Assigning Commitment Control Security Rules

Pages Used to Assign Commitment Control Security Rules

Page Name	Definition Name	Usage
Assign Commitment Control Security Rule to User ID Page	KSEC_OPR_RULES	Assign security rules to individual user IDs. You can attach multiple security rules to a user ID.
Assign Commitment Control Security Rule to Permission List Page	KSEC_CLSS_RULES	Assign security rules to permission lists. You can attach multiple security rules to a permission list.
Assign Commitment Control Security Rule to Dynamic Group Page	KSEC_DYN_RULES	Assign security rules to dynamic rule groups. You can attach multiple security rules to a dynamic rule group. The security rules identify the ChartField values and thus the users for whom you are assigning security.

Related Topics

Assign Commitment Control Security Rule to User ID Page

Use the Assign Commitment Control Security Rule to User ID page (KSEC_OPR_RULES) to assign security rules to individual user IDs.

You can attach multiple security rules to a user ID.

Navigation:

Commitment Control, and then Define Budget Security, and then Assign Rule to User ID, and then Assign Commitment Control Security Rule to User ID

Select the security rules you want to assign to the user ID. You can assign only Regular rule types to user IDs. If the security rules you assign have conflicting Allow/Disallow attributes, the Disallow attribute takes precedence. For example, if security rule A allows inquiries on budgets with account 10000 and security rule B disallows inquiries on account 10000, security rule B takes precedence for account 10000.

Assign Commitment Control Security Rule to Permission List Page

Use the Assign Commitment Control Security Rule to Permission List page (KSEC_CLSS_RULES) to assign security rules to permission lists.

You can attach multiple security rules to a permission list.

Navigation:

Commitment Control, and then Define Budget Security, and then Assign KK Rule Security

The same factors that apply to attaching rules to user IDs apply when you attach rules to permission lists.

Assign Commitment Control Security Rule to Dynamic Group Page

To attach dynamic security rules to a dynamic group:

Define a dynamic rule record for the security rule.
In Application Designer, create a view that includes:
1. User ID (OPRID).
2. The ChartField that uses the parameter bind in the dynamic security rule.
  
  For an example, see the delivered sample dynamic record KK_DYN1, which includes department ID and user ID. This view was created with the following SQL:
```
SELECT a.deptid 
```
```
, C.OPRID 
```
```
FROM PS_DEPT_TBL A 
```
```
, PS_PERSONAL_DATA B 
```
```
, PSOPRALIAS C 
```
```
WHERE A.MANAGER_NAME = B.NAME 
```
```
AND B.EMPLID = C.EMPLID
```
Use the Assign Commitment Control Security Rule to Dynamic Group page (KSEC_DYN_RULES) to assign security rules to dynamic rule groups. You can attach multiple security rules to a dynamic rule group. The security rules identify the ChartField values and thus the users for whom you are assigning security.

Commitment Control, and then Define Budget Security, and then Define Budget Security, and then Assign KK Rule to Dynamic Grp,
Select the security rules you want to assign to the user ID.

You can assign only Dynamic rule types to dynamic rule groups, and only dynamic rules that define the ChartField on the dynamic rule record as a bind variable. If the security rules you assign have conflicting Allow/Disallow attributes, the Disallow attribute takes precedence. For example, if security rule A allows inquiries on budgets with account 10000 and security rule B disallows inquiries on account 10000, security rule B takes precedence for account 10000.