Home_Country - the user's home country

p_Organization - the user's organization. Note: This parameter is currently ignored. The organization value is always taken from the subscriber.

p_Title - the user's job title

p_Spending_Limit - the user's spending limit Note: This parameter is currently ignored.

p_Hiredate - the user's date of hire Note: Use the date format 'DD-MON-YYYY' (the month is not case sensitive).

p_Source - the source of user information (via bulkload or UI) Note: This parameter is currently ignored.

p_Manager_User_Name - the user name of the user's manager

p_Portal_User - (Y/N) indicates whether the user is an active OracleAS Portal 10G user

Returns:

this function returns a person ID

Exceptions:

NO_MANAGER_EXCEPTION - if the user's manager's user ID is not entered

ACCESS_DENIED_EXCEPTION - if the user who initiates the calling routine has insufficient authority to execute the routine

UNEXPECTED_EXCEPTION - if a problem occurs for which an exception has not been defined

USER_EXISTS_EXCEPTION - if a local user profile already exists in the portal schema

USER_NOT_FOUND_EXCEPTION - if the user does not exist in OID

LDAP_CONNECTION_EXCEPTION - if the portal cannot connect to OID

Since:

Oracle9iAS Portal 3.0.6.6.5

add_user_to_list

procedure add_user_to_list(
    p_person_id in number,
    p_to_group_id in number,
    p_is_owner in number
) 

Adds a user to a group.

This routine adds a user to a group and sets privileges if the user is to be an owner of the group. In Oracle9iAS Portal 9.0.2 or later, this API makes an API call to OID to update the group in the directory.

Example:

 wwsec_api.add_user_to_list(
     p_person_id   => wwsec_api.id('JDOE'),
     p_to_group_id => wwsec_api.group_id('PORTAL_DEVELOPERS'),
     p_is_owner    => wwsec_api.OWNER
 );
 

Parameters:

p_person_id - the portal's identifier for the user

p_to_group_id - the portal's identifier for the group to which the user should be added

p_is_owner - flag indicates whether or not the user should be added as an owner of the group

Exceptions:

INVALID_PERSON_ID_EXCEPTION - if the specified p_person_id doesn't exist

GROUP_NOT_FOUND_EXCEPTION - if the specified group doesn't exist

ACCESS_DENIED_EXCEPTION - if the caller is not an owner of the group or does not have a global privilege to edit groups

GROUP_MEMBER_EXCEPTION - if the user specified by p_person_id is already a member of the group

LDAP_CONNECTION_EXCEPTION - if the portal cannot connect to OID

Since:

Oracle9iAS Portal 3.0.6.6.5

clear_package_cache

procedure clear_package_cache

Clears the package level cache.

The package wwsec_api maintains its own internal cache to improve performance of the APIs. Resetting these cached values can degrade the performance of these APIs. However, if an application needs to reset the state of the package variables for some reason then this procedure can be used.

It clears all the values held in package level variables so that these values can be obtained from the database when they are accessed the next time around. This is useful when switching context from one subscriber to another, since the settings for each subscriber can be different from others.

Example:

 begin
     wwsec_api.clear_package_cache;
 end;
 

Since:

Oracle9iAS Portal 9.0.2.5

copy_privileges

procedure copy_privileges(
    p_object_type in varchar2,
    p_object_from in varchar2,
    p_object_to in varchar2,
    p_owner in varchar2 default wwctx_api . get_product_schema
) 

Copies all privileges from a source object to a destination object.

This procedure copies all privileges granted on object_from to object_to. The source object must exist, and must be of type p_obj_type. ACL entries are then created for the object_to referenced, but no checks are made to ensure that the object exists.

Example:

 begin
     copy_privileges(
         p_object_type => wwsec_api.PAGE_OBJ,
         p_object_from => '1/1'
         p_object_to   => '1/399'
     );
 end;
 

Parameters:

p_object_type - the ACL object_type name constant for the source object

p_object_from - the unique name of the source object

p_object_to - the unique name of the destination object

p_owner - the name of the schema that owns the Access Control List entry, or another name space discriminator

Exceptions:

ACCESS_DENIED_EXCEPTION - if then caller has no authority

VALUE_ERROR_EXCEPTION - if object_from is the same as object_to

Since:

Oracle9iAS Portal 3.0.6.6.5

create_list

function create_list(
    p_name in varchar2,
    p_site_id in number default global_group,
    p_description in varchar2 default null,
    p_hidden_group in number default not_hidden,
    p_hidden_members in number default not_hidden
) return number

Creates a group in OID and returns the corresponding group profile ID for the portal. This function is provided primarily for backward compatibility support for the API.

Note: This API will create the group entry in the associated Oracle Internet Directory. If the group creation succeeds in OID, then the group will be created, regardless of the eventual state of the PL/SQL transaction in the OracleAS Portal 10G repository. E.g., if the PL/SQL API transaction is rolled back, the group will still remain in OID.

Example:

     l_groupid number;
     l_groupid := wwsec_api.create_list(
         p_name          => 'DEVELOPER',
         p_description   => 'This is a group for developers'
     );
 

Parameters:

p_name - a name for the new group

Note: the p_name must be unique for the site in which it is created and unique among global groups.

p_site_id - the unique identifier for the site in which the group will be created

Note: This parameter is ignored in Oracle9iAS Portal 9.0.2 and later.

p_description - a description of the new group

p_hidden_group - indicates if the new group is hidden from users and groups (except those who are owners of the new group)

p_hidden_members - this parameter is not used

Returns:

this function returns a group ID

Exceptions:

DUPLICATE_GROUP_EXCEPTION - if a group with the same name exists

INVALID_GRP_NAME_EXCEPTION - if the group name is invalid

ACCESS_DENIED_EXCEPTION - if the user who initiates the calling routine has insufficient authority to execute the routine

LDAP_CONNECTION_EXCEPTION - if the portal cannot connect to OID

Since:

Oracle9iAS Portal 3.0.6.6.5

db_user

function db_user(
    p_user_name in varchar2
) return varchar2

Returns the database schema name to which the user is associated, given the name of an OracleAS Portal 10G user. The procedures that are invoked through modplsql are invoked by the database schema returned by this function, for the specified user.

Example:

 declare
     l_dbuser varchar2;
 begin
     l_dbuser := wwsec_api.db_user(
         p_user_name => 'USER1'
     );
 end;
 

Parameters:

p_user_name - the name of an OracleAS Portal 10G user

Returns:

the name of the database schema associated with this user

Purity:

WNDS

Exceptions:

USER_NOT_FOUND_EXCEPTION - if the user name is not found

Since:

Oracle9iAS Portal 3.0.6.6.5

deactivate_portal_user

procedure deactivate_portal_user(
    p_user_name in varchar2
) 

Deactivates an OracleAS Portal 10G user. This prevents the person from logging on to OracleAS Portal 10G.

Note: Sets portal_user to 'N' in the OracleAS Portal 10G user record.

Example:

 begin
     wwsec_api.deactivate_portal_user
     (
       p_user_name => 'USER1'
     );
 end;
 

Parameters:

p_user_name - the user name of the OracleAS Portal 10G user whose account is to be deactivated

Exceptions:

USER_NOT_FOUND_EXCEPTION - if a Portal User Profile entry for a user with username p_user_name does not exist, even though the user may be present in OID

ACCESS_DENIED_EXCEPTION - if the user who initiates the calling routine has insufficient authority to execute the routine

Since:

Oracle9iAS Portal 3.0.6.6.5

delete_group_from_list

procedure delete_group_from_list(
    p_group_id in number,
    p_member_group_id in number
) 

Deletes a group from the list of members of another group.

A group may contain members which are users or other groups. This procedure removes a specified group from the list of members of another specified group.

Example:

 wwsec_api.delete_group_from_list(
     p_group_id        => wwsec_api.group_id ('GROUP1'),
     p_member_group_id => wwsec_api.group_id ('SUBGROUP1')
 );
 

Parameters:

p_group_id - the portal's identifier for the group

p_member_group_id - the portal's identifier for the member user

Exceptions:

GROUP_NOT_FOUND_EXCEPTION - if the referenced group doesn't exist

ACCESS_DENIED_EXCEPTION - if the caller is not an owner of the group or does not have a global privilege to edit groups

LDAP_CONNECTION_EXCEPTION - if the portal cannot connect to OID

Since:

Oracle9iAS Portal 3.0.6.6.5

delete_list

procedure delete_list(
    p_groupid in number
) 

Deletes a group from OID and any associated references to the group.

Note: Only an owner of a group can delete a group.

Example:

    wwsec_api.delete_list(
       p_group_id => 13
 );
 

Parameters:

p_groupid - the ID of the group to be deleted

See Also:

create_list

Exceptions:

GROUP_NOT