Understanding Access-Related Features of PeopleSoft Resource Management

To provide Resource Management users with access to application functions essential to performing their jobs, you create roles and assign them to individual user profiles. Inherent in each role is access to the application pages and processes required to perform the job tasks. Setting up user access requires that you understand shared data and access to PeopleSoft applications.

This chapter discusses:

Permission lists.
Component interface permissions.
Web library permissions.
Row-level security.
User profiles and roles.

Permission Lists

Permission lists are the building blocks of end user security authorizations. You first create an inventory of permission lists, and then create user roles. When creating permission lists, consider each type of role that uses the permissions. Each permission list identifies the pages that individuals assigned to a role can access. All permissions required for a particular role must be assigned to that role; otherwise, a user may not be able to use the functionality offered in Resource Management.

Resource Management delivers preconfigured permission lists that grant access to various pages. These permission lists support the functional roles delivered with the application. Permission lists control access to pages, web libraries, components, and other objects as necessary to support an organization’s unique roles. To modify the access for a user's role, you modify a permission list linked to the role. However, because the delivered permission list may be updated to include new features in future application releases, it is recommended that you do not modify the delivered permission list. Instead, duplicate the delivered permission list and modify the copy to meet your needs.

Important! If you modify a permission list, you change the access for all users who are assigned to roles that are associated with the permission list.

This table lists the delivered permission lists that provide access to Resource Management, the purpose of each permission list, and the roles (if any) that are associated with each permission list:

Permission List	Description	Purpose	Roles
EPRS1000	PeopleSoft Resource Management All Users	Provides access to the graphical navigation provided via the PeopleSoft Resource Management standard navigation page and PeopleSoft Workflow worklist. Provides access to component interfaces and web libraries.	All PeopleSoft Resource Management Users
EPRS2100	RS Service Order Management	Provides user with create and update access to service order, customer maintenance, and service order defaults pages.	Staffing Coordinator, Practice Manager, Project Manager
EPRS2300	RS Service Order Review Orders	Provides view-only access to users to review service orders and regular access to change their default settings for service orders.	Resource, Resource Manager
EPRS3000	RS Assignments	Enables users to create and manage assignments.	Staffing Coordinator, Practice Manager, Project Manager
EPRS4100	RS Schedules Managers View	Enables users in managerial roles to access other users' schedules.	Resource Manager, Practice Manager
EPRS4200	RS Schedules Resource View	Enables users to access only their own schedules for review and update.	Resource
EPRS4300	RS Schedules Display Only	Enables users to view but not update resource schedules.	Project Manager, Staffing Coordinator
EPRS5100	RS Worker	Enables resources to review and bid on open resource requests and to update and manage their own resource profiles.	Resource
EPRS5200	RS Worker Manager	Enables managers to review resource profiles, submit recommendations, and work with assignments.	Resource Manager, Practice Manager
EPRS5300	RS Worker Display Only	Allows view-only access to resource profiles.	Project Manager, Staffing Coordinator
EPRS6000	RS Pagelets	Allows access to PeopleSoft Portal Pack pagelets that come with PeopleSoft Resource Management.	Resource Manager, Practice Manager, Staffing Coordinator
EPRS7000	RS Without HRMS	Enables the use of PeopleSoft Resource Management without an integrated human resources management system (HRMS).	Administrator Note. The Administrator role is not directly associated with this permission list because administrators can access all pages using the ALLPAGES permission list.
EPRS7100	RS Interactive Reports	Enables users to run PeopleSoft Resource Management reports that show trend information, such as the Scheduled Utilization report, the Unassigned Resources report, and the Most Requested Competencies report.	Project Manager, Resource Manager, Staffing Coordinator, Practice Manager
EPRS7200	RS Operational Reports	Enables operations users to run reports that are applicable to managing the day-to-day operations of a professional services organization, such as the Service Order Listing report and the Assignments Ending report.	Project Manager, Resource Manager, Staffing Coordinator, Practice Manager
EPRS8000	RS Optimization Report	Provides access to the Resource Optimization report.	Staffing Coordinator, Resource Manager, Practice Manager
EPRS9000	Resource Management Setup	Enables a user to set up or change installation options and preferences.	Administrator Note. The Administrator role is not directly associated with this permission list because administrators can access all pages using the ALLPAGES permission list.
EPRS9100	Resource Management BU (business unit) Setup	Enables a user to set up business rules and preferences.	Administrator Note. The Administrator role is not directly associated with this permission list because administrators can access all pages using the ALLPAGES permission list.
EPRS9200	RS Optimization Setup	Enables a user to establish resource optimization sets and objectives and to schedule resource optimization processes.	Administrator Note. The Administrator role is not directly associated with this permission list because administrators can access all pages using the ALLPAGES permission list.
EPRS9500	RS Capacity Planning with Unapprovals	Enables users to create supply and demand forecasts as well as create, modify, approve, and unapprove consolidated scenario analyses.	Practice Manager
EPRS9400	RS Capacity Planning	Enables users to create supply and demand forecasts as well as create, modify, and approve consolidated scenario analyses.	Resource Manager
EPRS9600	Region Utilization Setup	Enables users to set up the utilization values for the regions used in capacity planning.	Practice Manager

Component Interface Permissions

Component interfaces enable the use of PeopleSoft components (sets of pages grouped for a business purpose) for synchronous access from another application. Component interfaces encapsulate PeopleSoft data and business processes, and they hide the details of the underlying pages and data. You can use component interfaces to integrate a PeopleSoft application with other PeopleSoft applications or with external systems, such as systems written in Java , C/C++, Visual Basic, and XML.

Component interfaces are also used by Resource Management application messages on the application server and by application engines on the Process Scheduler server.

Note. Refer to the documentation on enterprise integration points (EIPs) for a list of component interfaces that you can use to create custom interfaces to other applications.

See Understanding EIPs.

Component Interfaces Used by Resource Management

Certain pages in Resource Management depend on the functionality of component interfaces. Component interface security is managed independently of page security. In order for a page to function properly, the user must have access to the page and to any component interfaces used by the page. For simplicity, Resource Management grants all users access to all Resource Management component interfaces. System security is managed by allowing or restricting access to specific Resource Management pages based on user roles.

These are the component interfaces that Resource Management pages use:

Component Interface	Description	Purpose
PROJECT_GENERAL	Create Project	Creates a new project (either using autonumbering or using a specified project ID) from a service order, using the business unit on the service order for the project.
RESOURCE_PROFILE	Resource Profile	Updates or deletes the work history on the resource profile.
RS_ASSIGN_BC	Create and Get Assignment	Creates an assignment using NEXT as the assignment ID until the assignment is saved. At that time, the assignment is autonumbered. Retrieves an existing assignment for modification. This component interface is used by the Staffing Workbench and integration with PeopleSoft Program Management, PeopleSoft Project Costing, and PeopleSoft Services Procurement.
RS_BLDSCPFND	Populate Scope Table	Uses a list of tree nodes or detail values to determine the data that populates the Scope table (RS_DF_SCOPE_W). This is used only for PeopleSoft Resource Management reports.
RS_CLEARSESNID	Clear Scope Table	Takes a session ID and clears the Scope table.
RS_CONV_PERSON	Convert Person to Resource	Converts PeopleSoft Services Procurement service providers to resources.
RS_REPORT_TBL_INTFC	Manage Report Temp Table	Inserts information or deletes information from the temporary reporting table RS_2010EMPL_TMP.
RS_SCHEDULE_CI	PeopleSoft Resource Management Schedule	Creates a new appointment using NEXT as the new appointment ID (autonumbered). Retrieves an existing appointment for modification. This component interface is also used to create and update assignment entries on the resource schedule.
RS_SERVICE_ORDER	Service Order Save As	Saves the existing service order as a new service order with the NEXT service order ID (autonumbered). The system copies data from the existing service order into the new service order.
RS_SESSION	Unique Session Number	Creates a unique number that is used to key different work or temporary tables used by online and batch processes throughout PeopleSoft Resource Management.
RS_WRKR_CREATE	Establish Employee as Resource	Establishes an employee as a resource. This is used in the integration with PeopleSoft Services Procurement when converting a service provider to a resource.
RS_WRKR_MGMT	Maintain Resource Eligibility	Manages dates of resource eligibility that are used in the integration with PeopleSoft Services Procurement when creating an assignment for a service provider.

Component Interfaces Used by Server Processes

These component interfaces must be included in a permission list that is associated with the user ID that is used to run the application server or Process Scheduler server:

Component Interface	Description	Purpose
RS_BLDSCPFND	Populate Scope Table	Uses a list of tree nodes or detail values to determine the data that populates the Scope table (RS_DF_SCOPE_W). This is used only for PeopleSoft Resource Management reports.
RS_CLEARSESNID	Clear Scope Table	Takes a session ID and clears the Scope table.
RS_SCHEDULE_CI	PeopleSoft Resource Management Schedule	Creates a new appointment using NEXT as the new appointment ID (autonumbered). Retrieves an existing appointment for modification. This component interface is also used to create and update assignment entries on the resource schedule.
RS_SESSION	Unique Session Number	Creates a unique number that is used to key different work or temporary tables used by online and batch processes throughout PeopleSoft Resource Management.

Web Library Permissions

A web library is a derived/work record that contains iScripts, which are specialized PeopleCode functions that generate dynamic web content. Proper web library access is required to access PeopleSoft applications with a web browser. Web library security is managed independently of page security. For simplicity, Resource Management grants all users access to the PeopleSoft Resource Management web library.

This is the web library that Resource Management pages use:

Web Library	Description	Purpose
WEBLIB_RS	PeopleSoft Resource Management Web Library	Required by the Monthly Schedule page.

You use other web libraries to access PeopleSoft pages outside Resource Management.

Row-Level Security

To establish security, you must first decide which level of security to establish throughout the system, which key fields to secure, and whether security is defined through user IDs or permission lists. With row-level support, you can implement security to provide individual users or permission lists with access to a table, but you do not have to provide access to all rows in the table. This type of security is typically applied to tables that hold sensitive data. For example, you can implement row-level security in Resource Management to restrict project business units that are available for assignments and service orders.

The PeopleSoft system determines which data permissions to grant to a user by examining the primary permission list and row security permission list. The permission list that is used varies by application and data entity, such as employee, customer, or business unit.

Note. Row-level security does not restrict the data that is selected by batch processes.

User Profiles and Roles

A user’s profile determines the pages that the user can access. To set up user and role security:

Create user profiles in the User Profile Maintenance component (USERMAINT).
Assign a role to each user profile.
Link the roles to permission lists.

Resource Management comes with several preconfigured roles based on functional tasks that are typically performed by an employee who is assigned to that role. Each preconfigured role comes with access to the set of pages within the application that correspond to the functional tasks of that role. For example, resources can update their own profiles and schedules, and they can view information about open resource requests or assignments. Similarly, staffing coordinators can fulfill service orders, create assignments, and view resource profiles and schedules.

User profiles define individual PeopleSoft users. After you create user roles, create user profiles and associate them with roles. The values for a user's page access and authorized actions, such as add, update, or review, are inherited from the associated roles.

You can assign multiple roles to a user. User permissions are based on the combined permissions that are assigned to all of the user's roles.

This table lists the sample roles that come with Resource Management:

Role	Description
Administrator	Manages system security; specifies installation and business unit options; administers batch processes.
Resource	Updates the resources' own profile and schedule; views details about open service orders; submits bids for service orders. (An identical role is defined in PeopleSoft HRMS.)
Resource Manager	Manages resource utilization; views and modifies resource schedules and profiles; approves assignments; submits recommendations for resources. An identical role is defined in PeopleSoft HRMS. In addition, this role also performs capacity planning tasks.
Staffing Coordinator	Fulfills service orders; performs express searches; creates assignments.
Practice Manager	Performs the tasks of a resource manager and staffing coordinator; performs capacity planning tasks.

Note. If you integrate with PeopleSoft HRMS, you must also establish the same user IDs and passwords in the HRMS database. If you install a directory service that adheres to Lightweight Directory Access Protocol (LDAP), the LDAP server manages the creation and assignment of roles to users.