QSYSPermission

QSYSPermission is a subclass of the UserPermission class. QSYSPermission allows you to display and set the permission a user has for an object in the traditional AS/400 library structure stored in QSYS.LIB. An object stored in QSYS.LIB can set its authorities by setting a single object authority value or by setting individual object and data authorities.

Use the getObjectAuthority() method to display the current object authority or the setObjectAuthority() method to set the current object authority using a single value. The following table lists the valid values:

Value Description
*ALL The user can perform all operations except those operations that are controlled by authorization list management.
*AUTL The authorization list is used to determine the authority for the document.
*CHANGE The user can change and perform basic functions on the object.
*EXCLUDE The user cannot access the object.
*USE The user has object operational authority, read authority, and execute authority.

Use the appropriate set method to set the detailed object authority values on or off:

Use the appropriate set method to set the detailed data authority values on or off:

The single authority actually represents a combination of the detailed object authorities and the data authorities. Selecting a single authority automatically turns on the appropriate detailed authorities. Likewise, selecting various detailed authorities changes the appropriate single authority values. The following table illustrates the relationships:

Detailed Object Authority Detailed Data Authority
Basic Authority Opr Mgt Exist Alter Ref Read Add Upd Dlt Exe
All
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Change
Y
n
n
n
n
Y
Y
Y
Y
Y
Exclude
n
n
n
n
n
n
n
n
n
n
Use
Y
n
n
n
n
Y
n
n
n
Y
Autl Only valid with a specified authorization list and user (*PUBLIC). Detailed Object and Data authorities are determined by the list.
"Y" refers to those authorities that can be assigned.
"n" refers to those authorities that cannot be assigned.

If a combination of detailed object authority and data authority does not map to a single authority value, then the single value becomes "User Defined." For more information on object authorities, refer to the AS/400 CL commands Grant Object Authority (GRTOBJAUT) and Edit Object Authority (EDTOBJAUT).

Example

This example shows you how to retrieve and print the permissions for a QSYS object.

      // Create a system object.
      AS400 sys = new AS400("MYAS400", "USERID", "PASSWORD");

      // Represent the permissions to a QSYS object.
      Permission objectInQSYS = new Permission(sys, "/QSYS.LIB/FRED.LIB");

      // Print the object pathname and retrieve its permissions.
      System.out.println("Permissions on "+objectInQSYS.getObjectPath()+" are as follows:");
      Enumeration enum = objectInQSYS.getUserPermissions();
      while (enum.hasMoreElements())
      {
        // For each of the permissions, print out the user profile name
        // and that user's authorities to the object.
        QSYSPermission qsysPerm = (QSYSPermission)enum.nextElement();
        System.out.println(qsysPerm.getUserID()+": "+qsysPerm.getObjectAuthority());
      }