×
The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.
It may help you to know that OS/400 provides a set of API calls to allow
the CURRENT user profile of a job (which by default is the same as the
signed on user profile of the job) to be swapped to another profile. The
user essentially becomes the other profile until the swap is reversed.
The APIs work as follows -
/* Get profile handle of current user */
CALL PGM(QWTSETP) PARM(&PRFHNDL2)
Do stuff as the other user ID
/* Change current back to original user */
CALL PGM(QWTSETP) PARM(&PRFHNDL1)
/* Release user profiles */
CALL PGM(QSYRLSPH) PARM(&PRFHNDL1)
CALL PGM(QSYRLSPH) PARM(&PRFHNDL2)
Peter
-----Original Message-----
From: rpg400-l-bounces@xxxxxxxxxxxx
[mailto:rpg400-l-bounces@xxxxxxxxxxxx] On Behalf Of Armbruster, Tom
Sent: Saturday, 7 February 2009 11:49
To: RPG programming on the IBM i / System i
Subject: RE: User Authority Question (Probably belongs in Midrange,but I
need input from the gurus)
Repost!!! Sorry, some of my CL code wasn't in the first post...
Okay, now you can hose me for impudence.
I've been working on a RPG program that will facilitate the maintenance
of users and user profiles for our application. With "God" privileges
on the system, of course, tests under my profile work flawlessly.
However, when testing under a profile that is less than deity, I'm
experiencing some errors that I thought I could overcome in the compile
directives.
In true ILE fashion, I created some CL programs to accomplish the user
profile tasks at hand, and prototyped all of the calls. No problem
there. I also have no issue with the calls that create user profiles
failing if the user does not have *SECADM privileges and I can use the
FIXPWD command to reset user profiles if the user has the perceived
privilege, but certain commands should be available regardless. What is
the harm in retrieving user values if they can't be changed? :-)
So, to my question... What do I need to do to enable users to retrieve
user profile values for display within the program? I've compiled both
the CL and the RPG programs with owner authority. Should I temporarily
change the user's access in the CL program to be able to retrieve the
user profile information for display? If so, what are the appropriate
commands on entry and exit to accomplish the task without permanently
changing authority for the session/user?
RPG Prototypes:
// User profile data structures for multi-values
d ds_SPCAUT ds
d val_SPCAUT 10A dim(10) inz('')
d ds_USROPT ds qualified
d val_USROPT 10A dim(24) inz('')
d ds_AUDLVL ds qualified
d val_AUDLVL 10A dim(64) inz('')
d ds_SUPGRPPRF ds qualified
d val_SUPGRPPRF 10A dim(15) inz('')
d ds_SETJOBATR ds qualified
d val_SETJOBATR 10A dim(16) inz('')
d ds_user_prof ds qualified
d USERID 10A inz('')
d RTNUSER 10A inz('')
d PASSWORD 10A inz('*USRPRF')
d SPCAUT likeds(ds_SPCAUT)
d MAXSTG 11p 0 inz(0)
d STGUSED 15p 0 inz(0)
d PTYLMT 1A inz('3')
d INLPGM 10A inz('*NONE')
d INLPGMLIB 10A inz('*LIBL')
d JOBD 10A inz('QDFTJOBD')
d JOBDLIB 10A inz('QGPL')
d GRPPRF 10A inz('mygrp')
d OWNER 10A inz('*USRPRF')
d GRPAUT 10A inz('*NONE')
d ACGCDE 15A inz('*BLANK')
d MSGQ 10A inz('*USRPRF')
d MSGQLIB 10A inz('*LIBL')
d OUTQ 10A inz('*WRKSTN')
d OUTQLIB 10A inz('*LIBL')
d TEXT 50A inz('')
d PWDCHGDAT 6A inz('')
d USRCLS 10A inz('*USER')
d ASTLVL 10A inz('*SYSVAL')
d SPCENV 10A inz('*NONE')
d CURLIB 10A inz('mylib')
d INLMNU 10A inz('*SIGNOFF')
d INLMNULIB 10A inz('*LIBL')
d LMTCPB 10A inz('*YES')
d DLVRY 10A inz('*NOTIFY')
d SEV 2p 0 inz(0)
d PRTDEV 10A inz('*WRKSTN')
d ATNPGM 10A inz('*NONE')
d ATNPGMLIB 10A inz('*LIBL')
d USROPT likeds(ds_USROPT)
d DSPSGNINF 7A inz('*SYSVAL')
d PWDEXPITV 5p 0 inz(0)
d PWDEXP 4A inz('*YES')
d STATUS 10A inz('*ENABLED')
d PRVSIGN 13A inz('')
d NOTVLDSIGN 11p 0 inz(0)
d LMTDEVSSN 7A inz('*YES')
d KBDBUF 10A inz('*SYSVAL')
d LANGID 10A inz('*SYSVAL')
d CNTRYID 10A inz('*SYSVAL')
d CCSID 5p 0 inz(0)
d SRTSEQ 10A inz('*SYSVAL')
d SRTSEQLIB 10A inz('*LIBL')
d OBJAUD 10A inz('')
d AUDLVL likeds(ds_AUDLVL)
d GRPAUTTYP 10A inz('*PRIVATE')
d SUPGRPPRF likeds(ds_SUPGRPPRF)
d UID 10p 0 inz(0)
d GID 10p 0 inz(0)
d SETJOBATR likeds(ds_SETJOBATR)
d CHRIDCTL 10A inz('*SYSVAL')
d LCLPWDMGT 10A inz('*YES')
d ERRORIND N inz('0')
// Retrieve user profile data
d GetUserProfile pr extpgm('mylib/myclpgm')
d v_g_USERID 10A const
d v_g_RTNUSRPRF 10A
d v_g_SPCAUT likeds(ds_SPCAUT)
d v_g_MAXSTG 11p 0
d v_g_STGUSED 15p 0
d v_g_PTYLMT 1A
d v_g_INLPGM 10A
d v_g_INLPGMLIB 10A
d v_g_JOBD 10A
d v_g_JOBDLIB 10A
d v_g_GRPPRF 10A
d v_g_OWNER 10A
d v_g_GRPAUT 10A
d v_g_ACGCDE 15A
d v_g_MSGQ 10A
d v_g_MSGQLIB 10A
d v_g_OUTQ 10A
d v_g_OUTQLIB 10A
d v_g_TEXT 50A
d v_g_PWDCHGDAT 6A
d v_g_USRCLS 10A
d v_g_ASTLVL 10A
d v_g_SPCENV 10A
d v_g_CURLIB 10A
d v_g_INLMNU 10A
d v_g_INLMNULIB 10A
d v_g_LMTCPB 10A
d v_g_DLVRY 10A
d v_g_SEV 2p 0
d v_g_PRTDEV 10A
d v_g_ATNPGM 10A
d v_g_ATNPGMLIB 10A
d v_g_USROPT likeds(ds_USROPT)
d v_g_DSPSGNINF 7A
d v_g_PWDEXPITV 5p 0
d v_g_PWDEXP 4A
d v_g_STATUS 10A
d v_g_PRVSIGN 13A
d v_g_NOTVLDSIGN 11p 0
d v_g_LMTDEVSSN 7A
d v_g_KBDBUF 10A
d v_g_LANGID 10A
d v_g_CNTRYID 10A
d v_g_CCSID 5p 0
d v_g_SRTSEQ 10A
d v_g_SRTSEQLIB 10A
d v_g_OBJAUD 10A
d v_g_AUDLVL likeds(ds_AUDLVL)
d v_g_GRPAUTTYP 10A
d v_g_SUPGRPPRF likeds(ds_SUPGRPPRF)
d v_g_UID 10p 0
d v_g_GID 10p 0
d v_g_SETJOBATR likeds(ds_SETJOBATR)
d v_g_CHRIDCTL 10A
d v_g_LCLPWDMGT 10A
d v_g_ERROR N
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact
[javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.