0 Replies Latest reply: Mar 18, 2013 3:17 PM by dejoseph-Oracle RSS

    Grants in the AOL Security Model

    dejoseph-Oracle
      Hi

      Here's is the business scenario:

      1. There is an Object 'Notes' defined that stores Notes (Notes are text information captured in say a Service Request submitted by an Employee). These are stored in table 'JTF_NOTES_B'.

      2. There are two Object Instance Sets defined for this object - Private Notes and All Notes.
      a. Private Notes are Notes that only its creator can view (it is a status on the Note) - the predicate on this is:
      &TABLE_ALIAS.NOTE_STATUS = 'PRIVATE'
      AND &TABLE_ALIAS.CREATED_BY = FND_GLOBAL.USER_ID

      b. Public Notes are Note that can be viewed by anyone.
      &TABLE_ALIAS.NOTE_STATUS <> 'PRIVATE'

      3. There are two Grants defined:
      a. Grant to allow all users to view Private Notes that they have created
      b. Grant to allow all users to view all Public Notes (irrespective of the creator)

      Question:
      How are these two Grants resolved in the Database? Is it via a Union on these two Object Instance Sets like:
      select *
      from JTF_NOTES_B
      where &TABLE_ALIAS.NOTE_STATUS = 'PRIVATE'
      AND &TABLE_ALIAS.CREATED_BY = FND_GLOBAL.USER_ID
      UNION
      select *
      from JTF_NOTES_B
      where &TABLE_ALIAS.NOTE_STATUS <> 'PRIVATE'

      or via an OR clause like?
      select *
      from JTF_NOTES_B
      where ( &TABLE_ALIAS.NOTE_STATUS = 'PRIVATE'
      AND &TABLE_ALIAS.CREATED_BY = FND_GLOBAL.USER_ID)
      OR &TABLE_ALIAS.NOTE_STATUS <> 'PRIVATE'

      OR is there any other way that these two Grants will be resolved?

      Thanks.

      Edited by: dejoseph on Mar 18, 2013 1:16 PM