Authority checking examples

This section includes several examples of authority checking.

These examples demonstrate the steps the system uses to determine whether a user is allowed a requested access to an object. These examples are intended to show how authority checking works and where potential performance problems might occur.

Figure 1 shows the authorities for the PRICES file. Following the figure are several examples of requested access to this file and the authority checking process. In the examples, searching private authorities (Flowchart 4, step 6) is highlighted because this is the part of the authority checking process that can cause performance problems if it is repeated several times.

Figure 1. Authority for the PRICES file

 
                           Display Object Authority

Object . . . . . . . :   PRICES          Owner  . . . . . . . :   OWNCP
  Library  . . . . . :   CONTRACTS       Primary group  . . . :   *NONE
Object type    . . . :   *FILE           ASP device . . . . . :   *SYSBAS

Object secured by authorization list  . . . . . . . . . . . . :   *NONE

                        Object
User        Group       Authority
OWNCP                   *ALL
DPTSM                   *CHANGE
DPTMG                   *CHANGE
WILSONJ                 *USE
*PUBLIC                 *USE