QSYSPermission is a subclass of UserPermission. QSYSPermission allows you to display and set the permission a user has for an object in the traditional AS/400 library structure stored in QSYS.LIB. An object stored in QSYS.LIB can set its authorities by setting a single object authority value or by setting individual object and data authorities.
Use the getObjectAuthority() method to display the current object authority or the setObjectAuthority() method to set the current object authority using a single value. The following table lists the valid values:
Value | Description |
---|---|
*ALL | The user can perform all operations except those operations that are controlled by authorization list management. |
*AUTL | The authorization list is used to determine the authority for the document. |
*CHANGE | The user can change and perform basic functions on the object. |
*EXCLUDE | The user cannot access the object. |
*USE | The user has object operational authority, read authority, and execute authority. |
Use the appropriate set method to set the detailed object authority values on or off:
Use the appropriate set method to set the detailed data authority values on or off:
The single authority actually represents a combination of the detailed object authorities and the data authorities. Selecting a single authority automatically turns on the appropriate detailed authorities. Likewise, selecting various detailed authorities changes the appropriate single authority values. The following table illustrates the relationships:
Detailed Object Authority | Detailed Data Authority | |||||||||
---|---|---|---|---|---|---|---|---|---|---|
Basic Authority | Opr | Mgt | Exist | Alter | Ref | Read | Add | Upd | Dlt | Exe |
All |
|
|
|
|
|
|
|
|
|
|
Change |
|
|
|
|
|
|
|
|
|
|
Exclude |
|
|
|
|
|
|
|
|
|
|
Use |
|
|
|
|
|
|
|
|
|
|
Autl | Only valid with a specified authorization list and user (*PUBLIC). Detailed Object and Data authorities are determined by the list. |
If a combination of detailed object authority and data authority does not map to a single authority value, then the single value becomes "User Defined." For more information on object authorities, refer to the AS/400 CL commands Grant Object Authority (GRTOBJAUT) and Edit Object Authority (EDTOBJAUT).
This example shows you how to retrieve and print the permissions for a QSYS object.
// Create a system object. AS400 sys = new AS400("MYAS400", "USERID", "PASSWORD"); // Represent the permissions to a QSYS object. Permission objectInQSYS = new Permission(sys, "/QSYS.LIB/FRED.LIB"); // Print the object pathname and retrieve its permissions. System.out.println("Permissions on "+objectInQSYS.getObjectPath()+" are as follows:"); Enumeration enum = objectInQSYS.getUserPermissions(); while (enum.hasMoreElements()) { // For each of the permissions, print out the user profile name // and that user's authorities to the object. QSYSPermission qsysPerm = (QSYSPermission)enum.nextElement(); System.out.println(qsysPerm.getUserID()+": "+qsysPerm.getObjectAuthority()); }