Skip to main content

Hello everyone,
I wrote a script that copies permissions/roles from one user to another. I refresh the security, the roles are assigned correctly in the application, but after logging in by the user, there is still no access to everything. Does anyone have an idea what's missing?

 

 

DECLARE
    USER_ROLE_COPY_ VARCHAR(3200) := 'USER.LOGIN1';
    USER_ROLE_GRANTED_ VARCHAR(3200) := 'USER.LOGIN1';
    CURSOR TEMP_ (LOGIN_CO_ VARCHAR2,LOGIN_GT_ VARCHAR2) IS
        select ROLE from FND_USER_ROLE WHERE IDENTITY=LOGIN_CO_ AND ROLE NOT IN (select ROLE from FND_USER_ROLE WHERE IDENTITY=LOGIN_GT_);
BEGIN
    FOR TEMP IN TEMP_ (USER_ROLE_COPY_,USER_ROLE_GRANTED_) LOOP
        Fnd_User_Role_API.Set_Role(USER_ROLE_GRANTED_, TEMP.ROLE, TRUE);
    END LOOP;
    Fnd_User_Role_API.Refresh__(USER_ROLE_GRANTED_);
    Security_SYS.Refresh_Active_List__(1);
END;

 

If you look at the User Details inside IFS do you see the expected permission sets granted?

If you do see the expected permission sets assigned to the users then the Security Cache Refresh may not have worked as expected.  Run it from inside IFS itself and retest.

Lastly, your script may not be taking into account any functional permission sets that are granted to the user permission sets.  I can’t tell if you have these or not but it is something to consider if the above items don’t reveal the issue.

Nick

1. I see the expected permission sets assigned to users.
2. Refreshing the server cache in the application does not work.


3. Next day problem gone, permissions work fine. I think there is some scheduled task in the database.

The problem was solved by reassigning the role.

 

DECLARE
    LOGIN_ VARCHAR(3200) := upper(:LOGIN;)
BEGIN
    IFSAPP.Fnd_User_Role_API.Set_Role(LOGIN_, 'ROLE_XXXX', TRUE);
    IFSAPP.Fnd_User_Role_API.Refresh__(LOGIN_);
    Security_SYS.Refresh_Active_List__(1);
END;

Reply


Terms & ConditionsCookie settings