A new security entity check is added at ChangeMan ZMF 8.2 for these listed functions:
Create, Checkout, Stage, Scratch, Rename, Recompile, Rebind, Freeze, Promote and Approve.
The security entity is the name of the ISPF function program:
Create = CMNCREAT
Checkout = CMNCKOUT
Stage = CMNSTGER
Scratch = CMN$UTIL
Rename = CMN$UTIL
Recompile = CMNRCOMP
Rebind = CMNRBIND
Freeze = CMNFREZE
Promote = CMNPROMO
Approve = CMNAPPRV
How to implement these new security Checks with CA Top Secret?
Release : 16.0
Component : CA Top Secret for z/OS
The new security entities should be defined in the same way that the other five security entities documented in the ChangeMan 8.2 Installation Guide that are:
CMNGBADM or CMNxGBAD
CMNLCADM or CMNxLCAD
CMNREVRT or CMNxREVR
CMNBKOUT or CMNxBKOU
CMNMON or CMNxMON
So probably there are already definitions like this in CA Top Secret:
XA UR1 = CMNGBADM OWNER(owner_acid)
ACCESS = UPDATE
Note: The resource class is UR1 that is the name suggested in the Changeman documentation if the security system is CA Top Secret.
The information about the Resource name is documented in Page 60 of the ChangeMan ZMF Installation Guide available at the following link:
For the new Security entities, it is necessary to ADD first the ownership of the new security entities to an owning acid and then permit the new entities to the ChangeMan administrators and
to the ChangeMan STC acid.
For example, for the new entity CMNCREAT the commands would be:
TSS ADD(owner_acid) UR1(CMNCREAT)
TSS PERMIT(profile) UR1(CMNCREAT) ACCESS(UPDATE)
TSS PERMIT(ChangeMan_STC_acid) UR1(CMNCREAT) ACCESS(UPDATE)
Where profile is a profile for the ChangeMan Administrators.
The same commands for the other new security entities (CMNCKOUT, CMNSTGER...)