Display Object Rule by User

How to Get There

From the Security Configuration Menu, select option 5 to display the Work with Object Rules by User panel. Enter option 5 next to a user.

What it Does

The Display Object Rule by User panel shows you the detailed attributes of an Object Rule.

Field Descriptions

User

User represents the identity of the person initiating a transaction as a user profile. The special value *PUBLIC, when used on a rule, means that the rule applies to any User lacking a specific rule. when used as a subset or selection parameter, *PUBLIC means to select all such rules for display or printing.

Object List

The Object List name is a short name you assign to a list of objects to help you identify the list. This name is required to be a valid OS name.

Operation

Operation represents the type of action being performed upon an object or upon the data in an object.

Status

Status indicates that an Object Rule is active (being enforced) or inactive (not being enforced).

Data Accesses

Use the Data Accesses fields to specify user rights to the data in the objects in the Object List.

Authority

Authority represents the action to be taken when a rule is found that matches the data present on a transaction. This Authority value pertains to Data Accesses.

The valid values are:

*ALLOW The transaction will be allowed and object authority will be determined by the operating system.

*REJECT The transaction will not be allowed.

*SWITCH The transaction will be allowed and the transaction will occur as if the user profile named as the Swap Profile had initiated the transaction. After switching to the Swap Profile, the authority used during the transaction will be determined by the operating system.

Audit

The Audit flag controls the logging of transactions to the Log Journal set up on the work with Powertech Exit Point Manager for IBM i System Values panel. This Audit flag pertains to Data Accesses.

The valid values are:

Y The transaction will be logged to the Log Journal.

N The transaction will not be logged to the Log Journal.

* The default value from a prior rule will control the logging.

Message

The Message flag controls the sending of messages to the Log Message Queue set up on the Work with Powertech Exit Point Manager for IBM i System Values panel. This Message flag pertains to Data Accesses.

The valid values are:

Y A log message will be sent to the Log Message Queue.

N A log message will not be sent to the Log Message Queue.

* The default value from a prior rule will control the logging.

Capture

The Capture flag controls whether transactions are remembered in Powertech Exit Point Manager for IBM i for later memorization. Once captured, transactions can become Memorized Transactions, which can act as rules. This Capture flag pertains to Data Accesses.

The valid values are:

Y A log message will be sent to the Log Message Queue.

N A log message will not be sent to the Log Message Queue.

* The default value from a prior rule will control the logging.

Switch Profile

The Switch profile entry holds the name of a user profile whose authority is used to process the transaction instead of the authority of the User initiating the transaction. The transaction is executed as, and uses the authority of, this Switch profile. The job that processes the transaction continues to run under this Switch profile until Exit Point Manager processes another transaction request for that job.

Switch profile is allowed only when Authority contains *SWITCH or *MEMSWITCH, if *MEMSWITCH is allowed. Otherwise, it must contain *NONE. This Switch Profile pertains to Data Accesses.

Object Accesses

Use the Object Accesses fields to specify user rights to the objects in the Object List.

Authority

Authority represents the action to be taken when a rule is found that matches the data present on a transaction. This Authority value pertains to Object Accesses.

The valid values are:

*ALLOW The transaction will be allowed and object authority will be determined by the operating system.

*REJECT The transaction will not be allowed.

Audit

The Audit flag controls the logging of transactions to the Log Journal set up on the work with Powertech Exit Point Manager for IBM i System Values panel. This Audit flag pertains to Object Accesses.

The valid values are:

Y The transaction will be logged to the Log Journal.

N The transaction will not be logged to the Log Journal.

* The default value from a prior rule will control the logging.

Message

The Message flag controls the sending of messages to the Log Message Queue set up on the work with Powertech Exit Point Manager for IBM i System Values panel. This Message flag pertains to Object Accesses.

The valid values are:

Y A log message will be sent to the Log Message Queue.

N A log message will not be sent to the Log Message Queue.

* The default value from a prior rule will control the logging.

Capture

The valid values are:

Y A log message will be sent to the Log Message Queue.

N A log message will not be sent to the Log Message Queue.

* The default value from a prior rule will control the logging.

Switch Profile

Switch profile is allowed only when Authority contains *SWITCH or *MEMSWITCH, if *MEMSWITCH is allowed. Otherwise, it must contain *NONE. This Switch Profile pertains to Object Accesses.

See Object Rules.

Command Keys

F3 (Exit): Exit the panel without processing any pending changes.

F12 (Cancel): Exit the panel without processing any pending changes.

Copyright © Fortra, LLC and its group of companies.
All trademarks and registered trademarks are the property of their respective owners.
8.01 | 202306130759 | June 2023