iX V6.5 (30391-90011)

52 Chapter2

Database Structure and Protection

Protecting the Database

The combinations of the data set and data item user class lists result in one of the

following ﬁve types of access:

• Write access

• Update access

• Read access

• No access

• Creator-only access

Write Access A user class that has write access can add entries to or delete from the data

set. Write access means that update and read access are also granted, and is sometimes

referred to as full data access. To grant write access to a user class for a data set, include

the user class number in the write list of the data set. The speciﬁed user class then needs

to open the database using mode 1, 3, or 4 to take advantage of write access. The user class

is ignored if it appears in the user class lists of data items that belong to the data set

because write access to a user class at the data set level supersedes that at the item level.

NOTE

Database access modes 2, 5, 6, 7, and 8 do not allow write access. Programs

that open the database in these modes must pass data set and data item level

security. For additional information, refer to chapter 4 and to "Database

Access Modes and Data Set Write Lists" later in this chapter.

Update Access A user class that has update access can change the values of a particular

data item in an existing data entry. However, the user class cannot add or delete entries

from the data set. Update access means that read access is also granted. To grant update

access to a user class for a data item, include the user class in the read list of the data set

and in the write list of the data item. The speciﬁed user class then needs to open the

database in mode 1, 2, 3, or 4 to take advantage of this type of access. The user class can

have update, read, or no access to other data items in the data set depending on the user

class lists of the other data items.

NOTE

TurboIMAGE/XL provides an option called critical item update (CIUPDATE)

which lets you update the values of detail data set search and sort items if the

database access mode is 1, 3, or 4 and if permitted for the current process. You

can restrict update of these data items by assigning read-only access at the

set level and controlling write or update access at the item level. See chapter

4 for more information on CIUPDATE.

Read Access A user class that has read access can only view the values of a particular

data item. To grant read access to a user class for a data item, include the user class in the

read class list of the data set and in the read class list of the data item. This user class can

have update, read, or no access to other data items in the data set depending on the user

class lists of the other items.

No Access A user class that has no access cannot read data item values. No access to a

user class can be deﬁned for an entire data set or for speciﬁc data items in a data set.