friedkiwi/ibm-information-center
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
14ed2849c6
ibm-information-center/dist/eclipse/plugins/i5OS.ic.cl_5.4.0.1/grtwsoaut.htm

373 lines
16 KiB
HTML
Raw Blame History

<!doctype html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head><META http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>Grant Workstation Object Aut (GRTWSOAUT)</title>
<link rel="stylesheet" type="text/css" href="../rzahg/ic.css">
</head>
<body bgcolor="white">
<script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
<a name="GRTWSOAUT.Top_Of_Page"></a>
<h2>Grant Workstation Object Aut (GRTWSOAUT)</h2>
<table width="100%">
<tr>
<td valign="top" align="left"><b>Where allowed to run: </b>All environments (*ALL)<br>
<b>Threadsafe: </b>No
</td>
<td valign="top" align="right">
<a href="#GRTWSOAUT.PARAMETERS.TABLE">Parameters</a><br>
<a href="#GRTWSOAUT.COMMAND.EXAMPLES">Examples</a><br>
<a href="#GRTWSOAUT.ERROR.MESSAGES">Error messages</a></td>
</tr>
</table>
<div> <a name="GRTWSOAUT"></a>
<p>The Grant Workstation Object Authority (GRTWSOAUT) command is used by one user to grant specific authority for the workstation object named in this command to another user or group of users. Workstation objects are used by the i5/OS Graphical Operations program.
</p>
<p>Authority can be given to:
</p>
<ul>
<li>Named users.
</li>
<li>Users (*PUBLIC) who do not have authority specifically given to them either for the object or for the authorization list.
</li>
<li>Groups of users who do not have any authority to the object or are not on the authorization list that secures the object.
</li>
<li>Users of the referenced workstation object (specified on the REFWSO parameter).
</li>
<li>Users on an established authorization list.
</li>
</ul>
<p>When AUT(*AUTL) is specified, the user can The authority for:
</p>
<ul>
<li>All users who do not have authority specifically given to them for an object.
</li>
<li>Users who are not on the authorization list that secures the object.
</li>
<li>Users whose user group does not have authority specifically given to it.
</li>
<li>Users whose user group is not on the authorization list that secures the object.
</li>
</ul>
<p>This command can be used by an object owner, by the security officer, or by a user with object management authority for the specified object.
</p>
<p><b>Restrictions:</b>
</p>
<ol>
<li>A user must be either the owner of the object or have *ALL authority to use the AUTL parameter.
</li>
<li>The user must have object management authority to the object to grant authority to the object.
</li>
<li>AUT(*AUTL) can be specified only with USER(*PUBLIC). User profile names cannot be secured by an authorization list (*AUTL).
</li>
<li>Only the owner of the object, or someone with all object authority (*ALLOBJ), can grant object management authority to a user.
</li>
</ol>
</div>
<table width="100%">
<tr><td align="right"><a href="#GRTWSOAUT.Top_Of_Page">Top</a></td></tr>
</table>
<hr size="2" width="100%">
<div>
<h3><a name="GRTWSOAUT.PARAMETERS.TABLE">Parameters</a></h3>
<table border="1" cellpadding="4" cellspacing="0">
<!-- col1="10" col2="15" col3="30" col4="10" -->
<tr>
<th bgcolor="aqua" valign="bottom" align="left">Keyword</th>
<th bgcolor="aqua" valign="bottom" align="left">Description</th>
<th bgcolor="aqua" valign="bottom" align="left">Choices</th>
<th bgcolor="aqua" valign="bottom" align="left">Notes</th>
</tr>
<tr>
<td valign="top" rowspan="2"><a href="#GRTWSOAUT.WSOTYPE"><b>WSOTYPE</b></a></td>
<td valign="top">Workstation object type</td>
<td valign="top"><i>Element list</i></td>
<td valign="top" rowspan="2">Required, Positional 1</td>
</tr>
<tr>
<td valign="top">Element 1: </td>
<td valign="top">
*TPLWRKARA, *WRKARA, *TPLPRTOL, *PRTOL, *TPLPRTL, *PRTL, *TPLOUTQ, *TPLOUTQL, *OUTQL, *TPLJOBL, *JOBL, *TPLJOBQ, *TPLJOBLOG, *JOBLOG, *TPLJOBQL, *JOBQL, *TPLMSGL, *MSGL, *TPLMSGQ, *TPLMSGSND, *MSGSND, *TPLSGNUSL, *SGNUSL, *TPLOBJL, *OBJL, *TPLLIBSL, *LIBSL, *TPLLIB, *LAUNCH, *TPLLAUNCH, *PRSSET</td>
</tr>
<tr>
<td valign="top" rowspan="2"><a href="#GRTWSOAUT.USER"><b>USER</b></a></td>
<td valign="top">Users</td>
<td valign="top">Single values: *PUBLIC<br>Other values (up to 50 repetitions): <i>Qualifier list</i></td>
<td valign="top" rowspan="2">Optional, Positional 2</td>
</tr>
<tr>
<td valign="top">Qualifier 1: Users</td>
<td valign="top"><i>Name</i></td>
</tr><tr>
<td valign="top"><a href="#GRTWSOAUT.AUT"><b>AUT</b></a></td>
<td valign="top">Authority</td>
<td valign="top">Single values: <b><u>*CHANGE</u></b>, *ALL, *USE, *EXCLUDE, *AUTL<br>Other values (up to 7 repetitions): *OBJEXIST, *OBJMGT, *OBJOPR, *ADD, *DLT, *READ, *UPD</td>
<td valign="top">Optional, Positional 3</td>
</tr>
<tr>
<td valign="top"><a href="#GRTWSOAUT.AUTL"><b>AUTL</b></a></td>
<td valign="top">Authorization list</td>
<td valign="top"><i>Name</i></td>
<td valign="top">Optional</td>
</tr>
<tr>
<td valign="top" rowspan="2"><a href="#GRTWSOAUT.REFWSO"><b>REFWSO</b></a></td>
<td valign="top">Reference workstation object</td>
<td valign="top"><i>Element list</i></td>
<td valign="top" rowspan="2">Optional</td>
</tr>
<tr>
<td valign="top">Element 1: </td>
<td valign="top">
*TPLWRKARA, *WRKARA, *TPLPRTOL, *PRTOL, *TPLPRTL, *PRTL, *TPLOUTQ, *TPLOUTQL, *OUTQL, *TPLJOBL, *JOBL, *TPLJOBQ, *TPLJOBLOG, *JOBLOG, *TPLJOBQL, *JOBQL, *TPLMSGL, *MSGL, *TPLMSGQ, *TPLMSGSND, *MSGSND, *TPLSGNUSL, *SGNUSL, *TPLOBJL, *OBJL, *TPLLIBSL, *LIBSL, *TPLLIB, *LAUNCH, *TPLLAUNCH, *PRSSET</td>
</tr>
</table>
<table width="100%">
<tr><td align="right"><a href="#GRTWSOAUT.Top_Of_Page">Top</a></td></tr>
</table>
</div>
<div> <a name="GRTWSOAUT.WSOTYPE"></a>
<h3>Workstation object type (WSOTYPE)</h3>
<p>Specifies the workstation objects whose authority is to be editted.
</p>
<p>This is a required parameter.
</p>
<dl>
<dt><b>*TPLWRKARA</b></dt>
<dd>The work area template is the workstation object.
</dd>
<dt><b>*WRKARA</b></dt>
<dd>The work area objects are the workstation objects.
</dd>
<dt><b>*TPLPRTOL</b></dt>
<dd>The printer output list template is the workstation object.
</dd>
<dt><b>*PRTOL</b></dt>
<dd>The printer output list objects are the workstation objects.
</dd>
<dt><b>*TPLPRTL</b></dt>
<dd>The printer list template is the workstation object.
</dd>
<dt><b>*PRTL</b></dt>
<dd>The printer list objects are the workstation objects.
</dd>
<dt><b>*TPLOUTQ</b></dt>
<dd>The output queue template is the workstation object.
</dd>
<dt><b>*TPLOUTQL</b></dt>
<dd>The output queue list template is the workstation object.
</dd>
<dt><b>*OUTQL</b></dt>
<dd>The output queue list objects are the workstation objects.
</dd>
<dt><b>*TPLJOBL</b></dt>
<dd>The job list template is the workstation object.
</dd>
<dt><b>*JOBL</b></dt>
<dd>The job list objects are the workstation objects.
</dd>
<dt><b>*TPLJOBQ</b></dt>
<dd>The job queue template is the workstation object.
</dd>
<dt><b>*TPLJOBLOG</b></dt>
<dd>The job log template is the workstation object.
</dd>
<dt><b>*JOBLOG</b></dt>
<dd>The job log objects are the workstation objects.
</dd>
<dt><b>*TPLJOBQL</b></dt>
<dd>The job queue list template is the workstation object.
</dd>
<dt><b>*JOBQL</b></dt>
<dd>The job queue list objects are the workstation objects.
</dd>
<dt><b>*TPLMSGL</b></dt>
<dd>The message list template is the workstation object.
</dd>
<dt><b>*MSGL</b></dt>
<dd>The message list objects are the workstation objects.
</dd>
<dt><b>*TPLMSGQ</b></dt>
<dd>The message queue template is the workstation object.
</dd>
<dt><b>*TPLMSGSND</b></dt>
<dd>The message sender template is the workstation object.
</dd>
<dt><b>*MSGSND</b></dt>
<dd>The message sender objects are the workstation objects.
</dd>
<dt><b>*TPLSGNUSL</b></dt>
<dd>The signed-on user list template is the workstation object.
</dd>
<dt><b>*SGNUSL</b></dt>
<dd>The signed-on user list objects are the workstation objects.
</dd>
<dt><b>*TPLOBJL</b></dt>
<dd>The object list template is the workstation object.
</dd>
<dt><b>*OBJL</b></dt>
<dd>The object list objects are the workstation objects.
</dd>
<dt><b>*TPLLIBSL</b></dt>
<dd>The library list template is the workstation object.
</dd>
<dt><b>*LIBSL</b></dt>
<dd>The library list objects are the workstation objects.
</dd>
<dt><b>*TPLLIB</b></dt>
<dd>The library template is the workstation object.
</dd>
<dt><b>*TPLLAUNCH</b></dt>
<dd>The job submitter template is the workstation object.
</dd>
<dt><b>*LAUNCH</b></dt>
<dd>The job submitter objects are the workstation objects.
</dd>
<dt><b>*PRSSET</b></dt>
<dd>The personal settings objects are the workstation objects.
</dd>
</dl>
</div>
<table width="100%">
<tr><td align="right"><a href="#GRTWSOAUT.Top_Of_Page">Top</a></td></tr>
</table>
<div> <a name="GRTWSOAUT.USER"></a>
<h3>Users (USER)</h3>
<p>Specifies one or more users to whom authorities for the named object are to be given. If user names are specified, the authorities are given specifically to those users. Authority given by this command can be revoked specifically by the Revoke Workstation Object Authority (RVKWSOAUT) command.
</p>
<p>This is a required parameter unless either the <b>Reference workstation object (REFWSO)</b> parameter or <b>Authorization list (AUTL)</b> parameter is specified.
</p>
<dl>
<dt><b>*PUBLIC</b></dt>
<dd>All users of the system, who do not have authority specifically given to them for the object, who are not on the authorization list, whose user group does not have any authority, or whose user group is not on the authorization list, are authorized to use the object as specified on the AUT parameter.
</dd>
<dt><b><i>name</i></b></dt>
<dd>Specify the name of one or more user profiles. A maximum of 50 user profile names can be specified.
</dd>
</dl>
</div>
<table width="100%">
<tr><td align="right"><a href="#GRTWSOAUT.Top_Of_Page">Top</a></td></tr>
</table>
<div> <a name="GRTWSOAUT.AUT"></a>
<h3>Authority (AUT)</h3>
<p>Specifies the authority to be given to the users specified on the <b>Users (USER)</b> parameter.
</p>
<p><b>Single values</b>
</p>
<dl>
<dt><b><u>*CHANGE</u></b></dt>
<dd>The user can perform all operations on the object except those limited to the owner or controlled by object existence (*OBJEXIST) and object management (*OBJMGT) authorities. The user can change and perform basic functions on the object. *CHANGE authority provides object operational (*OBJOPR) authority and all data authority. If the object is an authorization list, the user cannot add, change, or remove users.
</dd>
</dl>
<dl>
<dt><b>*ALL</b></dt>
<dd>The user can perform all operations except those limited to the owner or controlled by authorization list management (*AUTLMGT) authority. The user can control the object's existence, specify the security for the object, change the object, and perform basic functions on the object. The user also can change ownership of the object.
</dd>
</dl>
<dl>
<dt><b>*USE</b></dt>
<dd>The user can perform basic operations on the object, such as running a program or reading a file. The user cannot change the object. Use (*USE) authority provides object operational (*OBJOPR), read (*READ), and execute (*EXECUTE) authorities.
</dd>
</dl>
<dl>
<dt><b>*EXCLUDE</b></dt>
<dd>The user cannot access the workstation object.
</dd>
<dt><b>*AUTL</b></dt>
<dd>The public authority of the authorization list specified on the AUTL parameter is used for the public authority for the object.
<p>
<b>Note: </b>You can specify AUT(*AUTL) only when USER(*PUBLIC) is also specified.
</p>
</dd>
</dl>
<p><b>Other values (up to 10 repetitions)</b>
</p>
<dl>
<dt><b>*OBJALTER</b></dt>
<dd>Object alter authority provides the authority needed to alter the attributes of an object. If the user has this authority on a database file, the user can add and remove triggers, add and remove referential and unique constraints, and change the attributes of the database file. If the user has this authority on an SQL package, the user can change the attributes of the SQL package. This authority is currently only used for database files and SQL packages.
</dd>
<dt><b>*OBJMGT</b></dt>
<dd>Object management authority provides the authority to The security for the object, move or rename the object, and add members to database files.
</dd>
<dt><b>*OBJEXIST</b></dt>
<dd>Object existence authority provides the authority to control the object's existence and ownership. If a user has special save system authority (*SAVSYS), object existence authority is not needed to perform save restore operations on the object.
</dd>
<dt><b>*OBJOPR</b></dt>
<dd>Object operational authority provides authority to look at the description of an object and use the object as determined by the data authority that the user has to the object.
</dd>
<dt><b>*OBJREF</b></dt>
<dd>Object reference authority provides the authority needed to reference an object from another object such that operations on that object may be restricted by the other object. If the user has this authority on a physical file, the user can add referential constraints in which the physical file is the parent. This authority is currently only used for database files.
</dd>
</dl>
<p><b>Data authorities</b>
</p>
<dl>
<dt><b>*ADD</b></dt>
<dd>Add authority provides the authority to add entries to an object (for example, job entries to an queue or records to a file).
</dd>
</dl>
<dl>
<dt><b>*DLT</b></dt>
<dd>Delete authority provides the authority to remove entries from an object.
</dd>
<dt><b>*EXECUTE</b></dt>
<dd>Execute authority provides the authority needed to run a program or locate an object in a library.
</dd>
<dt><b>*READ</b></dt>
<dd>Read authority provides the authority needed to get the contents of an entry in an object or to run a program.
</dd>
<dt><b>*UPD</b></dt>
<dd>Update authority provides the authority to change the entries in an object.
</dd>
</dl>
</div>
<table width="100%">
<tr><td align="right"><a href="#GRTWSOAUT.Top_Of_Page">Top</a></td></tr>
</table>
<div> <a name="GRTWSOAUT.AUTL"></a>
<h3>Authorization list (AUTL)</h3>
<p>Specifies the authorization list whose members are to be given authority for the object specified for the <b>Workstation object type (WSOTYPE)</b> parameter. You must have authorization list management (*AUTLMGT) authority for the specified authorization list.
</p>
<p>This is a required parameter unless either the <b>Users (USER)</b> parameter or the <b>Reference workstation object (REFWSO)</b> parameter is specified.
</p>
</div>
<table width="100%">
<tr><td align="right"><a href="#GRTWSOAUT.Top_Of_Page">Top</a></td></tr>
</table>
<div> <a name="GRTWSOAUT.REFWSO"></a>
<h3>Reference workstation object (REFWSO)</h3>
<p>Specifies the workstation object referred to for authorizations. These authorizations are given to the object specified for the <b>Workstation object type (WSOTYPE)</b> parameter. Users authorized to the reference object are authorized in the same manner to the object for which authority is to be given. If the reference object is secured by an authorization list, that authorization list secures the object specified on the WSOTYPE parameter.
</p>
<p>This is a required parameter unless either the <b>Users (USER)</b> parameter or the <b>Authorization list (AUTL)</b> parameter is specified.
</p>
</div>
<table width="100%">
<tr><td align="right"><a href="#GRTWSOAUT.Top_Of_Page">Top</a></td></tr>
</table>
<hr size="2" width="100%">
<div><h3><a name="GRTWSOAUT.COMMAND.EXAMPLES">Examples</a> </h3>
<p>
<pre>
GRTWSOAUT WSOTYPE(*TPLWRKARA) AUTL(KLIST)
</pre>
</p>
<p>This command gives authority to the work are template to the users with authority specified for them on the authorization list KLIST.
</p>
</div>
<table width="100%">
<tr><td align="right"><a href="#GRTWSOAUT.Top_Of_Page">Top</a></td></tr>
</table>
<hr size="2" width="100%">
<div>
<h3><a name="GRTWSOAUT.ERROR.MESSAGES">Error messages</a></h3>Unknown
</div>
<table width="100%">
<tr><td align="right"><a href="#GRTWSOAUT.Top_Of_Page">Top</a></td></tr>
</table>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink