Previous Topic: ExamplesNext Topic: DB2JAR

Protecting ResourcesDB2FUNC

DB2FUNC

Description

Identifies DB2 functions.

TSS Commands

The following TSS commands can be used with the DB2FUNC keyword: CREATE, DELETE, ADDTO, REMOVE, PERMIT, REVOKE, ADMIN, DEADMIN, WHOOWNS, WHOHAS.

TSS ADDTO or REMOVE

Syntax
TSS ADD(acid) DB2FUNC(schema.function,...)
Prefix length

2‑26 characters

Capacity of list

1‑5 DB2 functions per TSS command.

Authority

Administrators must have DB2FUNC(OWN) authority.

Masking

The DB2FUNC resource class supports all masking characters.

Types

The DB2FUNC keyword is used with the following ACID types: User, Profile, Department, Division, Zone, DCA, VCA, ZCA, LSCA, SCA, MSCA.

TSS PERMIT or REVOKE

Syntax
TSS PER(acid) DB2FUNC(schema.function,...)
Function name

2‑255 characters

Capacity of list

1‑5 functions per TSS command.

Accesses

The administrator can specify any or all of the following accesses: EXECUTE, ALL, NONE. The default access is EXECUTE.

Access Controls

The administrator can use any of the following methods to control access to functions: Expiration, Facility, Time/Day, Actions.

Types

The DB2FUNC keyword is used with the following ACID types: User, Profile, DCA, VCA, ZCA, LSCA, SCA, MSCA.

TSS ADMIN or DEADMIN

Syntax
TSS ADMIN(acid) DB2FUNC(authority level(s))
Authority

Administrators can specify any or all of the following authority levels: OWN, XAUTH, AUDIT, INFO, REPORT, ALL.

Types

The DB2FUNC keyword is used with the following ACID types: User, DCA, VCA, LSCA, ZCA, SCA, MSCA.

Examples

TSS ADDTO/REMOVE

To give the Finance Department (FINDEPT) ownership of the function PAYADD in the schema FIN, the administrator enters:

TSS ADD(FINDEPT) DB2FUNC(FIN.PAYADD)

Ownership of the function PAYADD in the schema FIN is removed by entering:

TSS REMOVE(FINDEPT) DB2FUNC(FIN.PAYADD)
TSS PERMIT/REVOKE

The administrator wants to give USRMARK the authority to execute the function PAYADD in the schema FIN:

TSS PERMIT(USRMARK) DB2FUNC(FIN.PAYADD) ACCESS(EXECUTE)

To revoke USRMARK's authority the administrator enters:

TSS REVOKE(USRMARK) DB2FUNC(FIN.PAYADD) ACCESS(EXECUTE)
TSS ADMIN/DEADMIN

To give administrator FINVCA the ability to assign ownership of functions, to permit users to access functions within his scope, and audit the use of functions owned by the division, the administrator enters:

TSS ADMIN(FINVCA) DB2FUNC(OWN,XAUTH,INFO)

To remove FINVCA's authority for functions, the administrator enters:

TSS DEADMIN(FINVCA) DB2FUNC(OWN,XAUTH,INFO)
TSS WHOHAS

To determine who has access to the function PAYADD in the schema FIN, the administrator enters:

TSS WHOHAS DB2FUNC(FIN.PAYADD)

CA Top Secret will respond by displaying all of the ACIDs that have access to this particular function.

TSS WHOOWNS

To determine who owns the function PAYADD in the schema FIN, the administrator enters:

TSS WHOOWNS DB2FUNC(FIN.PAYADD)