com.ibm.as400.access

Class Permission

  • java.lang.Object
    • com.ibm.as400.access.Permission
  • All Implemented Interfaces:
    java.io.Serializable


    public class Permission
    extends java.lang.Object
    implements java.io.Serializable
    Retrieves a user's authority to an object.
    To improve performance, the Permission object caches authority changes until the commit() method is called. When commit()is called, all changes up to that point are sent to the system.
    The permission of an object is a collection of many users' authority to that object, and the UserPermission class is used to represent a user's authority to a object. Because there are three kinds of objects on the system, three subclasses of UserPermission are defined:
    • DLOPermission - Represents a user's authority to a Document Library Objects (DLO) stored in QDLS.
    • QSYSPermission - Represents a user's authority to the object which is contained in the system library structure and stored in QSYS.LIB.
    • RootPermission - Represents a user's authority to the object which is contained in the root directory structure. This includes everything that is not in QSYS.LIB or QDLS.
    Here is a simple example:
     AS400 as400 = new AS400();
     Permission permission = new Permission(as400,"/QSYS.LIB/QJAVA.LIB");
     permission.addAuthorizedUser("user1");
     QSYSPermission userPermission = (QSYSPermission)permission.getUserPermission("user1");
     userPermission.setObjectAuthority("*CHANGE");
     permission.commit();
     
    See Also:
    UserPermission, DLOPermission, QSYSPermission, RootPermission, Serialized Form
    • Field Summary

      Fields 
      Modifier and Type Field and Description
      static int TYPE_DLO
      Constant indicating the object is a Document Library Objects (DLO) stored in QDLS.
      static int TYPE_QSYS
      Constant indicating the object is contained in the system library structure and stored in QSYS.LIB.
      static int TYPE_ROOT
      Constant indicating that the object is contained in the root directory structure.
    • Constructor Summary

      Constructors 
      Constructor and Description
      Permission(AS400 as400, java.lang.String fileName)
      Constructs a Permission object.
      Permission(AS400 as400, java.lang.String fileName, boolean pathMayStartWithIASP)
      Constructs a Permission object.
      Permission(AS400 as400, java.lang.String fileName, boolean pathMayStartWithIASP, boolean followLinks)
      Constructs a Permission object.
      Permission(IFSFile file)
      Constructs a Permission object.
      Permission(IFSFile file, boolean pathMayStartWithIASP)
      Constructs a Permission object.
      Permission(IFSFile file, boolean pathMayStartWithIASP, boolean followLinks)
      Constructs a Permission object.
    • Method Summary

      Methods 
      Modifier and Type Method and Description
      void addAuthorizedUser(java.lang.String userProfileName)
      Adds an authorized user.
      void addPropertyChangeListener(java.beans.PropertyChangeListener listener)
      Adds a property change listener.
      void addUserPermission(UserPermission userPermission)
      Adds a user permission.
      void commit()
      Commits the permission changes to the system.
      java.lang.String getAuthorizationList()
      Returns the authorizations list of the object.
      java.util.Enumeration getAuthorizedUsers()
      Returns an enumeration of authorized users.
      java.lang.String getName()
      Returns the name of the object whose permission is represented by this object.
      java.lang.String getObjectPath()
      Returns the path of the integrated file system object whose permission is represented by this object.
      java.lang.String getOwner()
      Returns the object owner.
      java.lang.String getPrimaryGroup()
      Returns the primary group of the object.
      int getSensitivityLevel()
      Returns the sensitivity level of the object.
      AS400 getSystem()
      Returns the system
      int getType()
      Returns the object type.
      UserPermission getUserPermission(java.lang.String userProfileName)
      Returns a UserPermission object for the specified user.
      java.util.Enumeration getUserPermissions()
      Returns an enumeration of UserPermission objects.
      boolean isCommitted()
      Returns a flag indicating whether the change has been committed.
      boolean isFollowSymbolicLinks()
      Returns whether symbolic links are resolved when changing or retrieving permissions.
      void removeAuthorizedUser(java.lang.String userProfileName)
      Removes an authorized user.
      void removePropertyChangeListener(java.beans.PropertyChangeListener listener)
      Removes a property change listener.
      void removeUserPermission(UserPermission permission)
      Removes a user permission.
      void setAuthorizationList(java.lang.String autList)
      Sets the authorizations list of the object.
      void setOwner(java.lang.String owner, boolean revokeOldAuthority)
      Sets the owner of the object.
      void setPrimaryGroup(java.lang.String primaryGroup, boolean revokeOldAuthority)
      Sets the primary group of the object.
      void setSensitivityLevel(int sensitivityLevel)
      Sets the sensitivity level of the object.
      void setSystem(AS400 system)
      Deprecated. 
      This method is of little (or no) known usefulness. If you require this method, please notify the Toolbox support team.
      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
    • Field Detail

      • TYPE_DLO

        public static final int TYPE_DLO
        Constant indicating the object is a Document Library Objects (DLO) stored in QDLS.
        See Also:
        Constant Field Values
      • TYPE_QSYS

        public static final int TYPE_QSYS
        Constant indicating the object is contained in the system library structure and stored in QSYS.LIB.
        See Also:
        Constant Field Values
      • TYPE_ROOT

        public static final int TYPE_ROOT
        Constant indicating that the object is contained in the root directory structure. This includes everything that is not in QSYS.LIB or QDLS.
        See Also:
        Constant Field Values
    • Constructor Detail

      • Permission

        public Permission(IFSFile file,
                  boolean pathMayStartWithIASP)
                   throws AS400Exception,
                          AS400SecurityException,
                          ConnectionDroppedException,
                          ErrorCompletingRequestException,
                          java.lang.InterruptedException,
                          java.io.IOException,
                          ObjectDoesNotExistException,
                          java.io.UnsupportedEncodingException
        Constructs a Permission object.

        Use the independent auxiliary storage pool (IASP) parameter to indicate if the path name can contain an IASP name. If true, the name will be parsed as if the name starts with an IASP name. If false, the name is treated as an ordinary path. For example, suppose the path is "/myIASP/QSYS.LIB/MYLIB.LIB". If the IASP parameter is true the object is treated as library "MYLIB" on IASP "myIASP". If the IASP parameter is false the object is treated as object "MYLIB.LIB" in directory "/myIASP/QSYS.LIB" in the root file system. Note the IASP parameter is used only if the second component of the path is QSYS.LIB. If the second component of the path is not QSYS.LIB, the parameter is ignored.

        Parameters:
        file - The IFSFile object. For example, The IFSFile object which represents the object "QSYS.LIB/FRED.LIB".
        pathMayStartWithIASP - True if the path may start with an independent auxiliary storage pool (IASP) name; false otherwise.
        Throws:
        AS400Exception - If the system returns an error message.
        AS400SecurityException - If a security or authority error occurs.
        ConnectionDroppedException - If the connection is dropped unexpectedly.
        ErrorCompletingRequestException - If an error occurs before the request is completed.
        java.lang.InterruptedException - If this thread is interrupted.
        java.io.IOException - If an error occurs while communicating with the system.
        ObjectDoesNotExistException - If the system object does not exist.
        java.io.UnsupportedEncodingException - If the Character Encoding is not supported.
      • Permission

        public Permission(IFSFile file,
                  boolean pathMayStartWithIASP,
                  boolean followLinks)
                   throws AS400Exception,
                          AS400SecurityException,
                          ConnectionDroppedException,
                          ErrorCompletingRequestException,
                          java.lang.InterruptedException,
                          java.io.IOException,
                          ObjectDoesNotExistException,
                          java.io.UnsupportedEncodingException
        Constructs a Permission object.

        Use the independent auxiliary storage pool (IASP) parameter to indicate if the path name can contain an IASP name. If true, the name will be parsed as if the name starts with an IASP name. If false, the name is treated as an ordinary path. For example, suppose the path is "/myIASP/QSYS.LIB/MYLIB.LIB". If the IASP parameter is true the object is treated as library "MYLIB" on IASP "myIASP". If the IASP parameter is false the object is treated as object "MYLIB.LIB" in directory "/myIASP/QSYS.LIB" in the root file system. Note the IASP parameter is used only if the second component of the path is QSYS.LIB. If the second component of the path is not QSYS.LIB, the parameter is ignored.

        Parameters:
        file - The IFSFile object. For example, The IFSFile object which represents the object "QSYS.LIB/FRED.LIB".
        pathMayStartWithIASP - True if the path may start with an independent auxiliary storage pool (IASP) name; false otherwise.
        followLinks - Whether symbolic links are resolved. The default value is true; that is, symbolic links are always resolved. By default, if the IBM i object is a symbolic link, then the requested action is performed on the object that is ultimately pointed to by the symbolic link, rather than on the symbolic link itself.
        Note: This parameter is effective only for IBM i release V5R4 and higher. For earlier releases, symbolic links are always resolved and this parameter is ignored.
        Throws:
        AS400Exception - If the system returns an error message.
        AS400SecurityException - If a security or authority error occurs.
        ConnectionDroppedException - If the connection is dropped unexpectedly.
        ErrorCompletingRequestException - If an error occurs before the request is completed.
        java.lang.InterruptedException - If this thread is interrupted.
        java.io.IOException - If an error occurs while communicating with the system.
        ObjectDoesNotExistException - If the system object does not exist.
        java.io.UnsupportedEncodingException - If the Character Encoding is not supported.
      • Permission

        public Permission(AS400 as400,
                  java.lang.String fileName,
                  boolean pathMayStartWithIASP)
                   throws AS400Exception,
                          AS400SecurityException,
                          ConnectionDroppedException,
                          ErrorCompletingRequestException,
                          java.lang.InterruptedException,
                          java.io.IOException,
                          ObjectDoesNotExistException,
                          java.io.UnsupportedEncodingException
        Constructs a Permission object.

        Use the independent auxiliary storage pool (IASP) parameter to indicate if the path name can contain an IASP name. If true, the name will be parsed as if the name starts with an IASP name. If false, the name is treated as an ordinary path. For example, suppose the path is "/myIASP/QSYS.LIB/MYLIB.LIB". If the IASP parameter is true the object is treated as library "MYLIB" on IASP "myIASP". If the IASP parameter is false the object is treated as object "MYLIB.LIB" in directory "/myIASP/QSYS.LIB" in the root file system. Note the IASP parameter is used only if the second component of the path is QSYS.LIB. If the second component of the path is not QSYS.LIB, the parameter is ignored.

        Parameters:
        as400 - The system.
        fileName - The full path of the object. For example, "/QSYS.LIB/FRED.LIB".
        pathMayStartWithIASP - True if the path may start with an independent auxiliary storage pool (IASP) name; false otherwise.
        Throws:
        AS400Exception - If the system returns an error message.
        AS400SecurityException - If a security or authority error occurs.
        ConnectionDroppedException - If the connection is dropped unexpectedly.
        ErrorCompletingRequestException - If an error occurs before the request is completed.
        java.lang.InterruptedException - If this thread is interrupted.
        java.io.IOException - If an error occurs while communicating with the system.
        ObjectDoesNotExistException - If the system object does not exist.
        java.io.UnsupportedEncodingException - If the Character Encoding is not supported.
      • Permission

        public Permission(AS400 as400,
                  java.lang.String fileName,
                  boolean pathMayStartWithIASP,
                  boolean followLinks)
                   throws AS400Exception,
                          AS400SecurityException,
                          ConnectionDroppedException,
                          ErrorCompletingRequestException,
                          java.lang.InterruptedException,
                          java.io.IOException,
                          ObjectDoesNotExistException,
                          java.io.UnsupportedEncodingException
        Constructs a Permission object.

        Use the independent auxiliary storage pool (IASP) parameter to indicate if the path name can contain an IASP name. If true, the name will be parsed as if the name starts with an IASP name. If false, the name is treated as an ordinary path. For example, suppose the path is "/myIASP/QSYS.LIB/MYLIB.LIB". If the IASP parameter is true the object is treated as library "MYLIB" on IASP "myIASP". If the IASP parameter is false the object is treated as object "MYLIB.LIB" in directory "/myIASP/QSYS.LIB" in the root file system. Note the IASP parameter is used only if the second component of the path is QSYS.LIB. If the second component of the path is not QSYS.LIB, the parameter is ignored.

        Parameters:
        as400 - The system.
        fileName - The full path of the object. For example, "/QSYS.LIB/FRED.LIB".
        pathMayStartWithIASP - True if the path may start with an independent auxiliary storage pool (IASP) name; false otherwise.
        followLinks - Whether symbolic links are resolved. The default value is true; that is, symbolic links are always resolved. By default, if the IBM i object is a symbolic link, then the requested action is performed on the object that is ultimately pointed to by the symbolic link, rather than on the symbolic link itself.
        Note: This parameter is effective only for IBM i release V5R4 and higher. For earlier releases, symbolic links are always resolved and this parameter is ignored.
        Throws:
        AS400Exception - If the system returns an error message.
        AS400SecurityException - If a security or authority error occurs.
        ConnectionDroppedException - If the connection is dropped unexpectedly.
        ErrorCompletingRequestException - If an error occurs before the request is completed.
        java.lang.InterruptedException - If this thread is interrupted.
        java.io.IOException - If an error occurs while communicating with the system.
        ObjectDoesNotExistException - If the system object does not exist.
        java.io.UnsupportedEncodingException - If the Character Encoding is not supported.
    >
    • Method Detail

      • addAuthorizedUser

        public void addAuthorizedUser(java.lang.String userProfileName)
        Adds an authorized user. The user added will have "*EXCLUDE" authorities on the object.
        Parameters:
        userProfileName - The authorized user profile name.
      • addPropertyChangeListener

        public void addPropertyChangeListener(java.beans.PropertyChangeListener listener)
        Adds a property change listener.
        Parameters:
        listener - The property change listener to add.
      • addUserPermission

        public void addUserPermission(UserPermission userPermission)
        Adds a user permission.
        Parameters:
        userPermission - The UserPermission object.
      • getAuthorizationList

        public java.lang.String getAuthorizationList()
        Returns the authorizations list of the object.
        Returns:
        The authorizations list of the object.
        See Also:
        setAuthorizationList(String)
      • getAuthorizedUsers

        public java.util.Enumeration getAuthorizedUsers()
        Returns an enumeration of authorized users.
        Returns:
        An enumeration of authorized users.
      • getObjectPath

        public java.lang.String getObjectPath()
        Returns the path of the integrated file system object whose permission is represented by this object.
        Returns:
        The integrated file system path name.
      • getName

        public java.lang.String getName()
        Returns the name of the object whose permission is represented by this object.
        Returns:
        The name of the object.
      • getOwner

        public java.lang.String getOwner()
        Returns the object owner.
        Returns:
        The object owner.
      • getPrimaryGroup

        public java.lang.String getPrimaryGroup()
        Returns the primary group of the object.
        Returns:
        The primary group of the object.
      • getSensitivityLevel

        public int getSensitivityLevel()
        Returns the sensitivity level of the object.
        Returns:
        The sensitivity level of the object.
        • 0 : This value does not apply to this object.
        • 1 : (*NONE) The document has no sensitivity restrictions.
        • 2 : (*PERSONAL) The document is intended for the user as an individual.
        • 3 : (*PRIVATE) The document contains information that should be accessed only by the owner. This value cannot be specified if the access code zero (0) is assigned to the object.
        • 4 : (*CONFIDENTIAL) The document contains information that should be handled according to company procedures.
        See Also:
        setSensitivityLevel(int)
      • getSystem

        public AS400 getSystem()
        Returns the system
        Returns:
        The system instance.
      • getType

        public int getType()
        Returns the object type.
        Returns:
        The object type. The possible values are:
        • TYPE_DLO - Indicating the object is a Document Library Objects (DLO) stored in QDLS.
        • TYPE_QSYS - Indicating the object is contained in the system library structure and stored in QSYS.LIB.
        • TYPE_ROOT - Indicating the object is contained in the root directory structure. This includes everything that is not in QSYS.LIB or QDLS.
      • getUserPermission

        public UserPermission getUserPermission(java.lang.String userProfileName)
        Returns a UserPermission object for the specified user. If the specified user profile has no explicit authority to the object, returns null.
        Parameters:
        userProfileName - The name of the user profile.
        Returns:
        The specific Permission object.
      • getUserPermissions

        public java.util.Enumeration getUserPermissions()
        Returns an enumeration of UserPermission objects.
        Returns:
        An enumeration of UserPermission objects.
      • isCommitted

        public boolean isCommitted()
        Returns a flag indicating whether the change has been committed.
        Returns:
        The flag indicating whether the change has been committed.
      • isFollowSymbolicLinks

        public boolean isFollowSymbolicLinks()
        Returns whether symbolic links are resolved when changing or retrieving permissions.
        Returns:
        Whether symbolic links are resolved.
      • removeAuthorizedUser

        public void removeAuthorizedUser(java.lang.String userProfileName)
        Removes an authorized user.
        Parameters:
        userProfileName - The authorized user profile name.
      • removePropertyChangeListener

        public void removePropertyChangeListener(java.beans.PropertyChangeListener listener)
        Removes a property change listener.
        Parameters:
        listener - The property change listener to remove.
      • removeUserPermission

        public void removeUserPermission(UserPermission permission)
        Removes a user permission.
        Parameters:
        permission - The UserPermission object.
      • setAuthorizationList

        public void setAuthorizationList(java.lang.String autList)
        Sets the authorizations list of the object. For example:
         Permission permisson = new Permisson(new AS400(),"/QSYS.LIB/FRED.LIB";
         permission.setAuthorizationList("testautl");
         System.out.println("The authorization list of fred.lib is " + permissin.geAuthorizationList();
         permission.setAuthorizationList("*NONE");
         System.out.println("The authorization list of fred.lib is " + permissin.geAuthorizationList();
         
        Parameters:
        autList - The authorizations list of the object.
      • setOwner

        public void setOwner(java.lang.String owner,
                    boolean revokeOldAuthority)
        Sets the owner of the object.
        Parameters:
        owner - The owner of the object.
        revokeOldAuthority - Specifies whether the authorities for the current owner are revoked when ownership is transferred to the new owner.
        See Also:
        getOwner()
      • setPrimaryGroup

        public void setPrimaryGroup(java.lang.String primaryGroup,
                           boolean revokeOldAuthority)
        Sets the primary group of the object.
        Parameters:
        primaryGroup - The primary group of the object.
        revokeOldAuthority - Specifies whether the authorities for the current primary group are revoked when the primary group is changed to the new value.
      • setSensitivityLevel

        public void setSensitivityLevel(int sensitivityLevel)
        Sets the sensitivity level of the object.
        Parameters:
        sensitivityLevel - The sensitivity level of the object. The possible values :
        • 0 : This value does not apply to this object.
        • 1 : (*NONE) The document has no sensitivity restrictions.
        • 2 : (*PERSONAL) The document is intended for the user as an individual.
        • 3 : (*PRIVATE) The document contains information that should be accessed only by the owner. This value cannot be specified if the access code zero (0) is assigned to the object.
        • 4 : (*CONFIDENTIAL) The document contains information that should be handled according to company procedures.
        See Also:
        getSensitivityLevel()
      • setSystem

        public void setSystem(AS400 system)
        Deprecated. This method is of little (or no) known usefulness. If you require this method, please notify the Toolbox support team.
        Sets the system where system value is retrieved.
        Parameters:
        system - The system object.
        See Also:
        getSystem()