Removing a user's authority
You can also remove a user's authority for an object.
Removing a user's authority for an object is different from giving
the user *EXCLUDE authority. *EXCLUDE authority means the user is specifically
not allowed to use the object. Only *ALLOBJ special authority and adopted
authority override *EXCLUDE authority.
Note: *EXCLUDE authority for a group
profile can be overriden if the user has another group profile with private
authority to the object.
Removing a user's authority means the user
has no specific authority to the object. The user can gain access through
a group profile, an authorization list, public authority, *ALLOBJ special
authority, or adopted authority.You can remove a user's authority using the Edit Object Authority display. Type blanks in the Object Authority field for the user and press the Enter key. The user is removed from the display. You can also use the Revoke Object Authority (RVKOBJAUT) command. Either revoke the specific authority the user has or revoke *ALL authority for the user.
Note: The RVKOBJAUT command revokes only the authority you specify.
For example, USERB has *ALL authority to FILEB in library LIBB. You revoke
*CHANGE authority:
RVKOBJAUT OBJ(LIBB/FILEB) OBJTYPE(*FILE) +
USER(*USERB) AUT(*CHANGE)After the command, USERB's authority to FILEB looks like this:
Display Object Authority
Object . . . . . . : FILEB Owner . . . . . . . : PGMR1
Library. . . . . : LIBB Primary group . . . : *NONE
Object type. . . . : *FILE ASP device . . . . : *SYSBAS
Object secured by authorization list. . . . . . . . : *NONE
Object --------Object------------
User Group Authority Opr Mgt Exist Alter Ref
USERB USER DEF X X X X
Display Object Authority
Object . . . . . . : FILEB Owner . . . . . . . : PGMR1
Library. . . . . : LIBB Primary group . . . : *NONE
Object type . . . : *FILE ASP device . . . . . : *SYSBAS
Object secured by authorization list . . . . . . . . . . *NONE
Object ---------------Data---------------
User Group Authority Read Add Update Delete Execute
USERB USER DEF