This topic gives an example of how you might design applications to make use of the user-defined resources.
EXEC CICS QUERY SECURITY RESCLASS('$FILEREC')
RESID('PAYFILE.SALARY')
RESIDLENGTH(14)
READ(read_cvda)
Then, depending on the value
returned in read_cvda, your application either displays the salary
or a message stating that the user is not authorized to display it. Likewise,
as part of a transaction that updates a person's telephone number, you
issue:
EXEC CICS QUERY SECURITY RESCLASS('$FILEREC')
RESID('PERSONAL.PHONE')
RESIDLENGTH(14)
UPDATE(update_cvda)
If the value returned in update_cvda indicates that the user has UPDATE access, the transaction can continue and update the telephone number in the file. Otherwise, it should indicate that the user is not authorized to update the telephone number.