advanced peoplesoft security audit · peoplesoft determines which data permissions to grant a user...
TRANSCRIPT
![Page 1: Advanced PeopleSoft Security Audit · PeopleSoft determines which data permissions to grant a user by looking at the user's Primary Permission List and Row Security Permission List](https://reader033.vdocuments.net/reader033/viewer/2022041923/5e6cbbe73456e95f2d6d5b76/html5/thumbnails/1.jpg)
Advanced PeopleSoft Security Audit
David Pigman
SpearMC Consulting www.spearmc.com
1
![Page 2: Advanced PeopleSoft Security Audit · PeopleSoft determines which data permissions to grant a user by looking at the user's Primary Permission List and Row Security Permission List](https://reader033.vdocuments.net/reader033/viewer/2022041923/5e6cbbe73456e95f2d6d5b76/html5/thumbnails/2.jpg)
2
AGENDA
• About SpearMC
• Objectives
• User Profile Flow / Records
• Application Object Hierarchy / Records
• Portal Objects
• Sample Queries
• Q & A
5/27/2012 2
![Page 3: Advanced PeopleSoft Security Audit · PeopleSoft determines which data permissions to grant a user by looking at the user's Primary Permission List and Row Security Permission List](https://reader033.vdocuments.net/reader033/viewer/2022041923/5e6cbbe73456e95f2d6d5b76/html5/thumbnails/3.jpg)
3
SpearMC is a full-service consulting and
technology services firm with specific focus on
PeopleSoft Financials
Our consultants and network of PeopleSoft
Analysts, Technical Leads and Project Managers
average fifteen years of PeopleSoft
experience
We are North America’s leading provider of
custom-tailored PeopleSoft Financial training
solutions and educational content development.
It is our mission to provide the highest levels of
professional service at competitive rates
ABOUT SPEARMC
![Page 4: Advanced PeopleSoft Security Audit · PeopleSoft determines which data permissions to grant a user by looking at the user's Primary Permission List and Row Security Permission List](https://reader033.vdocuments.net/reader033/viewer/2022041923/5e6cbbe73456e95f2d6d5b76/html5/thumbnails/4.jpg)
David Pigman, Technical Architect
866-SPEARMC x802
About the Author
![Page 5: Advanced PeopleSoft Security Audit · PeopleSoft determines which data permissions to grant a user by looking at the user's Primary Permission List and Row Security Permission List](https://reader033.vdocuments.net/reader033/viewer/2022041923/5e6cbbe73456e95f2d6d5b76/html5/thumbnails/5.jpg)
5
• Learn the record definitions and views that support PeopleSoft
security
• Resolve highly complex security data into views for use with
PeopleSoft Query
OBJECTIVES
![Page 6: Advanced PeopleSoft Security Audit · PeopleSoft determines which data permissions to grant a user by looking at the user's Primary Permission List and Row Security Permission List](https://reader033.vdocuments.net/reader033/viewer/2022041923/5e6cbbe73456e95f2d6d5b76/html5/thumbnails/6.jpg)
6
USER PROFILE FLOW
User Profile (UserID/OPRID)
Record - PSOPRDEFN Primary Permission List and Row Security Permission List
(Row Level Security) Record - PSOPRDEFN
Process Profile Permission List Record - PSOPRDEFN
Roles Join Record – PSROLEUSER
Record - PSROLEDEFN
Permissions Lists Join Record - PSROLECLASS
![Page 7: Advanced PeopleSoft Security Audit · PeopleSoft determines which data permissions to grant a user by looking at the user's Primary Permission List and Row Security Permission List](https://reader033.vdocuments.net/reader033/viewer/2022041923/5e6cbbe73456e95f2d6d5b76/html5/thumbnails/7.jpg)
7
User Profile (UserID/OPRID)
Record - PSOPRDEFN
Primary Permission List and Row Security Permission List
(Row Level Security) Record - PSOPRDEFN
Process Profile Permission List Record - PSOPRDEFN
Roles Record - PSROLEUSER
PeopleSoft determines which data permissions to grant a user by looking at the user's Primary Permission List and Row Security Permission List. Which one is used varies by application and data entity (Employee, Customer, Vendor, Business Unit, etc.) PeopleSoft determines Mass Change, and Object Security permissions from the Primary Permission List.
USER PROFILE FLOW
![Page 8: Advanced PeopleSoft Security Audit · PeopleSoft determines which data permissions to grant a user by looking at the user's Primary Permission List and Row Security Permission List](https://reader033.vdocuments.net/reader033/viewer/2022041923/5e6cbbe73456e95f2d6d5b76/html5/thumbnails/8.jpg)
8
Permissions Lists Join Record – PSROLECLASS
Record - PSCLASSDEFN
Sign-On Record - PSAUTHSIGNON
Pages/Menu Items Record - PSAUTHITEM
Process Group Record - PSAUTHPRCS
Query Record - SCRTY_QUERY
Application Designer Record - PSAUTHITEM
Message Monitor Record - PSAUTHCHNLMON
Component Interface Record - PSAUTHBUSCOMP
Misc. Tools
USER PROFILE FLOW
![Page 9: Advanced PeopleSoft Security Audit · PeopleSoft determines which data permissions to grant a user by looking at the user's Primary Permission List and Row Security Permission List](https://reader033.vdocuments.net/reader033/viewer/2022041923/5e6cbbe73456e95f2d6d5b76/html5/thumbnails/9.jpg)
9
Operator Definition (PSOPRDEFN)
OPRID (User ID) EMPLID (EmplID) OPRCLASS (Primary Permission List) ROWSECCLASS (Row Security Permission) PRCSPRFLCLS (Process Profile Permission List) LASTUPDOPRID (Last Update User ID) LASTUPDDTTM (Last Update Date/Time)
Role Definition (PSROLEDEFN)
ROLENAME (Role Name)
ROLETYPE (Role Type) - U-User or Q-Query to route
Workflow
LASTUPDOPRID (Last Update User ID)
LASTUPDDTTM (Last Update Date/Time)
Role User (PSROLEUSER)
ROLEUSER (User/Operator ID) - based on OPRID
ROLENAME (Role Name)
DYNAMIC_SW (Dynamic)
RECORD DEFINITIONS – PEOPLESOFT SECURITY
![Page 10: Advanced PeopleSoft Security Audit · PeopleSoft determines which data permissions to grant a user by looking at the user's Primary Permission List and Row Security Permission List](https://reader033.vdocuments.net/reader033/viewer/2022041923/5e6cbbe73456e95f2d6d5b76/html5/thumbnails/10.jpg)
10
Permission Lists Definition (PSCLASSDEFN)
CLASSID (Permission List)
CLASSDEFNDESCR (Permission List Description)
TIMEOUTMINUTES (Time-out Minutes)
STARTAPPSERVER (Can Start Application Server)
ALLOWPSWDEMAIL (Allow Password to be EMailed)
LASTUPDOPRID (Last Update User ID)
LASTUPDDTTM (Last Update Date/Time)
Role Classes (PSROLECLASS)
ROLENAME (Role Name)
CLASSID (Permission List)
Authorized Signon Period (PSAUTHSIGNON)
CLASSID (Permission List)
DAYOFWEEK (Day Of Week)
STARTTIME (Start Time)
ENDTIME (End Time) Process Profile (PSPRCSPRFL)
CLASSID (Permission List)
SRVRDESTFILE (Server File Destination)
SRVRDESTPRNT (Server Print Destination)
RECORD DEFINITIONS – PEOPLESOFT SECURITY
![Page 11: Advanced PeopleSoft Security Audit · PeopleSoft determines which data permissions to grant a user by looking at the user's Primary Permission List and Row Security Permission List](https://reader033.vdocuments.net/reader033/viewer/2022041923/5e6cbbe73456e95f2d6d5b76/html5/thumbnails/11.jpg)
11
RECORD DEFINITIONS – PEOPLESOFT SECURITY
Authorized Process Groups (PSAUTHPRCS)
CLASSID (Permission List)
PRCSGRP (Process Definition Group)
PS/Query Profile (SCRTY_QUERY)
CLASSID (Permission List)
QRY_RUN_ONLY (Only Allowed to run Queries)
QRY_CREATE_PUBLIC (Allow create of Public Queries)
QRY_CREATE_WFLOW (Allow create of Wrkflw Query)
QRY_MAX_FETCH (Maximum Rows Fetched)
QRY_MAX_RUN (Maximum Run Time in Minutes)
QRY_ADV_DISTINCT (Allow use of Distinct)
QRY_ADV_ANY_JOIN (Allow use of Any Join)
QRY_ADV_SUBQUERY (Allow use of Subquery/Exists)
QRY_ADV_UNION (Allow use of Union)
QRY_ADV_EXPR (Allow use of Expressions)
QRY_MAX_JOINS (Maximum Joins Allowed)
![Page 12: Advanced PeopleSoft Security Audit · PeopleSoft determines which data permissions to grant a user by looking at the user's Primary Permission List and Row Security Permission List](https://reader033.vdocuments.net/reader033/viewer/2022041923/5e6cbbe73456e95f2d6d5b76/html5/thumbnails/12.jpg)
12
RECORD DEFINITIONS – PEOPLESOFT SECURITY
Access Group Security (SCRTY_ACC_GRP)
CLASSID (Permission List)
TREE_NAME (Tree Name)
ACCESS_GROUP (Access Group)
ACCESSIBLE (Accessible)
Component Interface Security (PSAUTHBUSCOMP)
CLASSID (Permission List)
BCNAME (Business Component Name)
BCMETHOD (Method)
AUTHORIZEDACTIONS (Authorized Actions)
Authorized Menu Items (PSAUTHITEM)
CLASSID (Permission List)
MENUNAME (Menu Name) - prompts PSMENUDEFN
BARNAME (Bar Name)
BARITEMNAME (Bar Item Name)
PNLITEMNAME (Page Item Name)
DISPLAYONLY (Display Only)
AUTHORIZEDACTIONS (Authorized Actions)
![Page 13: Advanced PeopleSoft Security Audit · PeopleSoft determines which data permissions to grant a user by looking at the user's Primary Permission List and Row Security Permission List](https://reader033.vdocuments.net/reader033/viewer/2022041923/5e6cbbe73456e95f2d6d5b76/html5/thumbnails/13.jpg)
13
Chosen Record s
PSOPRDEFN (Operator Definition)
PSROLEUSER (Role User)
PSROLECLASS (Role Classes)
PSCLASSDEFN (Permission Lists Definition)
PSROLEDEFN (Role Definition)
Fields Order
ROLEUSER (UserID) 1
OPRDEFNDESC (User ID Descr)
ROLENAME (Role Name) 2
DESCR (Role Descr)
CLASSID (Permission List) 3
CLASSDEFNDESC (Perm List Descr)
QUERY DEFINITION: SMC_CO_USPMRL – USERIDS ROLES PERMS
![Page 14: Advanced PeopleSoft Security Audit · PeopleSoft determines which data permissions to grant a user by looking at the user's Primary Permission List and Row Security Permission List](https://reader033.vdocuments.net/reader033/viewer/2022041923/5e6cbbe73456e95f2d6d5b76/html5/thumbnails/14.jpg)
14
Query Criteria
QUERY DEFN: SMC_CO_USPMRL – USERIDS, ROLES &PERMISSIONS
![Page 15: Advanced PeopleSoft Security Audit · PeopleSoft determines which data permissions to grant a user by looking at the user's Primary Permission List and Row Security Permission List](https://reader033.vdocuments.net/reader033/viewer/2022041923/5e6cbbe73456e95f2d6d5b76/html5/thumbnails/15.jpg)
15
Prompt Edit - ROLEUSER
QUERY DEFN: SMC_CO_USPMRL – USERIDS, ROLES &PERMISSIONS
![Page 16: Advanced PeopleSoft Security Audit · PeopleSoft determines which data permissions to grant a user by looking at the user's Primary Permission List and Row Security Permission List](https://reader033.vdocuments.net/reader033/viewer/2022041923/5e6cbbe73456e95f2d6d5b76/html5/thumbnails/16.jpg)
16
QUERY RESULTS: SMC_CO_USPMRL – USERIDS, ROLES &PERMS
![Page 17: Advanced PeopleSoft Security Audit · PeopleSoft determines which data permissions to grant a user by looking at the user's Primary Permission List and Row Security Permission List](https://reader033.vdocuments.net/reader033/viewer/2022041923/5e6cbbe73456e95f2d6d5b76/html5/thumbnails/17.jpg)
17
Navigation: PeopleTools - Security - Permission & Roles - Permission Lists. Select the PeopleTools Tab
PeopleTools Permissions
Menu Names (PSAUTHITEM.MENUNAME)
DATA_MOVER – Data Mover Access
APPLICATION_DESIGNER – Application Designer Access
OBJECT_SECURITY – Definition Security Access
QUERY_MANAGER – Query Access
PERFMONPPMI – Performance Monitor PPMI Access
PERMISSION LIST – CHECK BOXES
Data Archival Fields for Record PS_ARCH_SECURITY
ARCH_SEC_EDIT - Run SQL
ARCH_SEC_RUN – Edit SQL
![Page 18: Advanced PeopleSoft Security Audit · PeopleSoft determines which data permissions to grant a user by looking at the user's Primary Permission List and Row Security Permission List](https://reader033.vdocuments.net/reader033/viewer/2022041923/5e6cbbe73456e95f2d6d5b76/html5/thumbnails/18.jpg)
18
Navigation: PeopleTools - Security - Permission & Roles - Permission Lists. General Tab
Permission List General/Time-out Minutes
Fields for Record PSCLASSDEFN
STARTAPPSERVER – Can Start Application Server?
ALLOWPSWDEMAIL– Allow Password to be Emailed?
SERVERTIMEOUT – Never Time-out &
Specific Time-out (minutes)
PERMISSION LIST – CHECK BOXES
![Page 19: Advanced PeopleSoft Security Audit · PeopleSoft determines which data permissions to grant a user by looking at the user's Primary Permission List and Row Security Permission List](https://reader033.vdocuments.net/reader033/viewer/2022041923/5e6cbbe73456e95f2d6d5b76/html5/thumbnails/19.jpg)
19
Navigation: PeopleTools -> Security -> Permission & Roles -> Perm Lists. Select the Query Tab and Click Query Profile
Permission List Query Profile Fields for Record SCRTY_QUERY
QRY_RUN_ONLY - Only Allowed to run Queries
QRY_CREATE_PUBLIC - Allow create of Public Queries
QRY_CREATE_WFLOW - Allow create of Workflow Query
QRY_MAX_FETCH - Maximum Rows Fetched
QRY_MAX_RUN - Maximum Run Time in Minutes
QRY_ADV_DISTINCT - Allow use of Distinct
QRY_ADV_ANY_JOIN - Allow use of 'Any Join'
QRY_ADV_SUBQUERY - Allow use of Subquery/Exists
QRY_ADV_UNION - Allow use of Union
QRY_ADV_EXPR - Allow use of Expressions
PERMISSION LIST – CHECK BOXES
![Page 20: Advanced PeopleSoft Security Audit · PeopleSoft determines which data permissions to grant a user by looking at the user's Primary Permission List and Row Security Permission List](https://reader033.vdocuments.net/reader033/viewer/2022041923/5e6cbbe73456e95f2d6d5b76/html5/thumbnails/20.jpg)
20
Record s Definitions
PSAUTHITEM (Authorized Menu Item)
PSCLASSDEFN (Permission Lists Definition)
Fields Order
CLASSID (Permission Lists)
CLASSDEFNDESC (Permission List Descr)
MENUNAME (Menu Name)
Query Criteria
SCM_CO_DATA_MOVER_PM – DATA MOVER ACCESS PM
![Page 21: Advanced PeopleSoft Security Audit · PeopleSoft determines which data permissions to grant a user by looking at the user's Primary Permission List and Row Security Permission List](https://reader033.vdocuments.net/reader033/viewer/2022041923/5e6cbbe73456e95f2d6d5b76/html5/thumbnails/21.jpg)
21
QUERY RESULTS: SMC_CO_DATA_MOVER_PM – DATA MOVER ACCESS PM
![Page 22: Advanced PeopleSoft Security Audit · PeopleSoft determines which data permissions to grant a user by looking at the user's Primary Permission List and Row Security Permission List](https://reader033.vdocuments.net/reader033/viewer/2022041923/5e6cbbe73456e95f2d6d5b76/html5/thumbnails/22.jpg)
22
APPLICATION OBJECT HIERARCHY
Menu Group – PSMENUDEFN (Record) Name: Administer Workforce
Menu Name– PSMENUDEFN Object: – MAINTAIN_VENDORS Descr: – (Blank)
Menu Item– PSMENUITEM Keys: Menu, Menu Bar, Menu Item, Component Menu: MAINTAIN_VENDORS/(blank) Menu Bar: USE/Use Menu Item: VENDOR_INFORMATION/ Vendor Information Component: VNDR_ID/Vendors
Component – PSPNLGRPDEFN PNLGRPNAME Object/Descr: VNDR_ID1_SUM/Vendor Summary VNDR_ID1/Vendor ID VNDR_ADDRESS/Vendor Address VNDR_CONTACT/(blank) VNDR_LOC/(blank) VNDR_CUSTOM/User Definable Vendor Fields Etc... ACTION - Add - Update/Display – Update/Display All – Correction
Component/Page– PSPNLGROUP (Record) Keys: Component/Page Table used to join Components to Pages
Page – PSPNLDEFN Object: VNDR_ID_SUM/Vendor Summary
![Page 23: Advanced PeopleSoft Security Audit · PeopleSoft determines which data permissions to grant a user by looking at the user's Primary Permission List and Row Security Permission List](https://reader033.vdocuments.net/reader033/viewer/2022041923/5e6cbbe73456e95f2d6d5b76/html5/thumbnails/23.jpg)
23
Menu Item (PSMENUITEM)
MENUNAME (Menu Name) - prompts Menu Definition (PSMENUDEFN)
BARNAME (Menu Bar Name)
ITEMNAME (Item Name) *** Links to PSAUTHITEM.BARITEMNAME
ITEMNUM (Item Number)
ITEMTYPE (Item Type)
PNLGRPNAME (Component Name) *** Links to PSPNLGROUP.PNLGRPNAME
MARKET (Market)
BARLABEL (Menu Bar Label)
ITEMLABEL (Menu Item Label) *** Label for ITEMNAME - shows in the Navigation
XFERCOUNT (Page Transfer Count)
SEARCHRECNAME (Search Record Name)
RECORD DEFINITIONS – APPLICATION OBJECTS
Menu Definition (PSMENUDEFN)
• MENUNAME (Menu Name)
• MENUGROUP (Menu Group)
• MENULABEL (Menu Label)
![Page 24: Advanced PeopleSoft Security Audit · PeopleSoft determines which data permissions to grant a user by looking at the user's Primary Permission List and Row Security Permission List](https://reader033.vdocuments.net/reader033/viewer/2022041923/5e6cbbe73456e95f2d6d5b76/html5/thumbnails/24.jpg)
24
Component Group Definition (PSPNLGRPDEFN)
PNLGRPNAME (Component Name)
MARKET (Market)
SEARCHRECNAME (Search Record Name)
ACTIONS (Actions)
RECORD DEFINITIONS – APPLICATION OBJECTS
![Page 25: Advanced PeopleSoft Security Audit · PeopleSoft determines which data permissions to grant a user by looking at the user's Primary Permission List and Row Security Permission List](https://reader033.vdocuments.net/reader033/viewer/2022041923/5e6cbbe73456e95f2d6d5b76/html5/thumbnails/25.jpg)
25
Component Group (PSPNLGROUP)
PNLGRPNAME (Component Name) - base d on
Component Definition (PSPNLGRPDEFN)
MARKET (Market)
PNLNAME (Page Name) - base d on Page Definition
(PSPNLDEFN)
SUBITEMNUM (Sub Item Number)
ITEMNAME (Item Name)
ITEMLABEL (Menu Item Label)
FOLDERTABLABEL (Folder Tab Label)
HIDDEN (Hidden)
Page Definition (PSPNLDEFN)
PNLNAME (Page Name)
LANGUAGE_CD (Language Code)
PNLTYPE (Page Type)
RECORD DEFINITIONS – APPLICATION OBJECTS
![Page 26: Advanced PeopleSoft Security Audit · PeopleSoft determines which data permissions to grant a user by looking at the user's Primary Permission List and Row Security Permission List](https://reader033.vdocuments.net/reader033/viewer/2022041923/5e6cbbe73456e95f2d6d5b76/html5/thumbnails/26.jpg)
26
APPLICATION OBJECT – VENDOR PAGE
![Page 27: Advanced PeopleSoft Security Audit · PeopleSoft determines which data permissions to grant a user by looking at the user's Primary Permission List and Row Security Permission List](https://reader033.vdocuments.net/reader033/viewer/2022041923/5e6cbbe73456e95f2d6d5b76/html5/thumbnails/27.jpg)
27
APPLICATION OBJECT – VENDOR PAGE – PRESS CTRL - J
![Page 28: Advanced PeopleSoft Security Audit · PeopleSoft determines which data permissions to grant a user by looking at the user's Primary Permission List and Row Security Permission List](https://reader033.vdocuments.net/reader033/viewer/2022041923/5e6cbbe73456e95f2d6d5b76/html5/thumbnails/28.jpg)
28
Menu: MAINTAIN VENDORS
Component: VNDR_ID
APPLICATION OBJECT – VENDOR PAGE PEOPLETOOLS OBJECTS
![Page 29: Advanced PeopleSoft Security Audit · PeopleSoft determines which data permissions to grant a user by looking at the user's Primary Permission List and Row Security Permission List](https://reader033.vdocuments.net/reader033/viewer/2022041923/5e6cbbe73456e95f2d6d5b76/html5/thumbnails/29.jpg)
29
Resolves the Actions that have been granted to a
menu/bar/item/component/page for a particular permission list
BARITEMNAME changed to ITEMNAME for intuitive table joins
SMC_PMAUTH_VW (SPEARMC CUSTOM VIEW)
![Page 30: Advanced PeopleSoft Security Audit · PeopleSoft determines which data permissions to grant a user by looking at the user's Primary Permission List and Row Security Permission List](https://reader033.vdocuments.net/reader033/viewer/2022041923/5e6cbbe73456e95f2d6d5b76/html5/thumbnails/30.jpg)
30
SpearMC PSAUTHITEM (SMC_PMAUTH_VW)
CLASSID
MENUNAME
BARNAME
ITEMNAME
PNLITEMNAME
DISPLAYONLY
AUTHORIZEDACTIONS
ACTIONTYPE
Add Update/ Display
Update/Display - All
Correction SpearMC Code
ACTIONTYPE 1 X A 2 X UD 3 X X A UD 4 X UDA 5 X X A UDA 6 X X UD UDA 7 X X X A UD UDA 8 X C 9 X X A C 10 X X UD C 11 X X X A UD C 12 X X UD C 13 X X X A UD C 14 X X X UD UDA 15 X X X X A UD UDA
V (Display Only)
SMC_PMAUTH_VW (SPEARMC CUSTOM VIEW)
![Page 31: Advanced PeopleSoft Security Audit · PeopleSoft determines which data permissions to grant a user by looking at the user's Primary Permission List and Row Security Permission List](https://reader033.vdocuments.net/reader033/viewer/2022041923/5e6cbbe73456e95f2d6d5b76/html5/thumbnails/31.jpg)
31
SQL Definition
SELECT CLASSID, MENUNAME
, BARNAME, BARITEMNAME
, PNLITEMNAME, DISPLAYONLY
, AUTHORIZEDACTIONS
, CASE AUTHORIZEDACTIONS WHEN 1 THEN 'A' WHEN 2 THEN 'UD' WHEN 4 THEN 'UDA'
WHEN 8 THEN 'C' WHEN 3 THEN 'A UD' WHEN 5 THEN 'A UDA' WHEN 9 THEN 'A C' WHEN 6
THEN 'UD UDA' WHEN 10 THEN 'UD C' WHEN 12 THEN 'UDA C' WHEN 7 THEN 'A UD UDA'
WHEN 11 THEN 'A UD C' WHEN 13 THEN 'A UDA C' WHEN 14 THEN 'UD UDA C' WHEN 15
THEN 'A UD UDA C' END
FROM PSAUTHITEM
SMC_PMAUTH_VW (SPEARMC CUSTOM VIEW)
![Page 32: Advanced PeopleSoft Security Audit · PeopleSoft determines which data permissions to grant a user by looking at the user's Primary Permission List and Row Security Permission List](https://reader033.vdocuments.net/reader033/viewer/2022041923/5e6cbbe73456e95f2d6d5b76/html5/thumbnails/32.jpg)
32
• Resolves the Object Hierarchy for use in Reporting
• Turns encrypted Action numbers into legible codes
Action 15 is resolved to A UD UDA C for Add – Update Display – Update Display
All -Correction
• Two custom fields SMC_PIA_PATH and SCM_PIA_LBL_PATH
provide object and object label navigation paths
MAINTAIN_VENDORS --> USE --> VENDOR_INFORMATION --> VNDR_ID
Administer Procurement --> &Maintain Vendors --> &Use --> Vendor &Information
--> VNDR_ID
SMC_MENU_PIA_VW (SPEARMC CUSTOM VIEW)
![Page 33: Advanced PeopleSoft Security Audit · PeopleSoft determines which data permissions to grant a user by looking at the user's Primary Permission List and Row Security Permission List](https://reader033.vdocuments.net/reader033/viewer/2022041923/5e6cbbe73456e95f2d6d5b76/html5/thumbnails/33.jpg)
33
PIA Navigation (SMC_MENU_PIA_VW)
MENUNAME
BARNAME
ITEMNAME
PNLGRPNAME
MARKET
ACTIONS
MENUGROUP
MENULABEL
ITEMLABEL
BARLABEL
SMC_PIA_PATH
SMC_PIA_LBL_PATH
ACTIONTYPE
Add Update/Display
Update/Display - All
Correction SpearMC Code
ACTIONTYPE 1 X A 2 X UD 3 X X A UD 4 X UDA 5 X X A UDA 6 X X UD UDA 7 X X X A UD UDA 8 X C 9 X X A C 10 X X UD C 11 X X X A UD C 12 X X UD C 13 X X X A UD C 14 X X X UD UDA 15 X X X X A UD UDA
SMC_MENU_PIA_VW (SPEARMC CUSTOM VIEW)
![Page 34: Advanced PeopleSoft Security Audit · PeopleSoft determines which data permissions to grant a user by looking at the user's Primary Permission List and Row Security Permission List](https://reader033.vdocuments.net/reader033/viewer/2022041923/5e6cbbe73456e95f2d6d5b76/html5/thumbnails/34.jpg)
34
SQL Definition
SELECT MD.MENUNAME , MI.BARNAME , MI.ITEMNAME, PG.PNLGRPNAME , PG.MARKET
, GD.ACTIONS , MD.MENUGROUP , MD.MENULABEL , MI.BARLABEL , MI.ITEMLABEL
,'c/' %Concat RTRIM(MD.MENUNAME) %Concat '.' %Concat RTRIM(PG.PNLGRPNAME) %Concat '.' %Concat RTRIM(PG.MARKET) AS URL_1
, RTRIM(MD.MENUNAME) %Concat ' --> ' %Concat RTRIM(MI.BARNAME) %Concat ' --> ' %Concat RTRIM(MI.ITEMNAME) %Concat ' --> '
%Concat RTRIM(PG.PNLGRPNAME)
, RTRIM(MD.MENULABEL) %Concat ' --> ' %Concat RTRIM(MI.BARLABEL) %Concat ' --> ' %Concat RTRIM(MI.ITEMLABEL) %Concat ' --> ' %Concat
RTRIM(PG.PNLGRPNAME)
, CASE GD.ACTIONS WHEN 1 THEN 'A' WHEN 2 THEN 'UD' WHEN 4 THEN 'UDA' WHEN 8 THEN 'C' WHEN 3 THEN 'A UD' WHEN 5 THEN 'A UDA'
WHEN 9 THEN 'A C' WHEN 6 THEN 'UD UDA' WHEN 10 THEN 'UD C' WHEN 12 THEN 'UDA C' WHEN 7 THEN 'A UD UDA' WHEN 11 THEN 'A UD
C' WHEN 13 THEN 'A UDA C' WHEN 14 THEN 'UD UDA C' WHEN 15 THEN 'A UD UDA C' END AS ACTIONTYPE FROM PSMENUDEFN MD ,
PSMENUITEM MI , PSPNLGROUP PG , PSPNLGRPDEFN GD WHERE MD.MENUNAME = MI.MENUNAME AND MI.PNLGRPNAME =
PG.PNLGRPNAME AND MI.MARKET = PG.MARKET AND PG.PNLGRPNAME = GD.PNLGRPNAME
GROUP BY MD.MENUNAME, MI.BARNAME, MI.ITEMNAME, PG.PNLGRPNAME, PG.MARKET, GD.ACTIONS, MD.MENUGROUP,
MD.MENULABEL, MI.BARLABEL, MI.ITEMLABEL
SMC_MENU_PIA_VW (SPEARMC CUSTOM VIEW)
![Page 35: Advanced PeopleSoft Security Audit · PeopleSoft determines which data permissions to grant a user by looking at the user's Primary Permission List and Row Security Permission List](https://reader033.vdocuments.net/reader033/viewer/2022041923/5e6cbbe73456e95f2d6d5b76/html5/thumbnails/35.jpg)
35
SMC_MENU_PIA_VW (SPEARMC CUSTOM VIEW) RESULTS
![Page 36: Advanced PeopleSoft Security Audit · PeopleSoft determines which data permissions to grant a user by looking at the user's Primary Permission List and Row Security Permission List](https://reader033.vdocuments.net/reader033/viewer/2022041923/5e6cbbe73456e95f2d6d5b76/html5/thumbnails/36.jpg)
36
Record s Definitions
SMC_PMAUTH_VW (Component Security)
SMC_MENU_PIA_VW (Menu PIA)
PSPNLGROUP – Panel Group
Fields Order
CLASSID (Permission List) 1
MENUNAME (Menu Name) 2
PNLGRPNAME (Component Name) 3
PNLNAME (Panel Name) 4
ACTIONTYPE (Action Type)
ACTIONTYPE (Action Type)
SMC_PIA_PATH (PIA Navigation)
SMC_PIA_LBL_PATH (PIA Label Navigation)
QUERY DEFINITION: SMC_CO_PIA_PM – PIA BY PM
![Page 37: Advanced PeopleSoft Security Audit · PeopleSoft determines which data permissions to grant a user by looking at the user's Primary Permission List and Row Security Permission List](https://reader033.vdocuments.net/reader033/viewer/2022041923/5e6cbbe73456e95f2d6d5b76/html5/thumbnails/37.jpg)
37
Query Criteria
QUERY DEFINITION: SMC_CO_PIA_PM – PIA BY PM
![Page 38: Advanced PeopleSoft Security Audit · PeopleSoft determines which data permissions to grant a user by looking at the user's Primary Permission List and Row Security Permission List](https://reader033.vdocuments.net/reader033/viewer/2022041923/5e6cbbe73456e95f2d6d5b76/html5/thumbnails/38.jpg)
38
Prompt Edit - MENUNAME Prompt Edit - PNLGRPNAME
QUERY DEFINITION: SMC_CO_PIA_PM – PIA BY PM
![Page 39: Advanced PeopleSoft Security Audit · PeopleSoft determines which data permissions to grant a user by looking at the user's Primary Permission List and Row Security Permission List](https://reader033.vdocuments.net/reader033/viewer/2022041923/5e6cbbe73456e95f2d6d5b76/html5/thumbnails/39.jpg)
39
QUERY RESULTS: SMC_CO_PIA_PM – PIA BY PM
![Page 40: Advanced PeopleSoft Security Audit · PeopleSoft determines which data permissions to grant a user by looking at the user's Primary Permission List and Row Security Permission List](https://reader033.vdocuments.net/reader033/viewer/2022041923/5e6cbbe73456e95f2d6d5b76/html5/thumbnails/40.jpg)
40
Contact Information:
• Marcus Bode, Principal [email protected]
• David Pigman, Technical Architect [email protected]
![Page 41: Advanced PeopleSoft Security Audit · PeopleSoft determines which data permissions to grant a user by looking at the user's Primary Permission List and Row Security Permission List](https://reader033.vdocuments.net/reader033/viewer/2022041923/5e6cbbe73456e95f2d6d5b76/html5/thumbnails/41.jpg)
41
Questions?