Authorizing Users in CA Dataquery

Once the security plan for your site is developed, and the CA Dataquery users are identified, define each CA Dataquery user to CA Dataquery.
datacom151
Once the security plan for your site is developed, and the
CA Dataquery™ for CA Datacom®
users are identified, define each
CA Dataquery™ for CA Datacom®
user to
CA Dataquery™ for CA Datacom®
. When you add or modify a user definition,
CA Dataquery™ for CA Datacom®
stores that definition in the User Table (DQU). (If the user table is enabled, you can execute queries against it. Use the table name DATAQUERY-DQU.) You can define or modify a user by using online
CA Dataquery™ for CA Datacom®
. It is a fast, simple and efficient method.
CA Dataquery™ for CA Datacom®
provides two options on the
CA Dataquery™ for CA Datacom®
Administrative Menu (USERS and PROFILE) for adding and maintaining users.
Obtaining Authorizations
Within the
CA Dataquery™ for CA Datacom®
system exists a System Option Table created by a macro (DQOPTLST) with a number of parameters which define the
CA Dataquery™ for CA Datacom®
system at each customer site. These parameters define system-wide limits on such things as:
  • Terminal idle time before automatic signoff
  • Maximum number of rows a query can find
  • Space and system limits on processing time per query
Within the environment defined by the System Option Table, the
CA Dataquery™ for CA Datacom®
Administrator classifies people with signons as
CA Dataquery™ for CA Datacom®
Administrators, users, or associate users. Within those classifications, the
CA Dataquery™ for CA Datacom®
Administrator can define what each user is allowed to do, and can override a few of the System Option Table parameters regarding system storage allotments for individual users. Table and field authorizations are handled in other ways. For more information, see Securing Data Access for DQL and Limiting Access to Columns.
Within the individual user authorizations set up by the
CA Dataquery™ for CA Datacom®
Administrator, each user can change some personal specifications by accessing and changing the user's User Profile panel. (Associate users can only access their profiles if the System Option Table parameter ASUPPRO= is set to YES.)
The flexibility of User Table Maintenance makes it possible to assign authorizations according to actual work responsibilities. When you authorize a new user as an associate user, that user becomes limited to functions accessible by PF key on the associate user panels. For an associate user, you can only add the following authorizations on the User Table Maintenance panel:
  • Data Authorized
  • Personal Database (SQL Option required)
  • Submit Allowed
  • Export Allowed
  • SQL and DQL Allowed (SQL option required)
To authorize a person as a
user
, do not select Associate User. You can add any or all of the authorizations described in the list.
The only difference between a user and an administrator is that the administrator is a user who has been given one or more of the following authorizations:
  • Conditions
  • Restrictions
  • Printer Control
  • JCL Maintenance
  • Diagnostics
  • Language
  • User Maintenance
  • Saved Set Maintenance
  • Query Library Maintenance
  • Security
  • Active User Control
External Security
If
CA Dataquery™ for CA Datacom®
is externally secured, all
CA Dataquery™ for CA Datacom®
security functions and user authorizations must be done through the external security package. When an external security package is in effect, user access to databases and tables is controlled by that package. External security overrides
CA Dataquery™ for CA Datacom®
security at the database and table level. For more information about external security, see Using External Security for
CA Datacom®
.
Users Option
You can enter information online with the USERS option to:
  • Add, delete, or maintain users
  • Authorize users to SQL and DQL Language
  • Authorize users for system management tasks
  • Control data access
  • Override predefined system options (
    CA Dataquery™ for CA Datacom®
    System Option Table)
When a user is added with a private SQL authorization specified, such as is required for SQL use,
CA Dataquery™ for CA Datacom®
automatically creates a schema in
CA Datacom® Datadictionary™
for the SQL authorization ID. A schema defines the SQL environment of the individual user. Users must have a schema associated with an authorization ID to use SQL. A schema contains all table, view and privilege definitions owned by a given authorization ID. Any definitions created by the user are automatically added to the schema for the authorization ID specified when they creates the SQL object.
A system utility (DQUSERMT) allows you to maintain the user in batch.
Profile Option
The PROFILE option, <PF10> on the Directory of
CA Dataquery™ for CA Datacom®
Users panel, allows the modification of the individual user-defined profile option defaults for the following
CA Dataquery™ for CA Datacom®
functions and actions:
  • Online and batch features
  • Primary and secondary language selections
  • Network printing options
  • SQL Mode and DQL Mode selection