In PeopleSoft Security is defined through Permission lists which will restrict user access not only to online pages but also to PeopleSoft Definitions.
Lets now focus on the Process Security and role of Process Groups.
A Process definition is needed to run a Program from Process Scheduler.
When we setup a Process Definition we need to make sure the Process Name should be same as the Program Name.
To run the Process through PIA, we need to provide navigation. Thus we add Component to the Process Definition.
Adding a component to a process definition causes that process definition to appear on the Process Scheduler Request page when you select File, Run in that component, if you have security to run the process.
Below is the snapshot of the Process Definition page (PeopleTools 8.52)
Make the process definition a member of the Process Group. A process definition can be a member of multiple process groups.
How to create/use existing Process Group:
Select an existing group, or add a new group by entering a unique process group name from the prompt provided for Process Group.
To attach the same process to multiple process groups, Click on Add button and include the Process group.
Note: There is no separate Setup page to define Process Groups.
The Prompt in the Process Definition is used to create new ones as there is no Edit for the Prompt. Below is the snapshot.
The Process groups are then assigned to Permission list. Now the Permission list is attached to Role.
A user now gets access to run the Processes under the Process group, attached to his/her Permission list.
Record which stores Permission lists and Process Group:
Below Diagram depicts the usage of Process Groups in PeopleSoft.
In real time, lets say users belonging to HR should run only HR jobs not Payroll. In this case , we create 2 process groups and assign all HR Processes to HR Process Group (say, HRPRCSGRP) and all Payroll Processes to Payroll Process Group (say, PYPRCSGRP). Now assign these process groups to permission lists and then permission lists to roles. Now assign HR role to HR user and Payroll Role to Payroll user. This way we can restrict access to particular users.
This concludes overview of usage of Process Groups which restricts the user to run the jobs he/she is authorized to run.