Previous Topic: DB2PLANNext Topic: DB2ROLE

Protecting ResourcesDB2PROC

DB2PROC

Description

Identifies DB2 stored procedures.

TSS Commands

The following TSS commands can be used with the DB2PROC keyword: CREATE, DELETE, ADDTO, REMOVE, PERMIT, REVOKE, ADMIN, DEADMIN, WHOOWNS, WHOHAS.

TSS ADDTO or REMOVE

Syntax
TSS ADD(acid) DB2PROC(schema.procedure,...)
Prefix length

2‑26 characters

Capacity of list

1‑5 DB2 stored procedures per TSS command.

Authority

Administrators must have DB2PROC(OWN) authority.

Masking

The DB2PROC resource class supports all masking characters.

Types

The DB2PROC keyword is used with the following ACID types: User, Profile, Department, Division, Zone, DCA, VCA, ZCA, LSCA, SCA, MSCA.

TSS PERMIT or REVOKE

Syntax
TSS PER(acid) DB2PROC(schema.procedure,...)
Procedure name

2‑255 characters

Capacity of list

1‑5 stored procedures per TSS command.

Accesses

The administrator can specify any or all of the following accesses: EXECUTE, ALL, NONE. The default access is EXECUTE.

Access Controls

The administrator can use any of the following methods to control access to stored procedures: Expiration, Facility, Time/Day, Actions.

Types

The DB2PROC keyword is used with the following ACID types: User, Profile, DCA, VCA, ZCA, LSCA, SCA, MSCA.

TSS ADMIN or DEADMIN

Syntax
TSS ADMIN(acid) DB2PROC(authority level(s))
Authority

Administrators can specify any or all of the following authority levels: OWN, XAUTH, AUDIT, INFO, REPORT, ALL.

Types

The DB2PROC keyword is used with the following ACID types: User, DCA, VCA, LSCA, ZCA, SCA, MSCA.

Examples

TSS ADDTO/REMOVE

To give the Finance Department (FINDEPT) ownership of stored procedure PAYADD in the schema FIN, the administrator enters:

TSS ADD(FINDEPT) DB2PROC(FIN.PAYADD)

Ownership of stored procedure PAYADD in the schema FIN is removed by entering:

TSS REMOVE(FINDEPT) DB2PROC(FIN.PAYADD)
TSS PERMIT/REVOKE

The administrator wants to give USRMARK the authority to execute the stored procedure PAYADD in the schema FIN:

TSS PERMIT(USRMARK) DB2PROC(FIN.PAYADD) ACCESS(EXECUTE)

To revoke USRMARK's authority the administrator enters:

TSS REVOKE(USRMARK) DB2PROC(FIN.PAYADD) ACCESS(EXECUTE)
TSS ADMIN/DEADMIN

To give FINVCA the ability to assign ownership of stored procedures, to permit users to access stored procedures within his scope, and audit the use of stored procedures owned by the division, the administrator enters:

TSS ADMIN(FINVCA) DB2PROC(OWN,XAUTH,INFO)

To remove FINVCA's authority for stored procedures, the administrator enters:

TSS DEADMIN(FINVCA) DB2PROC(OWN,XAUTH,INFO)
TSS WHOHAS

To determine who has access to the stored procedure PAYADD in the schema FIN, the administrator enters:

TSS WHOHAS DB2PROC(FIN.PAYADD)

CA Top Secret will respond by displaying all of the ACIDs that have access to this particular stored procedure.

TSS WHOOWNS

To determine who owns the stored procedure PAYADD in the schema FIN, the administrator enters:

TSS WHOOWNS DB2PROC(FIN.PAYADD)