Determines on behalf of a third-party user whether a named user can access the object specified. Format SYS$CHECK_ACCESS [objtyp], [objnam], [usrnam], itmlst, [contxt], [clsnam], [objpro], [usrpro] C Prototype int sys$check_access (unsigned int *objtyp, void *objnam, void *usrnam, void *itmlst, unsigned int *contxt, void *clsnam, void *objpro, void *usrpro);
1 – Arguments
objtyp OpenVMS usage:longword_unsigned type: longword (unsigned) access: read only mechanism: by reference Type of object being accessed. The objtyp argument is the address of a longword containing a value specifying the type of object. The appropriate symbols are listed in the following table and are defined in the system macro $ACLDEF library: Symbol Meaning ACL$C_CAPABILITY Object is a restricted resource; use the reserved name VECTOR. ACL$C_DEVICE Object is a device. ACL$C_FILE Object is a Files-11 On-Disk Structure Level 2 file. ACL$C_GROUP_GLOBAL_ Object is a group global section. SECTION ACL$C_JOBCTL_QUEUE Object is a batch, print, or server queue. ACL$C_LOGICAL_NAME_ Object is a logical name table. TABLE ACL$C_SYSTEM_GLOBAL_ Object is a system global section. SECTION For further information about these symbols, see the description of the clsnam argument. objnam OpenVMS usage:char_string type: character-coded text string access: read only mechanism: by descriptor-fixed-length string descriptor Name of the object being accessed. The objnam argument is the address of a character-string descriptor pointing to the object name. usrnam OpenVMS usage:char_string type: character-coded text string access: read only mechanism: by descriptor-fixed-length string descriptor Name of the user attempting access. The usrnam argument is the address of a descriptor that points to a character string that contains the name of the user attempting to gain access to the specified object. The user name string can contain a maximum of 12 alphanumeric characters. itmlst OpenVMS usage:item_list_3 type: longword (unsigned) access: read only mechanism: by reference Attributes describing how the object is to be accessed and information returned after $CHECK_ACCESS performs the protection check (for instance, security alarm information). For each item code, you must include a set of four elements and end the list with a longword containing the value 0 (CHP$_END). To view the item code diagram and descriptor fields table, see the VSI OpenVMS System Services Reference Manual. contxt OpenVMS usage:longword type: longword (unsigned) access: read-write mechanism: by reference Longword used to maintain the user authorization file (UAF) context. The contxt argument is the address of a longword to receive a UAI context longword. On the initial call, this longword should contain the value -1. On subsequent calls, the value of the contxt argument from the previous call should be passed back in. Using the contxt argument keeps the UAF open across all calls, thereby improving the performance of the system on subsequent calls. To close the UAF, you must run down the image. The resulting contxt value from a $CHECK_ACCESS call can also be used as the input contxt argument to the $GETUAI system service, and vice versa. clsnam OpenVMS usage:char_string type: character-coded text string access: read only mechanism: by descriptor Object class name associated with the protected object. The clsnam argument is the address of a descriptor pointing to the name of the object class associated with the object specified by either the objnam or the objpro argument. The clsnam and objtyp arguments are mutually exclusive. The clsnam argument is the preferred argument to $CHECK_ACCESS. The following object class names are valid: CAPABILITY QUEUE COMMON_EVENT_CLUSTER RESOURCE_DOMAIN DEVICE SECURITY_CLASS FILE SYSTEM_GLOBAL_SECTION GROUP_GLOBAL_SECTION VOLUME LOGICAL_NAME_TABLE objpro OpenVMS usage:char_string type: opaque byte stream or object handle access: read only mechanism: by descriptor Buffer containing an object security profile or object handle. The objpro argument is the address of a descriptor pointing to a buffer that contains an encoded object security profile or the address of a descriptor pointing to an object handle. Object handles vary according to the associated security object class. Currently, the only supported object handles are for the file and device class objects where the object handle is a word or longword channel. The objpro and objnam arguments are mutually exclusive unless the objpro argument is a simple object handle. The objpro and usrpro arguments are also mutually exclusive unless the objpro argument is an object handle. usrpro OpenVMS usage:char_string type: opaque byte stream access: read only mechanism: by descriptor Buffer containing a user security profile. The usrpro argument is the address of a descriptor pointing to a buffer that contains an encoded user security profile. The $CREATE_USER_PROFILE service can be used to construct a user security profile. The usrpro and usrnam arguments are mutually exclusive. The objpro and usrpro arguments are also mutually exclusive unless the objpro argument is an object handle.