This is what the WorkCenter Page looks like:
This design allows the manager to Drill down to any positions within their organization and begin the recruiting process for that position. Once they select a Position that they want to recruit for the requisition is populated from the Position Data record and the manager is one click away from staring the requisitions approval process.
After the Requisition is selected by manager.
This is where we need to add some row level security, to the Requisition Component. Since one of the requirements is that any manager can delegate to any employee, all employee's must have access to the Component and savvy Peoplesoft User's know that if you populate the URL with a querystring that includes the Key, the component will bypass search processing and allow the user access to the requisition that they might not otherwise be authorized to see. So I began researching on how to prevent the component from using this querystring. That is when I found this option on the Component Properties.
After I clicked this option, I could always intercept the request in SearchInit PeopleCode and populate the search keys from the Cache Record Populated when the Manager selects the position in the workcenter page. Below is the SearchInit PeopleCode:
Global string &GLB_POSN_NBR, &GLB_BR_GUID;
Local Record &ZZ_CACHE;
If %Component = Component.ZZ_REQUISITIONS Then
/*Hide emplid and name so user can not search*/
&GLB_BR_GUID = %Request.GetParameter("GUID");
Hide(ZZ_REQUISITIONS.ZZ_JOB_OPENING_ID);
If None(&GLB_BR_GUID) Then
ZZ_REQUISITIONS.MANAGER_ID = %EmployeeId;
Else
&ZZ_CACHE = CreateRecord(Record.ZZ_BR_CACHE);
&ZZ_CACHE.GUID.Value = &GLB_BR_GUID;
&ZZ_CACHE.SelectByKey();
&GLB_POSN_NBR = &ZZ_CACHE.POSITION_NBR.Value;
ZZ_REQUISITIONS.ZZ_JOB_OPENING_ID.Value = &ZZ_CACHE.ZZ_JOB_OPENING_ID.Value;
End-If;
/* skip search page */
SetSearchDialogBehavior(0);
End-If;
Very cool that Oracle allows you to force Search Processing at the Component Level!
No comments:
Post a Comment