Retrieve Objects Secured by Authorization List (QGYRATLO) API


  Required Parameter Group:

1 Receiver variable Output Char(*)
2 Length of receiver variable Input Binary(4)
3 List information Output Char(80)
4 Section information Output Char(64)
5 Number of records to return Input Binary(4)
6 Format name Input Char(8)
7 Authorization list Input Char(10)
8 Error code I/O Char(*)

  Default Public Authority: *USE

  Threadsafe: No

The Retrieve Objects Secured by Authorization List (QGYRATLO) API provides a list of objects that are secured by an authorization list. This API provides information similar to the Display Authorization List Objects (DSPAUTLOBJ) command and the List Objects Secured by Authorization List (QSYLATLO) API.


Differences between QSYLATLO and QGYRATLO

The QGYRATLO API returns the same information that the List Objects Secured by Authorization List (QSYLATLO) API provides, but takes a complete snapshot at once and allows subsequent records to be obtained through the Get List Entries (QGYGTLE) API.


Authorities and Locks

Authorization List Authority
Must not be *EXCLUDE authority

Required Parameter Group

Receiver variable
OUTPUT; CHAR(*)

The receiver variable that receives the information requested. You can specify the size of the area to be smaller than the format requested as long as you specify the length parameter correctly. As a result, the API returns only the data that the area can hold.

Length of receiver variable
INPUT; BINARY(4)

The length of the receiver variable provided. The length of receiver variable parameter may be specified up to the size of the receiver variable specified in the user program. If the length of receiver variable parameter specified is larger than the allocated size of the receiver variable specified in the user program, the results are not predictable. For formats that contain variable length data, the receiver variable length must be large enough to hold the fixed portion of the record.

List information
OUTPUT; CHAR(80)

The variable that is used to return status information about the list of secured objects that were opened. See Format of List Information for a description of this parameter.

Section information
OUTPUT; CHAR(64)

The variable that is used to return entry information about the list of secured objects that was opened. See Format of Section Information for a description of this parameter.

Number of records to return
INPUT; BINARY(4)

The number of records in the list to put into the receiver variable after the entire list has been built. If -1 is specified, then all the records will be returned.

Format name
INPUT; CHAR(8)

The name of the format that is used to list objects secured by the authorization list.

You can specify these formats:

ATLO0100 Each entry contains the object name, library, type, authority holder indicator, auxiliary storage pool (ASP) device name of library, and ASP device name of object.
ATLO0110 This format only returns path names for objects in a directory. Each entry contains the offset to the path name, the length of the path name, type, authority holder indicator, ASP device name of object, and the path name value. Objects in the QSYS and QDLS file systems are not returned with this format.
ATLO0200 Each entry contains the same information as ATLO0100 plus the object owner, attribute, text, and primary group.
ATLO0210 This format only returns path names for objects in a directory. Each entry contains the same information as format ATLO0110 plus the object owner, attribute, text, and primary group. Objects in the QSYS and QDLS file systems are not returned with this format.
ATLO0300 Each entry contains the length of the entry, object name, library, type, authority holder indicator, document library object (DLO) name, the name of the folder that the DLO is in, the displacement to the path name, the length of the path name, ASP device name of library, ASP device name of object, and the path name value. Objects in all file systems will be returned with this format.
ATLO0400 Each entry contains the same information as ATLO0300 plus the object owner, primary group, attribute, and text. Objects in all file systems are returned with this format.

Authorization list
INPUT; CHAR(10)

The name of the authorization list for which the secured objects are returned.

Error code
I/O; CHAR(*)

The structure in which to return error information. For the format of the structure, see Error Code Parameter.


Format of Receiver Variable

The following tables describe the order and format of the data returned in the receiver variable. For detailed descriptions of the fields in the tables, see Field Descriptions.


ATLO0100 Format

Offset Type Field
Dec Hex
0 0 BINARY(4) Object name
10 0A CHAR(10) Library name
20 14 CHAR(10) Object type
30 1E CHAR(1) Authority holder
31 1F CHAR(10) ASP device name of library
41 29 CHAR(10) ASP device name of object


ATLO0110 Format

Offset Type Field
Dec Hex
0 0 BINARY(4) Offset to path name
4 4 BINARY(4) Length of path name
8 8 CHAR(10) Object type
18 12 CHAR(1) Authority holder
19 13 CHAR(1) Reserved
20 14 CHAR(10) ASP device name of object
    CHAR(*) Path name


ATLO0200 Format

Offset Type Field
Dec Hex
0 0 BINARY(4) Object name
10 0A CHAR(10) Library name
20 14 CHAR(10) Object type
30 1E CHAR(1) Authority holder
31 1F CHAR(10) Owner
41 29 CHAR(10) Attribute
51 33 CHAR(50) Text description
101 65 CHAR(10) Primary group
111 6F CHAR(10) ASP device name of library
121 79 CHAR(10) ASP device name of object


ATLO0210 Format

Offset Type Field
Dec Hex
0 0 BINARY(4) Offset to path name
4 4 BINARY(4) Length of path name
8 8 CHAR(10) Object type
18 12 CHAR(1) Authority holder
19 13 CHAR(10) Owner
29 1D CHAR(10) Attribute
39 27 CHAR(50) Text description
89 59 CHAR(10) Primary group
99 63 CHAR(1) Reserved
100 64 CHAR(10) ASP device name of object
    CHAR(*) Path name


ATLO0300 Format

Offset Type Field
Dec Hex
0 0 BINARY(4) Length of entry
4 4 CHAR(10) Object name
14 0E CHAR(10) Library name
24 18 CHAR(10) Object type
34 22 CHAR(1) Authority holder
35 23 CHAR(12) DLO name
47 2F CHAR(63) Folder name
110 6E CHAR(2) Reserved
112 70 BINARY(4) Displacement to path name
116 74 BINARY(4) Length of path name
120 78 CHAR(10) ASP device name of library
130 82 CHAR(10) ASP device name of object
    CHAR(*) Path name


ATLO0400 Format

Offset Type Field
Dec Hex
0 0 BINARY(4) Length of entry
4 4 CHAR(10) Object name
14 0E CHAR(10) Library name
24 18 CHAR(10) Object type
34 22 CHAR(1) Authority holder
35 23 CHAR(12) DLO name
47 2F CHAR(63) Folder name
110 6E CHAR(2) Reserved
112 70 BINARY(4) Displacement to path name
116 74 BINARY(4) Length of path name
120 78 CHAR(10) Owner
130 82 CHAR(10) Attribute
140 8C CHAR(50) Text description
190 BE CHAR(10) Primary group
200 C8 CHAR(10) ASP device name of library
210 D2 CHAR(10) ASP device name object
    CHAR(*) Path name


Field Descriptions

ASP device name of library. The auxiliary storage pool (ASP) device name where the object's library is stored. If the object's library is in the system ASP or one of the basic user ASPs, this field contains *SYSBAS.

ASP device name of object. The auxiliary storage pool (ASP) device name where the object is stored. If the object is in the system ASP or one of the basic user ASPs, this field contains *SYSBAS.

Attribute. The attribute of the secured object. If the object is not in the QSYS or QDLS file system, this field is blank.

Authority holder. Whether the object is an authority holder. If the object is an authority holder, this field is Y. If not, this field is N.

Authorization list. The name of the authorization list for which the list of objects is returned.

Authorization list library name. The name of the library that contains the authorization list.

Displacement to path name. The displacement in the entry to the start of the path name. The displacement will be set to zero if the receiver variable is not large enough to hold the path name.

DLO name. The document library object (DLO) name for the object. If the object is not a *DOC (document) or *FLR (folder) object, this field is blank.

Folder name. The name of the folder that contains the DLO object. If the object is not in a folder, this field contains *NONE.

Length of entry. The length (in bytes) of the current entry.

Length of path name. The length (in bytes) of the path name.

Library name. The name of the library that contains the object.

Object name. The name of the object that is secured by the authorization list. If the object is not in the QSYS or QDLS file system, this field is blank.

Object type. The type of secured object.

Offset to path name. The offset in the receiver variable to the start of the path name. The offset will be set to zero if the receiver variable is not large enough to hold the path name.

Owner. The name of the owner of the authorization list or object.

Path name. The path name of the object that is secured by the authorization list. The user must request a format that supports path names if path names are to be included in the information that is returned in the receiver variable. The structure of the path name returned follows:

Description Type
CCSID of the returned path name Binary(4)
Country or region ID Char(2)
Language ID Char(3)
Reserved field Char(3)
Flag byte Binary(4)
Number of bytes in the path name Binary(4)
Path delimiter Char(2)
Reserved field Char(10)
Path name value Char(*)

Primary group. The name of the user who is the primary group for the authorization list or object. If there is no primary group for the authorization list or object, this field contains a value of *NONE.

Reserved. An ignored field.

Text description. The descriptive text for the secured object. If the object is not in the QSYS or QDLS file system, this field is blank.


Format of List Information

Offset Type Field
Dec Hex
0 0 BINARY(4) Total records
4 4 BINARY(4) Records returned
8 8 CHAR(4) Request handle
12 C BINARY(4) Record length
16 10 CHAR(1) Information complete indicator
17 11 CHAR(13) Date and time created
30 1E CHAR(1) List status indicator
31 1F CHAR(1) Reserved
32 20 BINARY(4) Length of information returned
36 24 BINARY(4) First record in buffer
40 28 BINARY(4) Reason code
44 2C CHAR(36) Reserved


Field Descriptions

Date and time created. The date and time when the list was created.

The 13 characters are:

0 Century, where 0 indicates years 19xx and 1 indicates years 20xx.
2-7 The date, in YYMMDD (year, month, and day) format.
8-13 The time of day, in HHMMSS (hours, minutes, and seconds) format.

First record in buffer. The number of the first record in the receiver variable.

Information complete indicator. Whether all requested information has been supplied.
Possible values follow:

I Incomplete information. An interruption causes the list to contain incomplete information about a buffer or buffers.
P Partial and accurate information. Partial information is returned when the maximum space was used and not all of the buffers requested were read.
C Complete and accurate information. All the buffers requested are read and returned.

Length of information returned. The size, in bytes, of the information that is returned in the receiver variable.

List status indicator. The status of building the list.

Possible values follow:

2 The list has been completely built.

Reason code. The reason code that further describes why the list is only a subset of all objects. The following values can be returned:


Record length. The length of each record of information returned. For variable length records, this value is set to zero. For variable length records you can obtain the length of individual records from the records themselves.

Records returned. The number of records returned in the receiver variable. This is the smallest of the following three values:


Request handle. The handle of the request that can be used for subsequent requests of information from the list. The handle is valid until the Close List (QGYCLST) API is called to close the list, or until the job ends.

Note: This field should be treated as a hexadecimal field. It should not be converted from one CCSID to another, for example, EBCDIC to ASCII, because doing so could result in an unusable value.

Reserved. An ignored field.

Total records. The total number of records available in the list.


Format of Section Information

Offset Type Field
Dec Hex
0 0 BINARY(4) Entry number of first QSYS.LIB object
4 4 BINARY(4) Number of QSYS.LIB objects
8 8 BINARY(4) Entry number of first QDLS object
12 0C BINARY(4) Number of QDLS objects
16 10 BINARY(4) Entry number of first directory object
20 14 BINARY(4) Number of directory objects
24 18 CHAR(40) Reserved


Field Descriptions

Entry number of first directory object. The entry number of the first directory object (objects not in the QSYS.LIB or QDLS file system) that was returned in the receiver variable. This value is only set if you are using format ATLO0300 or ATLO0400. Otherwise, -1 is returned. If the number of directory objects field is 0, this value is also 0.

Entry number of first QDLS object. The entry number of the first QDLS object that was returned in the receiver variable. This value is only set if you are using format ATLO0300 or ATLO0400. Otherwise, -1 is returned. If the number of QDLS objects field is 0, this value is also 0.

Entry number of first QSYS.LIB object. The entry number of the first QSYS.LIB object that was returned in the receiver variable. This value is only set if you are using format ATLO0300 or ATLO0400. Otherwise, -1 is returned. If the number of QSYS.LIB objects field is 0, this value is also 0.

Number of directory objects. The number of objects in directories (objects not in the QSYS.LIB or QDLS file system) that were returned in the receiver variable. This value is only set if you are using format ATLO0300 or ATLO0400. Otherwise, -1 is returned. If there are no entries for objects in directories in the receiver variable, 0 is returned.

Number of QDLS objects. The number of objects in the QDLS file system that were returned in the receiver variable. This value is only set if you are using format ATLO0300 or ATLO0400. Otherwise, -1 is returned. If there are no entries for QDLS objects in the receiver variable, 0 is returned.

Number of QSYS.LIB objects. The number of objects in the QSYS.LIB file system that were returned in the receiver variable. This value is only set if you are using format ATLO0300 or ATLO0400. Otherwise, -1 is returned. If there are no entries for QSYS.LIB objects in the receiver variable, 0 is returned.

Reserved. An ignored field.


Error Messages

Message ID Error Message Text
CPF22AF E Not authorized to authorization list &1.
CPF2283 E Authorization list &1 does not exist.
CPF2289 E Unable to allocate authorization list &1.
CPF3CAA E List is too large for user space &1.
CPF3CF1 E Error code parameter not valid.
CPF3C21 E Format name &1 is not valid.
CPF3C90 E Literal value cannot be changed.
CPF9801 E Object &2 in library &3 not found.
CPF9802 E Not authorized to object &2 in &3.
CPF9803 E Cannot allocate object &2 in library &3.
CPF9807 E One or more libraries in library list deleted.
CPF9808 E Cannot allocate one or more libraries on library list.
CPF9810 E Library &1 not found.
CPF9820 E Not authorized to use library &1.
CPF9830 E Cannot assign library &1.
CPF9838 E User profile storage limit exceeded.
CPF9872 E Program or service program &1 in library &2 ended. Reason code &3.


API introduced: V4R1
Top | Security APIs | APIs by category