Summary:
How can I implement row level security in Peoplesoft CRM v8.8?

Answer

Here is a note from Customer connection.

Summary:
How to implement Row-Level Security by operator ID
Details: Resolution #15409: How to implement Row-Level Security by operator ID

You can design special types of SQL views -security views- to control access to individual rows of data stored within your application database tables. Your PeopleSoft applications are delivered with built-in, row-level security functions, tailored to that specific application.

For example, in PeopleSoft HRMS, we provide security tables that enable you to restrict operator access to employee rows according to organizational roles, or to permit an operator to view and update rows for employees in their department only.

Then to get the security down to the operator ID level instead of the operator class level, there are steps defined in Designing Your PeopleSoft Human Resources System manual under Using Operator IDs for Employee Data Security.

Changing operator class to operator ID

Steps to implement Organizational Security by OPRID:

1) Delete all entries for each OPERClass/OPERID in Security Tables.
2) Run SECVWTRE.WT to load the SQL text for the security views(only needs to be performed if organizational security has been turned off).
3) Run SECBYOPR.WT to change the view text of Oprdefn to select based on Oprtype of 0 (instead of 1 for operator class security.
4) Add the field OPRID in place of the OPRCLASS field in the search views and make it a key item.
5) Recreate the search views and the Oprdefn view.
6) After the departments have been loaded, create a tree with effective date the same as the effective date for the departments equating the node with the department ID.
7) Run PER505 to update the effective date of PS_R_PER505.
8) Update the security tables to show which departments each operator or operator class has authorization to read/write.
9) Run PER505 if any changes are made to the tree structure. This will update the security tables established in 6 to reflect the changes to the hierarchy.

To switch from Operator Class to Operator ID security:

1) If you have department security in place for an OprID or OprClass delete these entries now, they will not be available after updating the Oprdefn view and may give inaccurate results if left in place.
2) Run SECBYOPR.WT to change the view text of Oprdefn to select based on an Oprtype of 0. (To switch back to Operator Class security run SECBYCLS.WT to switch the view text of Oprdefn to select based on an Oprtype of 1.)
3) Recreate the Oprdefn view.
4) Change each search view and replace the OPRCLASS field with OPRID field and make OPRID a key field.
5) Set up the tree and department security as in the steps 5 through 8 under Operator ID security setup.

Change Standard Search Record into OPRDEFN_DEPT. The view text in
OPRDEFN_DEPT should look like this:
SELECT
A.OPRID
,A.EMPLID
FROM PSOPRDEFN A

WHERE A.OPRTYPE=0

You must rebuild this view.

Documentation for this is located in Designing your Human Resource System (Chapter 4).

*Questions excerpted from ITToolBox.com*

Disclaimer: Contents are not reviewed for correctness and are not endorsed or recommended by PeopleSoft-Planet.com.