CHKUSRAUT -- Check User Authority

CHKUSRAUT CHECK USER AUTHORITY TAASECA
Note that CHKUSRAUT has been primarily replaced by the RTVOBJAUT TAA Tool. RTVOBJAUT uses APIs to access the information more quickly and provides more information. CHKUSRAUT remains for compatibility reasons. In some environments it is desirable to operate under an adopted profile and yet still have a need to check individual authority. The CHKUSRAUT command will allow you to check an object's authority independent of the program adopt function. The user group authority is always included in the check. Assume you have adopted authority at a high level menu and that a single profile owns all of the production objects. If a secure function now needs to be executed, the CHKOBJ command cannot be used because the single profile owns the object to be checked. The typical use of the CHKUSRAUT command is: CHKUSRAUT OBJECT(LIBY/FILEX) OBJTYPE(FILE) AUT(UPD) The command operates like CHKOBJ in that it will not return a completion message if the user is authorized. An escape message (CPF9898) will be sent if the user is not authorized. A second command CHKUSRAUTL is available to check if a user is authorized to an authorization list. CHKUSRAUT command parameters CMD --------------------------- OBJECT The qualified object name to be checked. The library qualifier defaults to LIBL. OBJTYPE The object type to be checked. AUT A list of authorities to be checked. The checking is done at an individual authority level. You must specify one or more of the following: OBJEXIST, OBJMGT, OBJOPR, READ, UPD, ADD or DLT. CHKAUTL Whether the authorization list for the object (if any) should be checked also. The default is YES. If no authorization list exists for the object, the checking is ignored. CHKUSRAUTL command parameters CMD ----------------------------- AUTL The authorization list to be checked. AUT A list of authorities to be checked. The checking is done at an individual authority level. You must specify one or more of the following: OBJEXIST, OBJMGT, OBJOPR, READ, UPD, ADD or DLT. PUBLIC A YES/NO value for whether the PUBLIC user should be excluded from the check. YES is the default. NO will exclude the PUBLIC user. Prerequisites ------------- The following TAA Tools must be on your system: EXTLST Extract list SNDESCMSG Send escape message Implementation -------------- None, the tool is ready to use. Objects used by the tool ------------------------ Object Type Attribute Src member Src file ------ ----- --------- ---------- ----------- CHKUSRAUT CMD TAASECA QATTCMD CHKUSRAUTL CMD TAASECA2 QATTCMD TAASECAC PGM CLP TAASECAC QATTCL TAASECAC2 PGM CLP TAASECAC2 QATTCL

CHKUSRAUT      CHECK USER AUTHORITY                    TAASECA


Note that CHKUSRAUT  has been primarily  replaced by the  RTVOBJAUT TAA
Tool.   RTVOBJAUT uses APIs to access the  information more quickly and
provides   more  information.    CHKUSRAUT  remains  for  compatibility
reasons.

In some  environments  it  is desirable  to  operate under  an  adopted
profile and yet  still have a need to check  individual authority.  The
CHKUSRAUT  command  will  allow  you  to  check  an object's  authority
independent of the program adopt function.

The user group authority is always included in the check.

Assume you  have adopted  authority at  a high  level menu  and that  a
single  profile owns  all  of  the production  objects.    If a  secure
function  now needs to be  executed, the CHKOBJ command  cannot be used
because the single profile owns the object to be checked.

The typical use of the CHKUSRAUT command is:

     CHKUSRAUT    OBJECT(LIBY/FILEX) OBJTYPE(*FILE) AUT(*UPD)

The command  operates  like  CHKOBJ  in  that  it  will  not  return  a
completion  message if  the  user is  authorized.   An  escape  message
(CPF9898) will be sent if the user is not authorized.

A  second  command  CHKUSRAUTL is  available  to  check  if  a user  is
authorized to an authorization list.

CHKUSRAUT command parameters                          *CMD
---------------------------

   OBJECT        The   qualified  object  name  to  be  checked.    The
                 library qualifier defaults to *LIBL.

   OBJTYPE       The object type to be checked.

   AUT           A list  of authorities  to be checked.   The  checking
                 is done  at an individual  authority level.   You must
                 specify  one  or  more  of  the following:  *OBJEXIST,
                 *OBJMGT, *OBJOPR, *READ, *UPD, *ADD or *DLT.

   CHKAUTL       Whether the  authorization  list for  the  object  (if
                 any) should  be checked  also.   The default is  *YES.
                 If  no authorization list  exists for  the object, the
                 checking is ignored.

CHKUSRAUTL command parameters                         *CMD
-----------------------------

   AUTL          The authorization list to be checked.

   AUT           A list of  authorities to  be checked.   The  checking
                 is done  at an individual  authority level.   You must
                 specify  one  or  more  of the  following:  *OBJEXIST,
                 *OBJMGT, *OBJOPR, *READ, *UPD, *ADD or *DLT.

   PUBLIC        A  *YES/*NO value for whether  the *PUBLIC user should
                 be excluded  from the  check.   *YES  is the  default.
                 *NO will exclude the *PUBLIC user.

Prerequisites
-------------

The following TAA Tools must be on your system:

         EXTLST        Extract list
         SNDESCMSG     Send escape message

Implementation
--------------

None, the tool is ready to use.

Objects used by the tool
------------------------

   Object        Type       Attribute      Src member     Src file
   ------        -----      ---------      ----------     -----------

   CHKUSRAUT     *CMD                      TAASECA        QATTCMD
   CHKUSRAUTL    *CMD                      TAASECA2       QATTCMD
   TAASECAC      *PGM          CLP         TAASECAC       QATTCL
   TAASECAC2     *PGM          CLP         TAASECAC2      QATTCL

Added to TAA Productivity tools April 1, 1995

Home Page

Up to Top