This case shows the advantage of using adopted authority without
private authority.
For this example, all programs in the application are owned by
the OWNIC profile. Any program in the application requiring more than *USE
authority adopts owner authority. These are the steps for user WILSONJ to
obtain *CHANGE authority to the ITEM file using program ICPGM10, which adopts
authority:
- Flowchart 1, step 1.
- Flowchart 2, steps 1, 2, 3, 4, and 6. Public authority is not sufficient.
- Flowchart 1, step 2.
- Flowchart 3, steps 1 and 2. Object to check = ITEMLIB/ITEM *FILE.
- Flowchart 3, step 3.
- Flowchart 4, step 1. WILSONJ does not own the ITEM file. Return to Flowchart
3 with no authority found.
- Flowchart 3, step 4.
- Flowchart 5, steps 1 and 3. Public authority is not sufficient. Return
to Flowchart 3 with no authority found.
- Flowchart 3, steps 5, 7, and 8. The ITEM file is not secured by an authorization
list. Return to Flowchart 1 with no authority found.
- Flowchart 1, steps 3 and 5. (WILSONJ does not have a group profile.)
- Flowchart 7, steps 1, 3, and 4. The public has *USE authority, which
is not sufficient.
- Flowchart 1, step 6.
- Flowchart 8A, step 1. Object to check = ITEMLIB/ITEM *FILE.
- Flowchart 8A, steps 2, 3, and 4. The OWNIC profile does not have *ALLOBJ
authority.
- Flowchart 4, steps 1, 2, and 3. Authorized. OWNIC has sufficient authority
to the ITEM file.
Analysis:
This example shows the benefits
of using adopted authority without private authority, particularly if the
owner of the programs also owns application objects. This example did not
require searching private authorities.