Re: Object Authority Needed for DSPJRN, RCVJRNE, RTVJRNE -- MIDRANGE-L

Hello Gord,

There are two design approaches:
        1) Check the authority for each file
        2) Use a higher level of authority and assume authorisation to the file 
(either SPCAUT or OBJAUT)

Checking for each file could become quite time-consuming.  A single journal 
supports 250,000 file members 
being journaled at one time; checking the authority for a large number of files 
would simply take too long.  
The DSPJRN, RCVJRNE, and RTVJRNE commands limit the file list to 300 files 
(that is the maximum number of 
items allowed in an element list anyway (CDO restriction)-- it used to be 50 
files.

The only other authority choice is *OBJMGT but that doesn't necessarily provide 
proper protection -- you may 
want an operator to be able to manage journals yet not be able to see the 
contents (much like spooled files).

I can understand the thinking behind *ALLOBJ.  'Users' (as in the plebs) should 
not be messing with the 
journal, only trained IT professionals who would not inadvertantly type DLTJRN  
:)

I don't really understand your objections though.  Of the three commands this 
authority restriction affects, 
two of them are intended to be used in programs (RCVJRNE and RTVJRNE).  It is a 
simple matter to adopt 
suitable authority for the program.

The same approach can be used for DSPJRN.  Create a program to perform the 
DSPJRN, have it adopt suitable 
authority, and give your user authority to the program.  No big deal.

Regards,
Simon Coulter.

��������������������������������������������������������������������
�� FlyByNight Software         AS/400 Technical Specialists       ��
�� Eclipse the competition - run your business on an IBM AS/400.  ��
��                                                                ��
�� Phone: +61 3 9419 0175      Mobile: +61 0411 091 400           ��
�� Fax:   +61 3 9419 0175      mailto: shc@flybynight.com.au      ��
��                                                                ��
�� Windoze should not be open at Warp speed.                      ��
��������������������������������������������������������������������
//--- forwarded letter -------------------------------------------------------
> X-Mailer: Forte Agent 1.5/32.451
> MIME-Version: 1.0
> Date: Wed, 10 Feb 99 12:23:28 -0500
> From: ghutchinson@tstoverland.com
> To: MIDRANGE-L@midrange.com
> Reply-To: MIDRANGE-L@midrange.com
> Subject: Re: Object  Authority  Needed for DSPJRN, RCVJRNE, RTVJRNE
> 
> Thanks for your response Simon.  I agree with your suppositions although if
> they are accurate, I do not agree with IBM's thinking.  In order to let a
> user (who has *USE authority to the journal, the receivers *and* the files)
> do one of these commands, I have to give them the authority to delete the
> journal?  Because someone thought it would be too much work to check
> authorities to each file?  Would there not be a better solution even if one
> had to be invented as a special case.  Certainly would be preferable to
> allowing someone to delete an object.
> 
> Gord
> 
> -- 
> Gord Hutchinson
> TST Overland Express
> ghutchinson@tstoverland.com
> 905-212-6330
> fax: 905 602-8895

+---
| This is the Midrange System Mailing List!
| To submit a new message, send your mail to MIDRANGE-L@midrange.com.
| To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com.
| To unsubscribe from this list send email to MIDRANGE-L-UNSUB@midrange.com.
| Questions should be directed to the list owner/operator: david@midrange.com
+---