We at Grey Sparling just learned that Ben Rugg passed away on November 22, 2006 from a heart attack. If you use PeopleSoft Accounts Payable, his name is a name you should really know.

Over the years PeopleSoft had several people take on the role of AP Product Manager. Ben, however, knew more about Accounts Payable than anybody else on the planet (but you would never hear him tell you that). For many years, Ben was the top AP developer: always the guy behind the scenes tackling the hard work and making sure that customers' issues were addressed. He eventually (and reluctantly) accepted the Product Management when his expertise was needed most. Ben was also passionate about doing the right thing, even when it wasn't popular.

Ben, we salute you and honor your memory. You were a true PeopleSoft expert in every sense of the word.

Labels: 2006, Financials, PeopleSoft

If you've ever wondered about what the user interface of PeopleSoft 1 looked like back in 1989, all you need to do is open the Object Security manager tool. It's actually called "Definition Security" now, but otherwise has not changed at all since the early days of PeopleSoft.



What Definition Security handles is security for PeopleTools definitions. Unlike just about every other part of PeopleSoft, development security does not default to security first. By security first, I mean that when you create something new no one has access to it. For example, when you create a new page or component in PeopleSoft, no one can access it online until you grant security access to it. But when you create a new development object (or definition I should say), it's immediately accessible to other developers until you secure it. Strange, eh?

So how do you use the Definition Security tool to secure your development objects (um, definitions)? You start by adding the definitions into groups with the Definition Security tool. As soon as you add a definition into a group and save that group, you've instantly restricted access to that definition. In fact, at this point, no one will be able to open the definition in Application Designer.

A nice enhancement would be to automatically insert new Application Designer definitions into a "New Definitions" definitions security group, and let a security administrator deal with it from there. That would solve the security first problem (at the cost of annoying the developers). Either way, a minimal enhancement would be an audit for development definitions that are not part of definition security.

In order to grant access to the new definition, you have to grant access to whatever group that you placed it into to a permission list. Then all developers with that permission list will be able to work with the definition. You can also set a permission list to only have read-only access to a group of PeopleTools definitions. What's annoying is that every time you open a definition that is read-only, Application Designer prompts you about whether you still want to open it.

I should take a step back here and point out that the Definition Security tool only works on the specific definitions. A developer also needs access to the tools themselves. Access to each development tool is managed through permission lists. If you look at the "Tools" tab for a permission list definition, you can see which portions of PeopleTools that the permission list is given access to. If someone does not have access to PeopleTools through here, then nothing in Definition Security applies to them at all.



For those of you that are on PeopleTools 8.47 or higher, you've probably noticed that all of the PeopleTools definitions are now being shipped read-only. This is done with Definition Security. The rationale for doing this was to make it clearer to customers that modifying the PeopleTools definitions makes your maintenance more difficult. Not that you absolutely can't modify something that is part of PeopleTools; just that if you do you need to do upgrade analysis each time that you take maintenance versions of PeopleTools.

A Community for Controversial SQL Topics

Hehe.