The following code is an example of a complete RMOATHTB. This code is located in CAI.CVDEOPTN as RMOATHT1. An additional sample, RMOATHT2, which authorizes all users to all functions, can also be found in CAI.CVDEOPTN. You can tailor SMP USERMOD HBB0ATHT and can use it to install the tables.
****************************************************************** * THIS IS A SAMPLE RMOATHTB TABLE FOR USE * * * * WITH CA DELIVER * * * * * * AFTER THE MACROS HAVE BEEN CODED THE SECURITY TABLE MUST BE * * ASSEMBLED WITH ASSEMBLER H USING THE ALIGN OPTION. IT IS THEN * * LINKED AS RMOATHTB WITH OPTIONS AC=1 AND RENT. PLACE THE LOAD * * MODULE IN THE AUTHORIZED LIBRARY CONTAINING THE CA DELIVER * * LOAD MODULES. *
* * * THIS IS AN ASSEMBLER LANGUAGE PROGRAM. TO CONTINUE A * * STATEMENT ON THE NEXT LINE YOU MUST END THE CURRENT LINE * * WITH A COMMA, PLACE A NON-BLANK CHARACTER IN 72, AND CONTINUE * * IN COLUMN 16 ON THE NEXT LINE. AN ASTERISK IN COLUMN 1 * * DENOTES A COMMENT. * * * ******************************************************************
* * FIRST WE DEFINE FOUR GROUPS * * NOTES * - IF AUTOACT=YES, THE USERID ASSOCIATED WITH THE * CA DELIVER STARTED TASK MUST BELONG TO A SECURITY GROUP * THAT HAS ACTIVATE AUTHORITY FOR REPORTS AND BUNDLES.
* * - IF START=RMORAP, THE USERID ASSOCIATED WITH THE RMORAP * STARTED TASK MUST BELONG TO A SECURITY GROUP THAT HAS * ACTIVATE AUTHORITY FOR REPORTS AND BUNDLES. *
* - IF RMORAP IS RUN IN BATCH, THE USERID ASSOCIATED WITH * THE BATCH JOB MUST BELONG TO A SECURITY GROUP THAT HAS * ACTIVATE AUTHORITY FOR REPORTS AND BUNDLES AND HAS * "BATCH=YES". * * BATCH=YES INDICATES THAT THE USERIDS IN THIS GROUP HAVE * AUTHORITY TO UPDATE THE DATABASE FROM A BATCH JOB (I.E. * RMODBB, RMORAP ...)
* * STC=YES INDICATES THAT ONE OR MORE USERIDS IN THIS GROUP * ARE STARTED TASKS. * * - USER=(-),BATCH=YES,STC=YES WILL ONLY ASSIGN STARTED * TASKS AND BATCH JOBS WITH A BLANK (UNASSIGNED) USERID * TO THIS SECURITY GROUP
* * - USER=(*),BATCH=YES,STC=YES WILL ASSIGN EVERY USER * TO THIS SECURITY GROUP IN ADDITION TO ALL BATCH JOBS * AND STARTED TASKS WITH A BLANK (UNASSIGNED) USERID. * * - IF THE USER PARAMETER IS OMITTED, USER=(*) IS ASSUMED. *
SYSADMIN RMOAGRP USER=(BMCLAUG,GHASUL,JMOONEY,TBURNET,TFLEMIN, X
JBUTLER,EHART,TCROSSL),BATCH=YES
APPLPROG RMOAGRP USER=(GDS,BBB),LIMIT=YES
CLSONLY RMOAGRP USER=(GDT)
ACTGROUP RMOAGRP USER=(RMOSTC,RMORAP),STC=YES,BATCH=YES
* HERE'S WHAT SYSADMIN CAN DO (ANYTHING)
* NOTE - ACCESS=(ADMIN) IS THE SAME AS
* ACCESS=(UPDATE,RENAME,DELETE,OPERATOR)
*
* BACT AUTHORITY OF OPERATOR ALLOWS USERS TO
* ISSUE THE P COMMAND AND UPDATE
* DETAIL HISTORY FROM THE ACTIVE BUNDLE SCREEN.
*
* ACT AUTHORITY OF OPERATOR ALLOWS USERS TO
* ISSUE THE U, F, AND UF COMMANDS AND UPDATE
* DETAIL HISTORY FROM THE ACTIVE REPORT SCREEN.
*
* BUNDLE AUTHORITY OF OPERATOR ALLOWS USERS TO UPDATE
* DETAIL HISTORY FROM THE BUNDLE SELECTION LIST.
* REPORT AUTHORITY OF OPERATOR ALLOWS USERS TO UPDATE
* DETAIL HISTORY FROM THE REPORT SELCTION LIST.
* * DEFAULT VALUES: * ID=(*),ACCESS=(ADMIN) * RMOATH ACT,ID=*,ACCESS=(ADMIN),GROUP=(SYSADMIN) RMOATH BACT,ID=*,ACCESS=(ADMIN),GROUP=(SYSADMIN) RMOATH BUNDLE,ID=*,ACCESS=(ADMIN),GROUP=(SYSADMIN) RMOATH DBASE,ACCESS=(ADMIN),GROUP=(SYSADMIN) RMOATH DIST,ID=*,ACCESS=(ADMIN),GROUP=(SYSADMIN) RMOATH JOB,ID=*,ACCESS=(ADMIN),GROUP=(SYSADMIN) RMOATH REPORT,ID=*,ACCESS=(ADMIN),GROUP=(SYSADMIN) RMOATH BANNER,ID=*,ACCESS=(ADMIN),GROUP=(SYSADMIN) RMOATH PANEL,ID=*,ACCESS=(ADMIN),GROUP=(SYSADMIN) *
* HERE'S WHAT APPLICATION PROGRAMMING CAN DO
*
* NOTE - IF GROUP-1 USERS CAN UPDATE A REPORT AND
* GROUP-2 USERS CAN DELETE A REPORT
* THEN A USER BELONGING TO BOTH GROUPS CAN UPDATE AND DELETE.
*
RMOATH ACT,ID=(TST*), X
ACCESS=(OPERATOR),GROUP=(APPLPROG)
RMOATH BACT,ID=(TST*), X
ACCESS=(OPERATOR),GROUP=(APPLPROG)
RMOATH BUNDLE,ID=(TST*), X
ACCESS=(UPDATE,DELETE,RENAME),GROUP=(APPLPROG)
RMOATH DIST,ID=(TST*), X
ACCESS=(UPDATE,DELETE,RENAME),GROUP=(APPLPROG)
RMOATH JOB,ID=(TST*), X
ACCESS=(ADMIN),GROUP=(APPLPROG)
RMOATH REPORT,ID=(TST*), X
ACCESS=(ADMIN),GROUP=(APPLPROG)
*
* HERE'S WHAT CLSONLY CAN DO
* RMOATH ACT,ID=CLS*,ACCESS=(BROWSE),GROUP=(CLSONLY) RMOATH BACT,ID=CLS*,ACCESS=(BROWSE),GROUP=(CLSONLY) RMOATH BUNDLE,ID=CLS*,ACCESS=(BROWSE),GROUP=(CLSONLY) RMOATH DIST,ID=CLS*,ACCESS=(BROWSE),GROUP=(CLSONLY) RMOATH JOB,ID=CLS*,ACCESS=(BROWSE),GROUP=(CLSONLY) RMOATH REPORT,ID=CLS*,ACCESS=(BROWSE),GROUP=(CLSONLY) * * HERE'S WHAT ACTGROUP (STARTED TASKS AND BATCH JOBS) CAN DO
* RMOATH ACT,ID=*,ACCESS=(OPERATOR),GROUP=(ACTGROUP) RMOATH BACT,ID=*,ACCESS=(OPERATOR),GROUP=(ACTGROUP) * THE NEXT 6 STATEMENTS ARE FOR USERS THAT DO NOT HAVE A SECURITY * SYSTEM INSTALLED BUT WANT TO UPDATE THE DATABASE IN BATCH * RMOATH BUNDLE,ID=*,ACCESS=(ADMIN),GROUP=(ACTGROUP) * RMOATH DBASE,ACCESS=(ADMIN),GROUP=(ACTGROUP) * RMOATH DIST,ID=*,ACCESS=(ADMIN),GROUP=(ACTGROUP) * RMOATH JOB,ID=*,ACCESS=(ADMIN),GROUP=(ACTGROUP) * RMOATH REPORT,ID=*,ACCESS=(ADMIN),GROUP=(ACTGROUP) * * COMPLETE THE SECURITY TABLE RMOAEND END
|
Copyright © 2013 CA.
All rights reserved.
|
|