Role Concept

To reflect ChangeMan's role concept, all information about roles and rights of a user within ChangeMan are now implanted and reflected in the model. Therefore several properties are implemented.

The reflection of user roles and rights in the model

All global roles are cached when starting the model (building the root container).
A flag is set to determine whether a user has update or read rights on each application (PROP_SEC_ApplUpdate = Y/N). Any application where a user has not even read rights are not shown in the lists and tree views.
A new security exit (TAUCMSEC) is provided, where a user can be checked against certain RACF rights.

This information is used within the model to decide if a certain menu function is shown or not. In addition, several retrieve and list functions for promotion and approvals are enhanced to show only valid entries. The update and view panels for package parameter are split to reflect the read or update rights of a user.

Use your own conditions to customize which functions are available for users to use or not use.

The following table shows the flags available for conditions:

Flag	Condition
CMG_PROP_SEC_GlobalAccess	Does the user have Global Access?
CMG_PROP_SEC_AdminAccess	Does the user have Admin Access?
CMG_PROP_SEC_MonitorAcsess	Does the user have Monitor Access?
CMG_PROP_SEC_BackoutAccess	Does the user have Backout Access?
CMG_PROP_SEC_RevertAccess	Does the user have Revert Access?
CMG_PROP_SEC_ReleasManAccess	Does the user have Release Manager Access?
CMG_PROP_SEC_ReleaseApplAccess	Does the user have Release Application Access?
CMG_PROP_SEC_GlobalReadAccess	Does the user have Global Read Access?
CMG_PROP_SEC_AdminReadAccess	Does the user have Admin Read Acces?
CMG_PROP_SEC_ApplUpdate	Does the user have Application Update Access?

The exit and the flags can be used to enhance the model by customer specific needs. All base functions are already reflecting the user rights.