Active Retrieval

Predict Security only performs checks on documentation objects. External objects are not checked.

Active Retrieval functions can be divided into three groups:

  • List/Display-oriented functions
    This group includes functions with D in the Active Retrieval menu for the respective object type (Files, Fields etc.). The same checks are performed as for Retrieval. The result depends on the output mode and whether attributes or restrictions are entered. See Retrieval.

  • Attribute-oriented functions
    Functions such as Entries referenced by members always evaluate Predict in their relationship with external objects.

    Active Retrieval for Function Note
    Entries referenced
    by members
    ...not referenced/
    ...incosistently used
    ...not documented ...using dynamic SQL ...not implemented
    R U O V N
    File Y Y   Y    
    Field Y Y Y     Checks are only performed for the file containing the field.
    Program Y Y     Y  
    System         Y  
    Verification Y Y        

    If a user does not have READ access to an object, the object is suppressed completely. This is to prevent him gaining information about an object through the external objects to which the documentation object is connected. Total suppression means the following:

    • IDs of protected objects do not appear in the retrieval report.

    • The note >>>protected<<< does not appear.

    • No message appears at the end of the report saying how many objects were suppressed for security reasons.

    • If the user does not have READ access to a range of objects, the following message is given:

      No objects found

      Example: User has no access to files starting with USER1. If he enters USER1* for File ID, he gets the message:

      No files found
  • Functions that search using external objects
    Active Retrieval for Function
    referenced by
    Entries not
    ...not documented ...with members ...using dynamic SQL
    R U O T V
    File       Y    
    Member Y Y Y Y Y Y
    System Y     Y Y  

    The following rules apply:

    • No security check is performed on the external objects.

    • All external objects are listed, but if the user does not have access to the Predict object, the object ID is not displayed. The object is marked as >>>protected<<<. See example below.

    • With functions that do not display any object IDs, for example Files not documented, no security check is performed.

       13:45:28             *****  P R E D I C T  *****              2007-05-31
                                      - List Library -
         Cnt  Library   Fnr DBnr  Documented system
           1  SYSTEM     41   10  >>> System is protected <<<
           2  SYSSTK     45      STK-1
           3  SYSDIC      7  177  >>> Library not documented <<<