Authority collection interfaces

There are several interfaces available for the authority collection support.

Authority collection for a user

Start Authority Collection (STRAUTCOL) command.
End Authority Collection (ENDAUTCOL) command.
Delete Authority Collection (DLTAUTCOL) command.
The authority collection active indicator and the authority collection repository exists indicator are shown by the following interfaces:
- Display User Profile (DSPUSRPRF) command, *BASIC display, printed output, and outfile (QADSPUPB).
- Dump User Profile (DMPUSRPRF) command (only authority collection active indicator).
- Retrieve User Profile (RTVUSRPRF) command.
- QSYS2.USER_INFO view.
The Start Authority Collection (STRAUTCOL) command parameters from the most recent use of STRAUTCOL are shown by the following interfaces. These values are only shown if an authority collection repository currently exists for the user.
- Display User Profile (DSPUSRPRF) command, *BASIC display and printed output.
- Retrieve User Information (QSYRUSRI) API.
IBM Navigator for i, Users and Groups function, contains support for authority collection for a user.
QSYS2.AUTHORITY_COLLECTION view, display and analyze the authority collection data.

Authority collection for objects

Start Authority Collection (STRAUTCOL) command.
End Authority Collection (ENDAUTCOL) command.
Delete Authority Collection (DLTAUTCOL) command.
Change Authority Collection (CHGAUTCOL) command.
The authority collection for objects active indicator is shown by the following interfaces:
- Display Security Attributes (DSPSECA) command, display and printed output.
- Retrieve Security Attributes (QSYRTVSA) API.
The object's authority collection value is shown by the following interfaces:
- Display Object Description (DSPOBJD) command, *FULL display, printed output, and outfile (QADSPOBJ).
- Display Attributes (DSPATR) command, *FULL display and printed output.
- Display Link (DSPLNK) command, when specifying option 8 to display attributes.
- Retrieve Object Description (RTVOBJD) command.
- List Objects (QUSLOBJ) API, format OBJL0700.
- Open List of Objects (QGYOLOBJ) API, key 300 and 315.
- Retrieve Object Description (QUSROBJD) API, format OBJD0400.
- QSYS2.OBJECT_STATISTICS table function.
The authority collection information is displayed and can be analyzed by the following interfaces:
- QSYS2.AUTHORITY_COLLECTION_OBJECT view - for libraries and objects in libraries.
- QSYS2.AUTHORITY_COLLECTION_LIBRARIES view - for all libraries and objects in all libraries.
- QSYS2.AUTHORITY_COLLECTION_FSOBJ view - for file system objects in the "root" (/), QOpenSys, and user-defined file systems.
- QSYS2.AUTHORITY_COLLECTION_DLO view - for document and folder objects.
Note: QSYS2.AUTHORITY_COLLECTION_OBJECT and QSYS2.AUTHORITY_COLLECTION_LIBRARIES return the same results. However, QSYS2.AUTHORITY_COLLECTION_OBJECT will perform better when the number of entries in the authority collection is large and you are looking for a specific object or objects in a specific library. QSYS2.AUTHORITY_COLLECTION_LIBRARIES will perform better when the number of entries in the authority collection is small or you are looking for all or most objects in the authority collection.

Objects in libraries with an authority collection value of *OBJINF are shown by the following table function:


SELECT * FROM TABLE (QSYS2.OBJECT_STATISTICS('*ALLUSR ','*ALL') ) AS X 
  WHERE AUTHORITY_COLLECTION_VALUE = '*OBJINF'

File system objects in the "root" (/), QOpenSys, and user-defined file systems with an authority collection value of *OBJINF are shown by doing the following:
1. Run the Retrieve Directory Information (RTVDIRINF) command specifying the desired directory. This will produce a QAEZDxxxxO file. The RTVDIRINF command may take a long time to run.
2. Use the QAEZDxxxxO file created by the RTVDIRINF command in the Select statement:
```
SELECT QEZOBJNAM, QEZOBJTYPE, QEZAUTCOL FROM QUSRSYS.QAEZDxxxxO 
  WHERE QEZAUTCOL = '*OBJINF'
```
IBM Navigator for i, Security function and File Systems function contain support for authority collection for objects.