Multi Org Access Control (MOAC)

on Monday, June 30, 2014



MOAC is a feature used to access the data of multiple organizations or multiple operating units from a single responsibility. Data security is maintained using security profiles that determine the data access privileges associated to responsibilities granted to a user. Because of this you can perform multiple tasks across operating units without changing responsibilities, Users are no longer required to switch applications responsibilities when processing transactions for multiple operating units.
MOAC are of two types:
1.       Local
2.       Global
Using Local MOAC we can access the data of multiple operating units from the single responsibility of the same business group.
Using Global MOAC we can access the data of multiple operating units from the single responsibility of one or more business groups.

Advantages of MOAC
·    MOAC is used to maintain and access bank accounts for multiple operating units.
·    To secure Inter and Intra company.
·    Multi-Org Access Control feature allows you to enter, process data and generate reports from a single responsibility.
·     To process the payment of one or more operating units using oracle payments (At a single time we can process the payment for one or more operating units)
·     To maintain the data of customer and supplier for one or more operating units. Supplier or customer is visible across business group but supplier/customer site is specific to the operating unit, so multiple accesses to different operating units is required.
·      For reporting purpose.
   How MOAC impacts the way we work in TOAD
11i  - To set the Org id in TOAD
1. Get the Org_id from HR_ORGANIZATION_UNITS

2. In toad execute the below code
        begin
        fnd_client_info.set_org_context(&org_id);
        end;
R12 - To set the Org id in TOAD
1. Get the Org_id from HR_ORGANIZATION_UNITS
2. In toad execute the below code
    –Sets the 201 as single Org id
    exec MO_GLOBAL.SET_POLICY_CONTEXT (‘S’, 201);
    Pass a value “S” in case you want your current session to work against Single ORG_ID
    Pass a value of “M” in case you want your current session to work against multiple ORG_ID’s


MOAC for table access
In 11i _ALL Tables where non Org specific and Org specific views were created on these tables.
But in R12 its different concept
  a. For the table AP_INVOICES_ALL a synonym  AP_INVOICES_ALL is created in APPS.
  b. Also another synonym AP_INVOICES is created which refers to AP_INOICES_ALL.
  c. A Row Level security is applied to AP_INVOICES, using package function MO_GLOBAL.ORG_SECURITY.
      This can be double-checked by running SQL
select * from all_policies where object_name=’AP_INVOICES’
  d. The effect of this policy is that, whenever you access AP_INVOICES, Oracle RLS will dynamically append WHERE CLAUSE as
   
SELECT * FROM AP_INVOICES  WHERE EXISTS (SELECT 1 FROM mo_glob_org_access_tmp oa WHERE oa.organization_id = org_id)