Signed Program

Resource Administration subfunctions for Signed Program Administration.

 

This may not be the only step to manage a Signed Program in your environment. You may also have to refresh the PROGRAM class to enact these changes. Please consult RACF documentation and manuals for an understanding of the PROGRAM class.

ResourceAdmin.add_signed_program() 

def add_signed_program(self, signed_program_name: str, traits: dict = {}) -> Union[dict, bytes]:

📄 Description

 

Only a subset of available Segments and Traits are considered Stable. See Segments and Traits for more details.

 

Define a new Signed Program profile in the PROGRAM class.

📥 Parameters

  • signed_program_name
    The name of the Signed Program profile being defined to the PROGRAM class.

  • traits
    A dictionary of traits/attributes that should be given to the resource on creation. See Traits to see what all of the valid Resource Traits are.

📤 Returns

  • Union[dict, bytes]
    Returns a Security Result dictionary or Security Request XML bytes if the ResourceAdmin.generate_requests_only class attribute is set to True.

❌ Raises

  • SecurityRequestError
    Raises SecurityRequestError when the SAF Return Code of a Security Result is equal to 4.
  • DownstreamFatalError
    Raises DownstreamFatalError when the SAF Return Code of a Security Result is greater than 4.
  • AddOperationError
    Raises AddOperationError when the general resource profile cannot be added because it already exists.
  • SegmentTraitError
    Raises SegmentTraitError when the dictionary of traits/attributes provided contains one or more unknown traits.

💻 Example

Python REPL 
from pyracf import ResourceAdmin
resource_admin = ResourceAdmin()
resource_admin.add_signed_program("TESTPRGM")
{'securityResult': {'resource': {'name': 'TESTPRGM', 'class': 'PROGRAM', 'operation': 'set', 'requestId': 'ResourceRequest', 'commands': [{'safReturnCode': 0, 'returnCode': 0, 'reasonCode': 0, 'image': 'RDEFINE PROGRAM             (TESTPRGM) '}]}, 'returnCode': 0, 'reasonCode': 0, 'runningUserid': 'testuser'}}
Security Result Dictionary as JSON 
{
  "securityResult":{
    "resource":{
      "name":"TESTPRGM",
      "class":"PROGRAM",
      "operation":"set",
      "requestId":"ResourceRequest",
      "commands":[
        {
          "safReturnCode":0,
          "returnCode":0,
          "reasonCode":0,
          "image":"RDEFINE PROGRAM             (TESTPRGM) "
        }
      ]
    },
    "returnCode":0,
    "reasonCode":0
  }
}

ResourceAdmin.alter_signed_program() 

def alter_signed_program(self, signed_program_name: str, traits: dict = {}) -> Union[dict, bytes]:

📄 Description

 

Only a subset of available Segments and Traits are considered Stable. See Segments and Traits for more details.

 

Alter operations in pyracf require READ access to IRR.IRRSMO00.PRECHECK in the XFACILIT class This function will not produce output unless the user running the command has this access.

 

Alter an existing Signed Program profile in the PROGRAM class.

📥 Parameters

  • signed_program_name
    The name of the Signed Program profile being defined to the PROGRAM class.

  • traits
    A dictionary of traits/attributes that should be given to the resource. See Traits to see what all of the valid Resource Traits are.

📤 Returns

  • Union[dict, bytes]
    Returns a Security Result dictionary or Security Request XML bytes if the ResourceAdmin.generate_requests_only class attribute is set to True.

❌ Raises

  • SecurityRequestError
    Raises SecurityRequestError when the SAF Return Code of a Security Result is equal to 4.
  • DownstreamFatalError
    Raises DownstreamFatalError when the SAF Return Code of a Security Result is greater than 4.
  • AlterOperationError
    Raises AlterOperationError when the z/OS userid supplied cannot be altered because it does NOT exist.
  • SegmentTraitError
    Raises SegmentTraitError when the dictionary of traits/attributes provided contains one or more unknown traits.

💻 Example

Python REPL 
from pyracf import ResourceAdmin
resource_admin = ResourceAdmin()
resource_admin.alter_signed_program("TESTPRGM", traits={"sigver:log_signature_verification_events": "SUCCESS"})
{'securityResult': {'resource': {'name': 'TESTPRGM', 'class': 'PROGRAM', 'operation': 'set', 'requestId': 'ResourceRequest', 'info': ['Definition exists. Add command skipped due  to precheck option'], 'commands': [{'safReturnCode': 0, 'returnCode': 0, 'reasonCode': 0, 'image': 'RALTER  PROGRAM             (TESTPRGM)  SIGVER   (SIGAUDIT    (SUCCESS))'}]}, 'returnCode': 0, 'reasonCode': 0, 'runningUserid': 'testuser'}}
Security Result Dictionary as JSON 
{
  "securityResult":{
    "resource":{
      "name":"TESTPRGM",
      "class":"PROGRAM",
      "operation":"set",
      "requestId":"ResourceRequest",
      "info":[
        "Definition exists. Add command skipped due  to precheck option"
      ],
      "commands":[
        {
          "safReturnCode":0,
          "returnCode":0,
          "reasonCode":0,
          "image":"RALTER  PROGRAM             (TESTPRGM)  SIGVER   (SIGAUDIT    (SUCCESS))"
        }
      ]
    },
    "returnCode":0,
    "reasonCode":0
  }
}

ResourceAdmin.extract_signed_program() 

def extract_signed_program(self, signed_program_name: str) -> Union[dict, bytes]:

📄 Description

Extract an existing Signed Program profile in the PROGRAM class.

📥 Parameters

  • signed_program_name
    The name of the Signed Program profile being defined to the PROGRAM class.

📤 Returns

  • Union[dict, bytes]
    Returns a Trait dictionary of the values of the traits extracted from the SIGVER segment of the Resource Profile or Security Request XML bytes if the ResourceAdmin.generate_requests_only class attribute is set to True.

❌ Raises

  • SecurityRequestError
    Raises SecurityRequestError when the SAF Return Code of a Security Result is equal to 4.
  • DownstreamFatalError
    Raises DownstreamFatalError when the SAF Return Code of a Security Result is greater than 4.

💻 Example

Python REPL 
from pyracf import ResourceAdmin
resource_admin = ResourceAdmin()
resource_admin.extract_signed_program("TESTPRGM")
{'signatureRequired': None, 'failProgramLoadCondition': 'never', 'logSignatureVerificationEvents': 'success', 'library': None}
Trait Dictionary as JSON 
{
  "signatureRequired": null,
  "failProgramLoadCondition": "never",
  "logSignatureVerificationEvents": "success",
  "library": null
}

ResourceAdmin.delete_signed_program() 

def delete_signed_program(self, signed_program_name: str) -> Union[dict, bytes]:

📄 Description

Delete an existing Signed Program profile in the PROGRAM class.

📥 Parameters

  • signed_program_name
    The name of the Signed Program profile being defined to the PROGRAM class.

📤 Returns

  • Union[dict, bytes]
    Returns a Security Result dictionary or Security Request XML bytes if the ResourceAdmin.generate_requests_only class attribute is set to True.

❌ Raises

  • SecurityRequestError
    Raises SecurityRequestError when the SAF Return Code of a Security Result is equal to 4.
  • DownstreamFatalError
    Raises DownstreamFatalError when the SAF Return Code of a Security Result is greater than 4.

💻 Example

Python REPL 
from pyracf import ResourceAdmin
resource_admin = ResourceAdmin()
resource_admin.delete_signed_program("TESTPRGM")
{'securityResult': {'resource': {'name': 'TESTPRGM', 'class': 'PROGRAM', 'operation': 'del', 'requestId': 'ResourceRequest', 'commands': [{'safReturnCode': 0, 'returnCode': 0, 'reasonCode': 0, 'image': 'RDELETE PROGRAM             (TESTPRGM) '}]}, 'returnCode': 0, 'reasonCode': 0, 'runningUserid': 'testuser'}}
Security Result Dictionary as JSON 
{
  "securityResult":{
    "resource":{
      "name":"TESTPRGM",
      "class":"PROGRAM",
      "operation":"del",
      "requestId":"ResourceRequest",
      "commands":[
        {
          "safReturnCode":0,
          "returnCode":0,
          "reasonCode":0,
          "image":"RDELETE PROGRAM             (TESTPRGM) "
        }
      ]
    },
    "returnCode":0,
    "reasonCode":0
  }
}