cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
BookmarkSubscribeRSS Feed
🔒 This topic is solved and locked. Need further help from the community? Please sign in and ask a new question.
AllanBowe
Barite | Level 11 AllanBowe
Barite | Level 11
Go to Solution

Get List of Executable contexts

Posted 06-11-2020 03:29 PM (1053 views)

The following endpoint returns a list of available contexts:  `GET /compute/contexts`

 

However, not all of them can actually be used by the end user, as noted:

Only users who are allowed to use the context can create a session. This is governed by the authentication rules that are defined when the context is created.

 

Is there any way (other than spawning a session on each context) to identify which compute contexts are available to a particular user / client?

/Allan
SAS Challenges - SASensei
MacroCore library for app developers
SAS networking events (BeLux, Germany, UK&I)
Data Workflows, Data Contracts, Data Lineage, Drag & drop excel EUCs to SAS 9 & Viya - Data Controller
DevOps and AppDev on SAS 9 / Viya / Base SAS - SASjs
0 Likes
1 ACCEPTED SOLUTION

Accepted Solutions
joeFurbee
Community Manager joeFurbee
Community Manager

Re: Get List of Executable contexts

Posted 06-12-2020 10:12 AM (975 views)  |   In reply to AllanBowe

Hi @AllanBowe,

I got the following response from a developer:

Each context has a “rules” link that an admin can use to get the authorization rules that apply to POST /compute/contexts/{contextId}/sessions requests. The response you get from executing the “rules” link would show the rules added by the compute service when it created the context to govern who can use it to create a session. The rules would show the users and groups allowed to create sessions with the context, or if all authenticated users are allowed to create sessions with the context (or even if guests are allowed to). If you don’t get back any rules, then only admins can create sessions with the context.

 

This method is not fool-proof. It is always possible for a site to add a rule that the compute service knows nothing about that would influence authorization on POST /compute/contexts/{contextId}/sessions requests. For example, a site could add a rule denying certain users or groups access to POST /compute/contexts/*/sessions, and that rule would take precedence over any rules added by the compute service. The only way to take that kind of thing into account is to ask the authorization service for an explanation: https://gitlab.sas.com/petrichor/authorization#authorization-explanations.

 

I hope this helps.

 

Thanks,

Joe


Join us for SAS Community Trivia
SAS Bowl XLII, SAS Hackathon 2024
Wednesday, August 14, 2024, at 10 a.m. ET | #SASBowl

View solution in original post

1 REPLY 1
joeFurbee
Community Manager joeFurbee
Community Manager

Re: Get List of Executable contexts

Posted 06-12-2020 10:12 AM (976 views)  |   In reply to AllanBowe

Hi @AllanBowe,

I got the following response from a developer:

Each context has a “rules” link that an admin can use to get the authorization rules that apply to POST /compute/contexts/{contextId}/sessions requests. The response you get from executing the “rules” link would show the rules added by the compute service when it created the context to govern who can use it to create a session. The rules would show the users and groups allowed to create sessions with the context, or if all authenticated users are allowed to create sessions with the context (or even if guests are allowed to). If you don’t get back any rules, then only admins can create sessions with the context.

 

This method is not fool-proof. It is always possible for a site to add a rule that the compute service knows nothing about that would influence authorization on POST /compute/contexts/{contextId}/sessions requests. For example, a site could add a rule denying certain users or groups access to POST /compute/contexts/*/sessions, and that rule would take precedence over any rules added by the compute service. The only way to take that kind of thing into account is to ask the authorization service for an explanation: https://gitlab.sas.com/petrichor/authorization#authorization-explanations.

 

I hope this helps.

 

Thanks,

Joe


Join us for SAS Community Trivia
SAS Bowl XLII, SAS Hackathon 2024
Wednesday, August 14, 2024, at 10 a.m. ET | #SASBowl

Ready to join fellow brilliant minds for the SAS Hackathon?

Build your skills. Make connections. Enjoy creative freedom. Maybe change the world. Registration is now open through August 30th. Visit the SAS Hackathon homepage.

Register today!
How to Concatenate Values

Learn how use the CAT functions in SAS to join values from multiple variables into a single value.

Watch How to Concatenate Values on YouTube

Find more tutorials on the SAS Users YouTube channel.

Click image to register for webinarClick image to register for webinar

Classroom Training Available!

Select SAS Training centers are offering in-person courses. View upcoming courses for:

View all other training opportunities.

Discussion stats
  • 1 reply
  • ‎06-11-2020 03:29 PM
  • 1054 views
  • 1 like
  • 2 in conversation