There are times when we need to allow a user to perform a function that is beyond their authority level. For example, I have a menu option that displays certain selected information from a customer credit file. It shows the Customer name and address, but it does not display any of the sensitive data in the credit file.
In this example, the user should have no authority to access the file. But, when executing this particular menu option to view the Customer Name and Address, I need to elevate the user's authority to allow the user to access the file. The typical method used to elevate the user's authority would be to use Adopted Authority.
We have discussed Adopted authority on numerous occasions in the newsletter, and will not go into the details here. But, if you missed those articles, here is a recent article on how Adopted Authority works [2].When a program is executed that adopts authority, that adopted authority will be propagated to all programs that are subsequently called, until the original program that adopted authority is ended.
Another way to look at this is that Adopted authority is passed down the program call stack to all called programs and subprograms. Each of these programs will ultimately RETURN to the CALLing program. When the program that adopted authority RETURNs, the adopted authority is removed.
It is a common misconception that there is only one way to stop the propagation of authority to a called program. That method is implemented by using the USEADPAUT(*NO) program attribute in a called program.
If a program in the Call Stack has adopted authority, and a program is then called that specifies USEADPAUT(*NO), that program, and any programs that it CALLs will not use the adopted authority established earlier in the Call stack. It is a great way to stop the propagation of adopted authority. In this case, the adopted authority established in one program is propagated to a CALLed program, but the CALLed program says 'I don't want to use any adopted authority'.
There is another way to stop the propagation of adopted authority, but using this method, a program that adopts authority can say to a CALLed program, "I've got adopted authority, but you can't have it".
In essence, if a program is running under adopted authority, that program can change its own runtime attributes to either propagate or NOT propagate the adopted authority that is present at its call level.
To accomplish this feat, IBM has provided an MI Built-in Function named MODINVAU(Modify Invocation Authority Attributes).
Using this Built-in function, you can specify that adopted authority is to be suppressed, or that it is not to be suppressed. The normal invocation attribute is to NOT suppress the propagation of adopted authority, but you can specify the opposite.
You can read more about MODINVAU at the IBM Information Center [3].
It is a simple task to set your program to suppress the propagation of adopted authority. Here is an example of a ILE Control Language program that will first set the authority attribute to propagate(X'00') the adopted authority and go to the MAIN menu, where adopted authority will be in effect. When the user exits the Main Menu, the authority attribute is then changed to suppress(X'01') the propagation of adopted authority, and the MAIN menu is again displayed, but this time when the MAIN menu is displayed, adopted authority is not in effect.
PGM
CALLPRC PRC('_MODINVAU') PARM((X'00')) /* Do Adopt +
Adopted Aut */
GO MAIN
CALLPRC PRC('_MODINVAU') PARM((X'01')) /* Suppress +
Adopted Aut */
GO MAIN
ENDPGM
I suggest that if you use adopted authority in your applications, you use the MODINVAU function to suppress the propagation of that adopted authority wherever possible. You can use this MI built-in in any ILE language.
Links:
[1] http://systeminetwork.com/author/dan-riehl
[2] http://systeminetwork.com/article/adoption-authority-public-and-group-profile-misconceptions"target=_blank
[3] http://publib.boulder.ibm.com/infocenter/iseries/v6r1m0/index.jsp?topic=/rzatk/MODINVAU.htm"target="_blank