|
|
|
Some users may wish to limit access to the CCCTAB table to specific records. The following discussion tells you how to perform the implementation for this feature.
Access to the CCCTAB table is handled via a synonym called CCCTAF. This synonym is created during the process of granting a user access to the tables. To implement specific record security this synonym must be replaced with a view. The CAKRINST program may be used for this purpose.
For example, you want user ABCD01 to have access only to records where DEPARTMENT is WEST. The DEPARTMENT is defined as the first level in the accounting structure.
We would change member CAKRCR84 from:
CREATE SYNONYM CCCTAF FOR OWNER.CCCTAB
TO
CREATE VIEW CCCTAF AS SELECT * FROM OWNER.CCCTAB
WHERE STRUCT1 = 'WEST'
Then, user ABCD01 should run member CAKRSYN which included input member CAKRCR84.
This ensures when user ABCD01 accesses the CCCTAB table, only records for WEST are made available due to the view.
Note: If the synonym has already been created, then the statement "DROP SYNONYM CCCTAF;" must be executed before the creation of the view.
To use the CAKRINST program, simply add a PDS member with the required SQL statements and point the CAKRINST program to this PDS member as input.
| Copyright © 2012 CA. All rights reserved. |
|