Info
Content

PeopleTools Access


PeopleTools access is set by permission list:

PeopleTools > Security > Permissions & Roles > Permission Lists > {Open a Permission List} > PeopleTools tab

The PeopleTools access you will find on this page is for:

  • Application designer
  • Data mover
  • Definition security access
  • Query access
  • Performance monitor PPMI

The table PSAUTHITEM is what determines which permission lists have access to what PeopleTools through menus.

So you need to know the menu associated with each of the PeopleTools applications:

PeopleTools Application Menu
Application designer APPLICATION_DESIGNER
Data mover DATA_MOVER
Definition Security OBJECT_SECURITY
Query access QUERY
Performance Monitor PPMI PERFMONPPMI

How did I work all this out? Open the Permission Lists > PeopleTools page in application designer (its called ACL_MISCTOOLS, then click view definition on each of the PeopleTools links (Application Designer, Data Mover etc). Each link is stored in the work record MISCTOOLS_WRK and the PeopleCode for the fields on this record contain the queries against PSAUTHITEM. Note that the application designer one is a little bit more tricky as it contains secondary pages.

Once you know the menus, it is just a matter of querying the relevant menus, finding permission lists with access, and identifying which users have those permission lists. Here's a query that does this for the APPLICATION_DESIGNER menu:

select
    OC.OPRID,
    OC.OPRCLASS
from 
    PSOPRCLS OC
where 
    OPRCLASS = 'PSADMIN' or OPRCLASS in (
        select  CLASSID
        from    PSAUTHITEM        
        where   MENUNAME = 'APPLICATION_DESIGNER'    
        and     AUTHORIZEDACTIONS >= 1
    )
order by OC.OPRID, OPRCLASS

Note that this query takes into account the PeopleSoft Administrator role (permission list PSADMIN) as users with this role will also have access to PeopleTools.

This query only checks authorized actions is > 1 (some action available - e.g. add, update, update/display or correction). If you need to know exactly what the authorized actions are, you would need to return each bar in the menu and check the authorized actions.

No Comments
Back to top