9.14 CHECK_AUTHORITY
Þ Note: Built-In Function Rules.
Checks whether a user has a certain authority to an object.
For use with
|
Arguments
|
Return Values
|
This function can be used to determine whether a user can update a record in a file OR use a field definition.
DEFINE FIELD(#OBJEXT) TYPE(*CHAR) LENGTH(10) DEFAULT('''*LIBL''')
* < OR >
DEFINE FIELD(#OBJEXT) TYPE(*CHAR) LENGTH(10) DEFAULT(*BLANKS)
USE BUILTIN(CHECK_AUTHORITY) WITH_ARGS (#FILENAME #OBJEXT FD CH) TO_GET(#OKAY)
IF COND('#OKAY *EQ Y')
UPDATE FILE(#FILENAME)
ELSE
MESSAGE MSGTXT('Not authorized to update file')
ENDIF
DEFINE FIELD(#OBJEXT) TYPE(*CHAR) LENGTH(10) DEFAULT(*BLANKS)
USE BUILTIN(CHECK_AUTHORITY) WITH_ARGS #FLDNAME #OBJEXT DF UD) TO_GET(#OKAY)
IF COND('#OKAY *EQ Y')
USE BUILTIN(GET_FIELD) WITH_ARGS(#FIELDNAME) TO_GET(#RETC #TYPE #LEN....)
ENDIF
When the value *CHECK_AUTH_DYNLIBL is not specified in data area DC@OSVEROP, when checking authorities on files (FD) and no library or *LIBL is specified, it is assumed the file is in the library list that was present at time of entry to LANSA. Library list cannot be changed dynamically. If the library list was changed during the LANSA session LANSA must be left and re-entered for the new library list to be recognized.
Tips
When the value * CHECK_AUTH_DYNLIBL is specified in data area DC@OSVEROP, when checking authorities on files (FD) and no library or LIBL is specified, the library list is retrieved each time dynamically to determine which library the CHECK_AUTHORITY is to actually use. Use of this setting may have performance implications.
When checking authority on files use the system variable *PARTDTALIB for the object extension value.
Note: When checking FUNCTION authorization (type PF) both the PROCESS and the FUNCTION must be specified as arguments. That is, the PROCESS is the object name and the FUNCTION is the object extension.
USE BUILTIN(CHECK_AUTHORITY)
WITH_ARGS (#PROCESS CONTROL PF UD ) TO_GET(#OKAY)
IF COND('#OKAY *EQ Y')
CALL PROCESS(#PROCESS) FUNCTION(CONTROL)
ELSE
MESSAGE MSGTXT('Not authorized to function CONTROL')
ENDIF