space
Previous Page | Next Page

SAS Namespace Types

AccessControl


Subclass of PrimaryType

Subtypes


Overview

An access control is an object that relates an identity and a permission to a resource in order to regulate access to the resource. The SAS Open Metadata Architecture authorization facility uses the information in access controls to return authorization decisions on resource requests.

The SAS Metadata Model defines two basic types of access controls: AccessControlEntry, which associates identities and permissions directly with a resource; and AccessControlTemplate, which enables users to define a template of identities and permissions that can be applied to multiple resources. AccessControl is a supertype and should not be instantiated. When defining an actual access control, use the AccessControlEntry and AccessControlTemplate metadata types.

AccessControl objects should not be explicitly created or deleted. Access controls are managed programmatically using the SAS Open Metadata Interface ISecurityAdmin method class, which is documented in the SAS Open Metadata Interface: Reference and Usage. The ISecurityAdmin class provides methods for defining and managing direct access controls as well as access control templates.

Security Inheritance and Enforcement Rules

The following list of associations is used to determine if this object should inherit access controls from another object (inheritance), or if the association is allowed for the object (enforcement). An association will not be created unless the calling user is authorized to update one or both objects involved in the association. For more information about inheritance and enforcement rules, see the SAS Intelligence Platform: Security Administration Guide.

Attributes

Inherited Attributes
Name, Id, Desc, MetadataCreated, MetadataUpdated, ChangeState, IsHidden, LockedBy, PublicType, UsageVersion

Associations

= indicates the resident side of an association, or where the association is persisted for cross-repository associations. If no resident side is indicated, this association may not cross repository boundaries.
Name Cardinality Description Associated Types
AccessControlTemplates

Partner: AccessControlItems

0 to * The access control templates in which this access control is used.  AccessControlTemplate
Objects

Partner: AccessControls

0 to * The objects that have this access control.  *ALL TYPES*

Inherited Associations
AccessControls/Objects, Changes/Objects, CustomAssociations/OwningObject, Documents/Objects, Extensions/OwningObject, ExternalIdentities/OwningObject, FavoritesContainers/Favorites, Groups/Members, Implementors/ImplementedObjects, Keywords/Objects, LocalizedAttributes/AssociatedLocalizedObject, Notes/Objects, PrimaryPropertyGroup/AssociatedObject, Prompts/PromptEnabledObject, Properties/AssociatedObject, PropertySets/OwningObject, ReferencedObjects/AssociatedObjects, ResponsibleParties/Objects, SourceTransformations/TransformationSources, SpecSourceTransformations/SourceSpecifications, SpecTargetTransformations/TargetSpecifications, TargetTransformations/TransformationTargets, Timestamps/Objects, Trees/Members, TSObjectNamespace/TSObjects, UsedByPrototypes/UsingPrototype, UsingPrototype/UsedByPrototypes, Variables/AssociatedObject

Association Details

AccessControlTemplates
     Cardinality:   0 to *
     Partner:   AccessControlItems

The access control templates in which this access control is used. 

Associated Types:
AccessControlTemplate

Objects
     Cardinality:   0 to *
     Partner:   AccessControls

The objects that have this access control. 

Associated Types:
*ALL TYPES*

Previous Page | Next Page | Top of Page