Standard API to assign and Revoke Role/Responsibilities to a Use

Using a Standard API to assign and Revoke Role/Responsibilities to a User.

col user_name for a15
col responsibility_name for a50
col user_guid for a35
select a.user_name,to_char(a.end_date,'DD-MON-YYYY')"User End",to_char(b.start_date,'DD-MON-YYYY')"Resp St",to_char(b.end_date,'DD-MON-YYYY')"Resp End",c.RESPONSIBILITY_NAME
from apps.fnd_user a,apps.fnd_USER_RESP_GROUPS b,apps.FND_RESPONSIBILITY_TL c
where a.USER_ID=b.USER_ID and b.RESPONSIBILITY_ID=c.RESPONSIBILITY_ID
and b.RESPONSIBILITY_APPLICATION_ID=c.APPLICATION_ID and a.user_name=upper('&fnd_user') order by 5;

set lines 200 pages 999;
col ROLE_NAME for a60;
select USER_NAME,ROLE_NAME,USER_START_DATE,USER_END_DATE,ROLE_START_DATE,ROLE_END_DATE,EFFECTIVE_END_DATE from apps.WF_LOCAL_USER_ROLES
where user_name = upper('&fnd_user');

select USER_NAME,ROLE_NAME,USER_START_DATE,USER_END_DATE,ROLE_START_DATE,ROLE_END_DATE,EFFECTIVE_END_DATE,END_DATE from apps.WF_USER_ROLE_ASSIGNMENTS
where user_name = upper('&fnd_user');

package to delete the responsibility:

SQL> Begin
fnd_user_pkg.delresp(
'&User_Name',
'&Res_Short_Name',
'&Responsibility_Key',
'&Security_Group');
commit;
End;


select * from fnd_security_groups
where security_group_key = 'STANDARD';

go to security user - > define -> enter the username
go to tools -> diagonise and enable the trace
and u can monitor waht is happining to that user when u are running anything backend to disable the user or delete the user.


############

1. Assign role to a user using an API

To assign role to a user using APIs, use the following API wf_local_synch.PropagateUserRole.
Example:

Begin
wf_local_synch.PropagateUserRole(
p_user_name => '&USER_NAME',
p_role_name => '&ROLE_KEY');
commit;
end;

2. Add a responsibility to a user using API fnd_user_resp_groups_api.Insert_Assignment

To add a responsibility to a user using and API, use the following API fnd_user_resp_groups_api.Insert_Assignment:

Example.

begin
fnd_user_resp_groups_api.Insert_Assignment (
user_id =>&USER_ID ,
responsibility_id => &RESP_ID,
responsibility_application_id =>$APPL_ID ,
start_date => &START_DATE,
end_date => &END_DATE,
description =>'Sample
example' );
commit;
end;

This shall raise an error if the responsibility is assigned to a user,
but if needed to update the responsibility assignment in case of responsibility existence,
use the following API:

begin
fnd_user_pkg.addresp(
'&User_Name',
'&Responsablity_Application_Short_Name',
'&Responsibility_Key',
'&Security_Group',
'&Description',
'&Start_Date',
'&End_Date' );
commit;
end;

3. Revoke a responsibility assignment to a user using fnd_user_pkg.delresp

To revoke a responsibility assignment to a user using an API, use fnd_user_pkg.delresp.
Example:

Begin
fnd_user_pkg.delresp(
'&User_Name',
'&Responsibility_application_short_name',
'&Responsibility_Key',
'&Security_Group');
commit;
End;

This simply end date the responsibility assignment to a user by the current system date.

4. Revoke an Indirect Responsibility

To revoke an indirect responsiblity (roles assigned using UMX) assignment to a user using APIs, use the following API Wf_local_synch.PropagateUserRole.
Example:

Begin
Wf_local_synch.PropagateUserRole(
p_user_name => '&USER_NAME',
p_role_name => '&ROLE_KEY',
p_start_date=>'&Start_Date',
p_expiration_date=>'&End_Date');
commit;
End;

End date the parent Role and it shall end date the remaining Roles.