Use an Access Control Template (ACT)

Why Use ACTs?
How to Use an ACT

Why Use ACTs?

Use ACTs to avoid having to repeatedly set the same explicit permissions for the same identities on multiple objects. When you apply an ACT to an object, the ACT settings are added to the object's protections.

How to Use an ACT

  1. Determine whether there is an existing ACT that you can use.
    1. On the Plug-ins tab of SAS Management Console, select Authorization Managerthen selectAccess Control Templates.
    2. On the Permission Pattern tab of each ACT, examine the settings for each identity. If you do not find an appropriate ACT, consider using a combination of ACTs and explicit settings or creating a new ACT.
      Note: Do not confuse an ACT's Authorization tab with its Permission Pattern tab. Settings on an ACT's Authorization tab affect who can access that ACT; settings on an ACT's Permission Pattern tab affect access to the objects to which that ACT is applied.
  2. When you have identified an ACT that you want to use, navigate to an object to which you will add that ACT's settings. On the object's Authorization tab, click Access Control Templates.
  3. Expand the nodes in the Available list box, move the ACT to the Currently Using list box, and click OK.
    Note: The repository ACT is typically not in the Currently Using list box because that ACT is typically not applied to any objects.
    Note: You can apply multiple ACTs. If there is a tie (for example, a group is granted ReadMetadata in one applied ACT and denied ReadMetadata in another applied ACT), the outcome is a denial. For a full discussion of precedence, see SAS Intelligence Platform: Security Administration Guide.
  4. On the object's Authorization tab, notice that the Users and Groups list box now includes the identities that participate in the ACT that you selected. Select each identity and verify that the revised settings are as you expect. On the Authorization tab of an object to which an ACT is applied, settings that are explicit white check box in the ACT's pattern are green green check box.
  5. In the object's Properties dialog box, click OK.

See Also

Use and Enforcement of Each Permission
How to Interpret the Authorization Tab
Centralize Permissions with ACTs
Who Can Set Permissions?
Copyright © SAS Institute Inc. All Rights Reserved.