Blog
i can

Dawn May

Dawn May




Bookmark and Share

September 2014

Sun Mon Tue Wed Thu Fri Sat
  1 2 3 4 5 6
7 8 9 10 11 12 13
14 15 16 17 18 19 20
21 22 23 24 25 26 27
28 29 30        

« Three Years of 'i Can' | Main | Functional Usage Capabilities, Part 2 »

August 20, 2012

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a00d83545a5d153ef0177443dd74f970d

Listed below are links to weblogs that reference Functional Usage Capabilities :

Comments

Where can I find detailed documentation that describes exactly what each of these FUNCTION IDs controls?
Does one of the available function IDs allow me to control interactive SQL usage. I have some users (new programmers, support people,etc. where I want to prohibit the DELETE, UPDATE, CREATE operations but allow a SELECT operation.

The options in WRKFCNUSG are also available in iNav. Right click on the system name and select Application Administration.

Alas, there are no capabilities to restrict types of SQL selections. However, if you don't allow your users to use STRSQL, but instead restrict them to STRQM you can
10. Work with Query Manager profiles
2=Change
Page down to bottom.
Select allowed SQL statements
There you have the control requested.
Caution: If your users get into STRSQL, or iNav's "Run SQL Scripts" or any number of tools outside of STRQM these restrictions do not apply.

It's taken me a LONG time, but there's now an article on developerWorks about IBM i function usage capabilities along with a reference PDF that documents all the function usage IDs.

The article is "Granular security control with function usage" and can be found here -
https://www.ibm.com/developerworks/ibmi/library/i-granular-security/

Dawn

Verify your Comment

Previewing your Comment

This is only a preview. Your comment has not yet been posted.

Working...
Your comment could not be posted. Error type:
Your comment has been saved. Comments are moderated and will not appear until approved by the author. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.

Working...

Post a comment

Comments are moderated, and will not appear until the author has approved them.