Make Read Only Responsibility of Users in Oracle Apps

For a leading American client�s audit team required access to all the oracle
applications responsibilities. The access was required to carry out the internal
audit. They required read only access as they were auditing the system and not
performing transactions or setup configurations.

At the client location, oracle applications were rolled out to 16 countries and
each country had their own set of books. Following modules were rolled out:
<!--[if !supportLists]--> <!--[endif]-->General Ledger
<!--[if !supportLists]--> <!--[endif]-->Purchasing
<!--[if !supportLists]--> <!--[endif]-->Payables
<!--[if !supportLists]--> <!--[endif]-->Receivables
<!--[if !supportLists]--> <!--[endif]-->Fixed Assets
<!--[if !supportLists]--> <!--[endif]-->Order Management

To create read only responsibility was a time consuming exercise as it involved

creation of a new read only Function, then creation of a Menu, and a
Responsibility, and finally adding the relevant profile options to each
responsibility. Also read only responsibility had to be created for each country
and roughly around 96 responsibilities had to be created.

The above activity required more than 20 person days to create read only
responsibility. This was a time consuming exercise as each and every screen in each
responsibility needed to be tested whether read-only function is working or not.

To overcome the manual creation of read only responsibility, in the custom.pll for
a particular user or users a script is written to restrict to view the
responsibilities that are attached in FND_USER Screen. On adding the user name in
custom.pll the user will not have permission to create, or modify setup /
transactions.

Benefits
<!--[if !supportLists]-->1. <!--[endif]-->Avoided manual effort on creation of
read only Function, creation of Menu, Responsibility, and adding of Profile Option
to the responsibility
<!--[if !supportLists]-->2. <!--[endif]-->Avoided manual errors in creation of
Function, Menu, Responsibility, and attaching of profile options to the
responsibility
<!--[if !supportLists]-->3. <!--[endif]-->Drastically reduced the timeframes as
this change request was conceptualized, developed, tested, unit tested by user, and
deployed to production instance in 5 working days

BEGIN
IF event_name = 'WHEN - NEW - FORM - INSTANCE'
THEN
IF FND_PROFILE.VALUE ('USER_NAME') = ' XXXXXXX'
THEN /*ENTER THE USERNAME THAT IS USED BY AUDITORS*/
BEGIN
COPY ('Entering app_form.query_only_mode', 'global.frd_debug');
 COPY ('YES', 'PARAMETER.QUERY_ONLY');
APP_MENU2.SET_PROP ('FILE.SAVE', ENABLED, PROPERTY_OFF);
APP_MENU2.SET_PROP ('FILE.ACCEPT', ENABLED, PROPERTY_OFF);
formname := NAME_IN ('system.current_form');
blockname := GET_FORM_PROPERY (formname, FIRST_BLOCK);

WHILE (blockname IS NOT NULL)

LOOP
IF (GET_BLOCK_PROPERTY (blockname, BASE_TABLE) IS NOT NULL)
THEN
SET_BLOCK_PROPERTY (blockname,
INSERT_ALLOWED,
PROPERTY_FALSE);
SET_BLOCK_PROPERTY (blockname,
UPDATE_ALLOWED,
PROPERTY_FALSE);
SET_BLOCK_PROPERTY (blockname,
DELETE_ALLOWED,
PROPERTY_FALSE);
END IF;

blockname := GET_BLOCK_PROPERTY (blockname, NEXTBLOCK);

END LOOP;
END query_only_mode;
END IF;
END IF;
END;

----------------------------------------------

Make Read Only Responsibility of Users in Oracle Apps

Posted on November 10, 2012 by Mr.KK

For a leading American client�s audit team required access to all the oracle
applications responsibilities. The access was required to carry out the internal
audit. They required read only access as they were auditing the system and not
performing transactions or setup configurations.

At the client location, oracle applications were rolled out to 16 countries and
each country had their own set of books. Following modules were rolled out:

General Ledger

Purchasing

Payables

Receivables
 Fixed Assets

Order Management

To create read only responsibility was a time consuming exercise as it involved

creation of a new read only Function, then creation of a Menu, and a
Responsibility, and finally adding the relevant profile options to each
responsibility. Also read only responsibility had to be created for each country
and roughly around 96 responsibilities had to be created.

The above activity required more than 20 person days to create read only
responsibility. This was a time consuming exercise as each and every screen in each
responsibility needed to be tested whether read-only function is working or not.

To overcome the manual creation of read only responsibility, in the custom.pll for
a particular user or users a script is written to restrict to view the
responsibilities that are attached in FND_USER Screen. On adding the user name in
custom.pll the user will not have permission to create, or modify setup /
transactions.

Benefits

1. Avoided manual effort on creation of read only Function, creation of Menu,

Responsibility, and adding of Profile Option to the responsibility

2. Avoided manual errors in creation of Function, Menu, Responsibility, and

attaching of profile options to the responsibility

3. Drastically reduced the timeframes as this change request was conceptualized,

developed, tested, unit tested by user, and deployed to production instance in 5
working days

BEGIN

IF event_name = �WHEN � NEW � FORM � INSTANCE�

THEN

IF FND_PROFILE.VALUE (�USER_NAME�) = � XXXXXXX�

THEN /*ENTER THE USERNAME THAT IS USED BY AUDITORS*/

BEGIN

COPY (�Entering app_form.query_only_mode�, �global.frd_debug�);

COPY (�YES�, �PARAMETER.QUERY_ONLY�);

APP_MENU2.SET_PROP (�FILE.SAVE�, ENABLED, PROPERTY_OFF);

APP_MENU2.SET_PROP (�FILE.ACCEPT�, ENABLED, PROPERTY_OFF);

formname := NAME_IN (�system.current_form�);

 blockname := GET_FORM_PROPERY (formname, FIRST_BLOCK);

WHILE (blockname IS NOT NULL)

LOOP

IF (GET_BLOCK_PROPERTY (blockname, BASE_TABLE) IS NOT NULL)

THEN

SET_BLOCK_PROPERTY (blockname,

INSERT_ALLOWED,

PROPERTY_FALSE);

SET_BLOCK_PROPERTY (blockname,

UPDATE_ALLOWED,

PROPERTY_FALSE);

SET_BLOCK_PROPERTY (blockname,

DELETE_ALLOWED,

PROPERTY_FALSE);

END IF;

blockname := GET_BLOCK_PROPERTY (blockname, NEXTBLOCK);

END LOOP;

END query_only_mode;

END IF;

END IF;

END;

-------------------------------------------------

CUSTOM.pll (Reference metalink note: 363298.1)

1.Open the CUSTOM.pll in the form builder
2.Add the following sample code in the procedure event for the event �WHEN-NEW-
FORM-INSTANCE�

BEGIN

IF event_name = 'WHEN-NEW-FORM-INSTANCE' THEN

IF FND_PROFILE.VALUE('USER_NAME')='<USER_NAME>' THEN
 BEGIN -- Begin Query Only Mode

COPY('Entering app_form.query_only_mode.','global.frd_debug');
COPY('YES', 'PARAMETER.QUERY_ONLY');
APP_MENU2.SET_PROP('FILE.SAVE', ENABLED,PROPERTY_OFF);
APP_MENU2.SET_PROP('FILE.ACCEPT', ENABLED,PROPERTY_OFF);
formname := NAME_IN('system.current_form');
blockname := GET_FORM_PROPERY(formname, FIRST_BLOCK);

WHILE (blockname is not null) LOOP

IF (GET_BLOCK_PROPERTY(blockname, BASE_TABLE) is not NULL) THEN

SET_BLOCK_PROPERTY(blockname, INSERT_ALLOWED, PROPERTY_FALSE);
SET_BLOCK_PROPERTY(blockname, UPDATE_ALLOWED, PROPERTY_FALSE);
SET_BLOCK_PROPERTY(blockname, DELETE_ALLOWED, PROPERTY_FALSE);
END IF;

blockname := GET_BLOCK_PROPERTY(blockname, NEXTBLOCK);

END LOOP;

END; -- End Query Only Mode

END IF;
END IF;

END;

3. Compile the Custom.pll and place it under the directory $AU_TOP/resource

-----------------------------------

How To Make All The Responsibilities Read Only For A User

?May 19, 2010 ?Shivmohan Purohit ?Application Developer, Apps Add-in Tools, Oracle
Applications Technical, Oracle Fixed Assets Technical, Oracle GL Technical, Oracle
HRMS Technical, Oracle Payables Technical, Oracle Projects Technical, Oracle
Receivables Technical, Oracle Technical, Oracle Workflow, System Administrator?
custom.pll, customization, form read only
1 Votes

Here is a sample code could be used to make all the responsibilities read only for
a specific user. I am sure we can use it in different variations.

1. Open the Custom.pll in the Form Builder.

2.Add the following sample code in the Procedure Event for the event WHEN-NEW-FORM-
INSTANCE
3.Compile the Custom.pll and place under the directory $AU_TOP/resource

BEGIN
IF event_name = �WHEN-NEW-FORM-INSTANCE� THEN
IF FND_PROFILE.VALUE(�USER_NAME�)=�<USER_NAME>� THEN
BEGIN
COPY(�Entering app_form.query_only_mode.�,�global.frd_debug�);
COPY(�YES�, �PARAMETER.QUERY_ONLY�);
APP_MENU2.SET_PROP(�FILE.SAVE�, ENABLED,PROPERTY_OFF);
APP_MENU2.SET_PROP(�FILE.ACCEPT�, ENABLED,PROPERTY_OFF);
formname := NAME_IN(�system.current_form�);
blockname := GET_FORM_PROPERY(formname, FIRST_BLOCK);
WHILE (blockname is not null) LOOP
IF (GET_BLOCK_PROPERTY(blockname, BASE_TABLE) is not NULL) THEN
SET_BLOCK_PROPERTY(blockname, INSERT_ALLOWED, PROPERTY_FALSE);
SET_BLOCK_PROPERTY(blockname, UPDATE_ALLOWED, PROPERTY_FALSE);
SET_BLOCK_PROPERTY(blockname, DELETE_ALLOWED, PROPERTY_FALSE);
END IF;
blockname := GET_BLOCK_PROPERTY(blockname, NEXTBLOCK);
END LOOP;
END query_only_mode;
END;

The above code will make all the Responsibilities read only for a specific user.

It will fundamentally make all the form functions to behave as passing the
parameter QUERY_ONLY.