SlideShare una empresa de Scribd logo

Developing Dynamic PeopleSoft Field Security Applications:A PeopleSoft Developer's Guide

G
guest96f6c68d
Desarrollo personalTecnología
1 de 11
Developing Dynamic PeopleSoft Field Security Applications A PeopleSoft Developer’s Guide Renita M. Rhodes, MIM
Copyright © 2008 All rights reserved. Except as permitted under the United States Copyright Act of 1976, no part of this publication may be reproduced or distributed in any form or by any means, or stored in a database or retrieval system, without the prior written permission of the author. PeopleSoft, PeopleTools, PeopleCode and PeopleBooks are registered trademarks of the Oracle Corporation. This manual is an independent creation by the author and has been developed as part of the Washington University Masters Information Management (MIM) degree program curriculum without license, authorization, or participation from the Oracle Corporation. Information contained in this work has been obtained from believed credible sources and its author is just supplying information, not attempting to provide engineering or professional services. Therefore, the author should not be held accountable for errors, omissions, or damage arising from the use of this manual. You are permitted to print one copy of this eBook for yourself. It is illegal to distribute or copy this book in any part. Developing Dynamic PeopleSoft Field Security Applications 2
Table of Contents PeopleSoft Security Background .............................................................................................4 Developing Field Security Application ...................................................................................5 Develop Application Objects ...................................................................................................5 Registering a Component .........................................................................................................6 Create PeopleCode Function ...................................................................................................7 Attach PeopleCode Function to Existing Objects ..................................................................9 Enter Field Security Information ...........................................................................................10 Summary .................................................................................................................................11 Developing Dynamic PeopleSoft Field Security Applications 3
PeopleSoft Security Background Security is especially critical for core business applications. In light of the complex and diverse nature of the different PeopleSoft computing environments and the wide range of statutory and regulatory compliance requirements, the system’s security measures must be based upon the functional nature and the data involved. Much of the vast amount of electronic data generated throughout the PeopleSoft environments are comprised of human resource and financial information which is in many cases subject to privacy and confidentiality regulations. Typically, every department in companies does not have access to all applications nor does everyone within a department have access to all functions and data of a particular application. System security involves protecting data/information against modification, loss, unauthorized use and/or disclosure. A security framework can be defined by several key controls including: online access to data password management user account management authentication and authorization mechanisms traceability (audit logs) PeopleSoft delivers security features and PeopleTools applications, to ensure that sensitive application data is protected. The three main PeopleSoft security definition object types are user profiles, roles, and permission lists. These three components work together in providing system security access through inheritance. Permission lists are groups of authorizations that are assigned to roles. Roles are intermediate objects that link user profiles to permission lists. User Profiles are security objects given to each user of the system which possesses all security access and other unique identification information for the user. A user profile inherits most of its permissions through roles; however, process Note profile and data permissions- row-level and field-level security -are applied directly to a user profile. Data permissions control the application data that a user is allowed to access in the PeopleSoft system. With application data security, data permissions can be set at the table level, row level and field level. Developing Dynamic PeopleSoft Field Security Applications 4
Data Permissions Definitions Table-level security is set by using PeopleSoft Query to build SQL queries to specify the records the user is allowed to access when building and running queries. Row-level security controls access to individual rows of data stored within application database tables through security views; and enables you to specify the data that a particular user is permitted to access. Field-level security is set using PeopleCode, the proprietary language used in the development of PeopleSoft applications, to restrict access to particular fields or columns within application tables. This user manual contains instructions on developing a dynamic field security application in PeopleSoft. These instructions are intended for intermediate to advance level PeopleSoft Developers and will describe a more efficient technique to secure a field. Before one can begin to develop, he/she must possess the appropriate access to the system. This security access will be setup PeopleSoft Security Administrator. Developing Field Security Application Before creating the dynamic field security application all new objects such as projects, fields, records, pages and components must be created first. A field security PeopleCode function must be added to the project as well. PeopleCode must be added to needed records and pages to call the field security function. An existing FUNCLIB record must be modified. The number of objects may differ as there is no one way to create this Note application. Develop Application Objects A. Create a project. B. Create the POPULATED field setting its attributes to 1 character and yes/no field type. C. Create a new record definition 1. Select File > New. 2. Select Record. 3. Click OK. Developing Dynamic PeopleSoft Field Security Applications 5
4. Select the SQL table record type option to define a physical SQL record definition. 5. Insert the fields the existing fields RECNAME, FIELDNAME, ROLENAME, ACCESS and the newly created field POPULATED into the record using the drag and drop feature. Fields can be inserted into a record in several ways. The field and its attributes Note are automatically added to the list of fields in the record definition. 6. Create this table when you run the Build Operation from the Build menu. D. Create a new page definition by cloning a page definition: 1. Select File > Open. 2. Enter the page name that you want to clone. 3. Select File > Save As. If modifications are made to the page, the old page definition may accidentally Warning be overwritten. 4. Enter the new page name. 5. Click OK. 6. Add fields to the page from the record you have created using the drag and drop feature. E. Create a new component definition: A. Select File > New B. Double-click Component C. Add pages to the component by dragging the page into the component. Open the component. Drag page from the project workspace to the component. Registering a Component Before this page can be viewed online, it first must be registered to a menu. PeopleSoft’s delivered registration wizard adds components to menus; assigns permission lists and places content reference entries in the portal; which displays the component to the user online. Developing Dynamic PeopleSoft Field Security Applications 6
The component definition must be open and saved prior to registering the Note component or objects created during this registration will not be added to the project and will later cause issues during migration. To register your component: 1. Keep your component open to register. 2. Open the Registration Wizard by selecting Tools > Register in Portal. 3. Find the menu name and the drop-down list box to assign the bar name by clicking the Select button. 4. Select Target Content and enter information on the Create Content Reference screen. 5. Find the menu name again, and use the drop-down list box to select the menu name that displays on the bar by clicking the Select button. It would be more feasible to place this field security application in the Maintain Note Security. 6. Select Target Content complete fields. 7. Select the permission list and both the Update/Display and Add actions. 8. Click Finish to complete the registry process. If you click Cancel all of the entries that you have made in the wizard will be Warning lost and no changes will be made. Create PeopleCode Function A. Create a function by adding PeopleCode to a FUNCLIB record. B. Declare local variables, record and SQL objects by setting the variable to the appropriate data types. Local array of string &aRoles Local string &sRoleName Local boolean &hidefield Local SQL &SQL Local Record &REC C. Initialize variables 1. Set the &REC variable equal to the record developed above. This can be done by using the built-in function CreateRecord; which creates a standalone record definition with fields. Developing Dynamic PeopleSoft Field Security Applications 7
&REC = CreateRecord(Record.ZPTT_HR_FLDSEC); The specified record must have been defined previously it must have a record Note definition. 2. Initialize the &SQL object from the SQL class by using the built-in CreateSQL function. This function opens the object on the given SQL string, a PeopleCode string value giving the SQL statement, and input values. &SQL = CreateSQL("%Selectall(:1) Where FIELDNAME = :2 or FIELDNAME = :3 ", &REC, &iFieldname1, &iFieldname2); Set the &aRoles variable to equal the %roles system variable which returns an array object containing all the roles assigned to the current user. &aRoles = %Roles; D. Start Loop, bind the statement and check for role name in the users list of roles. If role is not listed then hide or gray the field. While &SQL.Fetch(&REC) Then Set &sRolename to result from record fetch Set &Populated to result from record fetch Set &Allow_Access to result from record fetch &Found = &aRoles.Find(&RoleName); If &Found <> 0 then If &Populated = ‘Y’ and &Allow_Access = ‘Y’ then Set &Access variable equal to 1; Else Set &hidefield variable to equal true End-if; End-If; If &Access variable equals 1 then Set &hidefield variable to equal false End-If; End-While; The code above loops through the record defined in the Develop Application Object section using the SQL class object defined in step two by using the built-in method Fetch. &SQL.Fetch(&REC) The Fetch method loops through the rows fetched by the defined select statement. If there are no more rows to fetch, the fetch method returns as false, and the SQL object, &SQL, is automatically closed. &Found = &aRoles.Find(&RoleName); Developing Dynamic PeopleSoft Field Security Applications 8
The Find method returns the lowest index of an element in the array that is equal to the given value. If the role is not found in the array, the find method returns the number one; however, if the role is found in the array a zero is returned. If &Found <> 0 then If &Populated = ‘Y’ and &Allow_Access = ‘Y’ then Set &Access variable equal to 1; Else Set &hidefield variable to equal true End-if; End-If; If &Access variable equals 1 then Set &hidefield variable to equal false End-If; When the function is called from other records or pages the &hidefield variable will already be populated with “True” indicating that the field should be hidden. This value will change to “False” only if the user possesses the roles to view the field while populated. The &RoleName, &Populated and &Allow_Access variables’ values are Note populated from data entry completed in the Enter Field Security Information section. Attach PeopleCode Function to Existing Objects Add PeopleCode declaring and calling the created function to all records and pages that house fields that need to be secured. 1. Declare Function Declare Function RoleFieldSecurity PeopleCode FUNCLIB_HR.ROLEUSER returns &hidefield as Boolean 2. Get field value and if field is populate then call function and input the field name(s) that must be secured into the function variable. Local Rowset &Level0, &Level1, &Level2; &Level0 = GetLevel0(); &Level1 = &Level0(1).GetRowset(Scroll.BAS_PARTIC); &Level2 = &Level1(1).GetRowset(Scroll.BAS_PARTIC_PLAN); &Rows = &Level2.ActiveRowCount; For &I = 1 To &Level1_Rows; &Level2_Rows = &Level1.GetRow(&I).GetRowset(Scroll.BAS_PARTIC_PLAN).ActiveRowCoun t; For &J = 1 To &Level2_Rows; &OPTION_CD = &Level1.GetRow(&I).GetRowset(Scroll.BAS_PARTIC_PLAN).GetRow(&J).Ge tRecord(Record.BAS_PARTIC_PLAN).OPTION_CD.Value; Developing Dynamic PeopleSoft Field Security Applications 9
If all(&OPTION_CD) then &annual_pldg_fld = &Level2.GetRow(&I).GetRecord(Record.BAS_PARTIC_PLAN).ANNUAL_PLEDGE ; &empl_contrb_fld = &Level2.GetRow(&I).GetRecord(Record.BAS_PARTIC_PLAN).EMPL_CONTRBUT N_AMT; &hidefield = RoleFieldSecurity("BAS_PARTIC_PLAN.ANNUAL_PLEDGE", "Y"); If &hidefield = True Then &annual_pldg_fld.displayonly = TRUE; End-If; &hidefield = RoleFieldSecurity("BAS_PARTIC_PLAN.EMPL_CONTRBUTN_AMT", "Y"); If &hidefield = True Then &empl_contrb_fld.visible = FALSE; End-If; End-If; End-For; The next step in your field security should be based off your requirements. The Note field can be hidden, set to read only, or a message- warning, error or message box - can be executed Enter Field Security Information Navigate to the new page and enter all field security access information. As stated in the Registering a Component section, the best placement for the field security page and component is in under the delivered security menu. If your have used this suggested placement then your navigation to the field security page would be Home > PeopleTools > Maintain Security > Field Level Security. Navigation to your page is based on the way your set up portal access to your Note page and component. Developing Dynamic PeopleSoft Field Security Applications 10
Summary Let’s review what it takes to create a dynamic field security application. What have we done? We created a project. We created a new field. We created a new record definition. We created a new page definition by cloning an existing page. We created a new page component by cloning an existing page. We registered the new component. We created a new field security function. We attached and the new function to existing pages and records. We entered the field security access information. This should give you enough information to get you started and give you the ability to create a dynamic field level security application. Remember there are numerous ways to secure a field within PeopleSoft through using PeopleCode; this is just a way to eliminate customizations and save you a lot of coding. Welcome to the exciting world of field security. Developing Dynamic PeopleSoft Field Security Applications 11

Recomendados

Hands-on workshop: experience the life of your Content Object aka the power o...
Hands-on workshop: experience the life of your Content Object aka the power o...Hands-on workshop: experience the life of your Content Object aka the power o...
Hands-on workshop: experience the life of your Content Object aka the power o...
Chamilo Association
 
User creation
User creationUser creation
User creation
gsriramsunil
 
Create new user
Create new userCreate new user
Create new user
Hassan Fadl
 
Chapter 01
Chapter 01Chapter 01
Chapter 01
llmeade
 
App v 4.6 sp1 trial guide
App v 4.6 sp1 trial guideApp v 4.6 sp1 trial guide
App v 4.6 sp1 trial guide
Kishore Kumar
 
Osx workflow guide (1)
Osx workflow guide (1)Osx workflow guide (1)
Osx workflow guide (1)
Pragati Singh
 
Oracle forms 11g release 2 (11.1.2) new
Oracle forms 11g release 2 (11.1.2) newOracle forms 11g release 2 (11.1.2) new
Oracle forms 11g release 2 (11.1.2) new
FITSFSd
 
Remote Exploitation of the Dropbox SDK for Android
Remote Exploitation of the Dropbox SDK for AndroidRemote Exploitation of the Dropbox SDK for Android
Remote Exploitation of the Dropbox SDK for Android
IBM Security
 

Recomendados

Hands-on workshop: experience the life of your Content Object aka the power o...
Hands-on workshop: experience the life of your Content Object aka the power o...Hands-on workshop: experience the life of your Content Object aka the power o...
Hands-on workshop: experience the life of your Content Object aka the power o...
Chamilo Association
 
User creation
User creationUser creation
User creation
gsriramsunil
 
Create new user
Create new userCreate new user
Create new user
Hassan Fadl
 
Chapter 01
Chapter 01Chapter 01
Chapter 01
llmeade
 
App v 4.6 sp1 trial guide
App v 4.6 sp1 trial guideApp v 4.6 sp1 trial guide
App v 4.6 sp1 trial guide
Kishore Kumar
 
Osx workflow guide (1)
Osx workflow guide (1)Osx workflow guide (1)
Osx workflow guide (1)
Pragati Singh
 
Oracle forms 11g release 2 (11.1.2) new
Oracle forms 11g release 2 (11.1.2) newOracle forms 11g release 2 (11.1.2) new
Oracle forms 11g release 2 (11.1.2) new
FITSFSd
 
Remote Exploitation of the Dropbox SDK for Android
Remote Exploitation of the Dropbox SDK for AndroidRemote Exploitation of the Dropbox SDK for Android
Remote Exploitation of the Dropbox SDK for Android
IBM Security
 
12 simple steps to prepare your i os app for development and distribution (1)...
12 simple steps to prepare your i os app for development and distribution (1)...12 simple steps to prepare your i os app for development and distribution (1)...
12 simple steps to prepare your i os app for development and distribution (1)...
Katy Slemon
 
SpoofedMe - Intruding Accounts using Social Login Providers
SpoofedMe - Intruding Accounts using Social Login Providers SpoofedMe - Intruding Accounts using Social Login Providers
SpoofedMe - Intruding Accounts using Social Login Providers
IBM Security
 
Wss Security
Wss SecurityWss Security
Wss Security
LiquidHub
 
Metamorphosis from Forms to Java: A technical lead's perspective, part II
Metamorphosis from Forms to Java: A technical lead's perspective, part IIMetamorphosis from Forms to Java: A technical lead's perspective, part II
Metamorphosis from Forms to Java: A technical lead's perspective, part II
Michael Fons
 
Android resources in android-chapter9
Android resources in android-chapter9Android resources in android-chapter9
Android resources in android-chapter9
Dr. Ramkumar Lakshminarayanan
 
Pentestflashkeybpardpaper
PentestflashkeybpardpaperPentestflashkeybpardpaper
Pentestflashkeybpardpaper
Andrey Apuhtin
 
Creating a repository using the oracle business intelligence administration tool
Creating a repository using the oracle business intelligence administration toolCreating a repository using the oracle business intelligence administration tool
Creating a repository using the oracle business intelligence administration tool
Ravi Kumar Lanke
 
Unit2
Unit2Unit2
Unit2
DevaKumari Vijay
 
Dynamics 365 self hosting bots
Dynamics 365 self hosting botsDynamics 365 self hosting bots
Dynamics 365 self hosting bots
Amit Patil
 
Mandiant IOC Editor
Mandiant IOC EditorMandiant IOC Editor
Mandiant IOC Editor
Matt Loong
 
Integrigy oracle apps_password_issue
Integrigy oracle apps_password_issueIntegrigy oracle apps_password_issue
Integrigy oracle apps_password_issue
mahmoudezz
 
Integrating into Visual Studio settings
Integrating into Visual Studio settingsIntegrating into Visual Studio settings
Integrating into Visual Studio settings
PVS-Studio
 
Ces70 salesforce2 connectorguide
Ces70 salesforce2 connectorguideCes70 salesforce2 connectorguide
Ces70 salesforce2 connectorguide
Kalpesh More
 
Access5
Access5Access5
Access5
JTHSICT
 
Ray flow release notes webconsole_ 1.9.0_0
Ray flow release notes webconsole_ 1.9.0_0Ray flow release notes webconsole_ 1.9.0_0
Ray flow release notes webconsole_ 1.9.0_0
i4box Anon
 
PPT1
PPT1PPT1
PPT1
JAYAARC
 
Enhancements
Enhancements Enhancements
Enhancements
Jaya Lakshmi
 
Developing RIA Web Applications with Oracle ADF.pdf
Developing RIA Web Applications with Oracle ADF.pdfDeveloping RIA Web Applications with Oracle ADF.pdf
Developing RIA Web Applications with Oracle ADF.pdf
sheriframadan18
 
Epm fm-1111x-provisioning-whitepape-133674
Epm fm-1111x-provisioning-whitepape-133674Epm fm-1111x-provisioning-whitepape-133674
Epm fm-1111x-provisioning-whitepape-133674
Sathya Narayanan
 
Informatica object migration
Informatica object migrationInformatica object migration
Informatica object migration
Amit Sharma
 
Java EE Services
Java EE ServicesJava EE Services
Java EE Services
Abdalla Mahmoud
 
Salesforce.com Lightning
Salesforce.com LightningSalesforce.com Lightning
Salesforce.com Lightning
Malinda Lamahewa
 

Más contenido relacionado

La actualidad más candente

Wss Security
Wss SecurityWss Security
Wss Security
LiquidHub
 
Integrigy oracle apps_password_issue
Integrigy oracle apps_password_issueIntegrigy oracle apps_password_issue
Integrigy oracle apps_password_issue
mahmoudezz
 
Ces70 salesforce2 connectorguide
Ces70 salesforce2 connectorguideCes70 salesforce2 connectorguide
Ces70 salesforce2 connectorguide
Kalpesh More
 

La actualidad más candente (13)

12 simple steps to prepare your i os app for development and distribution (1)...
12 simple steps to prepare your i os app for development and distribution (1)...12 simple steps to prepare your i os app for development and distribution (1)...
12 simple steps to prepare your i os app for development and distribution (1)...
 
SpoofedMe - Intruding Accounts using Social Login Providers
SpoofedMe - Intruding Accounts using Social Login Providers SpoofedMe - Intruding Accounts using Social Login Providers
SpoofedMe - Intruding Accounts using Social Login Providers
 
Wss Security
Wss SecurityWss Security
Wss Security
 
Metamorphosis from Forms to Java: A technical lead's perspective, part II
Metamorphosis from Forms to Java: A technical lead's perspective, part IIMetamorphosis from Forms to Java: A technical lead's perspective, part II
Metamorphosis from Forms to Java: A technical lead's perspective, part II
 
Android resources in android-chapter9
Android resources in android-chapter9Android resources in android-chapter9
Android resources in android-chapter9
 
Pentestflashkeybpardpaper
PentestflashkeybpardpaperPentestflashkeybpardpaper
Pentestflashkeybpardpaper
 
Creating a repository using the oracle business intelligence administration tool
Creating a repository using the oracle business intelligence administration toolCreating a repository using the oracle business intelligence administration tool
Creating a repository using the oracle business intelligence administration tool
 
Unit2
Unit2Unit2
Unit2
 
Dynamics 365 self hosting bots
Dynamics 365 self hosting botsDynamics 365 self hosting bots
Dynamics 365 self hosting bots
 
Mandiant IOC Editor
Mandiant IOC EditorMandiant IOC Editor
Mandiant IOC Editor
 
Integrigy oracle apps_password_issue
Integrigy oracle apps_password_issueIntegrigy oracle apps_password_issue
Integrigy oracle apps_password_issue
 
Integrating into Visual Studio settings
Integrating into Visual Studio settingsIntegrating into Visual Studio settings
Integrating into Visual Studio settings
 
Ces70 salesforce2 connectorguide
Ces70 salesforce2 connectorguideCes70 salesforce2 connectorguide
Ces70 salesforce2 connectorguide
 

Similar a Developing Dynamic PeopleSoft Field Security Applications:A PeopleSoft Developer's Guide

Informatica object migration
Informatica object migrationInformatica object migration
Informatica object migration
Amit Sharma
 
Deploying configuring caching
Deploying configuring cachingDeploying configuring caching
Deploying configuring caching
aspnet123
 
Cyber Security wk 8 paperAssignment 2 Implementing Network a.docx
Cyber Security wk 8 paperAssignment 2 Implementing Network a.docxCyber Security wk 8 paperAssignment 2 Implementing Network a.docx
Cyber Security wk 8 paperAssignment 2 Implementing Network a.docx
theodorelove43763
 
Oracle Human Capital Management Setup Document
Oracle Human Capital Management Setup DocumentOracle Human Capital Management Setup Document
Oracle Human Capital Management Setup Document
Rajendra Gudla
 

Similar a Developing Dynamic PeopleSoft Field Security Applications:A PeopleSoft Developer's Guide (20)

Access5
Access5Access5
Access5
 
Ray flow release notes webconsole_ 1.9.0_0
Ray flow release notes webconsole_ 1.9.0_0Ray flow release notes webconsole_ 1.9.0_0
Ray flow release notes webconsole_ 1.9.0_0
 
PPT1
PPT1PPT1
PPT1
 
Enhancements
Enhancements Enhancements
Enhancements
 
Developing RIA Web Applications with Oracle ADF.pdf
Developing RIA Web Applications with Oracle ADF.pdfDeveloping RIA Web Applications with Oracle ADF.pdf
Developing RIA Web Applications with Oracle ADF.pdf
 
Epm fm-1111x-provisioning-whitepape-133674
Epm fm-1111x-provisioning-whitepape-133674Epm fm-1111x-provisioning-whitepape-133674
Epm fm-1111x-provisioning-whitepape-133674
 
Informatica object migration
Informatica object migrationInformatica object migration
Informatica object migration
 
Java EE Services
Java EE ServicesJava EE Services
Java EE Services
 
Salesforce.com Lightning
Salesforce.com LightningSalesforce.com Lightning
Salesforce.com Lightning
 
Integrate Shindig with Joomla
Integrate Shindig with JoomlaIntegrate Shindig with Joomla
Integrate Shindig with Joomla
 
Oracle E Business Suite Security Made Easy - Menus, Functions, Responsibiliti...
Oracle E Business Suite Security Made Easy - Menus, Functions, Responsibiliti...Oracle E Business Suite Security Made Easy - Menus, Functions, Responsibiliti...
Oracle E Business Suite Security Made Easy - Menus, Functions, Responsibiliti...
 
Introduction to Bluemix and Watson
Introduction to Bluemix and WatsonIntroduction to Bluemix and Watson
Introduction to Bluemix and Watson
 
synopsis
synopsissynopsis
synopsis
 
Deploying configuring caching
Deploying configuring cachingDeploying configuring caching
Deploying configuring caching
 
Cyber Security wk 8 paperAssignment 2 Implementing Network a.docx
Cyber Security wk 8 paperAssignment 2 Implementing Network a.docxCyber Security wk 8 paperAssignment 2 Implementing Network a.docx
Cyber Security wk 8 paperAssignment 2 Implementing Network a.docx
 
Getting started with oracle eprcs
Getting started with oracle eprcsGetting started with oracle eprcs
Getting started with oracle eprcs
 
Oracle Human Capital Management Setup Document
Oracle Human Capital Management Setup DocumentOracle Human Capital Management Setup Document
Oracle Human Capital Management Setup Document
 
Oracle ADF Case Study
Oracle ADF Case StudyOracle ADF Case Study
Oracle ADF Case Study
 
Web Based Investment Management System
Web Based Investment Management SystemWeb Based Investment Management System
Web Based Investment Management System
 
Github-Source code management system SRS
Github-Source code management system SRSGithub-Source code management system SRS
Github-Source code management system SRS
 

Último

Girls in Mahipalpur (delhi) call me [🔝9953056974🔝] escort service 24X7
Girls in Mahipalpur (delhi) call me [🔝9953056974🔝] escort service 24X7Girls in Mahipalpur (delhi) call me [🔝9953056974🔝] escort service 24X7
Girls in Mahipalpur (delhi) call me [🔝9953056974🔝] escort service 24X7
9953056974 Low Rate Call Girls In Saket, Delhi NCR
 
the Husband rolesBrown Aesthetic Cute Group Project Presentation
the Husband rolesBrown Aesthetic Cute Group Project Presentationthe Husband rolesBrown Aesthetic Cute Group Project Presentation
the Husband rolesBrown Aesthetic Cute Group Project Presentation
brynpueblos04
 
KLINIK BATA Jual obat penggugur kandungan 087776558899 ABORSI JANIN KEHAMILAN...
KLINIK BATA Jual obat penggugur kandungan 087776558899 ABORSI JANIN KEHAMILAN...KLINIK BATA Jual obat penggugur kandungan 087776558899 ABORSI JANIN KEHAMILAN...
KLINIK BATA Jual obat penggugur kandungan 087776558899 ABORSI JANIN KEHAMILAN...
Cara Menggugurkan Kandungan 087776558899
 
February 2024 Recommendations for newsletter
February 2024 Recommendations for newsletterFebruary 2024 Recommendations for newsletter
February 2024 Recommendations for newsletter
ssuserdfec6a
 
Call Girls In Mumbai Just Genuine Call ☎ 7738596112✅ Call Girl Andheri East G...
Call Girls In Mumbai Just Genuine Call ☎ 7738596112✅ Call Girl Andheri East G...Call Girls In Mumbai Just Genuine Call ☎ 7738596112✅ Call Girl Andheri East G...
Call Girls In Mumbai Just Genuine Call ☎ 7738596112✅ Call Girl Andheri East G...
mitaliverma221
 

Último (15)

Girls in Mahipalpur (delhi) call me [🔝9953056974🔝] escort service 24X7
Girls in Mahipalpur (delhi) call me [🔝9953056974🔝] escort service 24X7Girls in Mahipalpur (delhi) call me [🔝9953056974🔝] escort service 24X7
Girls in Mahipalpur (delhi) call me [🔝9953056974🔝] escort service 24X7
 
Dadar West Escorts 🥰 8617370543 Call Girls Offer VIP Hot Girls
Dadar West Escorts 🥰 8617370543 Call Girls Offer VIP Hot GirlsDadar West Escorts 🥰 8617370543 Call Girls Offer VIP Hot Girls
Dadar West Escorts 🥰 8617370543 Call Girls Offer VIP Hot Girls
 
Goregaon West Escorts 🥰 8617370543 Call Girls Offer VIP Hot Girls
Goregaon West Escorts 🥰 8617370543 Call Girls Offer VIP Hot GirlsGoregaon West Escorts 🥰 8617370543 Call Girls Offer VIP Hot Girls
Goregaon West Escorts 🥰 8617370543 Call Girls Offer VIP Hot Girls
 
SIKP311 Sikolohiyang Pilipino - Ginhawa.pptx
SIKP311 Sikolohiyang Pilipino - Ginhawa.pptxSIKP311 Sikolohiyang Pilipino - Ginhawa.pptx
SIKP311 Sikolohiyang Pilipino - Ginhawa.pptx
 
the Husband rolesBrown Aesthetic Cute Group Project Presentation
the Husband rolesBrown Aesthetic Cute Group Project Presentationthe Husband rolesBrown Aesthetic Cute Group Project Presentation
the Husband rolesBrown Aesthetic Cute Group Project Presentation
 
2023 - Between Philosophy and Practice: Introducing Yoga
2023 - Between Philosophy and Practice: Introducing Yoga2023 - Between Philosophy and Practice: Introducing Yoga
2023 - Between Philosophy and Practice: Introducing Yoga
 
Colaba Escorts 🥰 8617370543 Call Girls Offer VIP Hot Girls
Colaba Escorts 🥰 8617370543 Call Girls Offer VIP Hot GirlsColaba Escorts 🥰 8617370543 Call Girls Offer VIP Hot Girls
Colaba Escorts 🥰 8617370543 Call Girls Offer VIP Hot Girls
 
Exploring Stoic Philosophy From Ancient Wisdom to Modern Relevance.pdf
Exploring Stoic Philosophy From Ancient Wisdom to Modern Relevance.pdfExploring Stoic Philosophy From Ancient Wisdom to Modern Relevance.pdf
Exploring Stoic Philosophy From Ancient Wisdom to Modern Relevance.pdf
 
KLINIK BATA Jual obat penggugur kandungan 087776558899 ABORSI JANIN KEHAMILAN...
KLINIK BATA Jual obat penggugur kandungan 087776558899 ABORSI JANIN KEHAMILAN...KLINIK BATA Jual obat penggugur kandungan 087776558899 ABORSI JANIN KEHAMILAN...
KLINIK BATA Jual obat penggugur kandungan 087776558899 ABORSI JANIN KEHAMILAN...
 
Emotional Freedom Technique Tapping Points Diagram.pdf
Emotional Freedom Technique Tapping Points Diagram.pdfEmotional Freedom Technique Tapping Points Diagram.pdf
Emotional Freedom Technique Tapping Points Diagram.pdf
 
February 2024 Recommendations for newsletter
February 2024 Recommendations for newsletterFebruary 2024 Recommendations for newsletter
February 2024 Recommendations for newsletter
 
Pokemon Go... Unraveling the Conspiracy Theory
Pokemon Go... Unraveling the Conspiracy TheoryPokemon Go... Unraveling the Conspiracy Theory
Pokemon Go... Unraveling the Conspiracy Theory
 
Call Girls In Mumbai Just Genuine Call ☎ 7738596112✅ Call Girl Andheri East G...
Call Girls In Mumbai Just Genuine Call ☎ 7738596112✅ Call Girl Andheri East G...Call Girls In Mumbai Just Genuine Call ☎ 7738596112✅ Call Girl Andheri East G...
Call Girls In Mumbai Just Genuine Call ☎ 7738596112✅ Call Girl Andheri East G...
 
March 2023 Recommendations for newsletter
March 2023 Recommendations for newsletterMarch 2023 Recommendations for newsletter
March 2023 Recommendations for newsletter
 
Social Learning Theory presentation.pptx
Social Learning Theory presentation.pptxSocial Learning Theory presentation.pptx
Social Learning Theory presentation.pptx
 

Developing Dynamic PeopleSoft Field Security Applications:A PeopleSoft Developer's Guide

  • 1. Developing Dynamic PeopleSoft Field Security Applications A PeopleSoft Developer’s Guide Renita M. Rhodes, MIM
  • 2. Copyright © 2008 All rights reserved. Except as permitted under the United States Copyright Act of 1976, no part of this publication may be reproduced or distributed in any form or by any means, or stored in a database or retrieval system, without the prior written permission of the author. PeopleSoft, PeopleTools, PeopleCode and PeopleBooks are registered trademarks of the Oracle Corporation. This manual is an independent creation by the author and has been developed as part of the Washington University Masters Information Management (MIM) degree program curriculum without license, authorization, or participation from the Oracle Corporation. Information contained in this work has been obtained from believed credible sources and its author is just supplying information, not attempting to provide engineering or professional services. Therefore, the author should not be held accountable for errors, omissions, or damage arising from the use of this manual. You are permitted to print one copy of this eBook for yourself. It is illegal to distribute or copy this book in any part. Developing Dynamic PeopleSoft Field Security Applications 2
  • 3. Table of Contents PeopleSoft Security Background .............................................................................................4 Developing Field Security Application ...................................................................................5 Develop Application Objects ...................................................................................................5 Registering a Component .........................................................................................................6 Create PeopleCode Function ...................................................................................................7 Attach PeopleCode Function to Existing Objects ..................................................................9 Enter Field Security Information ...........................................................................................10 Summary .................................................................................................................................11 Developing Dynamic PeopleSoft Field Security Applications 3
  • 4. PeopleSoft Security Background Security is especially critical for core business applications. In light of the complex and diverse nature of the different PeopleSoft computing environments and the wide range of statutory and regulatory compliance requirements, the system’s security measures must be based upon the functional nature and the data involved. Much of the vast amount of electronic data generated throughout the PeopleSoft environments are comprised of human resource and financial information which is in many cases subject to privacy and confidentiality regulations. Typically, every department in companies does not have access to all applications nor does everyone within a department have access to all functions and data of a particular application. System security involves protecting data/information against modification, loss, unauthorized use and/or disclosure. A security framework can be defined by several key controls including: online access to data password management user account management authentication and authorization mechanisms traceability (audit logs) PeopleSoft delivers security features and PeopleTools applications, to ensure that sensitive application data is protected. The three main PeopleSoft security definition object types are user profiles, roles, and permission lists. These three components work together in providing system security access through inheritance. Permission lists are groups of authorizations that are assigned to roles. Roles are intermediate objects that link user profiles to permission lists. User Profiles are security objects given to each user of the system which possesses all security access and other unique identification information for the user. A user profile inherits most of its permissions through roles; however, process Note profile and data permissions- row-level and field-level security -are applied directly to a user profile. Data permissions control the application data that a user is allowed to access in the PeopleSoft system. With application data security, data permissions can be set at the table level, row level and field level. Developing Dynamic PeopleSoft Field Security Applications 4
  • 5. Data Permissions Definitions Table-level security is set by using PeopleSoft Query to build SQL queries to specify the records the user is allowed to access when building and running queries. Row-level security controls access to individual rows of data stored within application database tables through security views; and enables you to specify the data that a particular user is permitted to access. Field-level security is set using PeopleCode, the proprietary language used in the development of PeopleSoft applications, to restrict access to particular fields or columns within application tables. This user manual contains instructions on developing a dynamic field security application in PeopleSoft. These instructions are intended for intermediate to advance level PeopleSoft Developers and will describe a more efficient technique to secure a field. Before one can begin to develop, he/she must possess the appropriate access to the system. This security access will be setup PeopleSoft Security Administrator. Developing Field Security Application Before creating the dynamic field security application all new objects such as projects, fields, records, pages and components must be created first. A field security PeopleCode function must be added to the project as well. PeopleCode must be added to needed records and pages to call the field security function. An existing FUNCLIB record must be modified. The number of objects may differ as there is no one way to create this Note application. Develop Application Objects A. Create a project. B. Create the POPULATED field setting its attributes to 1 character and yes/no field type. C. Create a new record definition 1. Select File > New. 2. Select Record. 3. Click OK. Developing Dynamic PeopleSoft Field Security Applications 5
  • 6. 4. Select the SQL table record type option to define a physical SQL record definition. 5. Insert the fields the existing fields RECNAME, FIELDNAME, ROLENAME, ACCESS and the newly created field POPULATED into the record using the drag and drop feature. Fields can be inserted into a record in several ways. The field and its attributes Note are automatically added to the list of fields in the record definition. 6. Create this table when you run the Build Operation from the Build menu. D. Create a new page definition by cloning a page definition: 1. Select File > Open. 2. Enter the page name that you want to clone. 3. Select File > Save As. If modifications are made to the page, the old page definition may accidentally Warning be overwritten. 4. Enter the new page name. 5. Click OK. 6. Add fields to the page from the record you have created using the drag and drop feature. E. Create a new component definition: A. Select File > New B. Double-click Component C. Add pages to the component by dragging the page into the component. Open the component. Drag page from the project workspace to the component. Registering a Component Before this page can be viewed online, it first must be registered to a menu. PeopleSoft’s delivered registration wizard adds components to menus; assigns permission lists and places content reference entries in the portal; which displays the component to the user online. Developing Dynamic PeopleSoft Field Security Applications 6
  • 7. The component definition must be open and saved prior to registering the Note component or objects created during this registration will not be added to the project and will later cause issues during migration. To register your component: 1. Keep your component open to register. 2. Open the Registration Wizard by selecting Tools > Register in Portal. 3. Find the menu name and the drop-down list box to assign the bar name by clicking the Select button. 4. Select Target Content and enter information on the Create Content Reference screen. 5. Find the menu name again, and use the drop-down list box to select the menu name that displays on the bar by clicking the Select button. It would be more feasible to place this field security application in the Maintain Note Security. 6. Select Target Content complete fields. 7. Select the permission list and both the Update/Display and Add actions. 8. Click Finish to complete the registry process. If you click Cancel all of the entries that you have made in the wizard will be Warning lost and no changes will be made. Create PeopleCode Function A. Create a function by adding PeopleCode to a FUNCLIB record. B. Declare local variables, record and SQL objects by setting the variable to the appropriate data types. Local array of string &aRoles Local string &sRoleName Local boolean &hidefield Local SQL &SQL Local Record &REC C. Initialize variables 1. Set the &REC variable equal to the record developed above. This can be done by using the built-in function CreateRecord; which creates a standalone record definition with fields. Developing Dynamic PeopleSoft Field Security Applications 7
  • 8. &REC = CreateRecord(Record.ZPTT_HR_FLDSEC); The specified record must have been defined previously it must have a record Note definition. 2. Initialize the &SQL object from the SQL class by using the built-in CreateSQL function. This function opens the object on the given SQL string, a PeopleCode string value giving the SQL statement, and input values. &SQL = CreateSQL("%Selectall(:1) Where FIELDNAME = :2 or FIELDNAME = :3 ", &REC, &iFieldname1, &iFieldname2); Set the &aRoles variable to equal the %roles system variable which returns an array object containing all the roles assigned to the current user. &aRoles = %Roles; D. Start Loop, bind the statement and check for role name in the users list of roles. If role is not listed then hide or gray the field. While &SQL.Fetch(&REC) Then Set &sRolename to result from record fetch Set &Populated to result from record fetch Set &Allow_Access to result from record fetch &Found = &aRoles.Find(&RoleName); If &Found <> 0 then If &Populated = ‘Y’ and &Allow_Access = ‘Y’ then Set &Access variable equal to 1; Else Set &hidefield variable to equal true End-if; End-If; If &Access variable equals 1 then Set &hidefield variable to equal false End-If; End-While; The code above loops through the record defined in the Develop Application Object section using the SQL class object defined in step two by using the built-in method Fetch. &SQL.Fetch(&REC) The Fetch method loops through the rows fetched by the defined select statement. If there are no more rows to fetch, the fetch method returns as false, and the SQL object, &SQL, is automatically closed. &Found = &aRoles.Find(&RoleName); Developing Dynamic PeopleSoft Field Security Applications 8
  • 9. The Find method returns the lowest index of an element in the array that is equal to the given value. If the role is not found in the array, the find method returns the number one; however, if the role is found in the array a zero is returned. If &Found <> 0 then If &Populated = ‘Y’ and &Allow_Access = ‘Y’ then Set &Access variable equal to 1; Else Set &hidefield variable to equal true End-if; End-If; If &Access variable equals 1 then Set &hidefield variable to equal false End-If; When the function is called from other records or pages the &hidefield variable will already be populated with “True” indicating that the field should be hidden. This value will change to “False” only if the user possesses the roles to view the field while populated. The &RoleName, &Populated and &Allow_Access variables’ values are Note populated from data entry completed in the Enter Field Security Information section. Attach PeopleCode Function to Existing Objects Add PeopleCode declaring and calling the created function to all records and pages that house fields that need to be secured. 1. Declare Function Declare Function RoleFieldSecurity PeopleCode FUNCLIB_HR.ROLEUSER returns &hidefield as Boolean 2. Get field value and if field is populate then call function and input the field name(s) that must be secured into the function variable. Local Rowset &Level0, &Level1, &Level2; &Level0 = GetLevel0(); &Level1 = &Level0(1).GetRowset(Scroll.BAS_PARTIC); &Level2 = &Level1(1).GetRowset(Scroll.BAS_PARTIC_PLAN); &Rows = &Level2.ActiveRowCount; For &I = 1 To &Level1_Rows; &Level2_Rows = &Level1.GetRow(&I).GetRowset(Scroll.BAS_PARTIC_PLAN).ActiveRowCoun t; For &J = 1 To &Level2_Rows; &OPTION_CD = &Level1.GetRow(&I).GetRowset(Scroll.BAS_PARTIC_PLAN).GetRow(&J).Ge tRecord(Record.BAS_PARTIC_PLAN).OPTION_CD.Value; Developing Dynamic PeopleSoft Field Security Applications 9
  • 10. If all(&OPTION_CD) then &annual_pldg_fld = &Level2.GetRow(&I).GetRecord(Record.BAS_PARTIC_PLAN).ANNUAL_PLEDGE ; &empl_contrb_fld = &Level2.GetRow(&I).GetRecord(Record.BAS_PARTIC_PLAN).EMPL_CONTRBUT N_AMT; &hidefield = RoleFieldSecurity("BAS_PARTIC_PLAN.ANNUAL_PLEDGE", "Y"); If &hidefield = True Then &annual_pldg_fld.displayonly = TRUE; End-If; &hidefield = RoleFieldSecurity("BAS_PARTIC_PLAN.EMPL_CONTRBUTN_AMT", "Y"); If &hidefield = True Then &empl_contrb_fld.visible = FALSE; End-If; End-If; End-For; The next step in your field security should be based off your requirements. The Note field can be hidden, set to read only, or a message- warning, error or message box - can be executed Enter Field Security Information Navigate to the new page and enter all field security access information. As stated in the Registering a Component section, the best placement for the field security page and component is in under the delivered security menu. If your have used this suggested placement then your navigation to the field security page would be Home > PeopleTools > Maintain Security > Field Level Security. Navigation to your page is based on the way your set up portal access to your Note page and component. Developing Dynamic PeopleSoft Field Security Applications 10
  • 11. Summary Let’s review what it takes to create a dynamic field security application. What have we done? We created a project. We created a new field. We created a new record definition. We created a new page definition by cloning an existing page. We created a new page component by cloning an existing page. We registered the new component. We created a new field security function. We attached and the new function to existing pages and records. We entered the field security access information. This should give you enough information to get you started and give you the ability to create a dynamic field level security application. Remember there are numerous ways to secure a field within PeopleSoft through using PeopleCode; this is just a way to eliminate customizations and save you a lot of coding. Welcome to the exciting world of field security. Developing Dynamic PeopleSoft Field Security Applications 11