All portal users must have appropriate permissions in
order to view, create, or edit portal content. Permissions are granted
to users for particular content and resources. For example, you must
give a group content administrator permission to edit the content
that is associated with the respective group. All portal users are
automatically granted permissions to view and edit content that they
create in their personal portal views.
The SAS Information Delivery Portal stores
all permissions in SAS metadata and displays the permissions in Authorization
Manager in the SAS Management Console. The resources for which a portal
user or group has permissions are grouped under a folder that is designated
for the user or group. These folders are called permission tree. Permission
trees can be created only in the Foundation repository.
For example, suppose
that you have created a Finance group in metadata. In the Authorization
Manager, a folder named
Finance Permission Tree appears
in the
Tree list. To view the
Tree list
on the SAS Management Console
Plug-ins tab,
navigate to
Environment ManagementAuthorization ManagerResource ManagementBy TypeTree. If you inspect the properties for the Finance permissions
tree folder, you will find the permissions that are defined for the
contents of the folder. (If a folder does not appear in the list,
then you can create the folder by using one of the options described
in the section
How Permission Tree Folders Are Created.)
When you add new users
or groups to the metadata server, the portal must add permission trees
to the metadata before you can administer those users or groups. For
example, if you create a new group in metadata, then the portal must
create a permission tree folder for that group before you can share
content with the group or configure a content administrator for the
group. User permission trees are never modified by the portal administrator.