Session ID: 4077Presenter: Bruce Knox Institution: University of Arkansas
Argos Reporting and Value Based Security
Session Rules of Etiquette
− Please turn off your cell phone.− If you must leave the session early, please do so discreetly and
quietly.− Please avoid side conversation during the session.
Thank you for your cooperation!
Agenda
− Banner Baseline Fund/Orgn Security Review,How it is setup – How it works
− Verify that Fund/Orgn Security is Enabled− Verify a USER’s access− Quick Conversions to Fund/Orgn Security
Agenda
− Banner Baseline Fund/Orgn Security Review,How it is setup – How it works
− Verify that Fund/Orgn Security is Enabled
Agenda
− Banner Baseline Fund/Orgn Security Review,How it is setup – How it works
− Verify that Fund/Orgn Security is Enabled− Verify a USER’s access
Agenda
− Banner Baseline Fund/Orgn Security Review,How it is setup – How it works
− Verify that Fund/Orgn Security is Enabled− Verify a USER’s access− Quick Conversions to Fund/Orgn Security
What is Banner Fund/Orgn Security?
− Fund/Orgn Security is used in ePrint and many other reporting applications.
− It is a part of Baseline Banner− Requires securing the Query code
What is Banner Fund/Orgn Security?
− Fund/Orgn Security is used in ePrint and many other reporting applications.
What is Banner Fund/Orgn Security?
− Fund/Orgn Security is used in ePrint and many other reporting applications.
− It is a part of Baseline Banner
What is Banner Fund/Orgn Security?
− Fund/Orgn Security is used in ePrint and many other reporting applications.
− It is a part of Baseline Banner− Requires securing the Query code
Fund/Orgn Security Enabled?
Fund/Orgn Security Indicator on Form FOASYSC
Must be Checked ☑
This Form allows one to Enable Fund/Orgn Security for the Banner Database Instance.
Fund/Organization Security
− The User Profile Maintenance Form (FOMPROF) − Allows Enabling Fund/Orgn Security for a USER
Master Fund and Master Organization
One can establish the USER as having:
− No Authority− Query Only Authority− Posting Authority
or− Both Posting and Query
Beware of the Master Access Bypass
Warning:
Master Fund and Master Orgn access returns every
Fund and Organization
Instead:
Use the Funds and Organizations on the sub-Forms:
Fund Security Maintenance Form(FOMUSFN)
Organization Security Maintenance Form(FOMUSOR).
Banner Security: Fund/Orgn Security
-- Banner Security: Fund/Orgn Security via the Banner Tables and Forms:
-- FOBSYSC is the Table that Enables Fund/Orgn Security using Form FOASYSC.-- Y for Enabled (i.e., Check Marked)-- N for Disabled
-- FOBPROF is the Table that allows Master Fund and Orgn to be given using Form FOMPROF.-- FORUSFN and FORUSOR are the tables for the forms used to update Fund/Orgn Security for a USER.-- Form names are FOMUSFN and FOMUSOR, respectively.-- B means the user has both Query and Posting access.-- Q means the user only has Query access. They can see the reports but couldn't post a transaction.-- P means the user only has the ability to Post transactions and not view reports or query information. -- FOBSYSC_FUND_ORG_SECURITY_IND NOT NULL VARCHAR2(1 CHAR)-- FORUSOR_ACCESS_IND NOT NULL VARCHAR2(1 CHAR)-- FORUSFN_ACCESS_IND NOT NULL VARCHAR2(1 CHAR) -- FOBPROF_MASTER_FUND_IND VARCHAR2(1 CHAR)-- FOBPROF_MASTER_ORGN_IND VARCHAR2(1 CHAR)
So, there are four Tables being checked for your Fund/Orgn Security access.
Banner Security: Fund/Orgn Security
>SELECT DISTINCT FOBSYSC_FUND_ORG_SECURITY_IND FROM FOBSYSC; Y N
>SELECT DISTINCT FOBPROF_MASTER_FUND_IND FROM FOBPROF; P QB
> SELECT DISTINCT FOBPROF_MASTER_ORGN_IND FROM FOBPROF; P Q B
> SELECT DISTINCT FORUSFN_ACCESS_IND FROM FORUSFN; P Q B
> SELECT DISTINCT FORUSOR_ACCESS_IND FROM FORUSOR; P Q B
This Banner Function makes it work
F_FUND_ORG_SECURITY_FNC (Chart_of_Accounts,
FUND,
ORGN,
As_of_Date, -- default sysdate
Query_or_Post, -- default 'Q',
Which_User_ID) -- default USER
Returns: Y for Yes
N for No
Just a test in SQL*Plus
BKNOX: ACES> select f_fund_org_security_fnc('Z','14001','3601','','Q','SJAMES')
from dual;
F_FUND_ORG_SECURITY_FNC('Z','14001','3601','','Q','SJAMES')-----------------------------------------------------------------------------------Y
OK, it takes a little more code to do it well
For Fund/Orgn Security to be in use, the Fund/Orgn Security Indicator on FOASYSC must be Y.
from ..., FOBSYSC
where
decode(fobsysc_fund_org_security_ind,'Y',
f_fund_org_security_fnc('Z',ftvfund_fund_code,
ftvorgn_orgn_code,'','',''),'Y')='Y'
and FOBSYSC_EFF_DATE <= SYSDATE
and (FOBSYSC_NCHG_DATE IS NULL OR FOBSYSC_NCHG_DATE > SYSDATE)
and FOBSYSC_STATUS_IND = 'A'
Be sure you are still using Fund/Orgn Security
The final ‘Y’ in the DECODE is the Default value.
from ..., FOBSYSC
where
decode(fobsysc_fund_org_security_ind,'Y',
f_fund_org_security_fnc('Z',ftvfund_fund_code,
'','','',''),'Y')='Y'
and FOBSYSC_EFF_DATE <= SYSDATE
and (FOBSYSC_NCHG_DATE IS NULL OR FOBSYSC_NCHG_DATE > SYSDATE)
and FOBSYSC_STATUS_IND = 'A‘
A Real Fund/Orgn Query use
), FOBSYSC
where
decode(fobsysc_fund_org_security_ind,'Y',
f_fund_org_security_fnc('Z',OPAL_FUND,OPAL_ORGN,
'','',''),'Y')='Y'
and FOBSYSC_EFF_DATE <= SYSDATE
and (FOBSYSC_NCHG_DATE IS NULL OR FOBSYSC_NCHG_DATE > SYSDATE)
and FOBSYSC_STATUS_IND = 'A'
Summary
− Verify that your site has Fund/Orgn Security Active− Use “Which Funds and Orgns Can a User View” QV− Determine and Verify a restricted access USER− First, Build your Query without Fund/Orgn Security− Add the code containing the
F_FUND_ORG_SECURITY_FNC Function
Summary
− Verify that your site has Fund/Orgn Security Active− Use “Which Funds and Orgns Can a User View” QV
Summary
− Verify that your site has Fund/Orgn Security Active− Use “Which Funds and Orgns Can a User View” QV− Determine and Verify a restricted access USER
Summary
− Verify that your site has Fund/Orgn Security Active− Use “Which Funds and Orgns Can a User View” QV− Determine and Verify a restricted access USER− First, Build your Query without Fund/Orgn Security
Summary
− Verify that your site has Fund/Orgn Security Active− Use “Which Funds and Orgns Can a User View” QV− Determine and Verify a restricted access USER− First, Build your Query without Fund/Orgn Security− Add the code containing the
F_FUND_ORG_SECURITY_FNC Function
Referenced
I first heard of Banner Fund/Orgn Security from Bill PearcePrincipal Consultant, Strata Information Group
Google for BannerFinanceUserGuide7.pdfwhich has a section on Fund/Orgn Security setup
DataBlock Samples
Is Fund/Orgn Security Enabled?
Which Funds and Orgns Can a USER View?
Which Funds and Orgns Can I See?
Which Funds and Orgns Can I See? plus USER display
http://betwinx.com/BannerScripts.htmThe password is: scripts
Or, the Evisions COOP
Thank you!
Bruce Knox at bknox @uaex.eduwww.uaex.edu/bknox/http://betwinx.com/
Argos objects:http://betwinx.com/BannerScripts.htmThe password is: scripts
This presentation ppt:http://betwinx.com/Argos2012bknox.pptx