If you are a curious type of person this tip is indeed something you will like. Maybe you are already familiar with the command TSO LD DA(<dataset>) GEN, which tells you what access you have to <dataset>. The advantage of this command is that it asks RACF in a nice way what access you have as opposed to just trying to open the dataset. In this case you will get an abend and it is logged that you tried to get unauthorised access to the dataset. All of this is avoided by using TSO LD DA(<dataset>) GEN.

Actually it is also possible to create a program that performs the same function as the LD command. Unfortunately the programming interface to RACF is made for assembler only. Therefore I have made an assembler program performing the same thing as the LD command. Please be aware that this program is not reentrant. You can use it from your TSO session or from a batch program, but not in for instance a CICS program.

* NAME      : AUTHLVL
* FUNCTION  : THIS SUBROUTINE FINDS YOUR RACF-ACCESS TO A DATASET.
* CALL FMT  : CALL AUTHLVL(DATASET,ACCESS)
* REMARKS   : PROGRAM IS NOT REENTRANT.
* PARAMETERS: THE TWO PARAMETERS PASSED TO THIS SUBROUTINE ARE DEFINED
*             AS FOLLOWS:
* DATASET  DS CL44  THE DATASETNAME SUPPLIED BY THE CALLER.
*                   BY THE CALLER.
* ACCESS   DS CL8   THE ACCESS LEVEL RETURNED TO THE CALLER.
*                   POSSIBLE VALUES ARE NONE, READ, UPDATE,
*                   CONTROL, ALTER OR UNKNOWN.
*                   UNKNOWN IS RETURNED WHEN REG-15 = 8 OR
*                   IF NEW VALUES ARE INTRODUCED IN RACF.
*
* REG-15 WILL CONTAIN ONE OF THE FOLLOWING RETURN CODES:
* 0: CALL TO RACF WENT OK.
* 8: CALL TO RACF FAILED.
AUTHLVL  CSECT
AUTHLVL  AMODE 31
AUTHLVL  RMODE ANY
* USE BAKR TO PRESERVE REGISTERS
         BAKR R14,0          * ESA STYLE SAVE
         BASR R12,0          * ADDRESS THIS CSECT
         USING *,R12         * AH .. ADDRESSABILITY
* HAVING REACHED HERE, WE NOW ISSUE A RACROUTE REQUEST=AUTH MACRO
* FOR THE DATASET
         LM R3,R4,0(R1)      * R3->DSNAME, R4->ACCESS
         LA R8,RACLAB        * POINT TO PARAMETER LIST IN RACF
         USING SAFP,R8       *
         RACROUTE REQUEST=AUTH,ENTITY=((3)),MF=(E,RACLAB)
         CLC SAFPRRET,F20    * OK RETURN CODE?
         BNE ERACCESS        * NO SO GIVE UNKNOWN ACCESS BACK
         CLC SAFPRREA,F00    * NO ACCESS?
         BE NOACCESS         * YES SO SET NOACCESS
         CLC SAFPRREA,F04    * READ ACCESS?
         BE RDACCESS         * YES SO SET READ
         CLC SAFPRREA,F08    * UPDATE ACCESS
         BE UPACCESS         * YES SO SET UPDATE
         CLC SAFPRREA,F12    * CONTROL ACCESS
         BE CTACCESS         * YES SO SET CONTROL
         CLC SAFPRREA,F16    * ALTER ACCESS?
         BNE UNACCESS        * NO, SO UNKNOWN REASON CODE?
         MVC 0(8,R4),ALTER
         B RETDETS
ERACCESS EQU *
         MVC 0(8,R4),UNKNOWN
         LA R15,8
         B RETURNS
NOACCESS EQU *
         MVC 0(8,R4),NONE
         B RETDETS
RDACCESS EQU *
         MVC 0(8,R4),READ
         B RETDETS
UPACCESS EQU *
         MVC 0(8,R4),UPDATE
         B RETDETS
CTACCESS EQU *
         MVC 0(8,R4),CONTROL
         B RETDETS
UNACCESS EQU *
         MVC 0(8,R4),UNKNOWN
* SET ZERO RETURN CODE AND RETURN TO CALLER
RETDETS  EQU *
         LA R15,0
RETURNS  EQU *
         PR
RACLAB   RACROUTE REQUEST=AUTH,CLASS='DATASET',STATUS=ACCESS,          X
         DSTYPE=M,WORKA=ENDPROG,RELEASE=1.9,MF=L
F00      DC F'00'
F04      DC F'04'
F08      DC F'08'
F12      DC F'12'
F16      DC F'16'
F20      DC F'20'
UNKNOWN  DC CL8'UNKNOWN'
NONE     DC CL8'NONE'
READ     DC CL8'READ'
UPDATE   DC CL8'UPDATE'
CONTROL  DC CL8'CONTROL'
ALTER    DC CL8'ALTER'
ENDPROG  DC A(HALFK)
HALFK    DS 512C
         ICHSAFP
         LTORG
         YREGS
         END

If you get hooked on this program you can actually make it work for other ressources than just datasets. If you know the RACF CLASS name of the ressource you will ask for access to, you can specify the CLASS name in the RACROUTE command having the label RACLAB.

Good luck with the program. Remember to write to me if you cannot make the program work. I will try to help as much as possible. Last but not least: please note the X to the far right having the label RACLAB. The X must be placed in column 72 otherwise the program cannot be assembled correctly. Any character not equal to a space in column 72 in an assembler program tells the assembler that the instruction is continued on the next line.