Resources within the new classes have to be defined by a user with system-SPECIAL
authority, or with CLAUTH authority in the new class. CLAUTH authority is granted by
issuing the following TSO command:
ALTUSER userid CLAUTH($FILEREC)
If you have the required authority, you can create the new resources by
issuing the following TSO commands:
RDEFINE $FILEREC PAYFILE.SALARY UACC(NONE)
RDEFINE $FILEREC PAYFILE.TAXBAND UACC(NONE)
RDEFINE $GILEREC PERSONAL.DETAILS ADDMEM( PERSONAL.DEPT, +
PERSONAL.MANAGER, +
PERSONAL.PHONE) +
UACC(READ)
Now you are ready to authorize users to use the new resources. Assume that
PAYROLL is the name of a group of users who are to be permitted to update
all the pay and personal details fields in an employee record. The following
TSO commands grant UPDATE access to all users in the group:
PERMIT PAYFILE.SALARY CLASS($FILEREC) ID(PAYROLL) ACCESS(UPDATE)
PERMIT PAYFILE.TAXBAND CLASS($FILEREC) ID(PAYROLL) ACCESS(UPDATE)
PERMIT PERSONAL.DETAILS CLASS($FILEREC) ID(PAYROLL) ACCESS(UPDATE)
If you had previously loaded the profiles by using the RACLIST option,
refresh the profiles in virtual storage by issuing the command:
SETROPTS RACLIST($FILEREC) REFRESH