|
midrange.com
Instead of messing with each individual program (when I have a set of
them) I like to use authorization lists.
CRTAUTL AUTL(NORMAL) TEXT('Normal users')
CHGAUTLE AUTL(NORMAL) USER(*PUBLIC) AUT(*EXCLUDE) // defaults to keeping
trade show people, etc out.
ADDAUTLE AUTL(NORMAL) USER(JEN) AUT(*ALL) // Allows programming goddess
in
ADDAUTLE AUTL(NORMAL) USER(normal1) AUT(*USE)
ADDAUTLE AUTL(NORMAL) USER(normal2) AUT(*USE)
or
CHGAUTLE AUTL(NORMAL) USER(*PUBLIC) AUT(*USE)
ADDAUTLE AUTL(NORMAL) USER(trade1) AUT(*EXCLUDE)
ADDAUTLE AUTL(NORMAL) USER(trade2) AUT(*EXCLUDE)
However, cloning a new user defaults to letting them in until you do their
ADDAUTLE. So, maybe the first method is more secure for you.
GRTOBJAUT OBJ(MYLIB/MYPGM) OBJTYPE(*PGM) AUTL(NORMAL)
GRTOBJAUT OBJ(MYLIB/MYPGM) OBJTYPE(*PGM) USER(*PUBLIC) AUT(*AUTL)
Now, if you need to add a new user you don't have to change all of the
MYPGM's out there, just the authorization list.
A real fancy menu system might check the authorization for the currently
signed on user to the program option and blank it out if they are not
authorized, but normally they are already customized per user. The
standard IBM menu system should give you an error and just keep them out.
I'm not a big fan of the old "wrap every program in CL" school.
Rob Berendt
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2025 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
