Exploring, predicting and reporting with SAS Visual Analytics and SAS Visual Statistics

Row level security document for VA 7.3

Reply
Occasional Contributor
Posts: 10

Row level security document for VA 7.3

Greetings,

 

I was wondering if anyone has a document that addresses applying row level security on VA 7.3? I am attempting to read a userid and display data specific to that id and can't seem to get it to work. I am new at this so I am sure I am just missing something, but what I can find on the web doesn't match what I am seeing in our install. I am simply hoping for an example. 

 

Thanks,

 

Gary

Community Manager
Posts: 584

Re: Row level security document for VA 7.3

Hi @ghartge

 

Perhaps this thread will help? SAS Visual Analytics 7.3 - Row-Level Security

 

Anna

Occasional Contributor
Posts: 10

Re: Row level security document for VA 7.3

Posted in reply to AnnaBrown

Thank you Anna,

 

I have seen most of the links in the thread you have sent. It appears that the composer is having the same issue as I am. From what was described to us by SAS on site was that we could apply permissions to a LASR table as described in several documents, enter/code Identity Properties such as SUB:Smiley FrustratedAS.Userid via a conditional grant in the LASR table and have that filter the report appropriately. Following SAS's description and what I have found online, I am seeing different images/screenshots and I cannot get things to work.

 

I was hoping to find an example of how to do this using VA 7.3 or above.

 

Thank you,

 

Gary

SAS Super FREQ
Posts: 488

Re: Row level security document for VA 7.3

[ Edited ]

 

If a filter for an individual identity does not work as expected, the most likely causes are case sensitivity and the suffix. Specifically, the SUB::SAS.Userid property normalizes the value to all uppercase. For Windows, look for problems with how the domain is specified. For more information, see Windows User ID Formats in the SAS Intelligence Platform: Security Administration Guide.

 

Another common cause is unexpected leading or trailing blanks in the ID.

 

Can you post the syntax for your actual condition? Also, when you say that it does not work, what is the behavior? Are all of your results being filtered out? Are no results filtered out? Are you seeing an error?

 

Occasional Contributor
Posts: 10

Re: Row level security document for VA 7.3

Posted in reply to Madelyn_SAS

Thanks, Madelyn_SAS,

 

I am sure I am missing something that is why I was simply looking for a document of procedures.

 

Here is my condition;

( 'Instructor_ID'n Contains 'SUB:Smiley FrustratedAS.Userid' )

I have checked and both Instructor_ID and Userid are identical. No leading or trailing spaces.

 

The report references a table that is simply ID numbers and related information to each ID. Pretty straightforward.

The report consists of a drop-down list linked to IDs and a crosstab linked by an interaction to the ID drop-down list.

 

Thanks,

 

Gary

 

I also discovered that I have to recreate the permission every time I run the EG program to update the table. Is there a way to avoid that?

 

Thanks again.

Occasional Contributor
Posts: 10

Re: Row level security document for VA 7.3

Attached is a more detailed synopsis of what we are doing. Including how instructors are set up in Management COnsole and the attempted row level permissions.

 

Thanks,

 

Gary

SAS Super FREQ
Posts: 488

Re: Row level security document for VA 7.3

[ Edited ]

Try reversing the syntax:

 

"SUB:: SAS.Userid" Contains Instructor_ID

Occasional Contributor
Posts: 10

Re: Row level security document for VA 7.3

Posted in reply to Madelyn_SAS

Thanks, Madelyn_SAS,

 

I will try that. Unfortunately, I won't be able to until tomorrow. I wear many other hats and I am engaged in another issue currently. I will respond tomorrow.

 

Thanks again and I will let you know.

 

Gary

Occasional Contributor
Posts: 10

Re: Row level security document for VA 7.3

Posted in reply to Madelyn_SAS

Hey Madelyn_SAS, I am back.

 

OK, so switching the order from

Instructor_ID Contains  "SUB:: SAS.Userid"

to 

"SUB:: SAS.Userid" Contains Instructor_ID

 

worked.

 

My only issue now is everytime I reload/rebuild the table I have to go in and make these assignments over again. Seems like there should be a way to keep those when the table is reloaded.

 

Thanks,

 

Gary

SAS Super FREQ
Posts: 488

Re: Row level security document for VA 7.3

The only time that the permissions should be removed is if you delete the metadata for the LASR table. Simply unloading the table and reloading it without touching the existing metadata should not remove the permissions. Are you seeing something different?

Occasional Contributor
Posts: 10

Re: Row level security document for VA 7.3

Posted in reply to Madelyn_SAS

Currently I have to manually import tables to the LASR server using the "Upload to LASR" from the "Process Flow" in the "Project Tree".

 

I have options to load to the -  

Visual Analytics LASR

Visual Analytics Public LASR (which is what we use)

or

Environment Manager Data Mart LASR

 

In each case I have checked the box to "Register data for use in SAS Visual Analytics"

 

After I use this process to import the table due to new data being available I have to go in and reapply the row level security. It also happens when the server is restarted. We have to reload our tables and apply row level permissions.

 

We have not had the system a year yet so I am sure some of this needs to be worked out still.

 

Thank you!

Ask a Question
Discussion stats
  • 10 replies
  • 332 views
  • 2 likes
  • 3 in conversation