The following shows the details of HDSRFEPR for viewing the access permissions that are set by the extended access control function.
/* REXX */ /**********************************************************************/ /* */ /* All Rights Reserved. Copyright (C) 2015, 2022, Hitachi, Ltd. */ /* */ /**********************************************************************/ /* */ /* HDSRFEPR - This is a sample script that uses the RLIST */ /* RACF command to collect information about RACF profiles for */ /* the BCM advanced access control facility. */ /* */ /* The script response indicates whether you have been granted */ /* view permission for each element specified in a parameter. */ /* */ /* The available parameters are as follows: */ /* */ /* [ PREFIX(prefix_name)] */ /* [ CGNAME(cg_name)] */ /* [ CGTYPE({SI|TC|UR})] */ /* [ CLI({YKQRYDEV|YKMAKE|YKDELETE|YKRECVER})] */ /* [ FUNC(RRESYNC)] */ /* */ /**********************************************************************/ /**********************************************************************/ /* Note: When this sample program is executed in SYSTEM REXX, */ /* please uncomment the instructions lines below. */ /**********************************************************************/ /* * If ADDRESS() /= 'TSO' Then * Do; * SAY 'TSO service is not available.' * EXIT -3; * End; * Else * Nop; */ /* Parse argument specified in the EXEC command. */ Parse Upper Arg @options ; Parse Upper Value @options With 'PREFIX(' opt_prefix ')'; Parse Upper Value @options With 'CGNAME(' opt_cgname ')'; Parse Upper Value @options With 'CGTYPE(' opt_cgtype ')'; Parse Upper Value @options With 'CLI(' opt_cli ')'; Parse Upper Value @options With 'FUNC(' opt_func ')'; /* Execute OUTTRAP function. */ /* Responses of RLIST command are stored line. temporary. */ push_trap = OUTTRAP(); void = OUTTRAP('line.',,'NOCONCAT'); /* When PREFIX requested -------------------------------------------- */ If opt_prefix /= "" Then Do; Call check_auth "PFX."opt_prefix ; If result = 0 Then SAY "PREFIX("opt_prefix") : AUTHORIZED" ; Else SAY "PREFIX("opt_prefix") : UNAUTHORIZED" ; End; Else Nop; /* ------------------------------------------------------------------ */ /* When CGNAME requested -------------------------------------------- */ If opt_cgname /= "" Then Do; Call check_auth "CGNAME."opt_cgname ; If result = 0 then SAY "CGNAME("opt_cgname") : AUTHORIZED" ; Else SAY "CGNAME("opt_cgname") : UNAUTHORIZED" ; End; Else Nop; /* ------------------------------------------------------------------ */ /* When CGTYPE requested -------------------------------------------- */ If opt_cgtype /= "" Then Do; Call check_auth "CGTYPE."opt_cgtype ; If result = 0 Then SAY "CGTYPE("opt_cgtype") : AUTHORIZED" ; Else SAY "CGTYPE("opt_cgtype") : UNAUTHORIZED" ; End; Else Nop; /* ------------------------------------------------------------------ */ /* When CLI requested ----------------------------------------------- */ If opt_cli /= "" Then Do; Call check_auth "CLI."opt_cli ; If result = 0 Then SAY "CLI("opt_cli") : AUTHORIZED" ; Else SAY "CLI("opt_cli") : UNAUTHORIZED" ; End; Else Nop; /* ------------------------------------------------------------------ */ /* When FUNC requested ---------------------------------------------- */ Select When opt_func == "RRESYNC" Then do Call check_auth "COMMANDS.REGRSYNC" If result = 0 Then SAY "FUNC(REGRESYNC) : AUTHORIZED" Else SAY "FUNC(REGRESYNC) : UNAUTHORIZED" Call check_auth "COMMANDS.REGRSYNC.ONL" If result = 0 Then SAY "FUNC(REGRESYNC ONLINE) : AUTHORIZED" Else SAY "FUNC(REGRESYNC ONLINE) : UNAUTHORIZED" End Otherwise Nop End /* ------------------------------------------------------------------ */ /* When no available parameter exist, show the syntax --------------- */ If line.0 = 0 Then Do; SAY "-------- Available Parameters ---------" SAY " PREFIX(prefix_name)" SAY " CGNAME(cg_name)" SAY " CGTYPE(SI|TC|UR)" SAY " CLI(YKQRYDEV|YKMAKE|YKDELETE|YKRECVER)" SAY " FUNC(RRESYNC)" SAY "---------------------------------------" End; Else Nop; /* ------------------------------------------------------------------ */ void = OUTTRAP(push_trap); Exit 0; /* Exec RLIST ------------------------------------------------------- */ check_auth : Parse Upper Arg opt_element ; Address TSO "RLIST FACILITY STGADMIN.YKA.BCM."opt_element ; If rc = 0 Then Do ; Parse Upper Var line.7 ent_lvl ent_own ent_uac ent_acc ent_wrn ; If ent_acc /== "NONE" Then Return 0 ; Else Nop ; End ; Else Nop ; Return 4 ; /* ------------------------------------------------------------------ */