Previous Topic: USER ClauseNext Topic: Documenting Entity Occurrences

General DDDL Syntax OptionsSecuring the DictionaryPUBLIC ACCESS Clause

PUBLIC ACCESS Clause

PUBLIC ACCESS specifications control entity-occurrence security by identifying the extent to which unregistered users can access and/or update the requested entity occurrence. If the PUBLIC ACCESS clause is not specified in an ADD statement, any user with the proper entity-type authority can update and display the requested entity occurrence.

Note: The optional PUBLIC ACCESS clause is valid in all entity-type statements except CLASS, LOAD MODULE, MESSAGE, and USER.

Syntax: PUBLIC ACCESS Clause

►►─── PUBlic access is ──┬───────────┬─ for ──┬─ ALL ◄ ────────────┬──────────►◄
                         └─ ALLowed ─┘        ├─ NONE ─────────────┤
                                              ├─ UPDate ───────────┤
                                              ├─ MODify ───────────┤
                                              ├─ REPlace ──────────┤
                                              ├─ DELete ───────────┤
                                              └─ DISPlay ──────────┘

Parameters

PUBlic access is ALLOwed for

Supplies the public access specification for the requested entity occurrence.

ALL

Specifies that unregistered users are allowed to issue all verbs and perform all secured operations. ALL is the default.

NONe

Specifies that unregistered users are not allowed to access the entity occurrence.

UPDate

Specifies that unregistered users are allowed to issue all verbs (MODIFY, REPLACE, DELETE, and DISPLAY/PUNCH).

MODify

Specifies that unregistered users are allowed to issue only MODIFY and DISPLAY/PUNCH verbs.

REPlace

Specifies that unregistered users are allowed to issue only REPLACE and DISPLAY/PUNCH verbs.

DELete

Specifies that unregistered users are allowed to issue only DELETE and DISPLAY/PUNCH verbs.

DISplay

Specifies that unregistered users are allowed to issue only DISPLAY/PUNCH verbs.

Examples

In the following example, any user can modify, replace, delete, and display the requested entity occurrence and change the REGISTERED specification.

public access is allowed for all.

In the following example, unregistered users cannot update or display the requested entity occurrence.

public access is allowed for none.

In the following example, unregistered users can modify, replace, delete, and display only the requested entity occurrence.

public access is allowed for update.

Usage

Overriding PUBLIC ACCESS is NONE

When the first user assigned the REGISTERED FOR ALL option is associated with an entity occurrence, the DDDL compiler automatically sets the PUBLIC ACCESS specification to NONE in order to prohibit unregistered users from accessing the entity. To override the PUBLIC ACCESS specification, the data administrator must submit the PUBLIC ACCESS clause immediately after the REGISTERED FOR ALL specification. For example:

add record cust-rec
     user jmc registered for all
     public access is display.

Later, any user who has been registered for all can change the PUBLIC ACCESS specification.

PUBLIC ACCESS clause with option other than ALL

The DDDL compiler will not process a PUBLIC ACCESS clause that specifies an option other than ALL unless at least one user associated with the requested entity occurrence is assigned the REGISTERED FOR ALL option. This feature ensures that each entity occurrence has at least one user who can change the REGISTERED FOR specification.