File Management - IBM
Share Embed Flag
Download ePaper

File Management - IBM

File Management - IBM File Management - IBM

as400bks.rochester.ibm.com
from as400bks.rochester.ibm.com More from this publisher
30.06.2013 Views

Add Add new records to the file. Update Open a database file for update. Delete Open a database file for delete. For files other than database and save files, the execute, the add, update, and delete authorities are ignored. Authorities required for file operations Table 4 lists the file object authority required for file functions. Table 5 on page 11 lists the data authority required for file functions. This is the same information that was presented in the previous two sections, but it is listed by function rather than by authority. Table 4. Object Authority Required for File Operations Function Object Operational Object Existence Object Management Object Reference Open, I/O, close X file 1 Compile a program using the file description X Display file description X Delete file X X Save/restore X Transfer ownership X X Grant/revoke authority X X Change file description X X Move file X X Rename file X X Replace file X X X Refer to another X X file 2 Add or remove file constraints 3 Add or remove triggers 4 Change attributes 5 : 1 2 3 4 5 Object Alter X X X X X X For device files that are not using spooling, you must also have object operational and all data authorities to the device. For database files only. For database files only. Parent files need object management or object reference authority. Dependent files need object management or object alter authority. For database files only. Files need object management or object alter authority. For database files and SQL packages only. Files need object management or object alter authority. 10 File Management V4R5

Table 5. Data Authority Required for File Operations Function Execute Read Add Update Delete Open, I/O, close file 1 X X 2 X 3 X 3 Compile a program using the file description X Run a program or locate an object in a library X Display file description X Replace file X Add or remove triggers 4 X X 5 X 6 X 7 : 1 2 3 4 5 6 7 For device files that are not using spooling, you must also have object operational and all data authorities to the device. Open for output for database and save files. Open for update or delete for database files. For database files only. Add authority required in addition to Read authority for inserting triggers. Update authority required in addition to Read authority for updating triggers. Delete authority required in addition to Read authority for deleting triggers. Limiting access to files and data when creating files Specifying authorities allows you to control access to a file. Specifying authorities when creating files: To specify public authority when you create a file, use the AUT parameter on the create command. What public authority is: Public authority is authority that is available to any user who does not have specific authority to the file or who is not a member of a group that has specific authority to the file. That is, if the user has specific authority to a file or the user is a member of a group with specific authority, then the public authority is not checked when a user performs an operation to the file. Public authority can be specified as: v *LIBCRTAUT. All users that do not have specific user or group authority to the file have authority determined by the library in which the file is being created. The library value is specified by the *CRTAUT command to establish a public authority for this library. v *CHANGE. All users that do not have specific user or group authority to the file have authority to use the file. The *CHANGE value is the default public authority. *CHANGE grants any user object operational and all data authorities. v *USE. All users that do not have specific user or group authority to the file have authority to use the file. *USE grants any user object operational, execute, and read data authority. v *EXCLUDE. Only the owner, security officer, users with specific authority, or users who are members of a group with specific authority can change or use the file. Chapter 2. File processing 11

Table 5. Data Authority Required for <strong>File</strong> Operations<br />

Function Execute Read Add Update Delete<br />

Open, I/O, close file 1<br />

X X 2<br />

X 3<br />

X 3<br />

Compile a program<br />

using the file description<br />

X<br />

Run a program or locate<br />

an object in a library<br />

X<br />

Display file description X<br />

Replace file X<br />

Add or remove triggers 4<br />

X X 5<br />

X 6<br />

X 7<br />

:<br />

1<br />

2<br />

3<br />

4<br />

5<br />

6<br />

7<br />

For device files that are not using spooling, you must also have object operational and all data authorities to<br />

the device.<br />

Open for output for database and save files.<br />

Open for update or delete for database files.<br />

For database files only.<br />

Add authority required in addition to Read authority for inserting triggers.<br />

Update authority required in addition to Read authority for updating triggers.<br />

Delete authority required in addition to Read authority for deleting triggers.<br />

Limiting access to files and data when creating files<br />

Specifying authorities allows you to control access to a file.<br />

Specifying authorities when creating files:<br />

To specify public authority when you create a file, use the AUT parameter on the<br />

create command.<br />

What public authority is:<br />

Public authority is authority that is available to any user who does not have<br />

specific authority to the file or who is not a member of a group that has specific<br />

authority to the file. That is, if the user has specific authority to a file or the user is<br />

a member of a group with specific authority, then the public authority is not<br />

checked when a user performs an operation to the file. Public authority can be<br />

specified as:<br />

v *LIBCRTAUT. All users that do not have specific user or group authority to the<br />

file have authority determined by the library in which the file is being created.<br />

The library value is specified by the *CRTAUT command to establish a public<br />

authority for this library.<br />

v *CHANGE. All users that do not have specific user or group authority to the file<br />

have authority to use the file. The *CHANGE value is the default public<br />

authority. *CHANGE grants any user object operational and all data authorities.<br />

v *USE. All users that do not have specific user or group authority to the file have<br />

authority to use the file. *USE grants any user object operational, execute, and<br />

read data authority.<br />

v *EXCLUDE. Only the owner, security officer, users with specific authority, or<br />

users who are members of a group with specific authority can change or use the<br />

file.<br />

Chapter 2. <strong>File</strong> processing 11

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!