Saturday, December 6, 2014

Security Configuration for PS Query in PeopleSoft

Before you learn how to secure PS Query, you must learn how to create a PS Query - Creating the PS Query in PeopleSoft

This is very important part in PS query development. It simply means that when we create PS query in PeopleSoft, we have to secure it so that only intended users can have access to it. Securing PS query means securing the records used in it by adding them into an appropriate tree and the records in our case are JOB and NAMES but since these are very common delivered records hence it is quite obvious that they would already have been used in other queries which means that they are already secured. We don't need to secure them but still its very important to understand that how exactly this is done.

Open the component 'Query Access Manager' (Navigation: PeopleTools > Security > Query Security > Query Access Manager).


Creating PS query through Query Access Manager in PeopleSoft

As I already mentioned that securing PS Query means securing the records used in it and before we do that we first have to identify which tree are we going to add our records into. For PeopleSoft HRMS the tree used for such purpose in most of the organization is 'QUERY_TREE_HR' but you can create your own tree depending upon your own requirement. Enter the tree name in the text box as shown in the screenshot above and hit on search. From the search result select the max effective dated row for the tree 'QUERY_TREE_HR' to open the updated one.


Adding queries into Query Security Tree in PeopleSoft

It opens the tree and the records currently added into it. But hold on, the records aren't added directly into the tree but into the Access Groups which is ultimately added into the tree. The Access Groups are nothing but entities into which similar records are added. There can be more than one Access Groups in a tree and also an Access Group can be added inside Another Access Group. In the image above, the access group 'HR ACCESS GROUP' which is also the root Access Group is highlighted.

Now we have to identify which Access Group we should add our records into ?
There is an easy trick for that if we don't know the desired Access Group. We can rather find out which Access Group other similar records are added and once we find that, ,we can add our record in to the same. So, just click on 'Find' link as pointed in above image to open the search page:



The record 'TEST_RECORD' entered above is the similar record for which we need to find the access group. Click on find and you will see the search results as below:



Well, the results shows that the record 'TEST_RECORD' is added into Access Group 'NEW_EXIT_REC_AG' which is added in the Access Group 'HR_ACCESS_GROUP' which is ultimately added in the tree 'QUERY_TREE_HR'.
Now we know that our record has to be added into the Access Group 'NEW_EXIT_REC_AG' so click on this group and then add the record into it. Click on the toolbar 'Insert Child Record' displayed right next to the Access Group name which will open the search page for the record that you wish to add. Enter the record name and then add it.


Set Access Group Permission:
I already mentioned earlier that securing a PS Query means securing the records added into it and at this point we have added these records into the appropriate tree. Now we have to add the tree (QUERY_TREE_HR) and it's Access Group (NEW_EXIT_REC_AG) into a permission list which then will be added to only those users profiles who are supposed to be able to access query 'TEST_QUERY_NEWHIRE'. 
Open the permission list definition into which you want to add the tree and access group, go to the tab 'Query' and click on the link 'Access Group Permissions' to open below page:
 
Adding Query Definition into Permission List in PeopleSoft

Finally, add this permission list into an appropriate role of the desired user's profile.

No comments:

Post a Comment