One of the reasons for this error is Missing proper Web Library (WEBLIB) Security access.
The PeopleSoft delivered "PeopleSoft User" (PTPT1000) Permission list is delivered with the correct access given to these web libraries. If the PTPT1000 permission list has been cloned or a custom permission list is being used to grant web library access, then the needed web libraries must be manually added to the cloned permission list.
Make sure that all the users have FULL access to the following Web libraries:
WEBLIB_PORTAL
WEBLIB_PT_NAV
WEBLIB_PTPP_SC
WEBLIB_PTPPB
WEBLIB_PTPPB1
WEBLIB_PTRC
WEBLIB_TIMEOUT
WEBLIB_PTIFRAME
WEBLIB_UAD_NAV
WEBLIB_PTBR
WEBLIB_PTPN
WEBLIB_PTNUI
If issue is not resolved by assigning the required Web Libraries. One need to execute the following queries to find and delete the orphan data.
Validates Security Table Integrity
Authorization error can happen if these tables are inconsistent:
-
PSROLEUSER
-
PSROLECLASS
-
PSCLASSDEFN
-
PSAUTHITEM
-
PSMENUDEFN
-
PSCOMPDEFN
-
PSPRSMDEFN
Role references a Permission List that does not exist:
select * FROM PSROLECLASS WHERE CLASSID not in (SELECT CLASSID FROM PSCLASSDEFN)
delete FROM PSROLECLASS WHERE CLASSID not in (SELECT CLASSID FROM PSCLASSDEFN)
PSROLEUSER references a User that does not exist in PSOPRDEFN
Select * from PSROLEUSER WHERE ROLEUSER NOT IN (SELECT OPRID FROM PSOPRDEFN)
DELETE from PSROLEUSER WHERE ROLEUSER NOT IN (SELECT OPRID FROM PSOPRDEFN)
PSROLECLASS references a Role that does not exist in PSROLEDEFN
SELECT * FROM PSROLECLASS WHERE ROLENAME NOT IN (SELECT ROLENAME FROM PSROLEDEFN)
DELETE FROM PSROLECLASS WHERE ROLENAME NOT IN (SELECT ROLENAME FROM PSROLEDEFN)
User named in a User-Role relationship does not exist in the User Definition table:
SELECT * FROM PSROLEUSER WHERE ROLEUSER NOT IN (SELECT OPRID FROM PSOPRDEFN)
UPDATE PSOPRDEFN SET OPRCLASS = ' ' WHERE OPRCLASS <> ' ' AND
OPRCLASS NOT IN (SELECT CLASSID FROM PSCLASSDEFN B WHERE B.CLASSID = PSOPRDEFN.OPRCLASS)
Role named in a Role-Permission List relationship does not exist in the Role Definition table:
DELETE FROM PSROLECLASS WHERE ROLENAME not in (SELECT ROLENAME FROM PSROLEDEFN)
Invalid entries in the PSAUTHITEM table:
DELETE FROM PSAUTHITEM
WHERE
( PSAUTHITEM.MENUNAME NOT LIKE 'WEBLIB_%'
AND PSAUTHITEM.MENUNAME NOT IN
('CLIENTPROCESS',
'DATA_MOVER',
'IMPORT_MANAGER',
'OBJECT_SECURITY',
'QUERY',
'PERFMONPPMI')
AND PSAUTHITEM.MENUNAME NOT LIKE 'APPLICATION_DESIGNER%'
AND PSAUTHITEM.MENUNAME <> 'REN'
AND NOT EXISTS
( SELECT 'X'
FROM PSMENUITEM MI
WHERE PSAUTHITEM.MENUNAME = MI.MENUNAME
AND PSAUTHITEM.BARNAME = MI.BARNAME
AND PSAUTHITEM.BARITEMNAME = MI.ITEMNAME
AND
( MI.ITEMTYPE IN (0,1,2,3,4,6,7,8,10,11)
OR (MI.ITEMTYPE = 5
AND EXISTS
(
SELECT 'X'
FROM PSPNLGRPDEFN GD,
PSPNLGROUP GI
WHERE MI.PNLGRPNAME = GD.PNLGRPNAME
AND MI.MARKET = GD.MARKET
AND GD.PNLGRPNAME = GI.PNLGRPNAME
AND GD.MARKET = GI.MARKET
AND PSAUTHITEM.PNLITEMNAME = GI.ITEMNAME
)
)
OR (MI.ITEMTYPE = 9
AND EXISTS
(
SELECT 'X'
FROM PSPCMNAME PCN,
PSPCMPROG PCP
WHERE PCN.OBJECTID1 = 3
AND PCN.OBJECTVALUE1 = MI.MENUNAME
AND PCN.OBJECTID2 = 4
AND PCN.OBJECTVALUE2 = MI.BARNAME
AND PCN.OBJECTID3 = 5
AND PCN.OBJECTVALUE3 = MI.ITEMNAME
AND PCN.OBJECTID4 = 12
AND PCN.OBJECTVALUE4 = 'ItemSelected'
AND PCN.OBJECTID1 = PCP.OBJECTID1
AND PCN.OBJECTVALUE1 = PCP.OBJECTVALUE1
AND PCN.OBJECTID2 = PCP.OBJECTID2
AND PCN.OBJECTVALUE2 = PCP.OBJECTVALUE2
AND PCN.OBJECTID3 = PCP.OBJECTID3
AND PCN.OBJECTVALUE3 = PCP.OBJECTVALUE3
AND PCN.OBJECTID4 = PCP.OBJECTID4
AND PCN.OBJECTVALUE4 = PCP.OBJECTVALUE4
)
)
OR (MI.ITEMTYPE = 12
AND EXISTS
(
SELECT 'X'
FROM PSXFERITEM XI
WHERE MI.MENUNAME = XI.MENUNAME
AND MI.ITEMNAME = XI.ITEMNAME
)
)
)
)
)
OR
(
PSAUTHITEM.MENUNAME LIKE 'WEBLIB_%'
AND NOT EXISTS
(
SELECT 'X'
FROM PSPCMPROG PCP
WHERE PCP.OBJECTID1 = 1
AND PCP.OBJECTVALUE1 = PSAUTHITEM.MENUNAME
AND PCP.OBJECTID2 = 2
AND PCP.OBJECTVALUE2 = PSAUTHITEM.BARNAME
)
)
OR
(
PSAUTHITEM.MENUNAME IN
('CLIENTPROCESS',
'DATA_MOVER',
'IMPORT_MANAGER',
'OBJECT_SECURITY',
'QUERY',
'PERFMONPPMI')
AND
(
PSAUTHITEM.BARNAME <> ' '
OR PSAUTHITEM.BARITEMNAME <> ' '
OR PSAUTHITEM.PNLITEMNAME <> ' '
)
)
OR
(
PSAUTHITEM.MENUNAME LIKE 'APPLICATION_DESIGNER%'
AND
(
(PSAUTHITEM.BARNAME <> ' '
AND PSAUTHITEM.BARNAME NOT IN
(
SELECT OBJNAME
FROM PS_APP_DES_OBJECTS
WHERE PSAUTHITEM.BARNAME = OBJNAME
)
)
OR PSAUTHITEM.BARITEMNAME <> ' '
OR PSAUTHITEM.PNLITEMNAME <> ' '
)
)
OR
(
PSAUTHITEM.MENUNAME = 'REN'
AND
(
(PSAUTHITEM.BARNAME <> ' '
AND PSAUTHITEM.BARNAME NOT IN
(
SELECT OBJNAME
FROM PS_APP_DES_OBJECTS
WHERE PSAUTHITEM.BARNAME = OBJNAME
)
)
OR PSAUTHITEM.BARITEMNAME <> ' '
OR PSAUTHITEM.PNLITEMNAME <> ' '
)
);
No comments:
Post a Comment