SPDO Procedure

DELETE ACL Statement

Deletes existing ACLs for resources.

Requirement: You must be the resource owner, have ACL access to a resource, or have special privilege in order to delete an ACL. When using special privilege, set the ACLSPECIAL= option in the LIBNAME statement.
Interactions: Before using DELETE ACL, you must set the context for the request with the SET ACLUSER statement. The user name that is specified in SET ACLUSER must be that of the ACL owner. For more information, see SET ACLUSER Statement.
If you are deleting an ACL for a resource other than a domain or a table, set the ACL type before using DELETE ACL. For more information, see SET ACLTYPE Statement.
See: For information about how the server supports ACLs, see ACL Security Model.
Syntax
Optional Arguments
Details
Examples
Example 1: Delete a Domain ACL
Example 2: Delete All ACLs for Current ACL Type
Example 3: Delete a Resource ACL
Example 4: Delete a Generic ACL
Example 5: Delete a Column ACL
Example 6: Delete All Column ACLs on a Table
Example 7: Delete All Column ACLs on All Tables
Example 8: Delete a Catalog ACL
Example 9: Delete a Generic ACL on Catalog Entries

Syntax

DELETE ACL acl1 [acl2...] [C=cat T=type] [/options];
DELETE ACL _ALL_ [C=cat T=type] [/options];

Optional Arguments

_ALL_

deletes all existing resource ACLs for which ACLUSER has Control access.

C=cat

identifies the selected ACLs as names of catalog entries from the catalog cat. The C= option must be paired with the T= option.

/GENERIC

identifies the specified ACLs as generic ACLs.

Note If you specify /GENERIC when deleting table column ACLs, the /GENERIC applies to the table name, not to the column name. You cannot use wildcards with column names.

/LIBNAME

identifies the domain ACL.

T=type

identifies the catalog entry type used to qualify the selected ACLs. This option is required when the C= option is specified.

Details

Use the DELETE ACL _ALL_ syntax to delete all existing resource ACLs for which ACLUSER has Control access.
Use the DELETE ACL acl1[acl2] syntax to delete specified existing resource ACLs that are owned by ACLUSER. Specify _ALL_ as the table identifier in a two-part name to delete all tables for which the given column is matched. If you specify _ALL_ as the column identifier in a two-part name, you delete all columns for which the given table is matched.
Use the other options to uniquely identify the ACL that you want to delete. For example, use the /GENERIC option to identify a generic ACL. Use the /LIBNAME option to identify a domain ACL. Use the C= and T= options to identify an ACL for a catalog entry.

Examples

Example 1: Delete a Domain ACL

This deletes a domain ACL.
delete acl/LIBNAME;

Example 2: Delete All ACLs for Current ACL Type

This deletes all the ACLs for the current ACL catalog.
set acltype catalog;
delete acl _all_;

Example 3: Delete a Resource ACL

This deletes ACL MINE_AUG2016.
delete acl mine_aug2016;

Example 4: Delete a Generic ACL

This deletes a generic ACL MINE*.
delete acl mine/generic;

Example 5: Delete a Column ACL

This deletes a column ACL on MINE_AUG2016.SALARY.
delete acl mine_aug2016.salary;

Example 6: Delete All Column ACLs on a Table

This deletes all column ACLs on table KBIKE. 
delete acl kbike._all_;

Example 7: Delete All Column ACLs on All Tables

This deletes all column ACLs on all tables. 
delete acl _all_._all_;

Example 8: Delete a Catalog ACL

This deletes an ACL on the catalog RBIKE.
set acltype catalog;
delete acl rbike;

Example 9: Delete a Generic ACL on Catalog Entries

This deletes a generic ACL on the catalog entries MYCAT.MY*.CATAMS.
set acltype catalog;
delete acl my
c=mycat
t=catams/generic;
Copyright © SAS Institute Inc. All Rights Reserved.
Last updated: February 3, 2017