© Copyright IBM Corp. 2003 83
Chapter 8. Using existing privilege class
records
For several reasons, you may not want to use the privilege classes shipped with Web Access.
However, before you decide that you do not, please be aware that starting in Version 7.1 of
Tivoli Information Management for z/OS, the privilege class eligible-user lists are stored in list
processor (LP) format. This enhancement gives you the ability to store hundreds (or even
thousands) of users in one privilege class. The old data-entry panel came with only 24. As
part of the Version 7.1 install, you were asked to consider running TSX BLGTPRIV to migrate
your privilege classes to the list processor format. If you did not do that during the Version 7.1
install, you should do so now.
30
Assuming that you want to use your current privilege classes, there are steps you must take
so that Web Access will recognize them. You do not have to do anything to get a privilege
class to show up in the Switch Roles list. But, if you do not follow the rest of the steps below,
you will find yourself on the default home page (BLQWUSER.html) when you switch to one of
your privilege classes, which may not be what you want.
The Privilege class role defined in the privilege class record is what Web Access uses to
determine your home page (see Figure 8-1 on page 84). If your privilege class record does
not include a Privilege class role, or there is no lookup record for that role, Web Access
assumes a default page of BLQWUSER.html. This processing is performed by business logic
in the home_page_exit routine, BLQHOME. You can modify this routine or write your own
REXX routine. Refer to 4.3.6, “The home page” on page 40 for more information.
8
30
Refer to
Tivoli Information Management for z/OS Planning and Installation Guide and Reference
, GC31-8751
(BLGP2E10).
84 IBM Tivoli Web Access for Information Management
Figure 8-1 Defining the Privilege class role
If you are satisfied with the five roles and corresponding home pages supplied by Web
Access, you can simply update your classes and add a Privilege class role, choosing from
among the following:
Administrator role—Uses BLQWADMN.html as the home page HTML.
31
Analyst role—Uses BLQWALST.html as the home page HTML.
Manager role—Uses BLQWMGT.html as the home page HTML.
Support role—Uses BLQWSUPP.html as the home page HTML.
User role—Uses BLQWUSER.html as the home page HTML. This HTML is also the
default used when a privilege class does not have a role.
31
The Administrator role applies to your Information Management for z/OS administrator. The Information
Management administrator typically performs the tasks necessary to keep your company's processes running
smoothly, such as archiving records or defining a new privilege class. This is not to be confused with a Web
administrator, whose purpose is to manage your Web Access application.
Chapter 8. Using existing privilege class records 85
If you want to define different roles and home pages, there are several steps that you must
take:
1. Update the validation for Privilege class role and add the name of the new desired role or
roles. To do this, update data attribute record BLQ&ROLE and add the new role names
under
11. Validation data basic. In the example illustrated by Figure 8-2, the new role is
Newrole
.
Figure 8-2 Adding a new role
Then, make the same change to data attribute record BLQ&CLRL.
86 IBM Tivoli Web Access for Information Management
2. Update your privilege class so that it specifies the new role (see Figure 8-3).
Figure 8-3 Reflecting the new role in your privilege class record
Also, in order for your privilege class record to work with Web Access, it should at least
have the following authorities:
– Update and display authority for people records
– Display authority for privilege class records
Depending on the tasks that users will perform while in this privilege class, the class may
need other authorities such as solution record display, create, and update. Adjust the
other record-specific authorities as needed.
Chapter 8. Using existing privilege class records 87
3. Create a lookup record for the new role (see Figure 8-4). This is a type of reference
record. To create it, simply copy one of the existing lookup records:
–
BLQWADMN—Lookup work items for administrator
–
BLQWALST—Lookup work items for analyst role
–
BLQWMGT—Lookup work items for management role
–
BLQWSUPP—Lookup work items for support role
–
BLQWUSER—Lookup work items for Web user role
Assign a record ID and specify the new role in the
Role for this Lookup record field.
Figure 8-4 Creating the lookup record
Get IBM Tivoli Web Access for Information Management now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
