Making rows invisible to some users

A concern which straddles the border of security and application management is the provision of item (row)-level control over data access. Other mechanisms provide application-level and table-level control, but for finer work, exit programs are needed.

In a personnel application, for example, you might wish to ensure that only selected staff could access the rows describing corporate top management.

This can be done in two ways. You could write an IIA exit to check each row and return only those the user is allowed to see. The sample exit program demonstrates this method. Alternatively, you could make accesses to the Data Table indirect and write a TOB exit to create an Index table for each user. All checking would then be done when the table was opened rather than at row input time. Which method is appropriate depends mainly on how many rows will be accessed per session. For small numbers, check each row; for many, build an Index.

Another example in this area might be to prevent any employee from updating his or her own record. Either of the exclusion methods just described could easily be modified to do this and would entirely control access to the record.

This test could also be done in an IXF exit. Unlike other implementations, this allows the employee to see his or her own record. The IXF exit is called for every output action, so using it avoids such problems as writing a trap for update actions and having someone avoid the trap by deleting the old row and creating a new one.