File Format for Importing Data Security Instance Sets and Grants

When you want to create data security rules in bulk, import data security instance sets and grants into an application, create separate text files for the instance sets and grants.

Then, upload them to the Oracle WebCenter Content document repository. After placing the files in the document repository, you can import the instance sets and grants into the application.

Here are some considerations:

Only instance sets and grants are supported.
Create objects or functions before loading data.
For instance sets, only filter-based instance sets are supported. Filter-based means that the condition is defined as a structured expression.

The following sections contain specific details about each file format.

Instance Sets

Create a file containing the headers listed in the following table:

Table that lists headers for Instance Sets

Header	Data Type	Data Size	Description	Required or Optional	Editable? (Y/N)
`ObjName`	String	80	This value determines the data security object name.	Required	N
`InstanceSetName`	String	80	This value determines the name of the condition.	Required	N
`DisplayName`	String	2000	This value determines the display name of the condition.	Required	N
`Description`	String	2000	This value determines the description of the condition.	Optional	Y
`Conjunction`	String	3	This value determines whether the condition matches the specified attribute. Value for this field is either All or Any.	Required	Y
`TreeOperator`	String	3	This value determines whether an operator takes the first list of values or the second list of values. The available values are Yes or No. If set to No, then the operator takes the first list of values. If set to Yes, then the operator takes the second list of values.	Required	Y
`Operator`	String	20	If the condition is not a TREE operator, then the value for this field is one of the following values: EQUALTO NOTEQUALTO LESSTHAN GREATERTHAN LESSTHANEQUALTO GREATERTHANEQUALTO BETWEEN NOTBETWEEN CUSTOM LIKE STARTSWITH ENDSWITH ISNULL ISNOTNULL CONTAINS DOESNOTCONTAIN If the condition is a TREE operator, then the value for this field is one of the following values: IS_CHILD_OF IS_DESCENDENT_OF IS_LAST_DESCENDENT_OF IS_PARENT_OF IS_ANCESTOR_OF IS_FIRST_ANCESTOR_OF IS_SIBLING_OF	Required	Y
`Value`	String	2000	The value for this field is a list of comma-separated values.	Required	Y
`TreeStructureCode`	String	80	The value for this field is a tree structure code for the condition type tree.	Optional	Y
`TreeCode`	String	80	The value of this field is tree code for the condition type tree.	Optional	Y
`FilterColumn`	String	80	This value determines whether the condition that is specified matches with the values in the Value column.	Optional	Y
`DataType`	String	30	This value determines the data type for the filter column.	Optional	Y

Here's a sample file for instance sets:

ObjName|InstanceSetName|DisplayName|Description|Conjuction|TreeOperator|Operator|Value|TreeStructureCode|TreeCodeFLEX_KFF1_IND_CHR_L10_SEC|TEST_DSUI_OBJ1_INS1|TEST_DSUI_OBJ1_INS1
                DN|TEST_DSUI_OBJ1_INS1
                DES|All|No|EQUALTO|1000||FLEX_KFF1_IND_CHR_L10_SEC|TEST_DSUI_OBJ1_INS1|TEST_DSUI_OBJ1_INS1
                DN|TEST_DSUI_OBJ1_INS1
                DES|All|No|GREATERTHAN|100||FLEX_KFF1_IND_CHR_L10_SEC|TEST_DSUI_OBJ1_INS2|TEST_DSUI_OBJ1_INS2
                DN|TEST_DSUI_OBJ1_INS2
                DES|All|No|GREATERTHAN|100||FLEX_KFF1_IND_CHR_L10_SEC|TEST_DSUI_OBJ1_INS3|TEST_DSUI_OBJ1_INS3
                DN|TEST_DSUI_OBJ1_INS3
                DES|All|Yes|IS_SIBLING_OF|GB3,QA_CHAR_IND_BI|QA_FLEX_BI_TEST_TS2|QA_FLEX_BI_TEST_TS2_T2FLEX_DFF1_IND_CHR_L10_SEC|TEST_DS_SEEDED_OBJ_INS1|TEST_DS_SEEDED_OBJ_INS1
                DN|TEST_DSUI_OBJ1_INS1
                DES|All|No|EQUALTO|1000||FLEX_DFF1_IND_CHR_L10_SEC|TEST_DS_SEEDED_OBJ_INS1|TEST_DS_SEEDED_OBJ_INS1
                DN|TEST_DSUI_OBJ1_INS1
                DES|All|No|GREATERTHAN|100||FLEX_DFF1_IND_CHR_L10_SEC|TEST_DS_SEEDED_OBJ_INS2|TEST_DS_SEEDED_OBJ_INS2
                DN|TEST_DSUI_OBJ1_INS2
                DES|All|No|GREATERTHAN|100||FLEX_DFF1_IND_CHR_L10_SEC|TEST_DS_SEEDED_OBJ_INS3|TEST_DS_SEEDED_OBJ_INS3
                DN|TEST_DSUI_OBJ1_INS3
                DES|All|Yes|IS_SIBLING_OF|GB3,QA_CHAR_IND_BI|QA_FLEX_BI_TEST_TS2|QA_FLEX_BI_TEST_TS2_T2

Grants

Create a file containing the headers listed in the following table:

Table that lists headers for Grants

Header	Data Type	Data Size	Description	Required or Optional	Editable? (Y/N)
`ObjName`	String	80	This value determines the data security object name.	Required	N
`StartDate`	Date	NA	The format of date must be DD/MM/YYYY.	Optional	Y
`EndDate`	Date	NA	The format of date must be DD/MM/YYYY.	Optional	Y
`InstanceSetName`	String	80	This value determines the condition name to be used in the grant.	Optional	Y
`Name`	String	80	This value determines the name of the grant to be created or updated.	Optional	Y
`Description`	String	2000	This value gives your grant a description.	Optional	Y
`RoleName`	String	256	This value determines the role name to be used in the grant.	Optional	N
`RoleNameSpace`	String	256	This value determines the role name space in which RoleName is searched to get the grant key information.	Optional	N
`GranteeType`	String	30	This value determines the grantee type of the RoleName. If no value is provided, then 'GROUP' is used as default value.	Optional	N
`GranteeKey`	String	128	This value determines the grantee key of the RoleName.	Optional	N
`GrantType`	String	30	This value determines the grant type of the grant. If no value is provided, then 'ALLOW' is used as default value.	Optional	N
`ContextName`	String	128	This value determines the context name used in the grant.	Optional	Y
`ContextValue`	String	400	This value determines the context value used in the grant.	Optional	Y
`Actions`	String	2000	This field contains a comma-separated list of Actions to be used in grant. If no Actions are specified, then 'read' action is used.	Optional	Y
`InstancePk1Value`	String	256	This value determines the first instance private key value.	Optional	Y
`InstancePk2Value`	String	256	This value determines the second instance private key value.	Optional	Y
`InstancePk3Value`	String	256	This value determines the third instance private key value.	Optional	Y
`InstancePk4Value`	String	256	This value determines the fourth instance private key value.	Optional	Y
`InstancePk5Value`	String	256	This value determines the fifth instance private key value.	Optional	Y
`Parameter1`	String	256	This value determines the first parameter value.	Optional	Y
`Parameter2`	String	256	This value determines the second parameter value.	Optional	Y
`Parameter3`	String	256	This value determines the third parameter value.	Optional	Y
`Parameter4`	String	256	This value determines the fourth parameter value.	Optional	Y
`Parameter5`	String	256	This value determines the fifth parameter value.	Optional	Y
`Parameter6`	String	256	This value determines the sixth parameter value.	Optional	Y
`Parameter7`	String	256	This value determines the seventh parameter value.	Optional	Y
`Parameter8`	String	256	This value determines the eighth parameter value.	Optional	Y
`Parameter9`	String	256	This value determines the ninth parameter value.	Optional	Y
`Parameter10`	String	256	This value determines the tenth parameter value.	Optional	Y

Here's a sample file for grants:

ObjName|InstanceSetName|Name|Description|RoleName|RoleNameSpace|GranteeType|GranteeKey|Actions|InstancePk1Value|InstancePk2Value|InstancePk3Value|InstancePk4Value|InstancePk5Value|Parameter1|Parameter2|Parameter3|Parameter4|Parameter5|Parameter6|Parameter7|Parameter8|Parameter9|Parameter10FLEX_KFF1_IND_CHR_L10_SEC|TEST_DSUI_OBJ1_INS1|TEST_DSUI_OBJ1
                Policy1|TEST_DSUI_OBJ1
                Policy1|ORA_FND_APPLICATION_ADMINISTRATOR_JOB|fscm|GROUP|BAB069E21C3803B495EA7DDC0116A83C|read|Instance
                Pk1 Value|Instance Pk2 Value|Instance Pk3 Value|Instance Pk4 Value|Instance Pk5
                Value|Parameter1 Value|Parameter2 Value|Parameter3 Value|Parameter4 Value|Parameter5
                Value|Parameter6 Value|Parameter7 Value|Parameter8 Value|Parameter9
                Value|Parameter10 ValueFLEX_KFF1_IND_CHR_L10_SEC|TEST_DSUI_OBJ1_INS2|TEST_DSUI_OBJ1
                Policy2|TEST_DSUI_OBJ1
                Policy2|ORA_FND_APPLICATION_ADMINISTRATOR_JOB|fscm|GROUP|BAB069E21C3803B495EA7DDC0116A83C|read|||||Instance
                Pk5 Value|Parameter1 Value||||Parameter5 Value|||||Parameter10
                ValueFLEX_KFF1_IND_CHR_L10_SEC|TEST_DSUI_OBJ1_INS3|TEST_DSUI_OBJ1
                Policy3|TEST_DSUI_OBJ1
                Policy3|ORA_FND_APPLICATION_ADMINISTRATOR_JOB|fscm|GROUP|BAB069E21C3803B495EA7DDC0116A83C|read|||||Instance
                Pk5 Value|Parameter1 Value||||Parameter5 Value|||||Parameter10
                ValueFLEX_DFF1_IND_CHR_L10_SEC|TEST_DS_SEEDED_OBJ_INS1|TEST_DS_SEEDED_OBJ
                Policy1|TEST_DS_SEEDED_OBJ Policy1
                Description|ORA_FND_APPLICATION_ADMINISTRATOR_JOB|fscm|GROUP|BAB069E21C3803B495EA7DDC0116A83C|read|Instance
                Pk1 Value|Instance Pk2 Value|Instance Pk3 Value|Instance Pk4 Value|Instance Pk5
                Value|Parameter1 Value|Parameter2 Value|Parameter3 Value|Parameter4 Value|Parameter5
                Value|Parameter6 Value|Parameter7 Value|Parameter8 Value|Parameter9
                Value|Parameter10
                ValueFLEX_DFF1_IND_CHR_L10_SEC|TEST_DS_SEEDED_OBJ_INS2|TEST_DS_SEEDED_OBJ
                Policy2|TEST_DS_SEEDED_OBJ Policy2
                Description|ORA_FND_APPLICATION_ADMINISTRATOR_JOB|fscm|GROUP|BAB069E21C3803B495EA7DDC0116A83C|read|||||Instance
                Pk5 Value|Parameter1 Value||||Parameter5 Value|||||Parameter10
                ValueFLEX_DFF1_IND_CHR_L10_SEC|TEST_DS_SEEDED_OBJ_INS3|TEST_DS_SEEDED_OBJ
                Policy3|TEST_DS_SEEDED_OBJ Policy3
                Description|ORA_FND_APPLICATION_ADMINISTRATOR_JOB|fscm|GROUP|BAB069E21C3803B495EA7DDC0116A83C|read|||||Instance
                Pk5 Value|Parameter1 Value||||Parameter5 Value|||||Parameter10
            Value