Using API : unlink()

0 pts.
Tags:
Application development
AS/400
RPGLE
Hello All, Is anyone aware of "authorities" issues related to this API? I am creating .PDF files in the IFS area of our iSeries box and some users are unable to recreate a .PDF if they did not create it. In an attempt to avoid this I would like to use this API to "unlink" or "delete" this IFS object. My concern is that I will run into object authority issues with it's use also? Thanks, Mark Schroeder
ASKED: October 10, 2006  9:12 AM
UPDATED: December 24, 2009  10:10 PM

Answer Wiki

Thanks. We'll let you know when a new response is added.

authorities are pretty straight forward; the major issue is that the IFS does not support adopted authority. So, be sure that the user ID running the job has the proper authorities. To determine authorities, use WRKLNK.

=======================================================

Your program can delete your streamfile, but it needs to obtain the authority to do so. The easiest way is perhaps:<ol>
<li>Create your program as USRPRF(*OWNER).</li><li>Have it owned by a profile with enough authority to switch CurrentUser to a user profile that can delete the streamfile and then to switch CurrentUser back to the job user.</li>
</ol>
Unfortunately, the program cannot adopt its owner authority to delete the streamfile because, as mentioned, program adopted authority is ineffective in the /root file system. However, the Get Profile Handle (QSYGETPH or QsyGetProfileHandle), Set Profile Handle (QWTSETP, QsySetToProfileHandle) and Release Profile Handle (QSYRLSPH, QsyReleaseProfileHandle) APIs can be used to switch the job to run temporarily as a profile that has sufficient authority for your needs. These are fairly easy <a href=”http://publib.boulder.ibm.com/infocenter/iseries/v5r4/index.jsp?topic=/apis/sec1.htm”>Security-related APIs</a> that can make such tasks possible.

Your program owner supplies needed authority to execute the APIs and your temporary CurrentUser has the authority for the streamfile work.

Tom

Discuss This Question: 2  Replies

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • DaddyCOZ
    authorities are pretty straight forward; the major issue is that the IFS does not support adopted authority. So, be sure that the user ID running the job has the proper authorities. To determine authorities, use WRKLNK.
    0 pointsBadges:
    report
  • Alasdair727
    Files on the IFS tend to have default authority of *PUBLIC EXCLUDE so if users are trying to delete files they did not actually create, they won't have sufficient authority to do so. I suggest that after you create each file you use CHGAUT or chmod() to change the authority for either *PUBLIC or for a group to which all users belong to allow them to delete the file.
    0 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following