CHGPRFPUB -- Change User Profile to the *PUBLIC

CHGPRFPUB CHANGE USER PROFILE PER *PUBLIC TAASETU
The Change User Profile per PUBLIC command is designed for the situation where the objects in a library for the PUBLIC user have different forms of authority and you want to authorize a new user profile to have the same authority as the PUBLIC user. This would allow you to make the new user profile a group profile for designated profiles and then set the PUBLIC user to EXCLUDE to prevent access by non-authorized users. This allows members of the group to have the same authority as they had before. See CHGPRFPUB2 to make similar changes to IFS objects. See ADDGRPPRF for adding multiple users to a group profile. You must have ALLOBJ special authority to use CHGPRFPUB. Assume you have various objects in LIB1 which have different authority levels such as CHANGE or USE (or even USER DEF) for the PUBLIC user. You want to prevent unauthorized access by eventually setting the PUBLIC user to EXCLUDE. You would first create a new user profile (assume the name is GROUP10). Then run CHGPRFPUB as: CHGPRFPUB USRPRF(GROUP10) OBJ(LIB1/ALL) Because the default is ACTION(CHECK), no changes would occur. A listing would be displayed of the changes that would be made and any possible error conditions. Assuming the listing will describe the results you want to achieve, you would run again with ACTION(CHANGE). CHGPRFPUB USRPRF(GROUP10) OBJ(LIB1/ALL) ACTION(CHANGE) The displayed listing would describe the changes made. You would then use CHGUSRPRF to assign each user you want authorized and specify them as belonging to the group profile GROUP10. To then set the PUBLIC user to EXCLUDE, you could use the TAA CHGPUBAUT command as: CHGPUBAUT LIB(LIB1) OBJ(ALL) OBJTYPE(ALL) AUT(EXCLUDE) The command defaults to bypass the objects where the the PUBLIC profile is already EXCLUDE or AUTL. Exceptions ---------- ** If the USRPRF user is already specified for authority to an object, an exception is noted, but a change will be made if ACTION(CHANGE) is specified. You may want to change the authority back to its original value. * If an object is specified with an AUTL used to control authorizations, an error will be noted. If the PUBLIC user is specified as AUTL, you must manually change the AUTL object to achieve your objectives. CHGPRFPUB escape messages you can monitor for --------------------------------------------- None. Escape messages from based on functions will be re-sent. The sub tool CVTOBJAUT will send TAA9892 if no objects are found or TAA9891 if errors occur. You cannot proceed unless CVTOBJAUT completes successfully. CHGPRFPUB Command parameters CMD ---------------------------- USRPRF The name of the user profile to be authorized to the objects in the same manner as the PUBLIC user. OBJ The name of the object to change authority for. A generic name or the special value ALL may also be used. A library name must be entered. OBJTYPE The object type to be selected. ALL is the default. Use the prompter for the supported values. ACTION The ACTION to be performed. CHECK is the default. It will describe any situations that will prevent a change being made such as an Authorization List is used CHANGE may be specified to grant to the specified user the same authority as the PUBLIC user. OUTPUT How to output the results. is the default to display the spooled file if the command is entered interactively. If the display is ended with F3/F12 or the Enter key, the spooled file is deleted after it is displayed. To retain the spooled file, you may use the the System Request 'Cancel' function and the spooled file will exist in a HLD status. If the command is entered in batch or PRINT is specified, the spooled file is output and retained. Restrictions ------------ You must have ALLOBJ special authority to use CHGPRFPUB. Prerequisites ------------- The following TAA Tools must be on your system: CHKALLOBJ Check ALLOBJ special authority CHKOBJ3 Check object 3 CVTOBJAUT Convert object authority RMVMSGKEY Remove message key RSNLSTMSG Resend last message RTVSYSVAL3 Retrieve system value 3 SNDCOMPMSG Send completion message SNDESCINF Send escape information SNDESCMSG Send escape message Implementation -------------- None, the tool is ready to use. Objects used by the tool ------------------------ Object Type Attribute Src member Src file ------ ---- --------- ---------- ---------- CHGPRFPUB CMD TAASETU QATTCMD TAASETUC PGM CLP TAASETUC QATTCL TAASETUR PGM RPG TAASETUR QATTRPG

CHGPRFPUB       CHANGE USER PROFILE PER *PUBLIC        TAASETU


The  Change User  Profile  per  *PUBLIC  command is  designed  for  the
situation  where the  objects in a  library for  the *PUBLIC  user have
different  forms  of authority  and you  want to  authorize a  new user
profile to have  the same authority  as the *PUBLIC  user.  This  would
allow you to  make the new user profile a  group profile for designated
profiles  and then set the  *PUBLIC user to  *EXCLUDE to prevent access
by non-authorized  users.  This  allows members  of the  group to  have
the same authority as they had before.

See CHGPRFPUB2 to make similar changes to IFS objects.

See ADDGRPPRF for adding multiple users to a group profile.

You must have *ALLOBJ special authority to use CHGPRFPUB.

Assume  you  have   various  objects  in  LIB1   which  have  different
authority  levels such as  *CHANGE or *USE  (or even USER  DEF) for the
*PUBLIC user.  You  want to prevent  unauthorized access by  eventually
setting the  *PUBLIC user to  *EXCLUDE.  You  would first create  a new
user profile (assume the name is GROUP10).  Then run CHGPRFPUB as:

             CHGPRFPUB  USRPRF(GROUP10) OBJ(LIB1/*ALL)

Because  the default  is  ACTION(*CHECK), no  changes would  occur.   A
listing  would be displayed of  the changes that would  be made and any
possible error conditions.

Assuming the  listing will describe  the results  you want to  achieve,
you would run again with ACTION(*CHANGE).

             CHGPRFPUB  USRPRF(GROUP10) OBJ(LIB1/*ALL) ACTION(*CHANGE)

The displayed listing would describe the changes made.

You would  then use CHGUSRPRF to  assign each user you  want authorized
and specify them as belonging to the group profile GROUP10.

To  then  set the  *PUBLIC  user to  *EXCLUDE,  you could  use  the TAA
CHGPUBAUT command as:

             CHGPUBAUT  LIB(LIB1) OBJ(*ALL) OBJTYPE(*ALL)
                          AUT(*EXCLUDE)

The command  defaults  to bypass  the  objects  where the  the  *PUBLIC
profile is already *EXCLUDE or *AUTL.

Exceptions
----------

  **   If the  USRPRF user  is already  specified for  authority to  an
       object,  an exception  is noted, but  a change  will be  made if
       ACTION(*CHANGE) is  specified.    You may  want  to  change  the
       authority back to its original value.

  **   If  an  object  is specified  with  an  *AUTL  used  to  control
       authorizations,  an error will  be noted.   If the  *PUBLIC user
       is  specified  as  *AUTL,  you must  manually  change  the *AUTL
       object to achieve your objectives.

CHGPRFPUB escape messages you can monitor for
---------------------------------------------

None.  Escape messages  from based on functions  will be re-sent.   The
sub  tool  CVTOBJAUT will  send  TAA9892 if  no  objects  are found  or
TAA9891  if   errors  occur.    You  cannot  proceed  unless  CVTOBJAUT
completes successfully.

CHGPRFPUB Command parameters                          *CMD
----------------------------

   USRPRF        The name of the user  profile to be authorized to  the
                 objects in the same manner as the *PUBLIC user.

   OBJ           The name  of the  object to change  authority for.   A
                 generic  name or  the special value  *ALL may  also be
                 used.

                 A library name must be entered.

   OBJTYPE       The  object  type  to  be  selected.    *ALL  is   the
                 default.  Use  the prompter for the  supported values.

   ACTION        The ACTION to be performed.

                 *CHECK  is   the  default.    It   will  describe  any
                 situations  that  will  prevent  a  change  being made
                 such as an Authorization List is used

                 *CHANGE may  be specified  to grant  to the  specified
                 user the same authority as the *PUBLIC user.

   OUTPUT        How  to output  the  results.   *  is  the default  to
                 display  the spooled  file if  the command  is entered
                 interactively.  If  the display  is ended with  F3/F12
                 or the  Enter key, the  spooled file is  deleted after
                 it  is displayed.   To  retain  the spooled  file, you
                 may use the the  System Request 'Cancel' function  and
                 the spooled file will exist in a HLD status.

                 If  the command  is  entered  in  batch or  *PRINT  is
                 specified,  the spooled file  is output  and retained.


Restrictions
------------

You must have *ALLOBJ special authority to use CHGPRFPUB.

Prerequisites
-------------

The following TAA Tools must be on your system:

     CHKALLOBJ       Check *ALLOBJ special authority
     CHKOBJ3         Check object 3
     CVTOBJAUT       Convert object authority
     RMVMSGKEY       Remove message key
     RSNLSTMSG       Resend last message
     RTVSYSVAL3      Retrieve system value 3
     SNDCOMPMSG      Send completion message
     SNDESCINF       Send escape information
     SNDESCMSG       Send escape message

Implementation
--------------

None, the tool is ready to use.

Objects used by the tool
------------------------

   Object        Type    Attribute      Src member    Src file
   ------        ----    ---------      ----------    ----------

   CHGPRFPUB     *CMD                   TAASETU       QATTCMD
   TAASETUC      *PGM       CLP         TAASETUC      QATTCL
   TAASETUR      *PGM       RPG         TAASETUR      QATTRPG

Added to TAA Productivity tools January 15, 2013

Home Page

Up to Top