File Lock Codes

Attributes 5 and 6 of file-defining items can contain retrieval and update lock codes respectively. These codes are used to restrict access to certain data files and master dictionaries. Lock codes are sets of characters used as codes. Multiple lock codes are separated by value marks. The first lock code (retrieval or update) in a master dictionary or file dictionary must be matched in attribute 6 (key) of the user’s item in the users file to allow access to the file or master dictionary. If the lock code does not match, access is denied.

NOTE

The DM user is a super-user. As such, the DM user will bypass all update and retrieval locks.

Locks can be placed at any file pointer level, system, master dictionary, or dictionary. The system pointer controls access to a master dictionary; the master dictionary pointer controls a file dictionary, and a file dictionary pointer controls the data file.

Example(s)

In this example, a company has four departments; finance, admin, mis, and ops. Each department is maintained in a separate master dictionary. Users remain attached to a specific master dictionary, but must be prevented from using Q-pointers or path names to access files on any other master dictionary.

The locks as they display in the system-level D-pointers and the user definitions in the mds file:

ID:

finance.mstr

admin.mstr

mis.mstr

ops.mstr

001

d

d

d

d

002

67889

786554

45000

23007

003

11

27

13

11

004

 

 

 

 

005

finance

admin

mis

ops

006

finance

admin

mis

ops

007

 

 

 

 

008

 

 

 

 

009

1

1

1

1

010

10

10

10

10

A few of the users and their lock keys.

user:

toms

glendaj

sama

carlak

gandalf

006(keys)

admin

finance

mis

ops

admin]mis]ops

Every user is restricted to those files found on the local master dictionary except for gandalf. He can access files on 3 of the four master dictionaries.

The next example illustrates setting update and retrieval locks for two files on the admin account. The files are called, payroll and reviews. A new category of supervisor is added. The supervisor files are only accessible by users with this key, regardless of the host master dictionary.

On the admin account, these pointers define the dictionaries of the files:

ID:

payroll

reviews

001

d

d

002

56678

344567

003

23

13

004

 

 

005

supervisor

supervisor

006

supervisor

supervisor

007

 

 

008

 

 

009

1

1

010

10

10

gandalf is now a supervisor:

user:

gandalf

006(keys)

admin]mis]ops]supervisor

Now, gandalf can retrieve payroll and reviews but toms is still restricted.

See Also

Retrieval and Update Locks

retrieval-lock

Security

update-lock

users File