Definition Security is used to control access to PeopleSoft definitions through Application Designer. By default a group called
PEOPLETOOLS is delivered. Within this group are all the definitions that are read-only to all users except those with permission lists that contain the group.
If a definition is secured through definition security, you'll soon know about it when you open it in Application Designer and get the message:
The definition security tool is available through Application Designer:
It is a simple tool to manage definition security groups and associate them with permission lists. To use it, choose:
This brings up a list of all definitions in the
PEOPLETOOLS group. Select your definition type from the drop down (e.g. Records) and let it load all records (can take some time).
Anything on the left hand side is not excluded from this group, which means that it cannot be altered. Anything on the right hand side is excluded and can be altered. So, find the appropriate definition and move it from the left to the right hand side (not excluded to excluded) using the single right arrow. Double arrows move everything from one side to the other. Finally chose,
File > Save to save your changes. Your object can now be modified. You should always put the definition back into the group after you're done. So repeat the process moving from the right hand side (excluded list) to the left hand side (not excluded).
The SQL below shows fields in the PeopleTools group (secured) and those excluded from the group (free for developers to work with).
The underlying tables for definition security include:
PSOBJGROUP- Object group definitions
PSOPROBJ- Operator object group
By default you can see that there is no permission list with access to the
PEOPLETOOLS object group:
select * from PSOPROBJ where OBJGROUPID = 'PEOPLETOOLS' and DISPLAYONLY <> 1;
What this query is searching for is any rows in the
PSOPROBJ record that have the
PEOPLETOOLS group included (with a value that is not display only which means excluded).