Using IBM i? Need to create Excel, CSV, HTML, JSON, PDF, SPOOL reports? Learn more about the fastest and least expensive tool for the job: SQL iQuery.
For a client with a lot of legacy stuff, I needed the ability to restrict a set of users from certain applications. Standard OS security options were not practical as they tend to still use *ALLOBJ authority for their Manegement team.
So I created a little CL program and command to check if the current user is on a list of specified user profile names. If it is I send an escape message. It can be used both ways, If the User is on the list, or if the user is NOT on the list.
CHKUSER: CMD PROMPT('Check Current User Profile') + ALLOW(*IPGM *BPGM *IMOD *BMOD) PARM KWD(RTNVAR) TYPE(*CHAR) LEN(1) RTNVAL(*YES) + MIN(1) PROMPT('CL variable for found + Char(1)') PARM KWD(USERS) TYPE(*NAME) LEN(10) MIN(1) + MAX(50) EXPR(*YES) PROMPT('User list')
CHKUSER: PGM PARM(&FOUND &USERS) DCL VAR(&USERS) TYPE(*CHAR) LEN(512) DCL VAR(&COUNT) TYPE(*INT) STG(*DEFINED) LEN(2) + DEFVAR(&USERS 1) DCL VAR(&USER) TYPE(*CHAR) STG(*DEFINED) + LEN(500) DEFVAR(&USERS 3) DCL VAR(&FOUND) TYPE(*CHAR) LEN(1) DCL VAR(&USRPRF) TYPE(*CHAR) LEN(10) DCL VAR(&CURUSR) TYPE(*CHAR) LEN(10) DCL VAR(&POS) TYPE(*INT) LEN(4) DCL VAR(&I) TYPE(*INT) LEN(4) MONMSG MSGID(CPF0000) CHGVAR VAR(&FOUND) VALUE('0') RTVJOBA USER(&CURUSR) DOFOR VAR(&I) FROM(1) TO(&COUNT) CHGVAR VAR(&POS) VALUE(((&I - 1) * 10) + 1) CHGVAR VAR(&USRPRF) VALUE(%SST(&USER &POS 10)) IF (&USRPRF = &CURUSR) THEN(DO) CHGVAR VAR(&FOUND) VALUE('1') LEAVE ENDDO ENDDO ENDPGM: ENDPGM
Here is an example CL program that runs CHKUSER
TESTUSR: PGM DCL VAR(&FOUND) TYPE(*CHAR) LEN(1) DCL VAR(&CURUSR) TYPE(*CHAR) LEN(10) MONMSG MSGID(CPF0000) RTVJOBA USER(&CURUSR) CHKUSER RTNVAR(&FOUND) USERS(QPGM QUSER QSECOFR ) IF (&FOUND = '1') THEN(DO) SNDPGMMSG MSGID(CPF9897) MSGF(QCPFMSG) MSGDTA('User' + *BCAT &CURUSR *BCAT 'found on exclude + list') MSGTYPE(*ESCAPE) ENDDO ENDPGM: ENDPGM
...why not a table with users rather than the list on the command? SQL the current user against the list and you're ready.
Since when can we effectively use SQL inside of CL?
You could always try reading a file of users in CL as well.
Bob: Didn't know CL was a requirement. And since we're on the RPG forum here... :o)
If it was a Q&D job I'd go for reading the file in a CL as GFuste suggests - nothing wrong with that in the right situation - 10/15 minutes and youä're up and running. But if you want to do a nicer job, RPG and SQL does seem the answer.
In any case, I'd never have a command with a list of potentially 50 users.
It's probably just a taste issue. I don't like to creat extra objects (such as files) for CL routines. I'd prefer to pass in a list of arguments and control it that way. Then each CL program that also needs similar function can use the routine--rather than include some Program Name field in a file and then having to manage it.