-- This package body goes with the WBSecurityServiceImpl package header -- This body complies with the 9.2% header, not with any older version -- -- Functionality: -- This security package replaces the default "no security" implementation for the -- Warehouse Builder repository. This package allows you to restrict editing from -- a set of users by changing the Status of a module to PRODUCTION. All users not -- mentioned (see marker --*-- in the code) will have read-only access to the modules -- set to production. -- If the status is set to Quality Assurance, the user not listed in this package can -- modify objects, however these not listed users cannot create any objects in the module. -- All users will be able to generate and deploy objects, regardless of the status. -- -- Note: You will get a warning when you try to edit (= open an editor)! This cannot be -- avoided or turned off. -- -- How to install this package: -- 1) Log on to SQL*Plus as the repository owner for which you want to impose security -- 2) Locate this file -- 3) execute this file (@Dev_Status_Policfy.sql) on the SQL Plus prompt -- 4) only the listed users can now change a PRODUCTION MODULE -- only the listed users can now add to a QUALITY ASSURANCE MODULE -- -- How to de-install this package: -- 1) Log on to SQL*Plus as the repository owner for which you want to reset security -- 2) Locate the \owb\reposasst\WBSecurityServiceImpl.pkb file -- 3) execute this file (@WBSecurityServiceImpl.pkb) on the SQL Plus prompt -- 4) your repository should now allow all users read/write access again CREATE OR REPLACE PACKAGE BODY WBSecurityServiceImpl AS -- Check for creation -- This procedure is called if an object is created to check if this is allowed -- If the module is in DEVELOPMENT status creation is allowed -- If the module is in any other status, creation is not allowed -- -- Listed users are excluded. You should only list the repository owner or any super user! PROCEDURE securityCheckForCreation(outcome OUT NUMBER, userId IN VARCHAR2, objectUOIDOperationInvokedOn IN VARCHAR2, status IN VARCHAR2, parentModuleUOID IN VARCHAR2, parentProjUOID IN VARCHAR2, repos_Schema IN VARCHAR2, objectType IN NUMBER) IS BEGIN IF status = WB_DEV_STATUS THEN outcome:= 1; -- 1 means you can create objects ELSE outcome:= 0; -- 0 means you cannot create objects END IF; END securityCheckForCreation; -- Security Check -- This procedure is called if an object is opened for edit to check if this is allowed -- If the module is in PRODUCTOIN status editing is not allowed -- If the module is in any other status, editing is allowed -- Editing includes delete, edit and reference other modules -- PROCEDURE securityCheck(outcome OUT NUMBER, userId IN VARCHAR2, operation IN NUMBER, objectUOIDOperationInvokedOn IN VARCHAR2, objectTypeOperationInvokedOn IN NUMBER, status IN VARCHAR2, parentModuleUOID IN VARCHAR2, parentProjUOID IN VARCHAR2, repos_Schema IN VARCHAR2) IS BEGIN outcome := 1; IF status = WB_PROD_STATUS THEN IF (operation = WB_EDIT OR operation = WB_DELETE OR operation = WB_REFERENCE ) and userId <> 'OWB92' --*-- This should contain the users that are not affected, do add the repos owner! THEN outcome := 0; -- 0 means you cannot edit (edit, delete, refence) objects END IF; END IF; END securityCheck; PROCEDURE securityCheckForService(outcome OUT NUMBER, userId IN VARCHAR2, serviceOp IN NUMBER, moduleUOID IN VARCHAR2, projUOID IN VARCHAR2, repos_Schema IN VARCHAR2) IS BEGIN outcome:= 1; IF serviceOp = WB_MDL_IMPORT OR serviceOp = WB_BRIDGE_IMPORT OR serviceOp = WB_SOURCE_IMPORT THEN outcome := 0; END IF; if userId = 'OWB92' --*-- This should contain the users that are not affected, do add the repos owner! then outcome := 1; end if; END securityCheckForService; FUNCTION isSecurityServiceCustomized RETURN NUMBER IS result NUMBER; BEGIN result:=1; return result; END isSecurityServiceCustomized; END WBSecurityServiceImpl; /