Use and Enforcement of Each Permission

Permission	Actions Affected and Limitations on Enforcement
ReadMetadata (RM)	View an object or navigate past a folder. For example, to see an information map you need RM for that information map. To see or traverse a folder you need RM for that folder.
WriteMetadata (WM)	Edit, delete, change permissions for, or rename an object. For example, to edit a report you need WM for the report. To delete a report you need WM for the report (and WMM for the report's parent folder). For containers other than folders (such as repositories, libraries, and schemas), WM also affects adding and deleting child items. For example, to add an object anywhere in a repository you need WM at the repository level. For folders, adding and deleting child items is controlled by WMM, not WM.
WriteMemberMetadata (WMM)	Add an object to a folder or delete an object from a folder. For example, to save a report to a folder you need WMM for the folder. To remove a report from a folder, you need WMM for the folder (and WM for the report). To enable someone to interact with a folder's contents but with not the folder itself, grant WMM and deny WM.1
CheckInMetadata (CM)	Check in and check out items in a change-managed area. Applicable only in an optional configuration for SAS Data Integration Studio.2
Read (R)	Read data. For example, while you need RM for a cube in order to see that cube, you need R for the cube in order to run a query against it. Enforced for OLAP data, information maps, data that is accessed through the metadata LIBNAME engine, and dashboard objects.
Write (W)	Update data. For example, on a table, W controls updating the rows in the table. Enforced for data that is accessed through the metadata LIBNAME engine, for publishing channels, and for dashboard objects.
Create (C)	Add data. For example, on a table, C controls adding rows to the table. Enforced for data that is accessed through the metadata LIBNAME engine.
Delete (D)	Delete data. For example, D on a library controls deletion of tables from the library. Enforced for data that is accessed through the metadata LIBNAME engine and for dashboard objects.
Administer (A)	Monitor , stop, pause, resume, refresh, or quiesce a server or spawner. For the metadata server, the ability to perform tasks other than monitoring is managed by the Metadata Server: Operation role, not by any permission.
1A folder's WMM settings mirror its WM settings unless the folder has explicit or ACT settings of WMM. A grant (or denial) of WMM on a folder becomes an inherited grant (or denial) of WM on the items and subfolders in that folder. WMM is not inherited from one folder to another. WMM is not applicable to specialized folders (such as virtual folders, favorites folders, or search folders).
2For any change-managed areas or resources, change-managed users should have CM (instead of WM or WMM). See Setting up Change Management in SAS Intelligence Platform: Desktop Application Adminstration Guide.

Note: For information about the Insert, Update, Select, Create Table, Drop Table, and Alter Table permissions, and an additional use of the Delete permission, see the SAS Guide to Metadata-Bound Libraries.