Hi,
I want to use the CLI to list rules that are applied to a certain principal. In het documentation here we can see example code for listing all rules:
sas-viya authorization list-rules
But there doesn't seem to be an option to filter these results beforehand.
Filtering after retrieving the full list of rules is also not possible unfortunately because for some reason the results are returned in blocks of 50 rules (no option to change this). So something like:
sas-viya -output json -yes-to-all authorization list-rules
Does not return valid json. Instead it returns a concatenation of multiple jsons, each with 50 items.
Is there a way to either:
There is currently no way to filter the rules using the sas-viya CLI. However you can write a SAS program to use the REST API, see below for an example.
/*
* Use of the authorization REST API
* return rules based on some filters
* Doc is here
* https://developer.sas.com/apis/rest/CoreServices/#get-authorization-rules
*/
/*
* get the base url
*/
%let baseurl = %sysfunc(getoption(servicesbaseurl));
%put NOTE: &=baseurl;
/*
* temp file for json resp
*/
filename resp temp;
/*
* call the REST API
*/
proc http
method=get
url="&baseurl/authorization/rules"
oauth_bearer=sas_services
out=resp
verbose
/*
* we use the QUERY= option to pass in parameters
*/
query=(
/*
* filter allows to specify filter conditions for the returned items
* some examples below
*/
/* "filter" = 'gt(modifiedTimeStamp, "2022-05-10T00:00Z")' */
"filter" = 'eq(principal, "SASAdministrators")'
/* "filter" = 'ne(containerUri , " ")' */
/*
* typically REST API will only return part of the items
* can use limit to specify how many should be returned
* the response will contain count to indicate how many items
* can be returned
*/
"limit" = "10000"
)
;
run;
%put NOTE: &=SYS_PROCHTTP_STATUS_CODE;
%put NOTE: &=SYS_PROCHTTP_STATUS_PHRASE;
/*
* only for small results
*/
/* %put NOTE: json response; */
/* %let dummy = %sysfunc(jsonpp(resp, log)); */
/*
* convert JSON to SAS Datasets
*/
libname jsresp json fileref=resp noalldata;
proc copy in=jsresp out=work;
run;
libname jsresp clear;
There is currently no way to filter the rules using the sas-viya CLI. However you can write a SAS program to use the REST API, see below for an example.
/*
* Use of the authorization REST API
* return rules based on some filters
* Doc is here
* https://developer.sas.com/apis/rest/CoreServices/#get-authorization-rules
*/
/*
* get the base url
*/
%let baseurl = %sysfunc(getoption(servicesbaseurl));
%put NOTE: &=baseurl;
/*
* temp file for json resp
*/
filename resp temp;
/*
* call the REST API
*/
proc http
method=get
url="&baseurl/authorization/rules"
oauth_bearer=sas_services
out=resp
verbose
/*
* we use the QUERY= option to pass in parameters
*/
query=(
/*
* filter allows to specify filter conditions for the returned items
* some examples below
*/
/* "filter" = 'gt(modifiedTimeStamp, "2022-05-10T00:00Z")' */
"filter" = 'eq(principal, "SASAdministrators")'
/* "filter" = 'ne(containerUri , " ")' */
/*
* typically REST API will only return part of the items
* can use limit to specify how many should be returned
* the response will contain count to indicate how many items
* can be returned
*/
"limit" = "10000"
)
;
run;
%put NOTE: &=SYS_PROCHTTP_STATUS_CODE;
%put NOTE: &=SYS_PROCHTTP_STATUS_PHRASE;
/*
* only for small results
*/
/* %put NOTE: json response; */
/* %let dummy = %sysfunc(jsonpp(resp, log)); */
/*
* convert JSON to SAS Datasets
*/
libname jsresp json fileref=resp noalldata;
proc copy in=jsresp out=work;
run;
libname jsresp clear;
SAS Innovate 2025 is scheduled for May 6-9 in Orlando, FL. Sign up to be first to learn about the agenda and registration!