Museum

Home

Lab Overview

Retrotechnology Articles

⇒ Online Manual

Media Vault

Software Library

Restoration Projects

Artifacts Sought

Related Articles

Format

More

Examples

sequence-number

identifier

access-right

RDB/VMS Relational Database Operator CHANGE_PROTECTION — VMS CDD+_4.1A

 Changes protection for a single entry within the specified access
 control list.

 Example:

      RDO> CHANGE PROTECTION FOR DATABASE
      cont>  [ADMIN,JONES]
      cont>  ACCESS "WRITE+MODIFY+ERASE".

Additional information available:

FormatMoreExamples

Format

 CHANGE PROTECTION FOR ────┬───> 
D

A

T

A

B

A

S

E
───────────>────────┬─┐ ├───> 
R

E

L

A

T

I

O

N
──> relation-name ──┤ │ └───> 
V

I

E

W
──────> view-name ──────┘ │ ┌────────────────────────────<──────────────────────────┘ └──┬───────────>───────────┬─┐ ├──> sequence-number ───┤ │ └┬─> identifier ───┬────┘ │ └─────── typebox (+) <──────┘ │ ┌────────────────────────────┘ └──> 
A

C

C

E

S

S
──┬─> access-right ──┬──────────> . └───── typebox (+) <─────────┘

Additional information available:

sequence-numberidentifieraccess-right

sequence-number

 A number that identifies the entry within the specified access
 control list whose protection you want to change.  The default is
 one.

 If you specify a sequence number larger than the largest existing
 sequence number, Rdb/VMS returns an error message.

identifier

 A VMS user identifier that identifies the entry within the specified
 access control list whose protection you want to change.  An
 identifier can be any of the following:

  o  UIC identifier

  o  General identifier

  o  System-defined identifier

access-right

 An access right to be granted or denied to the user identified by
 UIC.  The new version of the ACL entry you create with the CHANGE
 PROTECTION statement does not inherit any characteristics from the
 old version.  When you change protection on a database element, you
 need to specify the entire entry, including all the access rights you
 want to deny.

 Request HELP on Access_rights to see a complete table of Rdb/VMS
 access rights.

More

 An access control list (ACL) is attached to each database and
 relation.  Each list consists of entries that specify two items of
 information:

  o  An identifier that specifies a user or set of users.

  o  A set of access rights.  These rights specify what operations
     that user or set of users can perform on the database or
     relation.

 The new version of the ACL entry you create with the CHANGE
 PROTECTION statement does not inherit any characteristics from the
 old version.  When you change protection on a database element, you
 need to specify the entire entry, including all the access rights you
 want to deny.

 When changing protection, observe the following rules:

  o  To change protection, you must first invoke the database that
     includes the protection.

  o  If you specify two or more access rights, separate each by a plus
     sign (+), but do not include any spaces.  For example,
     READ+WRITE.

  o  If the list of access rights exceeds one line in length, place
     the list in quotation marks and use the continuation character
     (hyphen).  Otherwise, Rdb/VMS reads the carriage return as the
     end of the list, and an error results:

     cont> ACCESS "DEFINE+CHANGE+DELETE -
     cont> +CONTROL+OPERATOR+ADMINISTRATOR"

Examples

 Example 1

 You can change the protection in an access control list entry by
 specifying an identifier:

 RDO> CHANGE PROTECTION FOR DATABASE
 cont>  [GROUP1,SMITH]
 cont>  ACCESS NOCONTROL+NOOPERATOR+NOADMINISTRATOR.

 This statement performs the following actions:

  o  Identifies the user whose protection you want to change.  Here,
     the user is identified by [GROUP1,SMITH].

  o  Changes the access rights to deny the user CONTROL, OPERATOR, and
     ADMINISTRATOR privileges.  All other privileges remain as you
     defined them in the previous version of this ACL entry.



 Example 2

 You can identify the ACL entry by a sequence number:

 RDO> CHANGE PROTECTION FOR DATABASE
 cont>    4
 cont>    ACCESS WRITE+MODIFY+ERASE.

 This statement performs the following actions:

  o  Identifies the entry by specifying a sequence number 4.  This
     means that this statement will change the fourth entry in the
     access control list for the database PERSONNEL.

  o  Changes the access rights by granting WRITE, MODIFY, and ERASE
     access.  All other rights remain as they were before.

Typewritten Software • bear@typewritten.org • Edmonds, WA 98026