CHKSPCAUT Check Special Authorities

CHKSPCAUT CHECK SPECIAL AUTHORITIES TAASEFE
The Check Special Authorities command allows a check of a specific user's special authorities or the current user. If the current user is requested 1) the check includes both program adopt and group adopt and 2) the check occurs at the previous call level so that any current program adopt status is not included. A typical command would be: CHKSPCAUT ALLOBJ(*YES) SECADM(*YES) The current user is checked for *ALLOBJ and *SECADM. If the user profile (including program adopt and group adopt) does not have both special authorities, TAA9891 is sent as an escape message. The check is made beginning at the program prior to the program that ran CHKSPCAUT in the program stack. This allows the program that uses CHKSPCAUT to adopt and still determine if the user has the specified special authorities. If a specific user profile name is entered, the current user must be authorized to that profile. There is an optional parameter ERRTXT that allows you to supply the message text sent for the CPF9898 message. This is intended for situations where you are using a Standard Error handling routine and just want to bubble the message back. For example, assume PGMA calls PGMB and PGMB contains CHKJOBCTL. If PGMB contains a standard error handling routine, the error text would be sent to PGMA. CHKSPCAUT JOBCTL(*YES) ERRTXT('You must have + *JOBCTL special authority to use the + xxxx function') The QSYCUSRS API is used. CHKSPCAUT escape messages you can monitor for --------------------------------------------- TAA9891 User does not have the specified special authorities TAA9892 No special authorities were requested CPF9802 Not authorized to the user profile named Escape messages from based on functions will be re-sent. Command parameters *CMD ------------------ USRPRF The user profile to check special authorities for. The default is *CURRENT meaning the current user. When *CURRENT is specified, the check includes both program adopt and group adopt. A specific user profile may be entered. If entered, the check is only to the existing user profile. The current user must be authorized to the specified user profile. ALLOBJ A *YES/*NO value for whether to check for *ALLOBJ special authority. The default is '*NO' for no check. A '*YES' entry causes a check for the special authority. AUDIT A *YES/*NO value for whether to check for *AUDIT special authority. The default is '*NO' for no check. A '*YES' entry causes a check for the special authority. IOSYSCFG A *YES/*NO value for whether to check for *IOSYSCFG special authority. The default is '*NO' for no check. A '*YES' entry causes a check for the special authority. JOBCTL A *YES/*NO value for whether to check for *JOBCTL special authority. The default is '*NO' for no check. A '*YES' entry causes a check for the special authority. SAVSYS A *YES/*NO value for whether to check for *SAVSYS special authority. The default is '*NO' for no check. A '*YES' entry causes a check for the special authority. SECADM A *YES/*NO value for whether to check for *SECADM special authority. The default is '*NO' for no check. A '*YES' entry causes a check for the special authority. SERVICE A *YES/*NO value for whether to check for *SERVICE special authority. The default is '*NO' for no check. A '*YES' entry causes a check for the special authority. SPLCTL A *YES/*NO value for whether to check for *SPLCTL special authority. The default is '*NO' for no check. A '*YES' entry causes a check for the special authority. ERRTXT The error text to be used if an error occurs. The default is *STD which produces standard error text. The intent of allowing you to enter the text is if you are using the CHKSPCAUT command in a program that uses a standard error handling routine to bubble up the message text to the caller. You can supply some specific text relative to the function of your program. Restrictions ------------ If a specific user profile is named, the current user must be authorized to that profile. Prerequisites ------------- The following TAA Tools must be on your system: SNDESCMSG Send escape message Implementation -------------- None, the tool is ready to use. Objects used by the tool ------------------------ Object Type Attribute Src member Src file ------ ---- --------- ---------- ---------- CHKSPCAUT *CMD TAASEFE QATTCMD TAASEFEC *PGM CLP TAASEFEC QATTCL


CHKSPCAUT CHECK SPECIAL AUTHORITIES TAASEFE
The Check Special Authorities command allows a check of a specific user's special authorities or the current user. If the current user is requested 1) the check includes both program adopt and group adopt and 2) the check occurs at the previous call level so that any current program adopt status is not included. A typical command would be: CHKSPCAUT ALLOBJ(YES) SECADM(YES) The current user is checked for ALLOBJ and SECADM. If the user profile (including program adopt and group adopt) does not have both special authorities, TAA9891 is sent as an escape message. The check is made beginning at the program prior to the program that ran CHKSPCAUT in the program stack. This allows the program that uses CHKSPCAUT to adopt and still determine if the user has the specified special authorities. If a specific user profile name is entered, the current user must be authorized to that profile. There is an optional parameter ERRTXT that allows you to supply the message text sent for the CPF9898 message. This is intended for situations where you are using a Standard Error handling routine and just want to bubble the message back. For example, assume PGMA calls PGMB and PGMB contains CHKJOBCTL. If PGMB contains a standard error handling routine, the error text would be sent to PGMA. CHKSPCAUT JOBCTL(YES) ERRTXT('You must have + JOBCTL special authority to use the + xxxx function') The QSYCUSRS API is used. CHKSPCAUT escape messages you can monitor for --------------------------------------------- TAA9891 User does not have the specified special authorities TAA9892 No special authorities were requested CPF9802 Not authorized to the user profile named Escape messages from based on functions will be re-sent. Command parameters CMD ------------------ USRPRF The user profile to check special authorities for. The default is CURRENT meaning the current user. When CURRENT is specified, the check includes both program adopt and group adopt. A specific user profile may be entered. If entered, the check is only to the existing user profile. The current user must be authorized to the specified user profile. ALLOBJ A YES/NO value for whether to check for ALLOBJ special authority. The default is 'NO' for no check. A 'YES' entry causes a check for the special authority. AUDIT A YES/NO value for whether to check for AUDIT special authority. The default is 'NO' for no check. A 'YES' entry causes a check for the special authority. IOSYSCFG A YES/NO value for whether to check for IOSYSCFG special authority. The default is 'NO' for no check. A 'YES' entry causes a check for the special authority. JOBCTL A YES/NO value for whether to check for JOBCTL special authority. The default is 'NO' for no check. A 'YES' entry causes a check for the special authority. SAVSYS A YES/NO value for whether to check for SAVSYS special authority. The default is 'NO' for no check. A 'YES' entry causes a check for the special authority. SECADM A YES/NO value for whether to check for SECADM special authority. The default is 'NO' for no check. A 'YES' entry causes a check for the special authority. SERVICE A YES/NO value for whether to check for SERVICE special authority. The default is 'NO' for no check. A 'YES' entry causes a check for the special authority. SPLCTL A YES/NO value for whether to check for SPLCTL special authority. The default is 'NO' for no check. A 'YES' entry causes a check for the special authority. ERRTXT The error text to be used if an error occurs. The default is STD which produces standard error text. The intent of allowing you to enter the text is if you are using the CHKSPCAUT command in a program that uses a standard error handling routine to bubble up the message text to the caller. You can supply some specific text relative to the function of your program. Restrictions ------------ If a specific user profile is named, the current user must be authorized to that profile. Prerequisites ------------- The following TAA Tools must be on your system: SNDESCMSG Send escape message Implementation -------------- None, the tool is ready to use. Objects used by the tool ------------------------ Object Type Attribute Src member Src file ------ ---- --------- ---------- ---------- CHKSPCAUT CMD TAASEFE QATTCMD TAASEFEC PGM CLP TAASEFEC QATTCL

Added to TAA Productivity Tools January 15, 2002

Home Page

Last modified on July 15, 2010