|Getting Started With Permissions|
When you work with permissions, it is helpful to keep these three central questions in mind:
Where is the permission set?
Who is the permission assigned to?
What is the effect of the permission?
The authorization layer that SAS provides supports very specific settings. For example, on reportA, give userA a grant of the ReadMetadata permission. For simplicity, it is preferable to set permissions at a less granular level whenever possible. The recommended approach is to create a folder structure and set permissions so that each folder offers appropriate group-level access to its contents. For example, on folderA, give groupA a grant of the ReadMetadata permission. Items within each folder inherit permission settings from that folder.
This chapter demonstrates the mechanics of setting SAS permissions by providing brief exercises that you can safely experiment with in your own deployment. This chapter also introduces the authorization model.