SAS Safety Scalable Performance Data Server 4.5 Manual Do Utilizador
SALESNE, SALESSE, SALESMW, SALESSW, SALESPW, and SALESNW, you could
use the wildcard symbol to create the generic ACL name, SALES*, to cover them all. You
then would define your ACL permissions on the SALES* generic ACL.
use the wildcard symbol to create the generic ACL name, SALES*, to cover them all. You
then would define your ACL permissions on the SALES* generic ACL.
When using PROC SPDO, use the /GENERIC command option to identify a generic ACL.
Note: If you specify /GENERIC when defining a table column ACL, the /GENERIC
applies to the table name, not to the column name. You cannot use wildcards with
column names.
column names.
LIBNAME ACL
You can control access permissions to an entire LIBNAME domain with the SPD Server
ACL facility. When using PROC SPDO, use the /LIBNAME option to identify the
LIBNAME domain ACL.
ACL facility. When using PROC SPDO, use the /LIBNAME option to identify the
LIBNAME domain ACL.
Persistent ACL
A persistent ACL entry is an ACL that is not removed from the ACL tables when the
resource itself is deleted. When using PROC SPDO, use the /PERSIST command option
to identify a persistent ACL.
resource itself is deleted. When using PROC SPDO, use the /PERSIST command option
to identify a persistent ACL.
Resource
A PROC SPDO resource is
•
a table (data set)
•
a table column (data set variable)
•
a catalog
•
a catalog entry
•
a utility file (for example, a VIEW, an MDDB, and so on)
•
a LIBNAME domain.
Two-Part Resource Name
Two-part names identify a column entry within a table. Use the normal SAS convention
of table.column when specifying the table and column that you want to secure.
of table.column when specifying the table and column that you want to secure.
When issuing SPDO commands, you can use two-part names in any context that defines,
modifies, lists, or deletes table-related ACLs. You can also specify the reserved word
_ALL_ as the column name when using SPDO commands that support the _ALL_ resource
name.
modifies, lists, or deletes table-related ACLs. You can also specify the reserved word
_ALL_ as the column name when using SPDO commands that support the _ALL_ resource
name.
Giving Control to Others
You permit other SPD Server users to alter your own ACL entry by granting a specific
user/group ACL entry. See
user/group ACL entry. See
more information about user-specific ACL entries.
Overview of the ACL Command Set
This section describes PROC SPDO commands that you use to create and maintain ACLs
on SPD Server resources.
on SPD Server resources.
To perform an ACL-related command, you must first assert an ACL user ID to define the
scope of your access. In addition, you might want to set up a scoping member type to access
ACLs for resource types other than DATA. Then you can ADD, MODIFY, LIST, or
DELETE ACLs within the scope that you set up. You can switch the scope of a user and/
scope of your access. In addition, you might want to set up a scoping member type to access
ACLs for resource types other than DATA. Then you can ADD, MODIFY, LIST, or
DELETE ACLs within the scope that you set up. You can switch the scope of a user and/
Overview of the ACL Command Set
157