The approach to implementation forms the basis for a sensible co-owner protection mechanism. The users themselves are the people who must decide the files and job variables to which co-ownership is to apply together with the associated conditions and then implement this decision in practice. Two steps are necessary in order to define a coowner protection:
Define the access conditions for the co-owners in condition guards (guards of type: STDAC).
Link the specified access conditions with the names of the files and job variables which are to be administered by co-owners. This linkage must be established in the form of rules in guards of type COOWNERP. Guards of this type are known as rule containers.
Examples of a conceptual basis for implementation
A user wants to define the following co-ownership rules for files created or to be created under his/her user ID.
a) The user ID USER1 should be able to co-administer all files whose name starts with ’A.’ at any time.
b) The user ID USER1 should only be able to co-administer the files BBB and CCC on Mondays.
c) The user ID USER2 should be able to co-administer the files whose name starts with ‘DD’.
Given these requirements, the user needs three condition guards (guard type: STDAC) in which to define the access conditions specified in a) to c). It is also necessary to create a rule container. The rules in this rule container consist of the following parts:
The name of the file or files for which co-owners are to be defined.
A reference to a condition guard (guard type: STDAC) which contains the required access conditions for the named file name space.
An indication of whether the default co-administration right is to be withdrawn from the user TSOS. You will find more information on this in section "Restriction of TSOS co-ownership".
Points a) and c) can both be described in one rule, whereas two rules are used for point b). This results in the following overview:
