cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
BookmarkSubscribeRSS Feed

Entity-level security in SAS Visual Investigator

Started a month ago by
Modified a month ago by
Views 301

In SAS Visual Investigator, there are many ways to control how a user may interact with an entity. One such example is through the configuration of security settings within the product. There are three basic ways security can be applied within SAS Visual Investigator:

 

  1. Users and groups
  2. Entity-level security
  3. SAS Visual Investigator conditions

allison_sas_vi_entity_security_01.png

The objective of this post is to diver deeper into security on the entity level, achieved through entity-level security and SAS Visual Investigator conditions. With detailed examples, I will illustrate how security impacts the user interaction with the system.

 

Entity-level security

 

Entity-level security controls what a user is allowed to see and do with regard to a particular entity. In the use case of auto insurance fraud, an entity may be auto claims, auto policies, individuals, vehicles, and even phone numbers.

 

To configure or examine the existing security privileges for an entity, navigate to Data Objects tab, followed by the Entities subtab. Double click to open the desired entity and go to the Authorization tab.

 

02_allison_sas_vi_entity_security_02.png

 

As you can see in the example above, the security measures here are applied on the group level and not the individual user level. In this example, we have configured the security measures such that only users of the Fraud Managers group have Delete rights.

 

The permission items that are available for configuration are as follows:

 

  • Search and Read allows users to:
    • View objects of the particular entity type in the search results, as well as workspaces and insights
    • View comments, as well as adding comments if the necessary button has been enabled
    • View, add, and delete attachments if the necessary button has been enabled
    • View transactions if the user has Search and Read access to all the objects relevant to the transaction
    • View and create links between objects if the user has access to both objects
  • Create allows users to create objects of the specific entity type from the SAS Visual Investigator homepage. The configuration of create-only rules is allowed. A use case of a create-only situation is intelligence documents where the user is allowed to create them but aren’t allowed to see documents created by others.
  • Edit enables users to add or edit workspaces or insights
  • Delete allows users to delete objects within the entity

 

Note that if the Edit or Delete permission is selected, the Search and Read access cannot be deselected

 

Additionally, notice the condition section underneath, which allows for the further specification of when certain permissions would be granted. Here, all the available data fields can be leveraged. In the example of auto claims, permissions can be assigned categorically based on claim characteristics such as claim type.

 

03_allison_sas_vi_entity_security_03-1024x562.png

 

Another practical use case of the conditions section is to help divide the organization based on business units or geographical regions. For example, custom groups can be created for each of the geographical region of a global organization (Americas, Asia, EMEA, etc.), followed by stipulating that each group would only have Edit privilege when the location data field matches the group’s locale.

 

04_allison_sas_vi_entity_security_04-1-1024x563.png

 

Entity Conditions

 

Next, let’s talk about another entity-level security concept known as entity conditions. It’s a useful feature that enables administrators to control how pages are displayed and how an end user interacts with them.

 

First the conditions must be defined, then it can be associated with page elements such as controls, data fields, and relationships. It becomes a reusable rule that could be applied across multiple places pertaining to an entity.

 

To define an entity condition, open the entity and go to the Conditions tab. Click on the New condition button, followed by defining the condition under the Properties tab. In the example below, I’ve created a condition to identify cases where the currently logged on user is not a member of the Fraud Managers group.

 

05_allison_sas_vi_entity_security_05-1024x559.png

 

Now that I’ve created this condition for the auto claim entity, I can put it to use on one of auto claim’s page templates. As a reminder, the page templates can be found under the Pages and Toolbar tab under a particular entity, or the Pages tab on the main menu bar within the SAS Visual Investigator's Administrator UI.

 

In the example below, I’ve opened the details page associated to the auto claim entity and selected the Network Diagram block on the canvas. By selecting the network diagram, its properties are displayed. Within the properties pane, I’ve checked the checkbox labelled as Hidden. I can now selectively hide the diagram from view based on conditions of my choosing.

 

06_allison_sas_vi_entity_security_06-1024x563.png

 

To define the condition, click on the Condition button and select the desired condition in the pop-up window. As you can see, the condition that we previously created is available for selection.

 

07_allison_sas_vi_entity_security_07-1024x562.png

 

The result of applying this condition is that users will no longer be able to see the network diagram when they go to the claim details page, unless they are part of the Fraud Managers group. See below for a comparison of the Fraud Manager view versus the non-manager view.

 

08_allison_sas_vi_entity_security_08-1024x561.png

 

09_allison_sas_vi_entity_security_09-1024x564.png

 

Conclusion

 

In conclusion, entity-level authorization and entity conditions can be used to control how a user interact with the entity and its pages within SAS Visual Investigator. I hope it’s helpful to you on your SAS Visual Investigator journey!

 

For more content on SAS Visual Investigator, check out the following posts:

 

 

 

Find more articles from SAS Global Enablement and Learning here.

0 Likes
Version history
Last update:
a month ago
Updated by:
SAS Employee
Contributors

hackathon24-white-horiz.png

The 2025 SAS Hackathon Kicks Off on June 11!

Watch the live Hackathon Kickoff to get all the essential information about the SAS Hackathon—including how to join, how to participate, and expert tips for success.

YouTube LinkedIn

SAS AI and Machine Learning Courses

The rapid growth of AI technologies is driving an AI skills gap and demand for AI talent. Ready to grow your AI literacy? SAS offers free ways to get started for beginners, business leaders, and analytics professionals of all skill levels. Your future self will thank you.

Get started

Article Labels
Article Tags