List Objects User Is Authorized to, Owns, or Is Primary Group of (QSYLOBJA) API

Required Parameter Group:

1
Qualified user space name
Input
Char(20)

2
Format name
Input
Char(8)

3
User profile name
Input
Char(10)

4
Object type
Input
Char(10)

5
Returned objects
Input
Char(10)

6
Continuation handle
Input
Char(20)

7
Error code
I/O
Char(*)

Optional Parameter Group:

8
Request list
Input
Char(*)

Threadsafe: Yes

The List Objects a User is Authorized to, Owns, or Is Primary Group of (QSYLOBJA) API puts a list of objects a user is authorized to, owns, or is the primary group owner for into a user space. The list of authorized objects only includes objects the user is specifically authorized to. The list does not include objects the user is authorized to because:

The user is part of a group that is authorized
The user can access the object using the public authority
The object is secured with an authorization list the user is authorized to
The user can access the object using adopted authority

This API provides information similar to that provided by the Display User Profile (DSPUSRPRF) command when specifying *OBJAUT, *OBJOWN, or *OBJPGP for the type parameter.

Authorities and Locks

User Space Authority: *CHANGE
Authority to Library Containing User Space: *EXECUTE
User Profile Authority: *READ

Required Parameter Group

Qualified user space name

INPUT; CHAR(20)

The name of the existing user space used to return the list of objects a user is authorized to, owns, or is the primary group for. The first 10 characters specify the user space name, and the second 10 characters specify the library. You can use these special values for the library name:

*CURLIB: The current library is used to locate the user space. If there is no current library, QGPL (general purpose library) is used.
*LIBL: The library list is used to locate the user space.

Format name

INPUT; CHAR(8)

The name of the format used to list objects the owner is authorized to, owns, or is the primary group for.

You can specify these formats:

OBJA0100: Each entry contains the object name, library, type, authority holder indicator and ownership indicator. For a detailed description of this format, see OBJA0100 Format.
OBJA0110: This format only returns path names for objects in a directory. Each entry contains the offset to the path name, the length of the path name, type, authority holder indicator, ownership indicator, and the path name value. For a detailed description of this format, see OBJA0110 Format.
OBJA0200: Each entry contains the same information as format OBJA0100 plus the authority values. For a detailed description of this format, see OBJA0200 Format.
OBJA0210: This format only returns path names for objects in a directory. Each entry contains the same information as format OBJA0110 plus the authority values. For a detailed description of this format, see OBJA0210 Format.
OBJA0300: Each entry contains the same information as format OBJA0200 plus the object attribute and descriptive text. For a detailed description of this format, see OBJA0300 Format.
OBJA0310: This format only returns path names for objects in a directory. Each entry contains the same information as format OBJA0210 plus the attribute and descriptive text. For a detailed description of this format, see OBJA0310 Format.

User profile name

INPUT; CHAR(10)

The user name for which the list of objects is being returned. You can specify the following special value:

*CURRENT: The list of objects that the user currently running is authorized to, owns, or is the primary group for is returned. If *CURRENT is used, the name of the current user is returned in the list header section of the user space.

Object type

INPUT; CHAR(10)

The type of object the list of objects is returned for. You can specify the following special value:

*ALL: Return entries of all object types.

Returned objects

INPUT; CHAR(10)

The objects that are returned. You can specify the following special values:

*OBJAUT: The list of objects the user is authorized to is returned.
*OBJOWN: The list of objects the user owns is returned.
*BOTH: The list of objects the user is authorized to and owns is returned. The list of owned objects precedes the list of authorized objects.
*REQLIST: The values specified in the request list parameter is used.

Continuation handle

INPUT; CHAR(20)

The handle used to continue from a previous call to this API that resulted in partially complete information. You can determine if a previous call resulted in partially complete information by checking the Information Status variable in the generic user space header following the API call.

If the API is not attempting to continue from a previous call, this parameter must be set to blanks. Otherwise, a valid continuation value must be supplied. The value may be obtained from the list header section of the user space used in the previous call. When continuing, the first entry in the returned list is the entry that immediately follows the last entry returned in the previous call.

Error code

I/O; CHAR(*)

The structure in which to return error information. For the format of the structure, see Error Code Parameter.

Optional Parameter Group

Request list

INPUT; CHAR(*)

The list of objects that are to be returned. This parameter can return more information than would be returned if the returned objects parameter was specified. This parameter is ignored unless the value in the returned objects parameter is *REQLIST. You can specify the following values:

Number of values in the list.

BINARY(4)

The number of values in the list of requests.

List of requests

ARRAY(*) of CHAR(10) The values requested to return objects for a user. The possible values are:

*OBJAUT. Returns the list of objects the user is authorized to.

*OBJOWN. Returns the list of objects the user owns.

*OBJPGP. Returns the list of objects the that the user is the primary group for.

User Space Variables

The following tables describe the order and format of the data returned in the user space. For detailed descriptions of the fields in the tables, see Field Descriptions.

Input Parameter Section

Offset		Type	Field
Dec	Hex	Type	Field
0	0	CHAR(10)	User space name specified
10	0A	CHAR(10)	Library name specified
20	14	CHAR(8)	Format name
28	1C	CHAR(10)	User profile name specified
38	26	CHAR(10)	Object type
48	30	CHAR(10)	Returned objects
58	3A	CHAR(20)	Continuation handle
78	4E	BINARY(4)	Offset to the request list
82	52	BINARY(4)	Number of values in the request list
86	56	CHAR(*)	List of requests

Header Section

Offset		Type	Field
Dec	Hex	Type	Field
0	0	CHAR(10)	User profile name
10	0A	CHAR(20)	Continuation handle
30	1E	BINARY(4)	Reason code

OBJA0100 Format

Offset		Type	Field
Dec	Hex	Type	Field
0	0	CHAR(10)	Object name
10	0A	CHAR(10)	Library name
20	14	CHAR(10)	Object type
30	1E	CHAR(1)	Authority holder
31	1F	CHAR(1)	Ownership

OBJA0110 Format

Offset		Type	Field
Dec	Hex	Type	Field
0	0	BINARY(4)	Offset to path name
4	4	BINARY(4)	Length of path name
8	8	CHAR(10)	Object type
18	12	CHAR(1)	Authority holder
19	13	CHAR(1)	Ownership
		CHAR(*)	Path name

OBJA0200 Format

Offset		Type	Field
Dec	Hex	Type	Field
0	0	CHAR(10)	Object name
10	0A	CHAR(10)	Library name
20	14	CHAR(10)	Object type
30	1E	CHAR(1)	Authority holder
31	1F	CHAR(1)	Ownership
32	20	CHAR(10)	Authority value
42	2A	CHAR(1)	Authorization list management
43	2B	CHAR(1)	Object operational
44	2C	CHAR(1)	Object management
45	2D	CHAR(1)	Object existence
46	2E	CHAR(1)	Data read
47	2F	CHAR(1)	Data add
48	30	CHAR(1)	Data update
49	31	CHAR(1)	Data delete
50	32	CHAR(1)	Data execute
60	3C	CHAR(10)	Reserved
61	3D	CHAR(1)	Object alter
62	3E	CHAR(1)	Object reference

OBJA0210 Format

Offset		Type	Field
Dec	Hex	Type	Field
0	0	BINARY(4)	Offset to path name
4	4	BINARY(4)	Length of path name
8	8	CHAR(10)	Object type
18	12	CHAR(1)	Authority holder
19	13	CHAR(1)	Ownership
20	14	CHAR(10)	Authority value
30	1E	CHAR(1)	Authorization list management
31	1F	CHAR(1)	Object operational
32	20	CHAR(1)	Object management
33	21	CHAR(1)	Object existence
34	22	CHAR(1)	Object alter
35	23	CHAR(1)	Object reference
36	24	CHAR(10)	Reserved
46	2E	CHAR(1)	Data read
47	2F	CHAR(1)	Data add
48	30	CHAR(1)	Data update
49	31	CHAR(1)	Data delete
50	32	CHAR(1)	Data execute
		CHAR(*)	Path name

OBJA0300 Format

Offset		Type	Field
Dec	Hex	Type	Field
0	0	CHAR(10)	Object name
10	0A	CHAR(10)	Library name
20	14	CHAR(10)	Object type
30	1E	CHAR(1)	Authority holder
31	1F	CHAR(1)	Ownership
32	20	CHAR(10)	Authority value
42	2A	CHAR(1)	Authorization list management
43	2B	CHAR(1)	Object operational
44	2C	CHAR(1)	Object management
45	2D	CHAR(1)	Object existence
46	2E	CHAR(1)	Data read
47	2F	CHAR(1)	Data add
48	30	CHAR(1)	Data update
49	31	CHAR(1)	Data delete
50	32	CHAR(10)	Attribute
60	3C	CHAR(50)	Text description
110	6E	CHAR(1)	Data execute
111	78	CHAR(10)	Reserved
121	79	CHAR(1)	Object alter
122	7A	CHAR(1)	Object reference

OBJA0310 Format

Offset		Type	Field
Dec	Hex	Type	Field
0	0	BINARY(4)	Offset to path name
4	4	BINARY(4)	Length of path name
8	8	CHAR(10)	Object type
18	12	CHAR(1)	Authority holder
19	13	CHAR(1)	Ownership
20	14	CHAR(10)	Authority value
30	1E	CHAR(1)	Authorization list management
31	1F	CHAR(1)	Object operational
32	20	CHAR(1)	Object management
33	21	CHAR(1)	Object existence
34	22	CHAR(1)	Object alter
35	23	CHAR(1)	Object reference
36	24	CHAR(10)	Reserved
46	2E	CHAR(1)	Data read
47	2F	CHAR(1)	Data add
48	30	CHAR(1)	Data update
49	31	CHAR(1)	Data delete
50	32	CHAR(1)	Data execute
51	33	CHAR(10)	Reserved
61	3D	CHAR(10)	Attribute
71	47	CHAR(50)	Text description
		CHAR(*)	Path name

Field Descriptions

Attribute. The object's attribute.

Authority holder. Whether the object is an authority holder. If the object is an authority holder, this field is Y. If not, this field is N.

Authority value. The special value indicating the user's authority to the object. This field contains one of the following values:

*ALL: The user has all object (operational, management, existence, alter and reference) and data (read, add, update, delete, and execute) authorities to the object.
*CHANGE: The user has object operational and all data authorities to the object.
*USE: The user has object operational and data read and execute authorities to the object.
*EXCLUDE: The user has none of the object or data authorities to the object, or authorization list management authority.
USER DEF: The user has some combination of object and data authorities that do not relate to a special value. The individual authorities for the user should be checked to determine what authority the user has to the object. This value is returned if the user owns an object and all authority for the user to the object has been removed. If this happens, all individual authority fields are set to N.

Authorization list management. Whether the user has authorization list management authority to the object. If the user has the authority, this field is Y. If not, this field is N. This field is only valid if the object type is *AUTL.

Continuation handle (header section). A continuation point for the API. This value is set based on the contents of the Information Status variable in the generic header for the user space. The following situations can occur:

Information status-C. The information returned in the user space is valid and complete. No continuation is necessary and the continuation handle is set to blanks.
Information status-P. The information returned in the user space is valid but incomplete. The user may call the API again, picking up where the last call ended. The continuation handle contains a value, that may be supplied as an input parameter in later calls.
Information status-I. The information returned in the user space is not valid or complete. The contents of the continuation handle are unpredictable.

Continuation handle (input section). The handle used to continue from a previous call to this API that resulted in partially complete information.

Data add. Whether the user has this authority to the object. If the user has the authority, this field is Y. If not, this field is N.

Data delete. Whether the user has this authority to the object. If the user has the authority, this field is Y. If not, this field is N.

Data execute. Whether the user has this authority to the object. If the user has the authority, this field is Y. If not, this field is N.

Data read. Whether the user has this authority to the object. If the user has the authority, this field is Y. If not, this field is N.

Data update. Whether the user has this authority to the object. If the user has the authority, this field is Y. If not, this field is N.

Format name. The name of the format used to list objects the user is authorized to or owns.

Length of path name. The length, in bytes, of the path name.

Library name. The name of the library containing the user space or object.

Library name specified. The name of the library that will contain the user space or object.

List of requests. The list of values requested in the list of requests parameter.

Number of values in the request list. The number of values that were specified in the list of requests.

Object alter. Whether the user has this authority to the object. If the user has the authority, this field is Y. If not, this field is N.

Object existence. Whether the user has this authority to the object. If the user has the authority, this field is Y. If not, this field is N.

Object management. Whether the user has this authority to the object. If the user has the authority, this field is Y. If not, this field is N.

Object name. The name of the object the user is authorized to, owns, or is the primary group for.

Object operational. Whether the user has this authority to the object. If the user has the authority, this field is Y. If not, this field is N.

Object reference. Whether the user has this authority to the object. If the user has the authority, this field is Y. If not, this field is N.

Object type.

Input Section: The type of object for which the list of authorized, owned, or primary group objects is returned.
List Section: The type of object the user is authorized to, owns, or is the primary group of.

Offset to path name. The offset in the user space to the start of the path name.

Offset to the request list. The offset to the specified list of requests.

Ownership. Whether the user owns the object or is the primary group for the object. If the user owns the object, this field is Y. If the user is the primary group for the object, this field is G. Otherwise, this field is N.

Path name. The path name of the object the user owns, is authorized to, or is the primary group for.

The structure of the path name returned is:

Description Type
CCSID of the returned path name Binary(4)
Country ID Char(2)
Language ID Char(3)
Reserved field Char(3)
Flag byte Binary(4)
Number of bytes in the path name Binary(4)
Path delimiter Char(2)
Reserved field Char(10)
Path name value Char(*)

Description	Type
CCSID of the returned path name	Binary(4)
Country ID	Char(2)
Language ID	Char(3)
Reserved field	Char(3)
Flag byte	Binary(4)
Number of bytes in the path name	Binary(4)
Path delimiter	Char(2)
Reserved field	Char(10)
Path name value	Char(*)

Primary group. The name of the user who is the primary group for the authorization list or object. If there is no primary group for the authorization list or object, this field will contain a value of *NONE.

Reason code. The reason code describing why the returned list is only a subset. The following values can be returned:

Reason code 0000. The list returned in the user space contains all objects meeting the search criteria.
Reason code 0001. Objects were found that meet the search criteria but could not be included in the returned list. The requested format could not handle path names for directory objects.
Reason code 0002. Objects were found that meet the search criteria but could not be included in the returned list. The requested format could not handle objects found in library QSYS.
Reason code 0003. Directory objects were found but did not have links to them.

Reserved. An ignored field.

Returned objects. The objects that are returned.

Text description. The text description of the object.

User profile name. The user name used to return the list of objects.

User profile name specified. The user name for which the list of objects is returned.

User space name. The name of the user space used to return the list of objects.

User space name specified. The name of the user space in which the list of objects is returned.

Error Messages

CPF22FC E: Value &1 not valid when specifying objects to be returned by API &2.
CPF22FD E: Continuation handle not valid for API &1.
CPF2204 E: User profile &1 not found.
CPF2213 E: Not able to allocate user profile &1.
CPF2217 E: Not authorized to user profile &1.
CPF222A E: Value &1 not valid when specifying a list of requests for API &2.
CPF222B E: The requested list parameter is not specified for API &1.
CPF222C E: &1 is not valid for the number of requested list values for API &2.
CPF3CF1 E: Error code parameter not valid.
CPF3C21 E: Format name &1 is not valid.
CPF3C31 E: Object type &1 is not valid.
CPF3C90 E: Literal value cannot be changed.
CPF9801 E: Object &2 in library &3 not found.
CPF9802 E: Not authorized to object &2 in &3.
CPF9803 E: Cannot allocate object &2 in library &3.
CPF9807 E: One or more libraries in library list deleted.
CPF9808 E: Cannot allocate one or more libraries on library list.
CPF9810 E: Library &1 not found.
CPF9820 E: Not authorized to use library &1.
CPF9830 E: Cannot assign library &1.
CPF9872 E: Program or service program &1 in library &2 ended. Reason code &3.

[Information Center Home Page | Feedback ]

[Legal | AS/400 Glossary]