We have installed RO61518 JES-USERS WITH READ ACCESS CAN PURGE JOBS USING DETACH JOB. It is not clear to me based on the fix information what else I need to do to activate this security. Do I have to still code the security check in the outexit? Or is just setting up the JESSPOOL rules enough because you already are doing the security call in DETACH JOB command?
RO61518 JES-USERS WITH READ ACCESS CAN PURGE JOBS USING DETACH JOB implements a security call for the DETACH JOB command to make sure the user issuing the D J command is authorized to PURGE the output from JES.
This is the way The DETACH JOB command works after applying RO61518. The OUTEXIT is no longer required. Just setting up the JESSPOOL rules is enough because Roscoe is now making the security call in DETACH JOB.
Summary:
Users with READ ONLY access issuing the command DETACH JOB
Users with READ ONLY access issuing the command DETACH JOB NOACT
Users with ALL access issuing the command DETACH JOB
Users with READ ONLY access issuing the command DETACH JOB NOACT
There is a standalone PURGE command which is actually runs as a Roscoe monitor routine. The PURGE monitor was enhanced with APAR QO90965 UPDATE PURGE MONITOR TO MAKE JESSPOOL SECURITY CALL.