For a leading American client’s audit team required access to all
the oracle applications responsibilities. The access was required to carry out
the internal audit. They required read only access as they were auditing the
system and not performing transactions or setup configurations.
At the client location, oracle applications were rolled out to 16
countries and each country had their own set of books. Following modules were
rolled out:
General Ledger
Purchasing
Payables
Receivables
Fixed Assets
Order Management
To create read only responsibility was a time consuming exercise
as it involved creation of a new read only Function, then creation of a Menu,
and a Responsibility, and finally adding the relevant profile options to each
responsibility. Also read only responsibility had to be created for each
country and roughly around 96 responsibilities had to be created.
The above activity required more than 20 person days to create
read only responsibility. This was a time consuming exercise as each and every
screen in each responsibility needed to be tested whether read-only function is
working or not.
To overcome the manual creation of read only responsibility, in
the custom.pll for a particular user or users a script is written to
restrict to view the responsibilities that are attached in FND_USER Screen. On
adding the user name in custom.pll the user will not have permission to create,
or modify setup / transactions.
Benefits
1.
Avoided manual effort on
creation of read only Function, creation of Menu, Responsibility, and adding of
Profile Option to the responsibility
2.
Avoided manual errors in
creation of Function, Menu, Responsibility, and attaching of profile options to
the responsibility
3.
Drastically reduced the
timeframes as this change request was conceptualized, developed, tested, unit
tested by user, and deployed to production instance in 5 working days
BEGIN
IF
event_name = 'WHEN - NEW - FORM - INSTANCE'
THEN
IF FND_PROFILE.VALUE ('USER_NAME') = ' XXXXXXX'
THEN /*ENTER THE USERNAME
THAT IS USED BY AUDITORS*/
BEGIN
COPY ('Entering
app_form.query_only_mode', 'global.frd_debug');
COPY ('YES', 'PARAMETER.QUERY_ONLY');
APP_MENU2.SET_PROP ('FILE.SAVE',
ENABLED, PROPERTY_OFF);
APP_MENU2.SET_PROP ('FILE.ACCEPT',
ENABLED, PROPERTY_OFF);
formname := NAME_IN ('system.current_form');
blockname := GET_FORM_PROPERY (formname,
FIRST_BLOCK);
WHILE (blockname IS NOT NULL)
LOOP
IF (GET_BLOCK_PROPERTY (blockname,
BASE_TABLE) IS NOT NULL)
THEN
SET_BLOCK_PROPERTY (blockname,
INSERT_ALLOWED,
PROPERTY_FALSE);
SET_BLOCK_PROPERTY (blockname,
UPDATE_ALLOWED,
PROPERTY_FALSE);
SET_BLOCK_PROPERTY (blockname,
DELETE_ALLOWED,
PROPERTY_FALSE);
END IF;
blockname := GET_BLOCK_PROPERTY (blockname,
NEXTBLOCK);
END LOOP;
END query_only_mode;
END IF;
END
IF;
END;