Case 3: Using public authority
This case describes the steps of using public authority.
User JONESP wants to access the CREDIT file using the program CPPGM06. CPPGM06 requires *USE authority to the file. JONESP is a member of group profile DPTSM and does not have *ALLOBJ special authority. The system performs these steps in determining whether to allow JONESP access to the CREDIT file:
Flowchart 1, step 1.
- Flowchart 2, step 1. The CREDIT file has no private authorities. DPTAR’s authority is primary group authority, not private authority.
- Flowchart 2, steps 2 and 3. Owner’s authority (OWNAR) is sufficient.
- Flowchart 2, steps 4 and 5. Primary group authority (DPTAR) is sufficient.
- Flowchart 2, step 6. Authorized. Public authority is sufficient.
Analysis:
This example shows the performance benefit gained when you avoid defining any private authorities for an object.