The Change Object Authority command allows changes to authority for
one, generic, or *ALL objects in a library of a specific type, or all
types. A list of up to 50 users or generic users may be specified
for specific authorities or to remove all authorities.
You must be authorized to make changes to the authorization of the
object or objects.
A typical command would be:
CHGOBJAUT OBJ(xxx/*ALL) OBJTYPE(*ALL)
USER(USER1 USER2 USER9*) AUT(*CHANGE)
All objects in the library would be processed. Any existing
authorizations for USER1 and USER2 would be revoked and *CHANGE
authority added for USER1 and USER2. Any existing authorizations for
any user with the generic name USER9* would be revoked and *CHANGE
authority added. An optional listing is produced of the objects that
were changed.
You can also remove authorizations such as:
CHGOBJAUT OBJ(xxx/*ALL) OBJTYPE(*ALL)
USER(USER1 USER2 USER9*) AUT(*REMOVE)
This would remove any authorizations for the two users and any users
with the generic name USER9*. They could access the object based on
the rights of the *PUBLIC user. If USER(*ALL) is specified, the
owner and *PUBLIC authority are not removed.
Excluding users from objects would be done by:
CHGOBJAUT OBJ(xxx/*ALL) OBJTYPE(*ALL)
USER(USER1 USER2 USER9*) AUT(*EXCLUDE)
This would prevent the users from any access to the objects.
CHGOBJAUT escape messages you can monitor for
---------------------------------------------
TAA9891 CHGOBJAUT failed - see listing
Escape messages from based on functions will be re-sent.
CHGOBJAUT Command parameters *CMD
----------------------------
OBJ The qualified name of the object to be changed. A
single object, a generic name, or *ALL may be
entered for all objects. The library value is
required.
OBJTYPE Either *ALL for all object types or a specific
object type may be entered. Use the prompter for a
list of the supported object types.
USER The user name to be changed. A list of up to 50
user names or generic names may be entered.
*PUBLIC may be entered as the only name in the list.
*ALL may be entered if AUT(*REMOVE) is specified.
AUT The authority to be granted.
The supported single values are *REMOVE, CHANGE,
*USE, and *EXCLUDE.
One or more of the specific authorities may be
entered for *OBJALTER, *OBJEXIST, *OBJMGT, *OBJOPR,
*OBJREF, *ADD, *DLT, *READ, *UPD, and *EXECUTE.
ATTRIBUTE The attribute of the object(s) to be changed. *ALL
is the default for all attributes.
A specific attribute may be entered such as CLP or
PF. No checking occurs to ensure that a valid
attribute is entered.
DLTSPLF A *YES/*NO parameter for whether the created spooled
file should be deleted.
*NO is the default to retain the spooled file.
*YES may be specified to prevent creating a spooled
file. If an error occurs, an immediate escape
message is sent.
Restrictions
------------
The combination of user names from individual named users and generic
users cannot exceed 300. The first 50 will be changed and an escape
message issued.
Prerequisites
-------------
The following TAA Tools must be on your system:
CHKDUPLST Check duplicate list
CHKGENERC Check generic
CHKGENOBJ Check generic object
CHKOBJ3 Check object 3
EDTVAR Edit variable
EXTLST Extract list
EXTLST2 Extract list 2
PRINT Print
RSNLSTMSG Resend last message
RTVOBJLST Retrieve object list
SNDCOMPMSG Send completion message
SNDESCINF Send escape information
SNDESCMSG Send escape message
SNDLNGMSG Send long message
Implementation
--------------
None, the tool is ready to use.
Objects used by the tool
------------------------
Object Type Attribute Src member Src file
------ ---- --------- ---------- ----------
CHGOBJAUT *CMD TAASEHD QATTCMD
TAASEHDC *PGM CLP TAASEHDC QATTCL
|
