PeopleSoft Security Interview Questions and Answers

The different security sets are: – Department, People with jobs, People without jobs, US federal people with jobs, Recruiting job openings and template based hire. For each security set, admin can enable or disable the access type. Based on this setup, the system will decide the type of security. For example, department security will be driven based on department tree, which is one access type or it can be driven by department setid which is another access type for the security set department. For POIs with no job rows, to define security, the security set People without jobs is used. The other options are access types like location, business unit or institution. So, the one which is enabled, will drive the security.

No, you would not be able to see Brazil employees. Global Security grants you the permission to see a particular flag and not the data. Access to employees is given by means of Row level Security.

Security by department tree defines which setid and deptid a permission list has access to. Security access types are different ways in which security can be driven for a security set. For example department security can be driven by department tree or department setid. Both these are security access types which belong to security set department

User is tied to a primary permission list in user profile table. This permission list is tied to a setid and deptid in the security setup. This can be done by navigating to Setup HRMS -> Security -> Core row level security -> Security by dept tree. All the departments that get tied here against the permission list are accessible to the user.

Any user whose Primary Permission List is set up to show a particular country will show its flag as well. The navigation for the same is: Setup HRMS -> Security -> Component and Page Security -> Setup Global Security. If the US flag has to be shown to the user, USA should be selected in the country prompt. There is a link to ‘Excluded Components’ in the panel, which can be used to exclude certain components.

When a new functionality needs to be provided access for users, then roles and permissions are used. The functionality is associated to a menu—component—page. So the user needs to get access to the page in one of the various modes like: Add, update or view only. For this, the menu – component – page layer is tied to a permission list. This permission list is then attached to a role and the user is then provided this role through user profile. As a result user will be able to access the functionality.

When a new functionality needs to be provided access for users, then roles and permissions are used. The functionality is associated to a menu—component—page. So the user needs to get access to the page in one of the various modes like: Add, update or view only. For this, the menu – component – page layer is tied to a permission list. This permission list is then attached to a role and the user is then provided this role through user profile. As a result user will be able to access the functionality.

User is tied to a primary permission list in user profile table. This permission list is tied to a setid and deptid in the security setup. This can be done by navigating to Setup HRMS -> Security -> Core row level security -> Security by dept tree. All the departments that get tied here against the permission list are accessible to the user.

PeopleSoft system stores security data in user and transaction Security Join Tables. (SJTs). User SJTs are: SJT_OPR_CLS: Contains the User IDs with their data permission lists. SJT_CLASS_ALL: Contains the data permission information for all the data permission lists that are given data access on the ‘Security by Dept Tree’ page or ‘Security by Permission List’ page. Transaction SJTs are: SJT_PERSON: Contains transaction data for the people (employees, contingent workers, Person of Interest). It has row level security attributes (SetID, DeptID etc) for all the employees. SJT refresh processes have to be run to keep security data (in user and transaction SJTs) up to date so that the system enforces data permission using the most current information.

There is no delivered security for field level, i.e. no configurable control exists for field-level access for a user. If there is a requirement of field level security, then it has to be done at the level of PeopleCode, i.e. programmatically.

SJT_CLASS_ALL: Contains the data permission information for all the data permission lists that are given data access on the ‘Security by Dept Tree’ page or ‘Security by Permission List’ page.

SJT_OPR_CLS: Contains the User IDs with their data permission lists.