Quick Links

Sponsored Links

Support Goto400.com

CL Command Reference - PRTPVTAUT

CL Command List > PRTPVTAUT Reference

Description:

The Print Private Authority (PRTPVTAUT) command allows you to print a report of all the private authorities for objects of a specified type in a specified library, folder or directory. The report will list all objects of the specified type and the users that are authorized to the object. This is a way to check for different sources of authority to objects.

This command will print three reports for the selected objects. The first report (Full Report) will contain all of the private authorities for each of the selected objects.

The second report (Changed Report) will contain additions/changes to the private authorities to the selected objects if the PRTPVTAUT command was previously run for the specified objects in the specified library or folder. Any new objects of the selected type, new authorities to existing objects, or changes to existing authorities to the existing objects will be listed in the ¡¯Changed Report¡¯. If the PRTPVTAUT command was not previously run for the specified objects in the specified library or folder, there will be no ¡¯Changed Report¡¯. If the command has been previously run but no changes have been made to the authorities on the objects, then the ¡¯Changed Report¡¯ will be printed but there will be no objects listed.

The third report (Deleted Report) will contain any deletions of privately authorized users from the specified objects since the PRTPVTAUT command was previously run. Any objects that were deleted or any users that were removed as privately authorized users will be listed in the ¡¯Deleted Report¡¯. If the PRTPVTAUT command was not previously run, there will be no ¡¯Deleted Report¡¯. If the command has been previously run but no delete operations have been done to the objects, then the ¡¯Deleted Report¡¯ will be printed but there will be no objects listed.

The reports will contain the following information:

. The object type specified on the command (if object type is not *AUTL).

. The date and time the report was last run (not shown on the Full Report).

. The name of the library specified on the command (if object type is not *AUTL, *BLKSF, *DIR, *DOC, *FLR, *SOCKET, *STMF, or *SYMLNK).

. The library¡¯s *PUBLIC authority (if object type is not *AUTL, *BLKSF, *DIR, *DOC, *FLR, *SOCKET, *STMF, or *SYMLNK).

. The name of the folder the documents or folder are in (if object type is *DOC or *FLR).

. The name of the directory the objects are in (if object type is *BLKSF, *DIR, *SOCKET, *STMF, *SYMLNK).

. The directory¡¯s *PUBLIC authority (if object type is *BLKSF, *DIR, *SOCKET, *STMF, *SYMLNK). v An entry for each user that has an authority to the objects in the list. Each entry contains the following information:
¨C The name of the object (only shown for the first user).
¨C The owner of the object (only shown for the first user).
¨C The primary group of the object (only shown for the first user).
¨C The name of the authorization list securing the object (only shown for the first user if object type is not *AUTL).
¨C The sensitivity level of the document or folder (if object type is *DOC or *FLR, only shown for the first user).
¨C The name of the user authorized to the object.
¨C The special value for the user¡¯s authority to the object (e.g. *ALL or *CHANGE).
¨C An indicator for the individual authorities that the user has to the object (¡¯X¡¯ or ¡¯ ¡¯) (if object type is not *DOC or *FLR).

The file QPVXXXXXXX (where ¡¯XXXXXXX¡¯ is the object type specified on the command) in library QUSRSYS contains information from the last time the PRTPVTAUT command was run. If object type is not *BLKSF, *DIR, *DOC, *FLR, *SOCKET, *STMF, or *SYMLNK there is a member within the file, with the same name as the library, for each library that has been previously specified on the command. For object types that don¡¯t require a library to be specified (e.g. *USRPRF), the library name is QSYS. System file QAOBJAUT in library QSYS with format name of QSYDSAUT is the model file for the file.

If the object type is *FLR, the first member will contain the information from the previous time *FLR was specified on the command. System file QASECDLO in library QSYS with format name of QSECDLO is the model file for the file.

If the object type is *DOC, there is a member within the file for each folder that has been previously specified on the command. The member name will be the same as the system name of the folder. System file QASECDLO in library QSYS with format name of QSECDLO is the model file for the file.

If the object type is *FILE and the AUTTYPE parameter value is *FIELD or *ALL, the Display Object Authority (DSPOBJAUT) command will be run for each file that has field level authorities associated with it. For each of these files, a spooled file by the name of QPOBJAUT will be created that contains all of the field level authority data for the file. There is no changed report support available for the field level authority data on a file.

If the object type is *BLKSF, *DIR, *SOCKET, *STMF, or *SYMLNK, there is a member within the file for each directory that has previously been specified in the Directory (DIR) parameter. The member names are based on the order the directories are processed. The member naming convention is x000000001, x000000002, and so on. The first character in the member name will either be N or Y. This character indicates if the subdirectories were searched when the data was gathered. N indicates the subdirectories were not searched, Y indicates they were searched. Once a member name has been assigned to a directory, the numeric portion with the appropriate prefix is used for all of the object types listed above. The system file QASECDIR in library QSYS with format name of QSECDIR is the model file for the file.

Note: The file QASECGFIPV in library QUSRSYS contains the file ID values of every directory that has been processed and the Nxxxxxxxxx member name that has been assigned to it. The system file QASECGFI in library QSYS with format name of QSECGFI is the model file for QASECGFIPV.

Restriction: You must have all object (*ALLOBJ) or audit (*AUDIT) special authority to run this command.


Examples:

PRTPVTAUT OBJTYPE(*FILE) LIB(PAYROLLLIB)

This command prints the full, changed, and deleted reports for all file objects in the library PAYROLLLIB.