Understanding PeopleSoft Real Estate Management SecurityThis chapter provides an overview of PeopleSoft Real Estate Management security and discusses how to:
Set up basic security.
Set up roles and permissions list.
Set up row-level security.
Set up lease administration security.
Understanding PeopleSoft Real Estate Management SecurityPeopleSoft applications use the capabilities and flexibility of multilevel security to provide a solution to security issues. PeopleSoft Real Estate Management provides security at the row level, lease approval, and roles and permission lists.
Security rules enable you to establish which security events can be performed on transactions independent of any specific user until such time as you apply the rules to a user or users. For example, you can create one security rule to enable access to payables versus receivables leases, lease entry, amendments, and inquiry. You can create a different security rule that enables only lease entry and maintenance for a particular user (Lease Entry Clerk). After you define your security rules, you can assign these rules to a specific user ID or all the users and roles assigned to a permission list.
Note. The content of this chapter is only a part of what you need to know to secure your system. Other relevant information is located in the PeopleSoft Application Fundamentals PeopleBook.
Setting Up Basic SecurityPeopleSoft applications provides basic access and data security. Access to PeopleSoft applications is implemented through the use of user IDs, roles, and permission lists. Data security is implemented through setIDs. To learn more about access and data security refer to the relevant section in the PeopleSoft Application Fundamentals PeopleBook.
In addition to the basic security infrastructure, the PeopleSoft Real Estate Management product provides a number of extra security features that enable you to limit certain activities to specific job roles. PeopleSoft Real Estate Management provides two features to help you manage roles and responsibilities: role types and lease administration roles.
Role types enable you to define any number of job roles. These job roles are categorized as either internal or external roles:
An internal role is assigned to users who can sign on to the application, enter, and update lease information.
An external role is assigned to users who perform a task within the lease administration process.
These users do not have sign on access. An external role can be a service personnel, vendor, tenant, and so on.
The four role type categories are:
Internal Administrator: A person who performs day-to-day operational activities associated with adding, updating and maintaining lease information.
Internal Manager: A person who performs day-to-day operational activities, in addition to general operational duties, and might be required to approve certain activities such as, activating a lease or approving a transaction.
External Contact: A person, such as a service personnel, you want to track as a contact.
Principal Contact: A person or organization that is associated with a lease.
When you define a new role type, you can use any name for that role type. However, you must assign a category to that role type. For example, the person who performs lease maintenance in your organization in one region may be known as a lease administrator while another region may refer to this job role as a contract manager. You can define both role types and designate them as internal administrators.
Lease administration roles associate application users defined by the base PeopleSoft security architecture with specific real estate management job roles. After you define your lease administration roles, you can modify the PeopleSoft Real Estate Management application to limit certain activities based on the role type category of the user that is signed on.
Setting Up Roles and Permission ListsPeopleSoft applications enable you to control user access on a feature by feature basis, using the roles and permission lists. The basic structure of access security is as follows:
System users can be assigned one or more roles.
A role can be allocated to one or more permission lists.
A permission list identifies the features accessible to the role.
Note. A more detailed explanation of roles and permission lists can be found in the PeopleSoft Application Fundamentals PeopleBook.
PeopleSoft Real Estate Management delivers the following predefined roles:
RE_ADMIN - Real Estate Administrator
This role enables users to perform the general day-to-day operations involved in creating, updating, and administering leases. This also includes the management and processing of all lease based financial transactions.
RE_SUPER - Real Estate Super User
This role is designed to be used by a super user for setting up and configuring the PeopleSoft Real Estate Management application. The super user also has access to all of the permissions available to the role of RE_ADMIN.
PeopleSoft Real Estate Management delivers the following predefined permission lists:
EPRE1000 - Real Estate Configuration
Provides access to all of the Real Estate Setup components.
EPRE2000 - Lease Administration
Provides access to all operational lease administration feature.
EPRE3000 - Real Estate Portal Administration
Provides access to administering the PeopleSoft Real Estate Management portal pagelets.
EPRE3500 - Real Estate Portal User
Provides views to the PeopleSoft Real Estate Management portal pagelets.
This table illustrates the delivered assignments of permission lists to roles:
|
Permission List/Roles |
RE_SUPER |
RE_ADMIN |
|
EPRE1000 - Real Estate Configuration |
Yes |
No |
|
EPRE2000 - Lease Administration |
Yes |
Yes |
|
EPRE3000 - Real Estate Portal Administration |
Yes |
No |
|
EPRE3500 - Real Estate Portal User |
Yes |
Yes |
Setting Up Row-Level SecurityTo establish security within PeopleSoft Real Estate Management you must decide which level of security to establish throughout your system, which key fields to secure, and whether security is handled through user IDs or roles. You can implement security to restrict individual users or roles to specific rows of data that are controlled by such key fields as setIDs or business units. You can also limit users to access only a specific subset of rows.
See Also
PeopleSoft Application Fundamentals PeopleBook
Setting Up Lease Administration SecurityWhen a user approves the lease, the financial processing of that lease, such as billing and payments processing, begins. Consequently, you can limit the list of users that can activate a lease. These are the three key elements to setting up Lease Administration security features:
Role Types: Specifies the different types of job role used by your organization.
A role type represents a job role. The Lease Administration feature uses job roles to associate specific details to leases and in some cases, determine which roles may perform certain operations.
Lease Administration Roles: Specifies the internal job roles you use and associates the roles with specific system users.
The lease administration role associates system users to the various job roles that are associated with adding, updating and maintaining leases.
Lease Activation Policy: Specifies how and by whom a lease can be activated.
When you create a new lease, financial processing such as billing and payments processing does not begin until the lease is activated. To protect the integrity of your financial processes, the PeopleSoft Real Estate Management application enables you to prevent a lease from being activated until a manager approves it. This approval step is controlled by the automatic lease approval option on the Installation Options - Lease Administration page. When you disable the automatic lease approval option, only users who are assigned the Lease Administration Role based on the Internal Manager role type category can activate a lease. If automatic lease approval is enabled, any lease administration role can activate a lease.
Note. This application is delivered with the automatic lease approval feature enabled.
See Understanding Lease Administration Roles.