|
|
|
|
|
4 Ensure that you are in the “Select User for Security Definitions” page.
4 Enter the complete name of the user in the “User Name” field.
4 Select the “Set Security Definitions” hyperlink beside. The system displays the “Security Definitions” page.
4 Use the “Search Criteria” fields to specify search parameters for the user details. The system displays the records that match the combination of search criteria specified to the multiline in the page.
4 Select the hyperlink in the “User Name” column of the required record in the multiline. The system displays the “Security Definitions” page.
4 The system displays the following details at the top of the page.
Date Format |
The date format that is applicable to the login user. |
User Name |
The user name you selected in the “Select User for Security Definitions” page. |
4 Specify the following detail.
Login Role |
The role of the user for which you want to set security definitions. Select the role description, from the drop-down list box. All the roles that are mapped to a particular user in the deployment workbench are listed as options in the drop-down list box. |
4 As you select the login role, the system lists in the “Business Process Chain” drop-down list box below, the business processes for which you can set permissions for the selected user.
To specify the business processes chain for which the specified user-role combination should have access permissions
4 Specify the following detail.
Business Process Chain |
The business process for which you want to set permissions for the specified user-role combination. |
4 Specify the following detail.
Permissions To |
Indicate if the type of permissions that should be set for the specified user-role combination. You can set permissions to view, edit etc. From the drop-down list box, select the required option. |
4 Specify the following detail
Rule |
The description of the rule based on which access permissions should be granted to the specified user-role-business process chain combination. Help available. |
4 Select the “Define Rule” hyperlink beside.
4 The system displays the “Maintain Stored Procedure” page which you can use to define and store a new rule based on which access permissions should be granted.
If you set access permission to the user for all employees, it indicates that the specified user-role combination can access employee assignment record details, on behalf of all the employees of the organization units interacting with the ‘Security Definitions’ component. The user who accesses data on behalf of all the employees will have a very high status in the organization, for example, a super user status. The President of the HR department or CEO of the organization may have this super user status.
4 Select the “All Employees” check box to set access permissions to the employee details of all the employees.
If you exclude self, it indicates that the specified user-role combination has access permissions on the specified set of employees excluding access permissions to his/her employee details.
4 Select the “Exclude Self” check box to exclude access permissions to the user for the specified user-role combination to his/her details.
If you set access permission to the user for all reporting employees, it indicates that the specified user-role combination can access employee assignment record details, on behalf of the employees who report to him/her. The maximum level of subordinates till which the user has access permissions is based on the value set for the ‘Level of Span of control’ parameter. For example, if the level of span of control is set as 02, the user will have access permissions to employees who are two levels below him/her in the hierarchy of the organization.
4 Select the “All Reporting Employees” check box to set access permissions to the employee details of all reporting employees.
The level of span of control indicates the level in the hierarchy of the organization till which the user should have access permissions for employee details for the specified user-role-business process chain combination. For example, if you specify the value as 02, it indicates that the user has access permissions to details of employees till two levels below him/her in the hierarchy of the organization.
4 Enter the value in the “Level of Span of Control” field.
Default Level Span of Control |
The value set by default to indicate the level of span of control. |
Specify values for any combination of the details in the multiline. For example, if you specify the values for the department code, job level from and to details, it indicates that the user will have permissions for all employees or all reporting employees, as set earlier, in that particular department and who fall within the indicated job level range.
4 Specify values for any combination of the following details.
4 Examples of giving specifications to obtain a restricted employee assignment records list:
4 You can specify code of the job in the “Job Code” field and “ * “ in the “Department Code” field. In this case, there is no need to specify “Job Level From” and “Job Level To” fields.
4 To access all the employee assignment records except that of the CEO, specify “ * ” in all the fields in the first row of the multiline and select “Yes” in the include field. In the second row, enter code of the CEO in the “Job Code” field and select “No” in the include field.
Employment Unit |
The description of the employment unit for which access permissions should be set for the user. From the drop-down list box, select the required value. |
Department Code |
To view all the department codes containing specific characters, type in the starting character or characters of these department codes. |
|
Alternatively, type in these characters in any combination with wild cards. Example. DPT*, will search for those department codes that start with the prefix DPT. Other examples are *DPT12, DPT*12 and DPT12*. Help available |
|
If you enter “ * “ in the field, then all the employee assignment records, irrespective of department, will be fetched. “All” will be displayed in the “Department Description” field. If the system parameter 'Organization structure based on department hierarchy' is set to 'Yes' then on click of the Department Help icon in the grid the Help on Department with Hierarchy screen has to get launched. If the system parameter 'Organization structure based on department hierarchy' is set to 'No’ then on click of the Department Help icon in the grid the Help on Department with Hierarchy screen has to get launched. If the system parameter 'Organization structure based on department hierarchy' is set to 'Yes', display the columns Hierarchy code and chain number in the grid. |
Hierarchy Code |
The hierarchy code of the primary hierarchy to which the department belongs. |
Chain No. |
The chain number in the hierarchy which is being selected. |
Job Code |
To view all the job codes containing specific characters, type in the starting character or characters of these job codes. |
|
Alternatively, type in these characters in any combination with wild cards. Example. PROG1*, will search for those job codes that start with PROG1. Other examples are PRO*, PR*1, *G1. |
|
If you enter “ * “ in the field, then all the employee assignment records, irrespective of the job will be fetched. “All” will be displayed in the “Job Title” field. Help for Job Code has been introduced. The corresponding help screen would have the ‘Department’ control hidden. |
Job Level From |
Specify the code of the job level from which, the employee assignment records should be fetched. |
Job Level To |
Specify the code of the job level till which, the employee assignment records should be fetched. |
Note: The job level from and job level to fields should be specified only if you have specified an “ * “ in the job code field.
Grade Set Code |
To view all the grade set codes containing specific characters, type in the starting character or characters of these grade set codes. |
|
Alternatively, type in these characters in any combination with wild cards. Example. G*, will search for those grade set codes that start with G. Other examples are GS1*, *12, G*1. |
|
If you enter “ * “ in the field, then all the employee assignment records, irrespective of grade set will be fetched. “All” will be displayed in the grade set description field. |
Grade Code |
To view all the grade codes containing specific characters, type in the starting character or characters of these grade codes. |
|
Alternatively, type in these characters in any combination with wild cards. Example. CLR1*, will search for those grade codes that start with CLR1. Other examples are CLR1*, CL*RK1, *RK1. |
|
If you enter “ * “ in the field, then all the employee assignment records, irrespective of grade will be fetched. “All” will be displayed in the grade description field. |
Note: If “ * “ is specified in the grade set code field, then “ * “ must be specified in the grade code field.
Job Code |
To view all the job codes containing specific characters, type in the starting character or characters of these job codes. |
|
Alternatively, type in these characters in any combination with wild cards. Example. PROG1*, will search for those job codes that start with PROG1. Other examples are PRO*, PR*1, *G1. |
|
If you type * in the field, then all the employee assignment records, irrespective of job will be fetched. “All” will be displayed in the job description field. |
Work Location Code |
To view all the work location codes containing specific characters, type in the starting character or characters of these work location codes. Alternatively, type in these characters in any combination with wild cards. Example. WL1*, will search for those work location codes that start with WL1. Other examples are WL1*, *WL1 etc. If you type * in the field, then all the employee assignment records, irrespective of the work location will be fetched. “All” will be displayed in the work location description field. |
Business Unit ID |
To view all business unit ID codes containing specific characters, type in the starting character or characters of these business unit ids. |
|
Alternatively, type in these characters in any combination with wild cards. Example. BU1*, will search for those business unit ids that start with BU1. |
|
If you type * in the field, then all the employee assignment records, irrespective of the business unit id will be fetched. “All” will be displayed in the “Business Unit” field. |
Include |
Select “Yes” or “No”, from the drop-down list box. If you select |
|
“Yes”, you indicate that all the employee assignment records that satisfy the criteria specified in the corresponding row should be fetched. |
|
“No”, you indicate that all the employee assignment records that satisfy the criteria specified in the corresponding row should not be fetched. |
4 The multiline displays the values for the department description, job title, job level from description, job level to description, grade set description, grade description, work location description and business unit details in the corresponding fields only after values are specified for all the details in the page and the “Save User Permissions” pushbutton is selected.
Comments |
Any additional comments you want to specify pertaining to the details. |
4 Select the “Book” icon beside the comments field
4 The system displays a dialog box in which you can enter the comments.
4 Select the “OK” pushbutton in the dialog box to save the details.
4 Select the “Cancel” pushbutton to close the dialog box without saving the details specified.
4 Select the “Save User Permissions” pushbutton to save the permissions set for the user.
On save , restricted employee assignment records list is generated for access by permitted users only when the system parameter value “DLS – Auto refresh on save” is set as “Yes” under the component “Security Definitions”. If set as “No” then the refresh process to be executed independently.
Note: After specifying the access permissions for a user-role combination, the value of the “Data Level Security Definitions Enabled” parameter should be changed to “Yes” through the ‘Set Employee Security Parameters” activity.
4 Select the “Delete User Permissions” pushbutton to delete access permission to the user.
4 Select the “Populate User Permissions” pushbutton at the bottom of the page.
4 Select the “Refresh User Permissions” pushbutton at the top right of the page so that the restricted employee assignment records list is generated for access by permitted users.
6 Hyperlinked topics below
Use this page to set security definitions.
