File lock codes

Attributes 5 and 6 of file-defining items can contain retrieval and update lock codes respectively. These codes are used to restrict access to certain data files and master dictionaries. Lock codes are sets of characters used as codes. Multiple lock codes are separated by value marks. The first lock code (retrieval or update) in a master dictionary or file dictionary must be matched in attribute 6 (key) of the user’s item in the users file to allow access to the file or master dictionary. If the lock code does not match, access is denied.

Note: The DM user is a super-user. As such, the DM user will bypass all update and retrieval locks.

Locks can be placed at any file pointer level, system, master dictionary, or dictionary. The system pointer controls access to a master dictionary; the master dictionary pointer controls a file dictionary, and a file dictionary pointer controls the data file.

Example(s)

In this example, a company has four departments; finance, admin, mis, and ops. Each department is maintained in a separate master dictionary. Users remain attached to a specific master dictionary, but must be prevented from using Q-pointers or path names to access files on any other master dictionary.

The locks as they display in the system-level D-pointers and the user definitions in the mds file:

ID: finance.mstr admin.mstr mis.mstr ops.mstr
001 d d d d
002 67889 786554 45000 23007
003 11 27 13 11
004        
005 finance admin mis ops
006 finance admin mis ops
007        
008        
009 1 1 1 1
010 10 10 10 10

A few of the users and their lock keys.

user: toms glendaj sama carlak gandalf
006(keys) admin finance mis ops admin]mis]ops

Every user is restricted to those files found on the local master dictionary except for gandalf. He can access files on 3 of the four master dictionaries.

The next example illustrates setting update and retrieval locks for two files on the admin account. The files are called, payroll and reviews. A new category of supervisor is added. The supervisor files are only accessible by users with this key, regardless of the host master dictionary.

On the admin account, these pointers define the dictionaries of the files:

ID: payroll reviews
001 d d
002 56678 344567
003 23 13
004    
005 supervisor supervisor
006 supervisor supervisor
007    
008    
009 1 1
010 10 10

gandalf is now a supervisor:

user: gandalf
006(keys) admin]mis]ops]supervisor

Now, gandalf can retrieve payroll and reviews but toms is still restricted.