cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sheesh
‎06-13-2016
  • 2 Posts
  • 0 Likes Given
  • 1 Solutions
  • 0 Likes Received

Re: SAS platform administrator control which task user see within SAS ...

by Calcite | Level 5 in Administration and Deployment
‎06-13-2016 10:23 AM
‎06-13-2016 10:23 AM
Since the question is referring to tasks, this is controlled by metadata roles. Access permissions would apply to accessing content, such as tables, stored processes, (metadata content). Roles have to do with what menu choices, tool bar icons (tasks) that are available through the interface. For example, a user may have the readmetadata permission to see/access a table, but may be in a role that doesn't allow for him/her to run certain tasks against that table (statistical procedures) as it isn't a menu choice available. ... View more

Re: By default, why is Public listed as a member of Role Add-in for Mi...

by Calcite | Level 5 in Administration and Deployment
‎01-15-2015 11:08 AM
‎01-15-2015 11:08 AM
The metadata security model is not in play here when it comes to group membership of a role. Roles determine the user-interface elements that a user sees when he or she interacts with the applications. (Security, on the other hand, dictates what metadata a user has access to within the interface, via the folder structure, such as tables or stored processes.) So I guess you could say that roles demonstrate security on the interface. SAS by default has PUBLIC as a member of the advanced roles for both SAS Add-in and Enterprise Guide, with the assumption that SAS users with these applications will have all the functionality that the application offers (menu choices, modifying options, visually seeing certain tasks, like sorting data, etc., in the interface). But these same users are under the metadata security model regarding access to the metadata. However, you can change that by removing PUBLIC, and adding a metadata group whose members are the only ones who should have full capabilities of the application. The PUBLIC group is used throughout the platform to represent the largest and most inclusive group, anyone authenticating to the metadata server. That being said, regarding security, PUBLIC IS locked out of all metadata (and this is the security model), based on the repository ACT's denial pattern for PUBLIC. The group SASUSERS, a subset of PUBLIC, is not. And as mentioned above, a the best resource is the SAS Platform Security Administration Guide. Hope this helps regarding roles.  Sheila ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎06-13-2016 10:53 AM
Quick links