Access Definition

Masks and permissions for DB2 columns and tables are documented with objects of type Access Definition.

In the predefined Predict metastructure, an access definition can have passive associations of the following types:

Valid passive associations:

"Is controlled by FI" (for permissions)
"Is controlled by EL" (for masks)

This document covers the following topics:

Access Definition Maintenance Menu

The Access Definition Maintenance menu is called with function code M and object code AN in a Predict main menu or the command MAINTAIN AN. 

16:17:14                *****  P R E D I C T  *****                  2011-10-18
Plan   0           - (AN) Access Definition Maintenance -        Profile SYSTEM
                                                                               
 Function                              Function                                
                                                                               
 A  Add a Access Definition            D  Display Access Definition            
 C  Copy Access Definition             L  Link children                        
 M  Modify Access Definition           S  Select Access Definition from list   
 N  Rename Access Definition                                                   
 P  Purge Access Definition                                                    
                                                                               
                                                                               
Function ..............                                                        
                                                                               
Access Definition ID ..                                  Attributes ....*      
Copy ID ...............                                                        
                                                                               
                                                                               
Restrictions .........*   Profile Default,empty          Association ...*      
                                                                               
Command ===>                                                                   
Enter-PF1---PF2---PF3---PF4---PF5---PF6---PF7---PF8---PF9---PF10--PF11--PF12---

Note:
Parameters not listed here are described under Global Attributes.

Parameters
Function Standard maintenance functions are described in the section Maintenance in the Predict Reference documentation.
Access Definition ID ID of the access definition.

Add an Access Definition Screen

The screen is displayed for the Add a Access Definition function. The Copy and Modify screens are similar. 

17:04:52                *****  P R E D I C T  *****                  2011-11-16
                        - Add a Access Definition -                            
Access Definition HNO-AN                                                       
Type ...........*                                                              
Keys ..                                                                 Zoom: N
                                                                               
Access Definition attributes                                                   
  DB2 name ..........                                                          
  Correlation name ..                                                          
                                                                               
Abstract     Zoom: N                                                           
                                                                               
                                                                               
                                                                               
                                                                               
                                                                               
                                                                               
                                                                               
                                                                               
                                                                               
                                                                               
                                                                               
  Additional attributes ..* N          Associations ..* N

Note:
Parameters not listed here are described under Global Attributes.

Parameters
Type
The type of the access definition. Valid values:
M

Mask.

A column mask in DB2 is used for column access control and specifies the value that should be returned for a specified column. Exactly one mask per column is allowed.

In DB2 an enabled column mask does not take effect until the ALTER TABLE statement with the ACTIVATE COLUMN ACCESS CONTROL clause is used to activate column access control for the table.

R

Permission.

Multiple row permissions can be created for a table.

In DB2 an enabled row permission does not take effect until the ALTER TABLE statement with the ACTIVATE ROW ACCESS CONTROL clause is used to activate row access control for the table.

DB2 Name The name of the DB2 table or column.
Correlation Name The correlation name defined in the subselect clause of a view.

Access Definition Retrieval

Layout of Access Definition Lists 

13:26:48                *****  P R E D I C T  *****                  2011-12-01
                         - List Access Definition -                            
                                                                               
-------------------------------------------------------------------------------
Cnt  Access Definition ID                                                      
                                                                               
   1 HEB-AN                                                                    
     Abstract                                                                  
       fdsa                                                                    
   2 HEB-AN-BUS                                                                
   3 HEB-AN-149                                                                
   4 HEB-AN1                                                                   
     Abstract                                                                  
       fdsa                                                                    
   5 HEB-AN3                                                                   
   6 HEB-AN4                                                                   
   7 HEB-MASK                                                                  
   8 HEB-PER                                                                   
   9 HEB-PER_1                                                                 
  10 HNO-TEST                                                                  
Command ===>                                                    Scroll ==> CSR 
Enter-PF1---PF2---PF3---PF4---PF5---PF6---PF7---PF8---PF9---PF10--PF11--PF12---
                  Quit        RFind Flip  -     +           Left  Right

Output Options for Access Definition Retrieval

The output options valid for this object type are identical to those for object type dataspace. See Output Options for Dataspace Retrieval.