82 lines
5.2 KiB
HTML
82 lines
5.2 KiB
HTML
<?xml version="1.0" encoding="UTF-8"?>
|
|
<!DOCTYPE html
|
|
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
|
<html lang="en-us" xml:lang="en-us">
|
|
<head>
|
|
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
|
|
<meta name="security" content="public" />
|
|
<meta name="Robots" content="index,follow" />
|
|
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
|
|
<meta name="DC.Type" content="concept" />
|
|
<meta name="DC.Title" content="Types of data authority" />
|
|
<meta name="abstract" content="Listed here are the types of data authorities, or permissions, to grant users access to physical and logical files." />
|
|
<meta name="description" content="Listed here are the types of data authorities, or permissions, to grant users access to physical and logical files." />
|
|
<meta name="DC.subject" content="data, authority, granting, reading, read, add authority, add, updating, update, deleting, executing" />
|
|
<meta name="keywords" content="data, authority, granting, reading, read, add authority, add, updating, update, deleting, executing" />
|
|
<meta name="DC.Relation" scheme="URI" content="rbafosecfs.htm" />
|
|
<meta name="DC.Relation" scheme="URI" content="rbaforzahftra.htm" />
|
|
<meta name="copyright" content="(C) Copyright IBM Corporation 1998, 2006" />
|
|
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 1998, 2006" />
|
|
<meta name="DC.Format" content="XHTML" />
|
|
<meta name="DC.Identifier" content="rbafoauthd" />
|
|
<meta name="DC.Language" content="en-us" />
|
|
<!-- All rights reserved. Licensed Materials Property of IBM -->
|
|
<!-- US Government Users Restricted Rights -->
|
|
<!-- Use, duplication or disclosure restricted by -->
|
|
<!-- GSA ADP Schedule Contract with IBM Corp. -->
|
|
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
|
|
<link rel="stylesheet" type="text/css" href="./ic.css" />
|
|
<title>Types of data authority</title>
|
|
</head>
|
|
<body id="rbafoauthd"><a name="rbafoauthd"><!-- --></a>
|
|
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
|
|
<h1 class="topictitle1">Types of data authority</h1>
|
|
<div><p>Listed here are the types of data authorities, or permissions,
|
|
to grant users access to physical and logical files. </p>
|
|
<div class="section"><h4 class="sectiontitle">Read authority</h4><p>Users can read the records in the
|
|
file.</p>
|
|
</div>
|
|
<div class="section"><h4 class="sectiontitle">Add authority</h4><p>Users can add new records to the file.</p>
|
|
</div>
|
|
<div class="section"><h4 class="sectiontitle">Update authority</h4><p>Users can update existing records.
|
|
(To read a record for update, you must also have read authority.)</p>
|
|
</div>
|
|
<div class="section"><h4 class="sectiontitle">Delete authority</h4><p>Users can delete existing records.
|
|
(To read a record for deletion, you must also have read authority.)</p>
|
|
</div>
|
|
<div class="section"><h4 class="sectiontitle">Execute authority</h4><p>You can use execute
|
|
authority to work with libraries and to start programs. For example, if you
|
|
are changing a file associated with a trigger, you must have execute authority
|
|
to the trigger program. If you do not have execute authority, the system will
|
|
not start the trigger program. </p>
|
|
<p>Normally, the authority you have to
|
|
the data in the file is not verified until you actually perform the input/output
|
|
operation. However, the Open Query File (OPNQRYF) and Open Database File (OPNDBF)
|
|
commands also verify data authority when the file is opened.</p>
|
|
<p>If object
|
|
operational authority is not granted to a user for a file, the user cannot
|
|
open the file.</p>
|
|
<div class="p">The following example shows the relationship between
|
|
authority granted for logical files and the physical files used by the logical
|
|
file. The logical files LF1, LF2, and LF3 are based on the physical file PF1.
|
|
USERA has read (*READ) and add (*ADD) authority to the data in PF1 and object
|
|
operational (*OBJOPR), read (*READ), and add (*ADD) authority for LF1 and
|
|
LF2. This means that USERA cannot open PF1 or use its data directly in any
|
|
way because the user does <em>not</em> have object operational authority (*OBJOPR)
|
|
to PF1; USERA can open LF1 and LF2 and read records from and add records to
|
|
PF1 through LF1 and LF2. <div class="note"><span class="notetitle">Note:</span> The user was not given authority for LF3 and,
|
|
therefore, cannot use it.</div>
|
|
</div>
|
|
<div class="fignone"><br /><img src="rbafo537.gif" alt="Examples of files" /><br /></div>
|
|
</div>
|
|
</div>
|
|
<div>
|
|
<div class="familylinks">
|
|
<div class="parentlink"><strong>Parent topic:</strong> <a href="rbafosecfs.htm" title="Choose one of the ways to grant file and data authority.">Grant file and data authority</a></div>
|
|
</div>
|
|
<div class="relconcepts"><strong>Related concepts</strong><br />
|
|
<div><a href="rbaforzahftra.htm" title="A trigger is a set of actions that run automatically when a specified change or read operation is performed on a specified database file. On iSeries, you define a set of trigger actions in any supported high-level language.">Trigger automatic events in your database</a></div>
|
|
</div>
|
|
</div>
|
|
</body>
|
|
</html> |