Hi Steve,
ACC(ALL) to VOL(*ALL*(G)) will allow access to all datasets (when a volume is passed on the permit) because there will be no dataset checking. If a volume is not passed then no volume checking is done and dataset checking will be done.
ACTION(NODSN) would apply when access to the VOLUME is something other than ALL or NONE where dataset checking comes in to play. See the chart at the following link for how volume access authorizations affect an acid’s request to access a data set on a volume:
https://docops.ca.com/ca-top-secret-for-z-os/16-0/en/using/resource-access-security-validation-algorithm/data-set-requests
For example, if the user has UPDATE access to the volume, they are allowed to READ and UPDATE a dataset on that volume. They are not allowed to CREATE a dataset on that volume. And if they try to delete (scratch) the dataset, it will go to dataset checking. If ACTION(NODSN) is specified on the VOLUME permit with ACCESS(UPDATE), the dataset checking will be bypassed and the user can delete any dataset on that volume regardless of what dataset access they have.
NOTE: ACTION(NODSN) is only valid on VOLUME permits.
Cheers,
~Eileen~