OnDemand User Group
Support Forums => z/OS Server => Topic started by: apro on May 09, 2022, 09:29:16 PM
-
I am trying to understand how document level permission exit does work with ESM. I see for Cabinet, Folder & AG we have associated RACF class defined in ESM and the RACROUTE call populates the corresponding resource name to be protected and get it validated against the ESM. But for documents, the manual does not state any resource class to be defined. Do we need to define any resource class for document level access? If it is not required then how CMOD understands which all documents the user has access. The IBM supplied sample ARSUSECZ module, it seems it allows access to all the documents. Any inputs on this are appreciated. Thank you !!
-
Have you looked into Query Restrictions? Query Restrictions are used to limit the documents a user can access. They are set in the Application Group > Permissions.