06-24-2015 09:57 PM
I want to restrict edit capabilities to users for SAS Data sets,they should be able to run the stored process and should not be able to modify and delete data.
and also they should not be able to edit and modify data of any data set.
I was able to restrict the modify and delete permissions to stored process but not getting any idea how can I restrict the edit capabilities for the SAS Datasets.
I would really suggest for your valuable suggestions.
Thanks in advance
06-25-2015 03:16 AM
Do you mean outside Stored Processes?
If you are using Base SAS libname, the most effective way is to metadata-bind them.
06-25-2015 03:40 PM
Thanks for your prompt reply
so many of our users runs the stored process daily.
so I want to give only read access, when they run these reports they should not be able to modify or delete these stored process.am able to restrict these permissions to those users for these stored process.
for restricting modify and delete permissions to the stored process for users,I created a group with the name "abc" and added users in this group and
then created a ACT with readmetadata and read permissions and applied this ACT to the "abc" group and then applied this abc group only on the library where the stored process and Data tables are located.
and now they are not able to modify and delete the stored process.
but am not able to restrict the edit permissions to the Datatables, I mean they should not be able to edit any datasets and change any data. How can I restrict permissions for that.
06-26-2015 03:16 AM
The same way. Even if I prefer to set group permissions on folders rather than using ACT:s.
So group your data in logical way in folders, and set permissions on group level on those folders.
06-26-2015 08:39 AM
For restricting the modify and delete permissions to the stored process for the users, I created a Tesgroup with the name "abc" and added user in this group and
then created an ACT with readmetadata and read permissions and applied this ACT to this "abc" group and then applied this abc group only on a Test library where I created a sample stored process and that created a sample employee Dataset .and when I tested the modify and delete permissions it worked perfectly on the stored process.and am not able to delete and modify the stored process.
I created stored process in Test library with sample code and that created a Dataset. I tried to modify and delete the stored process and in that way the permissions worked.
And also I tried testing the edit for the sample employee dataset which is created in Test library and permissions applied perfectly.and In the same Test library when I preassigned it there were some old datasets in server which created in this library but the edit permissions are not working for these datasets.its working only for the employee dataset which created when i ran a smple stored process.
and also I applied the same Testgroup on a different library where all the stored process and tables are located the modify and delete restrict permissions worked for stored process.
But the table edit restrictions not working that library also.and am not sure where I did mistake.
please can you suggest
06-27-2015 01:58 AM
I think that the key word here is "preassigned". If you use the native library engine you will effectively bypass any metadata authorization. So you might need to experiment to get the best setup for your needs.