Security by Department and User ID
Establish PeopleSoft Grants security by setting up a series of associations that limit or provide user access to components. Set up these associations by linking user IDs with a security tree node that represents a department or group of departments. When a user attempts to open a component, the system examines the associations between that user's ID and user class. If you have established appropriate links, the user can open the pages. Additionally, the search records for each component enable the user to access only the records that have departments that are associated with the security tree.
Note:
The pages that are listed in this procedure are fully documented in PeopleTools documentation.
To set up security by Department ID:
-
Create a new role by selecting
You can create as many roles as necessary. You should create a role for every set of users that needs a different level of security access to the data.
PeopleSoft delivers a user role "Grants Super User" as system data. This role is associated with the Proposal Approval process. Users who have this role assigned can edit the Proposal/Project/Budget when the proposal is sent back by the approver. A grants super user can terminate the approval process by updating the proposal status and can access and act on other Approver/Reviewer's work items.
-
Create user IDs and assign roles to user IDs by selecting
Note:
Be sure to assign a valid employee ID. This ID will be matched with the principal investigator who is designated for each proposal or proposal project to determine which proposals can be accessed by this user when no department-level access is specified.
-
Define the grants security tree by selecting
Set up the security tree based on an analysis of business processes within the organization. If a department tree already exists and mirrors a department hierarchy that would provide the appropriate coverage for security needs, you should copy that tree.
Note:
The department security tree must be a node-oriented tree. That is, each node on the tree must represent a valid department that exists in the Department table (DEPARTMENT_TBL). When you define the detail tree structure, make sure that the node record equals the Department table and the field equals Department ID (DEPTID).
-
Assign an object group to a permission list by selecting
-
Define operator security by selecting
Select the tree SetID, tree name, and effective date of the tree. In the lower section of the page, select the department designation and access code. You can enter as many departments as you need.
-
Change the search records for PeopleSoft Grants components by selecting
The search record that PeopleSoft delivers for these proposal components provides principal investigator and department-level security. Currently, the search records that are defined subsequently are delivered with the system. You can replace these security search records if you require a different security scheme.
This table lists the menu navigations, components, and search records that are used in PeopleSoft Grants proposals:
| Menu Navigation | Component | Search Record |
|---|---|---|
|
|
GM_PROPOSAL |
GM_PROP_SRCH |
|
|
GM_BUD_LINE_SUM |
GM_BUD_PD_SRCH |
|
|
GM_PROP_SUBMISSION |
GM_PROP_ SRCH |
|
|
GM_WEB_APPLICATION |
INSTALLATION |
|
|
GM_PROP_PRINT_REQ |
GM_PROP_PRN_REQ |
|
|
GM_PROP_PRINT_REQ |
GM_PROP_PRN_REQ |
|
|
GM_BUD_PPSL_CPY |
GM_PROP_SRCH |
|
|
GM_BUD_PPSL_V_CPY |
GM_PROP_DR_SRCH |
|
|
GM_BUD_PD_CPY |
GM_BUD_PD_SRCH |
|
|
GM_BUD_INQ |
GM_PROP_SRCH |
|
|
GM_AU_PROPOSAL |
GM_PROPOSAL |
|
|
GM_COMP_APPROVAL |
GM_PROP_APP_SRH |
Note:
You can give users access to specific proposals by listing them on the Maintain Proposal - Resources page with the role type of Authorized Personnel (click the Details button next to the Role field). The role type of Authorized Personnel gives security access to proposals, but this role does not print on any proposal form outputs.