Midrange News for the IBM i Community


Posted by: Bob Cozzi
Rogue Programmer
Cozzi Productions, Inc.
www.cozTools.com/qryfile
Chicagoland
CHKUSER - Check User Against List of Users
has no ratings.
Published: 24 Jul 2013
Revised: 26 Jul 2013 - 3920 days ago
Last viewed on: 17 Apr 2024 (4743 views) 

Using IBM i? Need to create Excel, CSV, HTML, JSON, PDF, SPOOL reports? Learn more about the fastest and least expensive tool for the job: SQL iQuery.

CHKUSER - Check User Against List of Users Published by: Bob Cozzi on 24 Jul 2013 view comments(5)

For a client with a lot of legacy stuff, I needed the ability to restrict a set of users from certain applications. Standard OS security options were not practical as they tend to still use *ALLOBJ authority for their Manegement team.

So I created a little CL program and command to check if the current user is on a list of specified user profile names. If it is I send an escape message. It can be used both ways, If the User is on the list, or if the user is NOT on the list.

Here's the Command Definition Source

 CHKUSER:    CMD        PROMPT('Check Current User Profile') +
                          ALLOW(*IPGM *BPGM *IMOD *BMOD)

             PARM       KWD(RTNVAR) TYPE(*CHAR) LEN(1) RTNVAL(*YES) +
                          MIN(1) PROMPT('CL variable for found +
                          Char(1)')
             PARM       KWD(USERS) TYPE(*NAME) LEN(10) MIN(1) +
                          MAX(50) EXPR(*YES) PROMPT('User list')

Here is the CL Source

 CHKUSER:    PGM        PARM(&FOUND &USERS)
             DCL        VAR(&USERS)  TYPE(*CHAR) LEN(512)
             DCL        VAR(&COUNT)  TYPE(*INT) STG(*DEFINED) LEN(2) +
                            DEFVAR(&USERS 1)
             DCL        VAR(&USER)   TYPE(*CHAR) STG(*DEFINED) +
                            LEN(500) DEFVAR(&USERS 3)
             DCL        VAR(&FOUND)  TYPE(*CHAR) LEN(1)
             DCL        VAR(&USRPRF) TYPE(*CHAR) LEN(10)
             DCL        VAR(&CURUSR) TYPE(*CHAR) LEN(10)
             DCL        VAR(&POS)    TYPE(*INT) LEN(4)
             DCL        VAR(&I)      TYPE(*INT) LEN(4)
             MONMSG     MSGID(CPF0000)
             CHGVAR     VAR(&FOUND) VALUE('0')
             RTVJOBA    USER(&CURUSR)
             DOFOR      VAR(&I) FROM(1) TO(&COUNT)
             CHGVAR     VAR(&POS) VALUE(((&I - 1) * 10) + 1)
             CHGVAR     VAR(&USRPRF) VALUE(%SST(&USER &POS 10))
                IF (&USRPRF = &CURUSR) THEN(DO)
                   CHGVAR VAR(&FOUND) VALUE('1')
                   LEAVE
                ENDDO
             ENDDO
 ENDPGM:     ENDPGM

Here is an example CL program that runs CHKUSER

 TESTUSR:    PGM
             DCL        VAR(&FOUND) TYPE(*CHAR) LEN(1)
             DCL        VAR(&CURUSR) TYPE(*CHAR) LEN(10)
             MONMSG     MSGID(CPF0000)
             RTVJOBA    USER(&CURUSR)
             CHKUSER    RTNVAR(&FOUND) USERS(QPGM QUSER QSECOFR )
             IF (&FOUND = '1') THEN(DO)
             SNDPGMMSG  MSGID(CPF9897) MSGF(QCPFMSG) MSGDTA('User' +
                          *BCAT &CURUSR *BCAT 'found on exclude +
                          list') MSGTYPE(*ESCAPE)
             ENDDO
 ENDPGM:     ENDPGM

Return to midrangenews.com home page.
Sort Ascend | Descend

COMMENTS

(Sign in to Post a Comment)
Posted by: Paulster
Premium member *
Sweden and The Netherlands
Comment on: CHKUSER - Check User Against List of Users
Posted: 10 years 8 months 26 days 1 hours 20 minutes ago

...why not a table with users rather than the list on the command? SQL the current user against the list and you're ready.

Posted by: bobcozzi
Site Admin ****
Chicagoland
www.cozTools.com/qryfile
Comment on: CHKUSER - Check User Against List of Users
Posted: 10 years 8 months 25 days 17 hours 4 minutes ago

Since when can we effectively use SQL inside of CL?

Posted by: GFuste
Premium member *
Jacksonville, FL
http://www.redbeetlesoftware.com
Comment on: CHKUSER - Check User Against List of Users
Posted: 10 years 8 months 25 days 16 hours 4 minutes ago

You could always try reading a file of users in CL as well.

Posted by: Paulster
Premium member *
Sweden and The Netherlands
Comment on: CHKUSER - Check User Against List of Users
Posted: 10 years 8 months 25 days 2 hours 9 minutes ago

Bob: Didn't know CL was a requirement. And since we're on the RPG forum here...   :o)

If it was a Q&D job I'd go for reading the file in a CL as GFuste suggests - nothing wrong with that in the right situation - 10/15 minutes and youä're up and running. But if you want to do a nicer job, RPG and SQL does seem the answer.

In any case, I'd never have a command with a list of potentially 50 users.

Posted by: bobcozzi
Site Admin ****
Chicagoland
www.cozTools.com/qryfile
Comment on: CHKUSER - Check User Against List of Users
Posted: 10 years 8 months 24 days 13 hours 4 minutes ago

It's probably just a taste issue. I don't like to creat extra objects (such as files) for CL routines. I'd prefer to pass in a list of arguments and control it that way. Then each CL program that also needs similar function can use the routine--rather than include some Program Name field in a file and then having to manage it.