Add DLO Authority (ADDDLOAUT)
The Add Document Library Object Authority (ADDDLOAUT) command allows you to give a user access to a document or folder. It allows you to specify authority for users in the following ways:
- Give specific authority to a user.
- Give a set of users authority by specifying a previously defined authorization list.
- Give a group of users use (*USE) access by specifying an access code.
Restrictions:
The user of this command must have all (*ALL) authority to the objects, have all object (*ALLOBJ) special authority, or be the owner of the objects.
Keyword |
Description |
Choices |
Notes |
DLO |
Document library object |
Character value, *ALL, *SYSOBJNAM |
Required, Positional 1 |
FLR |
Folder |
Character value, *NONE |
Optional |
USRAUT |
User authority |
Single values: *NONE Other values (up to 50 repetitions): Element list |
Optional |
Element 1: User profile |
Name |
Element 2: Authority level |
*USE, *CHANGE, *EXCLUDE, *ALL |
AUTL |
Authorization list |
Name, *NONE |
Optional |
ACC |
Document access code |
Single values: *NONE Other values (up to 50 repetitions): 0-2047 |
Optional |
SYSOBJNAM |
System object name |
Name |
Optional |
Document library object (DLO)
Specifies the name of the document or folder to which authority is added.
- *ALL
- Authority is added to all objects in the specified folder. If *ALL is specified, a value must be specified on the Folder (FLR) parameter.
- *SYSOBJNAM
- A system object name is used to identify the folder or document to which authority is added. You will be requested to enter the name.
- name
- Specify the user-assigned name of the document or folder using a maximum of 12 characters.
Folder (FLR)
Specifies the folder where the object specified for the Document library object (DLO) parameter is located.
- *NONE
- A folder name is not specified. *NONE cannot be specified if either:
- A document or folder name is specified on the Document library object (DLO) parameter and the object is located in a folder
- *ALL is specified on the Document library object (DLO) parameter
- name
- Specify the user-assigned name of the folder. The folder name can consist of a series of folder names if the object specified on the Document library object (DLO) parameter is located in a folder that is contained in another folder. A maximum of 63 characters can be specified.
User authority (USRAUT)
Specifies the name of a specific user and the user's authority.
- *NONE
- No additional user's authority is added.
- name
- Specify the name of the user profile for whom specific authority is added.
- *ALL
- The user can perform all operations except those limited to the owner or controlled by authorization list management (*AUTLMGT) authority. The user can control the object's existence, specify the security for the object, change the object, and perform basic functions on the object. The user also can change ownership of the object.
- *CHANGE
- The user can perform all operations on the object except those limited to the owner or controlled by object existence (*OBJEXIST) and object management (*OBJMGT) authorities. The user can change and perform basic functions on the object. *CHANGE authority provides object operational (*OBJOPR) authority and all data authority. If the object is an authorization list, the user cannot add, change, or remove users.
- *USE
- The user can perform basic operations on the object, such as running a program or reading a file. The user cannot change the object. Use (*USE) authority provides object operational (*OBJOPR), read (*READ), and execute (*EXECUTE) authorities.
- *EXCLUDE
- The user cannot access the object.
Authorization list (AUTL)
Specifies the name of the authorization list, if any, used to secure the document or folder specified on the Document library object (DLO) parameter.
- *NONE
- An authorization list is not specified.
- name
- Specify the name of a predefined authorization list.
Document access code (ACC)
Specifies the access codes that are added. The access code must be defined to the system before it can be used. An access code of zero (0) allows all users use (*USE) authority for the object. Access code zero (0) cannot be assigned to an object if the security level is personal.
- *NONE
- No access code is added.
- 0-2047
- Specify the access code assigned to the object. All access codes except 0 must be predefined to the system using the Add Access Code (ADDACC) command.
System object name (SYSOBJNAM)
Specifies the system object name of the document or folder. If a document or folder name or *ALL is specified on the Document library object (DLO) parameter, this parameter is ignored, and a folder name is required.
- name
- Specify the system object name of the document or folder using the entire 10 characters.
ADDDLOAUT DLO(*ALL) USER(MIKE (*CHANGE)) AUTL(*NONE)
FLR(MYFLR) ACC(1023)
This command adds *CHANGE authority for user MIKE to all objects in the folder MYFLR. An access code of 1023 was also added to the object.
*ESCAPE Messages
- CPF8A75
- Not authorized to access folder &1.
- CPF8A77
- Folder &1 not found.
- CPF8A78
- Folder &1 in use.
- CPF8A79
- Folder &1 is logically damaged.
- CPF8A80
- Document &2 in use in folder &1.
- CPF8A82
- Document &2 not found in folder &1.
- CPF8A83
- Not authorized to access document &2 in folder &1.
- CPF8A88
- Operation not allowed on document &2 in folder &1.
- CPF8A89
- Document &2 in folder &1 is logically damaged.
- CPF90BA
- Authority request for document library object failed.
- CPF901F
- *AUTL was specified for a user other than *PUBLIC.
- CPF9073
- No authority to view or change the security of document library object &1.
- CPF908A
- Requester &1 not enrolled.
- CPF908B
- Document library object not found.
- CPF908E
- &1 objects changed; &2 objects not changed.
- CPF909A
- Document &2 in folder &1 is damaged.
- CPF9095
- Folder &1 is damaged.