HDSRFEPR (viewing access permissions for the extended access control function)

Business Continuity Manager Installation Guide

Version
9.8.7
File Size
1.1 MB
Audience
anonymous
Part Number
MK-95HC104-41

The following shows the details of HDSRFEPR for viewing the access permissions that are set by the extended access control function.

Input parameter
Specify the resources or commands for which you want to check the access control, in the following format:
[△1PREFIX(prefix_name)]
[△1CGNAME(cg_name)]
[△1CGTYPE({SI|TC|UR})]
[△1CLI({YKQRYDEV|YKMAKE|YKDELETE|YKRECVER})]
[△1FUNC(RRESYNC)]
Output
Either of the following is output depending on the parameter you specified:
AUTHORIZED: Accessible
UNAUTHORIZED: Not accessible
/* REXX                                                               */
/**********************************************************************/
/*                                                                    */
/* All Rights Reserved. Copyright (C) 2015, 2022, Hitachi, Ltd.       */
/*                                                                    */
/**********************************************************************/
/*                                                                    */
/* HDSRFEPR - This is a sample script that uses the RLIST             */
/*    RACF command to collect information about RACF profiles  for    */
/*    the BCM advanced access control facility.                       */
/*                                                                    */
/*    The script response indicates whether you have been granted     */
/*    view permission for each element specified in a parameter.      */
/*                                                                    */
/*    The available parameters are as follows:                        */
/*                                                                    */
/*       [ PREFIX(prefix_name)]                                       */
/*       [ CGNAME(cg_name)]                                           */
/*       [ CGTYPE({SI|TC|UR})]                                        */
/*       [ CLI({YKQRYDEV|YKMAKE|YKDELETE|YKRECVER})]                  */
/*       [ FUNC(RRESYNC)]                                             */
/*                                                                    */
/**********************************************************************/
/**********************************************************************/
/* Note: When this sample program is executed in SYSTEM REXX,         */
/*       please uncomment the instructions lines below.               */
/**********************************************************************/
/*                                                                      
 * If ADDRESS() /= 'TSO' Then                                           
 *   Do;                                                                
 *     SAY 'TSO service is not available.'                              
 *     EXIT -3;                                                         
 *   End;                                                               
 * Else                                                                 
 *   Nop;                                                               
 */                                                                     
                                                                        
/* Parse argument specified in the EXEC command.                      */
                                                                        
Parse Upper Arg   @options ;                                            
Parse Upper Value @options With 'PREFIX(' opt_prefix ')';               
Parse Upper Value @options With 'CGNAME(' opt_cgname ')';               
Parse Upper Value @options With 'CGTYPE(' opt_cgtype ')';               
Parse Upper Value @options With 'CLI(' opt_cli ')';                     
Parse Upper Value @options With 'FUNC(' opt_func ')';                   
                                                                        
/* Execute OUTTRAP function.                                          */
/* Responses of RLIST command are stored line. temporary.             */
                                                                        
push_trap = OUTTRAP();                                                  
void      = OUTTRAP('line.',,'NOCONCAT');                               
                                                                        
/* When PREFIX requested -------------------------------------------- */
If opt_prefix /= "" Then                                                
  Do;                                                                   
    Call check_auth "PFX."opt_prefix ;      
    If result = 0 Then                                                  
      SAY "PREFIX("opt_prefix") : AUTHORIZED" ;                         
    Else                                                                
      SAY "PREFIX("opt_prefix") : UNAUTHORIZED" ;                       
  End;                                                                  
Else                                                                    
  Nop;                                                                  
/* ------------------------------------------------------------------ */
                                                                        
/* When CGNAME requested -------------------------------------------- */
If opt_cgname /= "" Then                                                
  Do;                                                                   
    Call check_auth "CGNAME."opt_cgname ;   
    If result = 0 then                                                  
      SAY "CGNAME("opt_cgname") : AUTHORIZED" ;                         
    Else                                                                
      SAY "CGNAME("opt_cgname") : UNAUTHORIZED" ;                       
  End;                                                                  
Else                                                                    
  Nop;                                                                  
/* ------------------------------------------------------------------ */
                                                                        
/* When CGTYPE requested -------------------------------------------- */
If opt_cgtype /= "" Then                                                
  Do;                                                                   
    Call check_auth "CGTYPE."opt_cgtype ;   
    If result = 0 Then                                                  
      SAY "CGTYPE("opt_cgtype") : AUTHORIZED" ;                         
    Else                                                                
      SAY "CGTYPE("opt_cgtype") : UNAUTHORIZED" ;                       
  End;                                                                  
Else                                                                    
  Nop;                                                                  
/* ------------------------------------------------------------------ */
                                                                        
/* When CLI requested ----------------------------------------------- */
If opt_cli /= "" Then                                                   
  Do;                                                                   
    Call check_auth "CLI."opt_cli ;         
    If result = 0 Then                                                  
      SAY "CLI("opt_cli") : AUTHORIZED" ;                               
    Else                                                                
      SAY "CLI("opt_cli") : UNAUTHORIZED" ;                             
  End;                                                                  
Else                                                                    
  Nop;                                                                  
/* ------------------------------------------------------------------ */
                                                                        
/* When FUNC requested ---------------------------------------------- */
Select                                                   
  When opt_func == "RRESYNC"
    Then 
      do                                                                
        Call check_auth "COMMANDS.REGRSYNC"                             
        If result = 0 
          Then                                                      
            SAY "FUNC(REGRESYNC) : AUTHORIZED"                          
          Else                                                          
            SAY "FUNC(REGRESYNC) : UNAUTHORIZED"                        

        Call check_auth "COMMANDS.REGRSYNC.ONL"                      
        If result = 0 
          Then                                                      
            SAY "FUNC(REGRESYNC ONLINE) : AUTHORIZED"                   
          Else                                                          
            SAY "FUNC(REGRESYNC ONLINE) : UNAUTHORIZED"                 
      End                                                               
  Otherwise
    Nop
  End
/* ------------------------------------------------------------------ */
                                                                        
/* When no available parameter exist, show the syntax --------------- */
If line.0 = 0 Then                                                      
  Do;                                                                   
    SAY "-------- Available Parameters ---------"                       
    SAY " PREFIX(prefix_name)"                                          
    SAY " CGNAME(cg_name)"                                              
    SAY " CGTYPE(SI|TC|UR)"                                         
    SAY " CLI(YKQRYDEV|YKMAKE|YKDELETE|YKRECVER)"                       
    SAY " FUNC(RRESYNC)"                                      
    SAY "---------------------------------------"                       
  End;                                                                  
Else                                                                    
  Nop;                                                                  
/* ------------------------------------------------------------------ */
                                                                        
void = OUTTRAP(push_trap);                                              
                                                                        
Exit 0;                                                                 
                                                                        
/* Exec RLIST ------------------------------------------------------- */
check_auth :                                                            
  Parse Upper Arg opt_element ;                                         
                                                                        
  Address TSO "RLIST FACILITY STGADMIN.YKA.BCM."opt_element ;           
                                                                        
  If rc = 0 Then                                                        
    Do ;                                                                
      Parse Upper Var line.7 ent_lvl ent_own ent_uac ent_acc ent_wrn ;  
      If ent_acc /== "NONE" Then                                        
        Return 0 ;                                                      
      Else                                                              
        Nop ;                                                           
    End ;                                                               
  Else                                                                  
    Nop ;                                                               
                                                                        
  Return 4 ;                                                            
/* ------------------------------------------------------------------ */