Solved

Event action to Deactivate User account

  • 2 September 2021
  • 6 replies
  • 296 views

Userlevel 6
Badge +13

Is it possible to setup an event action to deactivate a user account? Is there an API method I can use in an event action?

icon

Best answer by durette 2 September 2021, 17:45

View original

This topic has been closed for comments

6 replies

Userlevel 7
Badge +18

Thank you, this is probably not wise to use an event. Thank you for the input.

Yes, and I believe you’re allowed to mark your own response as the best answer.

Userlevel 6
Badge +13

Thank you, this is probably not wise to use an event. Thank you for the input.

Userlevel 7
Badge +18

This would be impossible without some custom code. An event action runs as the end user, and most end users aren’t going to have permission to deactivate users, even themselves.

 

As a word of warning, a deactivated user is deactivated everywhere and can no longer work without IT intervention to reactivate them, even if they only made a mistake. To put that more bluntly, you can’t make money without working employees.

 

I added some protection to ensure your app owner and other system accounts don’t get locked.

 

I didn’t test this.

 

SET SQLBLANKLINES ON

CREATE OR REPLACE PACKAGE c_deactivate_user_api AUTHID DEFINER IS
/*
module_ CONSTANT VARCHAR2(25) := 'FNDBAS';
lu_name_ CONSTANT VARCHAR2(25) := 'CDeactivateUser';
These comments get read by DATABASE_SYS. DO NOT REMOVE.
*/
PROCEDURE init;

PROCEDURE deactivate_current_user;

END c_deactivate_user_api;
/

CREATE OR REPLACE PACKAGE BODY c_deactivate_user_api IS

PROCEDURE init IS BEGIN NULL; END init;

PROCEDURE deactivate_current_user
IS
attr_ VARCHAR2(32767);
objid_ fnd_user.objid%TYPE;
objversion_ fnd_user.objversion%TYPE;
info_ VARCHAR2(32767);
BEGIN
IF fnd_session_api.get_fnd_user != fnd_session_api.get_app_owner
AND fnd_session_api.get_fnd_user NOT LIKE 'IFS%'
THEN
SELECT objid, objversion
INTO objid_, objversion_
FROM fnd_user
WHERE identity = fnd_session_api.get_fnd_user;
client_sys.clear_attr(attr_);
client_sys.add_to_attr('ACTIVE', 'FALSE', attr_);
fnd_user_api.modify__(info_, objid_ objversion_, attr_, 'DO');
END IF;
END deactivate_current_user;

END c_deactivate_user_api;
/

GRANT EXECUTE ON c_deactivate_user_api TO ifssys;

EXEC dictionary_sys.rebuild_dictionary_storage_(0, 'PACKAGES');

EXEC security_sys.grant_package('C_DEACTIVATE_USER_API', 'FND_ENDUSER');

EXEC security_sys.refresh_active_list__(0);

Your event action would then call…

BEGIN
IF /* some very naughty thing is being attempted */ 1=0 THEN
c_deactivate_user_api.deactivate_current_user;
END IF;
END;

 

Userlevel 4
Badge +9

Still none the wiser :grin:

What will trigger the event?

Userlevel 6
Badge +13

The event is needed for security requirement possibly to prevent certain transactions.

 

Userlevel 4
Badge +9

You can deactivate an individual user account on the RMB 

A background task runs at the end of each day to check whether the activate/deactivate dates have passed.

 

What are you trying to do via the event?