RE:[peopletools-l] PeopleSoft Definition Security

Reply from DeniseWhite on Aug 7 at 4:03 PM This is a proper use of Definition Security, but you are doing it backwards (it's not a very intuitive tool). When you place a query (or any other definition) in a group, you are restricting access to it, and then have to grant access by permission list. Since you are trying to restrict access to all queries EXCEPT the ones you want these users to run, you need to create a group that has all queries except those specific queries, and then grant access to that group to all users EXCEPT these users. The expected result of what you have done is that only this group of users will have access to the group you have created, and all other users should no longer have access to them. The rest of the queries have not been restricted; only the queries in your group have been restricted. I believe that this method can still be used to restrict access to queries. When the system was not web-enabled, queries were modified and run through the Windows-based query tool, and Definition Security was used to restrict access. Now that there are PIA-based query functions, I wondered if other responders were correct that it can not be used for this purpose. I pulled out my (8.40) security training manual, and in the chapter on Query Security, in a section called Query Authorizations, there is a section labeled 'Access to Data', which includes the following: "Public queries - You can restrict access to public queries using the Definition Security tool. These queries are typically developed for the corporate audience and then restricted as necessary." I take this to mean that Definition Security still works in this context. ---------------Original Message--------------- From: Charles Sent: Monday, August 06, 2012 2:52 PM Subject: PeopleSoft Definition Security We are trying to limit a selection of available queries to a user (through online Query Viewer). We have created a definition group with only the queries that we want the user to run. The group is connected to the primary permission list (as read only) of the user. It does not work as expected. The user still "sees" and can run all public queries when accessing query viewer. Is it possible to limit the queries a user sees and is able to run with definition security when accessing query viewer or is there another way that this could be accomplished?   Reply to this email to post your response.   __.____._ Manage Settings | Unsubscribe | Create FAQ | Send Feedback    Copyright © 2012 Toolbox.com and message author. Toolbox.com 4343 N. Scottsdale Road Suite 280, Scottsdale, AZ 85251

DeniseWhite   Sr. Application Developer 6 achievements   Mark as helpful View this online Ask a new question   In the Spotlight Toolbox.com for iPhone & Android: Ask Questions & Get Answers Anywhere. Download the Free App _.____.__