Joined: 07 Jan 2003 Posts: 1056 Topics: 91 Location: The Blue Planet
Posted: Wed Jul 14, 2004 12:52 am Post subject:
Thanks Cogito,
Quote:
What is that you are trying to acheive?
I am building a automated Peer Review Tracking System in our shop. Whenever a developer makes any change and moves his code to Endevor, another person from the same team has to review his changes before he moves. And his review comments has to be sent to the Project Manager / Project Leader.
After reviewing, the reviewer enters his comments on a screen (Rexx frontend) which inturn submits a job (the job which I'm trying to build) with his comments and this will be stored in a file which can be viewed by the Leader (Thro' another REXX screen). If the data is stored in a shared dataset (ie. datasets which does not start with anyone's ID - In our shop the dataset will start with 'T.') then anyone (The developer or reviewer) can modify the contents without anyone's notice.
So, I would like to hide the filename from everyone. If the file name is directly accessed via REXX , anyone can see the rexx code (since we don't have a rexx compiler here) and can easily find out the filename. so, I thought of going for COBOL wherein no one knows where the cobol source code is available.
Creating Temp datasets also will not serve my purpose. I need to create a permanent file. Please guide me to solve this problem.
Joined: 26 Nov 2002 Posts: 12401 Topics: 75 Location: San Jose
Posted: Wed Jul 14, 2004 6:21 am Post subject:
Phantom,
I think you are jumping thru hoops to get the desired results. If the requirement is just to let the team lead view the comments, then there is a simple way of doing this.
Send the reviewer's comments in the form of an email to the Team Lead. This is much simpler and you don't have to worry about someone modifying the contents.
Joined: 07 Jan 2003 Posts: 1056 Topics: 91 Location: The Blue Planet
Posted: Wed Jul 14, 2004 7:41 am Post subject:
Kolusu,
I was asked to do this in mainframe by my Team Lead. We thought of the email option but this is the way they want. Also, we will generate a report at the end of every month about each associate.
Joined: 15 Dec 2002 Posts: 637 Topics: 43 Location: Bengaluru, INDIA
Posted: Thu Jul 15, 2004 9:06 am Post subject:
Quote:
If the data is stored in a shared dataset (ie. datasets which does not start with anyone's ID - In our shop the dataset will start with 'T.') then anyone (The developer or reviewer) can modify the contents without anyone's notice.
Have a RACF group created where the IDs are that of your team leads with access as, READ. Then, assign a profile to this group. This profile would have all datasets begining with say, AAA.BBB. Write all the contents (comments, in your case) to such datasets. Even if ppl get to know of the name dataset, others will not be able to browse it.
Otherwise, write the comments to a DB2 table, where each row = 80 (?) characters. Grant access accordingly to this DB2 table. _________________ ALL opinions are welcome.
Debugging tip:
When you have eliminated all which is impossible, then whatever remains, however improbable, must be the truth.
-- Sherlock Holmes.
Joined: 07 Jan 2003 Posts: 1056 Topics: 91 Location: The Blue Planet
Posted: Thu Jul 15, 2004 9:14 am Post subject:
Thanks for your suggestions Cogito, I have one question. If only the team leads are given browse access, how do I (developer) submit the job and write some data (in this case - review comments) to the file ? What I'm saying is that, If developer 1 writes some comments about developer 2, then developer 2 should not be able to change it and vice versa. But the team leads should be able to view the comments.
Also, Our shop is tooo restricted. The RACF commands are disabled and even team leads are not allowed to use these. and we are not allowed to use DB2 tables for these purposes.
Unfortunate circumstances,....but got to get over them somehow.
Joined: 03 Jan 2003 Posts: 550 Topics: 23 Location: Michigan, USA
Posted: Thu Jul 15, 2004 9:16 am Post subject:
I believe that Phantom has a valid request. I am working on simliar fuctionality based on requirements from the Sarbannes-Oxley Act. All these comments need to be stored somewhere that not only the team leader can access but also internal and external auditors.
I have a COBOL / Dialog Manager front-end that builds JCl from skeletons and submits it using a clist.
Joined: 15 Dec 2002 Posts: 637 Topics: 43 Location: Bengaluru, INDIA
Posted: Thu Jul 15, 2004 10:07 am Post subject:
Phantom,
I am not very good in RACF. But, I can give you rough ideas.
Create a dataset profile as say, COMNTS.USERIDx.* (x = 1,2, ETC.)
Provide access of ALTER to that particular user only. COMNTS.USERID1.* datasets can be modified only by USERID1, etc.
Let, USERID1 enters comments on screen for USERID2. Then, these comments should goto a dataset as say, COMNTS.USERID1.DATA. (In your job that you would be submitting, make the dataset as COMNTS.&SYSYUID..DATA). Now, since USERID2 has NO access to datasets COMNTS.USERID1.*, s/he will not be able to browse it; leave alone modify its contents.
How does your team lead only can review them?
Create a dataset profile as say, COMNTS.*
Provide access of READ to team lead. (So that, s/he does not modify its contents. )
Read about the USER parameter in JOB paramter of JCL. When not coded/required by installation, the default will be that of the TSO Userid that submitted it. I would guess, this ID would be that of the user who would use the REXX fron-end to enter comments and therefore, submit the job. That is why, USERID2 will be able to write ONLY to datasets begining with COMNTS.USERIDxID2.*.
Why COMNTS.USERIDx.* ? Because, you said above, you have 'shared datasets' begining with TSO Userid.
Creating profiles, allowing/revoking access can be done easily using RACF. Speak to your folks to find out exactly how this can be done.
Hope this helps. _________________ ALL opinions are welcome.
Debugging tip:
When you have eliminated all which is impossible, then whatever remains, however improbable, must be the truth.
-- Sherlock Holmes.
All times are GMT - 5 Hours Goto page Previous1, 2, 3
Page 3 of 3
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
FAQ
Search
Quick Manuals
Register
Profile
Log in to check your private messages
Log in
)