|
The STRQM option 10 authorizations are not silly at all. While it is true that using STRQMQRY you can run any SQL statement in the *QMQRY you specify, if the user is restricted to the STRQM menu then the user is restricted to only running *QMQRYs (via option 9) that contain no unauthorized statements. Pressing F22 and then using RUN QUERY to run an existing query is also restricted to running no unauthorized statements.
Also, on the Work with Query Manager Queries screen (option 1 from STRQM), when the user uses option 1 (create) to create a QM query, or option 2 (change) to change a query, the user can only use authorized statements. This prevents the user from using any statements you don't want them to use, which in turn prevents them from running any QM queries that contain any unauthorized statements. In fact, if the user attempts to edit a QM query that contains unauthorized statements, the user is prevented from starting the edit session.
In summary, if the user is restricted to only using STRQM, the authorizations make sense and are definitely needed.
Why would you allow your end users to use STRQMQRY directly? None of our end users have command line access and we don't give them a menu option for that. They are limited to a few specific statements and have only read access to the production database. They have full access to their own query libraries. Also, they are restricted to only running their QM queries in batch. WRKQRY didn't have that capability, and neither does WRKQMQRY.
As far as WRKQMQRY being a better replacement for WRKQRY, no, it's not (at least not for end users). Users should be restricted in the things they do, so STRQM is the proper replacement. Besides, you don't have options in WRKQMQRY to create or edit QM queries (not directly). Although there is an option to create a QM query from a source member and one to retrieve the source from a QM query, you would have to give your end users authorization to a source editor (such as SEU). The editor in STRQM, while rudimentary, at least gives some prompting support. You don't have any prompting or syntax checking support for SQL in SEU. Plus, you'd have to buy the tools for your production system in order to even have SEU available. Many shops only buy those tools for their development systems.
-----Original Message-----
From:midrange-l-bounces@xxxxxxxxxxxx
[mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Vern Hamberg
Sent: Monday, June 18, 2012 10:17
To: Midrange Systems Technical Discussion
Subject: Re: QMQRY and authority issue
The authority in STRQM applies only in that utility - if you use STRQMQRY, you can run any SQL statement in the *QMQRY you specify.
That *QMQRY can be what you created in opt 1 of QMQRY.
So I think the STRQM opt 10 authorizations are just plain silly.
By the way - QMQRY is NOT the STRQM environment - it is an object type that you can run using STRQMQRY - STRQMQRY is the replacement for RUNQRY, perhaps.
STRQM, as Rob said, is more like the replacement for WRKQRY. But I think a better replacement for actually USING QMQRY's is WRKQMQRY.
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.