|
LA Administration privileges for PLAM Libraries
LMS Version >= 2.0 and BS2000 >= 10.0 are prerequisites for the administration privileges described below.
The LA [xx] Action Code can be specified in the file list for PLAM libraries (FCBTYP = PL) or for any PLAM library element. In every case the result is the same: the administration privileges for the current library are displayed or amended. If the user is in a library, the element alongside which the user enters the Action Code is irrelevant.
LA The administration privileges, standard element protection attributes, and the standard element type protection attributes are displayed. The information is displayed in the following form:
% SHOW LIBRARY ADMINISTRATION + STANDARD ELEMENT-PROTECTION % % LIBRARY NAME : CFSLIB % % LAST ACCESS DATE : YES (Modify with: LAKL/LANKL) % % LIBRARY ADMINISTRATION : OWNER = YES GROUP = NO OTHERS = NO % PASSW = NO % % STD ELEMENT-PROTECTION : OWNER = R W * GROUP = - - * OTHERS = - - * % RDPASS = NO WRPASS = NO EXPASS = NO % % STD PROTECTION TYPE C/ : OWNER = R W X GROUP = - - X OTHERS = - - X % RDPASS = NO WRPASS = NO EXPASS = NO % ADMIN = OWNER OTHERS % WRITE-CONTROL = YES % % PLEASE ACKNOWLEDGE
Notes:
The asterisks in the protection lines indicate that no Basic Access Control List has been defined for the respective access type. This means that Owner, Group and Others all have the respective access to the element.
Standard element and element type protection attributes may be defined with the SP Action Code. For further information, see page 6-.
LA x [t/] Allow administration privileges for the whole library or to elements of a specified type. Administration privileges for a library allow the user to create, delete, copy and rename elements. The administration privileges may be allocated to the owner of the library (USER: Userid under which the library was created), the user group to which the owner belongs (GROUP), or all other users.
x Domains for which the administration of the library should be allowed.
U User. The owner (Userid under which the library is cataloged).
G Group. A specified number of users (User Group).
O Others. All other users.
Any combination of the letters U, G and O are allowed for x. For example, the Action-Code LAUG will grant administration privileges for the library to the userid under which the library was cataloged, and the user group.
t/ The domains (U/G/O) specified previously will have administration privileges for elements of type t . Only users within these domains have the right to amend, delete or rename type t elements.
By entering the Action Code repeatedly, administration privileges to multiple domains can be assigned. For example, LAUS/ LAOS/ will allow users from domains User and Others administration privileges to type S elements.
Type-specific administration privileges for elements are only available as from LMS Version 3.0.
LAN t/ The Action Code LANt/ will result in a previously defined administration right to type t elements being reset. Elements belonging to this type will then be governed by global administration rights.
The LA Action Code can be executed for any element in the library. The effect in all cases will be the same.
The default case, i.e. if no specific administration rights are defined for an element type, will result in the global administration rights governing the library will be valid at the element level.
LAN x Prohibit administration of the library by specified userids.
Without administration privileges for a library, elements may not be created, deleted, copied or renamed by the user.
x Domains for which administration should be prohibited. For a description, see above. Any combination of the letters U, G and O may be specified for x.
LAN All administration privileges for the library are reset. Any user with DVS access to the library may create, delete, copy and rename elements.
LAP A mask is displayed in which the user can enter a one to four byte administration password for the library. Administration activities (see above) are then only possible if this password has previously been specified with the BS2000 password command. Setting an administration password is independent of the administration domain definition using the LA x Action Code (see above).
The administration password format is [C]'...' or X'...'.
Since passwords for PLAM libraries are stored in encrypted form, they may not be displayed later, neither by the system administrator, nor by the owner of the library. If the password has been forgotten, the only solution is for the owner to delete the old password and to define a new one.
LANP The owner of the library, i.e. the userid under which the library is cataloged, can delete an administration password. The password to be deleted does not have to be known.
LAKL | LANKL Keep Last Access. Updating the Last Access Date when accessing library elements is set/reset.
The KL variation of the LA Action Code is only possible with LMS from Version 3.0.
The system administrator can set an option in the CFSMAIN module that will cause libraries created by CFS to utilise the Last Access Date function.
LAWC | LANWC Set/reset the Write Control characteristic for all elements of the same type as the element marked with the LAWC Action Code.
The WC variation of the LA Action Codes is only possible with LMS from Version 3.0.
If Write Control has been set for type t elements, the following access restrictions apply to elements of that type:
- If an element t/element/version has been loaned, i.e. it is in a HOLD state, it is not possible to amend or overwrite this element.
- Whatever the HOLD status, an element t/element/ version may not be renamed.
- The element t/element/version must be on loan (Hold Status) before a higher version of an element can be created from the current version.
Note:
If the administration privileges for a PLAM library are amended with a LA.. Action Code, the following additional checks are made by CFS: Is the library cataloged as SHARE=YES ? If so: Is a Basic Access Control List or a Full Access Control List defined for the library? If not, the BACL attributes OWNER/GROUP/OTHERS are set to READ/WRITE/EXEC. This ensures that the file may no longer be copied.