TAA Tools
CHKSPCAUT       CHECK SPECIAL AUTHORITIES              TAASEFE

The Check  Special Authorities  command allows  a check  of a  specific
user's special  authorities or the  current user.  If  the current user
is  requested 1) the check includes  both program adopt and group adopt
and 2)  the  check  occurs at  the  previous  call level  so  that  any
current program adopt status is not included.

A typical command would be:

             CHKSPCAUT      ALLOBJ(*YES) SECADM(*YES)

The  current user  is checked  for *ALLOBJ  and *SECADM.   If  the user
profile  (including program adopt  and group adopt) does  not have both
special authorities, TAA9891 is sent as an escape message.

The check is made  beginning at the program  prior to the program  that
ran  CHKSPCAUT in  the program  stack.   This allows  the program  that
uses  CHKSPCAUT  to adopt  and  still  determine if  the  user  has the
specified special authorities.

If a specific user  profile name is entered,  the current user must  be
authorized to that profile.

There is  an optional parameter  ERRTXT that allows  you to supply  the
message  text sent  for  the CPF9898  message.   This  is  intended for
situations  where you are  using a Standard  Error handling routine and
just want to bubble the message back.

For example, assume  PGMA calls PGMB and  PGMB contains CHKJOBCTL.   If
PGMB contains a  standard error handling routine, the  error text would
be sent to PGMA.

          CHKSPCAUT      JOBCTL(*YES) ERRTXT('You must have +
                          *JOBCTL special authority to use the +
                          xxxx function')

The QSYCUSRS API is used.

CHKSPCAUT escape messages you can monitor for
---------------------------------------------

      TAA9891    User does not have the specified special authorities
      TAA9892    No special authorities were requested
      CPF9802    Not authorized to the user profile named

Escape messages from based on functions will be re-sent.

Command parameters                                    *CMD
------------------

   USRPRF        The  user profile  to  check special  authorities for.
                 The default  is  *CURRENT meaning  the  current  user.
                 When *CURRENT  is specified,  the check  includes both
                 program adopt and group adopt.

                 A specific  user profile may be  entered.  If entered,
                 the check is only to  the existing user profile.   The
                 current  user  must be  authorized  to  the  specified
                 user profile.

   ALLOBJ        A  *YES/*NO value  for  whether to  check  for *ALLOBJ
                 special  authority.    The  default  is  '*NO'  for no
                 check.    A  '*YES'  entry  causes  a  check  for  the
                 special authority.

   AUDIT         A  *YES/*NO  value for  whether  to  check for  *AUDIT
                 special  authority.    The  default  is  '*NO'  for no
                 check.    A  '*YES'  entry  causes  a  check  for  the
                 special authority.

   IOSYSCFG      A *YES/*NO  value for  whether to check  for *IOSYSCFG
                 special  authority.    The  default  is  '*NO' for  no
                 check.    A  '*YES'  entry  causes  a  check  for  the
                 special authority.

   JOBCTL        A  *YES/*NO value  for whether  to  check for  *JOBCTL
                 special  authority.    The  default  is '*NO'  for  no
                 check.    A  '*YES'  entry  causes  a  check  for  the
                 special authority.

   SAVSYS        A *YES/*NO  value  for whether  to  check for  *SAVSYS
                 special  authority.    The  default is  '*NO'  for  no
                 check.    A  '*YES'  entry  causes  a  check  for  the
                 special authority.

   SECADM        A *YES/*NO  value for  whether  to check  for  *SECADM
                 special  authority.    The default  is  '*NO'  for  no
                 check.    A  '*YES'  entry  causes  a  check  for  the
                 special authority.

   SERVICE       A *YES/*NO  value for  whether to  check for  *SERVICE
                 special  authority.    The default  is  '*NO'  for  no
                 check.    A  '*YES'  entry  causes  a  check  for  the
                 special authority.

   SPLCTL        A  *YES/*NO  value for  whether  to check  for *SPLCTL
                 special  authority.   The  default  is  '*NO'  for  no
                 check.    A  '*YES'  entry  causes  a  check  for  the
                 special authority.

   ERRTXT        The  error text to  be used  if an error  occurs.  The
                 default is *STD  which produces  standard error  text.

                 The intent  of allowing  you to enter  the text  is if
                 you  are  using  the CHKSPCAUT  command  in  a program
                 that  uses  a  standard  error  handling  routine   to
                 bubble up  the message text  to the  caller.  You  can
                 supply  some specific  text relative  to  the function
                 of your program.

Restrictions
------------

If  a  specific  user  profile  is  named,  the  current  user  must be
authorized to that profile.

Prerequisites
-------------

The following TAA Tools must be on your system:

     SNDESCMSG       Send escape message

Implementation
--------------

None, the tool is ready to use.

Objects used by the tool
------------------------

   Object        Type    Attribute      Src member    Src file
   ------        ----    ---------      ----------    ----------

   CHKSPCAUT     *CMD                   TAASEFE       QATTCMD
   TAASEFEC      *PGM       CLP         TAASEFEC      QATTCL
					

Added to TAA Productivity tools January 15, 2002


Home Page Up to Top