/*=======================================================*/
/* This program is an external user defined function */
/* (implemented with C) that returns an indicator to */
/* see if a user is authorized to a table */
/* */
/* The includes in the QSYSINC library must be on */
/* your system to compile this program. Option 13 of */
/* the OS/400 install will install them. Also */
/* SYSINC(*YES) (the default) must be specified on */
/* CRTBNDC or CRTCMOD. */
/* */
/* CRTCMOD MODULE(MJATST/GETAUTH) */
/* SRCFILE(MJASRC/C) OUTPUT(*PRINT) */
/* OPTION(*SHOWINC) DBGVIEW(*ALL) */
/* */
/* CRTSRVPGM SRVPGM(MJATST/GETAUTH) */
/* MODULE(MJATST/GETAUTH) */
/* EXPORT(*ALL) */
/* ACTGRP(*CALLER) */
/* */
/* In SQL: */
/* */
/* CREATE FUNCTION MJATST/GETAUTH */
/* (FILELIB VARCHAR(20), */
/* NBRAUTHS INT, */
/* AUTHS VARCHAR(121)) */
/* RETURNS CHAR(1) */
/* EXTERNAL NAME 'MJATST/GETAUTH(GETAUTH)' */
/* LANGUAGE C PARAMETER STYLE SQL */
/* */
/* Examples: */
/* */
/* The following SQL statement will return only those */
/* rows from SYSTABLES related to files for which the */
/* invoker has *USE authority. */
/* */
/* */
/* SELECT table_schema, */
/* table_name */
/* FROM qsys2.systables */
/* WHERE table_schema = 'MJATST' AND */
/* mjatst.getauth(system_table_name CONCAT */
/* system_table_schema,1,'*USE ') = 'Y' */
/* ORDER BY 1,2 */
/* */
/* */
/* The following view will only return rows from */
/* SYSTABLES related to files for which the user has */
/* *USE authority. Giving a user access to this view */
/* and revoking that users authority to QSYS2.SYSTABLES */
/* restricts that user to only those rows in SYSTABLES */
/* related to objects he is authorized to. */
/* */
/* */
/* CREATE VIEW QGPL.SYSTABLES AS */
/* SELECT * */
/* FROM qsys2.systables */
/* WHERE mjatst.getauth(system_table_name CONCAT */
/* system_table_schema,1,'*USE ') = 'Y' */
/* */
/*=======================================================*/
void GETAUTH(char *FileArg,
int *Nbr_Auths,
char *File_Auths,
char *Authorized,
short *inind1,
short *inind2,
short *inind3,
short *outind,
char *sqlstate,
char *funcname,
char *specname,
char *msgtext)
{
#include
#include
#include
#include
/*=======================================================*/
/* */
/* Include the Error Code Structure */
/* */
/*=======================================================*/
#include
Qus_EC_t *errstr;
/*=======================================================*/
/* */
/* Include the SQLUDF Structures */
/* */
/*=======================================================*/
#include
/*=======================================================*/
/* */
/* Include the QSYCUSRS Structures */
/* */
/*=======================================================*/
#include
char User_ID[11]; /* User ID */
char static File[21]; /* File / Library name */
char Type[11]; /* Object type */
int Call_Level = 0; /* Call level */
char Error_Code[201]; /* Error area from QUSROBJD */
/* Set addressability to the ERROR template */
errstr = (Qus_EC_t *) &Error_Code[0];
errstr->Bytes_Provided = sizeof(Error_Code)-1;
/* Set up parameters for QSYCUSRA API */
memcpy( User_ID, "*CURRENT ", 10);
memcpy( Type, "*FILE ", 10);
QSYCUSRA(Authorized,
User_ID,
FileArg,
Type,
(void *) File_Auths,
Nbr_Auths,
&Call_Level,
Error_Code); /* Call the API */
/* If an error was not returned then set the output */
/* parameters */
if (errstr->Bytes_Available == 0) /* An error did not occur */
{
*outind = 0; /* Set the parameter null ind */
memcpy( sqlstate, "00000", 5);
/* Set the SQLSTATE */
}
else
{
strcpy(Authorized,"N/0"); /* Set not authorized */
*outind = -1; /* Set the parameter null ind */
memcpy( sqlstate, "00000", 5);
/* Set the SQLSTATE */
}
return;
}
IBM DB2 for i: Code example
UDF Example: Check User Authorization