space
Previous Page | Next Page

SAS Namespace Types

Permission


Subclass of PrimaryType


Overview

A permission represents an action that a user may attempt against a resource in the metadata server. Permission objects are created in pairs within the metadata server. One instance will have its Type attribute set to "GRANT", the other will have Type= "DENY".

A Permission object is associated with a resource by defining an access control. The access control relates the Permission object and one or more identities with the resource on which the permission is being applied.

Permission objects should not be explicitly created or deleted. Permissions that are enforced by SAS programs are defined for you by the system. Access controls are managed programmatically using the SAS Open Metadata Interface ISecurityAdmin method class , which is documented in the SAS Open Metadata Interface: Reference and Usage. The ISecurityAdmin class provides methods for defining and managing direct access controls as well as access control templates.

Security Inheritance and Enforcement Rules

The following list of associations is used to determine if this object should inherit access controls from another object (inheritance), or if the association is allowed for the object (enforcement). An association will not be created unless the calling user is authorized to update one or both objects involved in the association. For more information about inheritance and enforcement rules, see the SAS Intelligence Platform: Security Administration Guide.

Attributes

Name Description Type Length
Type Type of permission   String 100  

Inherited Attributes
Name, Id, Desc, MetadataCreated, MetadataUpdated, ChangeState, IsHidden, LockedBy, PublicType, SecTransctxt, UsageVersion

Associations

= indicates the resident side of an association, or where the association is persisted for cross-repository associations. If no resident side is indicated, this association may not cross repository boundaries.
Name Cardinality Description Associated Types
AccessControlEntries

Partner: Permissions

0 to * The access control entries that use this permission.  AccessControlEntry

Inherited Associations
AccessControls/Objects, Changes/Objects, CustomAssociations/OwningObject, Documents/Objects, Extensions/OwningObject, ExternalIdentities/OwningObject, FavoritesContainers/Favorites, Groups/Members, Implementors/ImplementedObjects, Keywords/Objects, LocalizedAttributes/AssociatedLocalizedObject, Notes/Objects, PrimaryPropertyGroup/AssociatedObject, Prompts/PromptEnabledObject, Properties/AssociatedObject, PropertySets/OwningObject, ReferencedObjects/AssociatedObjects, ResponsibleParties/Objects, SourceTransformations/TransformationSources, SpecSourceTransformations/SourceSpecifications, SpecTargetTransformations/TargetSpecifications, TargetTransformations/TransformationTargets, Timestamps/Objects, Trees/Members, TSObjectNamespace/TSObjects, UsedByPrototypes/UsingPrototype, UsingPrototype/UsedByPrototypes, Variables/AssociatedObject

Attribute Details

Type
     Type:  String 100  

Type of permission

Association Details

AccessControlEntries
     Cardinality:   0 to *
     Partner:   Permissions

The access control entries that use this permission. 

Associated Types:
AccessControlEntry

Previous Page | Next Page | Top of Page