From 4b2e8f4ddadfaa93595c44493f13d80045c9be23 Mon Sep 17 00:00:00 2001
From: PriestJ <PriestJ@248e525c-4dfb-0310-94bc-949c084e9493>
Date: Fri, 29 Feb 2008 14:29:11 +0000
Subject: [PATCH] Fix for Ticket #321 added security to menu system so only
 appropriate users can see the enquiry/quote menu options, also altered login
 screen so that SUPPADMIN users are directed to the user management screen
 rather than the search enquiries screen

git-svn-id: http://locode01.ad.dom/svn/WEBMIP/trunk@3784 248e525c-4dfb-0310-94bc-949c084e9493
---
 Screens/f155.sql | 46 +++++++++++++++++++++++++++++++++++-----------
 1 file changed, 35 insertions(+), 11 deletions(-)

diff --git a/Screens/f155.sql b/Screens/f155.sql
index 9bad858..51352ce 100644
--- a/Screens/f155.sql
+++ b/Screens/f155.sql
@@ -13,7 +13,7 @@ prompt  APPLICATION 155 - webmip
 -- Application Export:
 --   Application:     155
 --   Name:            webmip
---   Date and Time:   11:52 Tuesday June 10, 2008
+--   Date and Time:   13:43 Friday February 29, 2008
 --   Exported By:     PRIESTJ
 --   Flashback:       0
 --   Export Type:     Application Export
@@ -145,7 +145,7 @@ wwv_flow_api.create_flow(
   p_default_region_template=> 24740611526526770 + wwv_flow_api.g_id_offset,
   p_error_template    => 38911722486594102 + wwv_flow_api.g_id_offset,
   p_page_protection_enabled_y_n=> 'N',
-  p_checksum_salt_last_reset => '20080610115224',
+  p_checksum_salt_last_reset => '20080229134330',
   p_home_link         => 'f?p=&APP_ID.:1',
   p_box_width         => '98%',
   p_flow_language     => 'en-gb',
@@ -187,7 +187,7 @@ wwv_flow_api.create_flow(
   p_substitution_string_01 => 'SYSTEM_ENVIRONMENT',
   p_substitution_value_01  => '(Development)',
   p_last_updated_by => 'PRIESTJ',
-  p_last_upd_yyyymmddhh24miss=> '20080610115224',
+  p_last_upd_yyyymmddhh24miss=> '20080229134330',
   p_required_roles=> wwv_flow_utilities.string_to_table2(''));
  
  
@@ -2598,6 +2598,19 @@ wwv_flow_api.create_app_comments (
   p_app_version=>'');
 end;
 /
+begin
+wwv_flow_api.create_app_comments (
+  p_id=>45457303129607789 + wwv_flow_api.g_id_offset,
+  p_flow_id=>wwv_flow.g_flow_id,
+  p_pages=>'101',
+  p_app_comment=>'Added an if statement to send anyone logging in as a SUPPADMIN to the user management screen rather than the enquiries screen',
+  p_updated_on=>'2008.02.29.13:43:30',
+  p_updated_by=>'PRIESTJ',
+  p_created_on=>'2008.02.29.13:43:30',
+  p_created_by=>'PRIESTJ',
+  p_app_version=>'');
+end;
+/
  
 --application/pages/page_00000
 prompt  ...PAGE 0: system
@@ -42857,8 +42870,8 @@ wwv_flow_api.create_page(
   p_html_page_header => '',
   p_step_template => 24734011047526756+ wwv_flow_api.g_id_offset,
   p_required_patch=> null + wwv_flow_api.g_id_offset,
-  p_last_updated_by => 'HARDYA',
-  p_last_upd_yyyymmddhh24miss => '20080227093007',
+  p_last_updated_by => 'PRIESTJ',
+  p_last_upd_yyyymmddhh24miss => '20080229134330',
   p_page_is_public_y_n=> 'Y',
   p_protection_level=> 'C',
   p_page_comment  => '');
@@ -43175,12 +43188,23 @@ declare
   l_clob clob;
   l_length number := 1;
 begin
-p:=p||'mip_security.login('||chr(10)||
+p:=p||'if #OWNER#.mip_parties.get_user_role(:P101_USERNAME)=''SUPPADMIN'' then'||chr(10)||
+'  mip_security.login('||chr(10)||
 '    P_UNAME       => :P101_USERNAME,'||chr(10)||
 '    P_PASSWORD    => :P101_PASSWORD,'||chr(10)||
 '    P_SESSION_ID  => v(''APP_SESSION''),'||chr(10)||
+'    P_FLOW_PAGE   => :APP_ID ||'':60'''||chr(10)||
+'    );'||chr(10)||
+'else'||chr(10)||
+'  mip_security.login('||chr(10)||
+'    P_UNAME       => :P101_USERNAME,'||chr(10)||
+'    P_PASSWORD    => :P101_PASSWORD,'||chr(10)||
+'    P_SESSION_ID  => v(''APP_SESSION''),';
+
+p:=p||''||chr(10)||
 '    P_FLOW_PAGE   => :APP_ID ||'':30'''||chr(10)||
-'    );';
+'    );'||chr(10)||
+'end if;';
 
 wwv_flow_api.create_page_process(
   p_id     => 11077221742541528 + wwv_flow_api.g_id_offset,
@@ -44731,8 +44755,8 @@ wwv_flow_api.create_list_item (
   p_list_item_display_sequence=>301,
   p_list_item_link_text=> 'Enquiries',
   p_list_item_link_target=> 'f?p=&APP_ID.:30:&SESSION.::&DEBUG.::::',
-  p_list_item_disp_cond_type=> 'CURRENT_PAGE_NOT_IN_CONDITION',
-  p_list_item_disp_condition=> '30,31,32',
+  p_list_item_disp_cond_type=> 'PLSQL_EXPRESSION',
+  p_list_item_disp_condition=> '#OWNER#.mip_security.component_authorization(v(''APP_USER''),''enqumenu'') and (:APP_PAGE_ID <> 30 and :APP_PAGE_ID <> 31 and :APP_PAGE_ID <> 32)',
   p_list_countclicks_y_n=> 'N',
   p_list_text_01=> '',
   p_list_item_current_type=> 'COLON_DELIMITED_PAGE_LIST',
@@ -44747,8 +44771,8 @@ wwv_flow_api.create_list_item (
   p_list_item_display_sequence=>400,
   p_list_item_link_text=> 'Quotes',
   p_list_item_link_target=> 'f?p=&APP_ID.:14:&SESSION.::&DEBUG.:14:::',
-  p_list_item_disp_cond_type=> 'CURRENT_PAGE_NOT_IN_CONDITION',
-  p_list_item_disp_condition=> '14,80,81,82',
+  p_list_item_disp_cond_type=> 'PLSQL_EXPRESSION',
+  p_list_item_disp_condition=> '#OWNER#.mip_security.component_authorization(v(''APP_USER''),''quotemenu'') and (:APP_PAGE_ID <> 14 and :APP_PAGE_ID <> 80 and :APP_PAGE_ID <> 81 and :APP_PAGE_ID <> 82)',
   p_list_countclicks_y_n=> 'N',
   p_list_text_01=> '',
   p_list_item_current_type=> 'COLON_DELIMITED_PAGE_LIST',