Security Layers

The Grants portal security is set up in two layers.

First Layer of Security

The first layer of security is based on the users who are assigned to an award. The award PI and the grants administrator roles for the award are automatically granted access to award, project, and personnel pages when a new award is created in PeopleSoft Grants. This is performed by means of the Generate Award process and selecting the Add to Grants Portal Security check box.

An award PI can view all awards for which he or she is the project PI. The valid role is PROJECT_TEAM.PLAN_PROJROLE = PI.

A grants administrator can view all awards for which he or she is the grants administrator on the award. The valid role is GM_AWARD.GM_ADMIN_CNTCT.

Second Layer of Security

The second layer of security is based on the users who are assigned to a project. The project PI and the department administrator roles for the project are automatically granted access to project and personnel pages when a new project is created in PeopleSoft Grants. This is performed by means of the Generate Award process as long as the Add to Grants Portal Security check box is selected.

If a user is not assigned the role of project PI or department administrator, then the user is not granted access to view awards in the award portal pages.

During the Generate Award process, the system only gives access to project team members who:

  • Have a role that matches a role on the Grants Portal Security – Access Rights page.

  • Have the appropriate access rights, meaning:

    • The Award Page check box is selected.

    • The Access Code is Read Only Access or Read/Write Access.

An administrator can view all projects for which he or she is assigned as the department administrator. Valid roles include: GM_PRJ_DEPT.EMPID or PROJECT_TEAM.PLAN_PROJROLE = PROJ_ADMIN.

Note:

The field for the project role is configurable for your organization. Your organization must assign the delivered configuration of PI to the principal investigator and the delivered configuration of project administrator to the administrator on the Project Team page. If your organization is not using the delivered configuration setup on the Grants Portal Security – Access Rights page for these roles, then security for the department administrator must be granted manually through the Award or Project Access pages.

Security to the Grants portal can be set up using these pages:

  • The Global Security Access page.

  • The PI/Project Manager Access page.

  • The Division Access page.

  • The Award Access page.

  • The Project Access page.

  • The Employee Access page.

Use the Global Security Access page to grant access to all awards and projects in the Grants portal. Employees entered on this page have access to all awards and projects. Additional employees (Emp ID) are granted access through one or more of four access pages: PI/Project Manager, Division, Award, and Project.

When using the PI/Project Manager Access page or the Division Access page, you grant access to users using the Assigned to Emplid. When selecting:

  • Award or Project, you grant access to users by business unit and award ID or business unit and project ID.

  • Employee, you view access to users by the union of Level 2 and Level 3 tables.