Module GlobalPrivilegeService

Macros to manage the privileges available to user accounts at the global level.

Since: 2.1

Macro Summary
external

LSAF
%lsaf_adduserprivilege(lsaf_userid=, lsaf_privilege=);
Assigns a global privilege to a user account in the system.
external

LSAF
%lsaf_getglobalprivileges(sas_dsname=work.lsafGetGlobalPrivileges);
Gets the metadata for all of the global privileges that are available. The metadata is stored ...
external

LSAF
%lsaf_getuserprivileges(lsaf_userid=, sas_dsname=work.lsafGetUserPrivileges);
Gets the metadata for all of the global privileges that are assigned to a user account in ...
external

LSAF
%lsaf_getuserswithglobalprivilege(lsaf_privilegeid=, sas_dsname=work.lsafgetuserswithglobalprivilege);
Gets all of the user accounts that have the specified privilege identifier. The properties are ...
external

LSAF
%lsaf_hasglobalprivilege(lsaf_userid=, lsaf_privilege=);
Determines whether a global privilege is assigned to a user account. A list of privilege ...
external

LSAF
%lsaf_isglobalprivilege(lsaf_privilege=);
Determines whether the specified value is a valid SAS Life Science Analytics Framework global ...
external

LSAF
%lsaf_removeuserprivilege(lsaf_userid=, lsaf_privilege=);
Removes a global privilege from a user account in the system.

Macro Detail

%lsaf_adduserprivilege(lsaf_userid=, lsaf_privilege=);

[ Exposure: external ]
Assigns a global privilege to a user account in the system.

Syntax:
%LSAF_ADDUSERPRIVILEGE(LSAF_USERID=lsaf-user-id, LSAF_PRIVILEGE=lsaf-privilege-id);

Example Code:
Use %lsaf_getglobalprivileges to fetch the list of available global privileges. The
macro returns a SAS data set that contains the list of privileges. The default name of the
data set is work.lsafgetglobalprivileges. Use one of the privilegeId values to assign that
global privilege to a user account.

1. Retrieve the available global privileges:
%lsaf_getglobalprivileges();

2. Assign a privilege to a user account:
%lsaf_adduserprivilege(lsaf_userid=%str(User1),
lsaf_privilege=%str(PRIVILEGE_AUDIT_REPORTING));

          
History:
   2013-11-01
initial coding
   2016-08-26
rebrand as LSAF
Expected Macro Variables:
_lsafMsg_ - The return message.
_lsafRC_ - The return code.
Parameters:
lsaf_userid - - Required - The user account.
lsaf_privilege - - Required - The identifier of the global privilege.
File: lsaf_adduserprivilege.sas
First available in version: 1.3

%lsaf_getglobalprivileges(sas_dsname=work.lsafGetGlobalPrivileges);

[ Exposure: external ]
Gets the metadata for all of the global privileges that are available. The metadata is stored
in a SAS data set.

Syntax:
%LSAF_GETGLOBALPRIVILEGES(<SAS_DSNAME=SAS-data-set>);

          
History:
   2013-11-01
initial coding
   2014-04-21
updated documentation
   2016-08-26
rebrand as LSAF
   2019-11-01
update to handle a blank SAS output file.
Expected Macro Variables:
_lsafMsg_ - The return message.
_lsafRC_ - The return code.
Parameters:
sas_dsname - - Optional - The name of the output SAS data set to contain the metadata for
        all of the global privileges, specified as libref.dataset. The default value is
        WORK.LSAFGETGLOBALPRIVILEGES. The data set contains a row for each global privilege
        and columns with the following names. The data set is sorted by privilegeId.
        - privilegeType: The privilege type: GLOBAL.
        - privilegeId: The identifier of the privilege.
        - privilegeName: The name of the privilege.
File: lsaf_getglobalprivileges.sas
First available in version: 1.3

%lsaf_getuserprivileges(lsaf_userid=, sas_dsname=work.lsafGetUserPrivileges);

[ Exposure: external ]
Gets the metadata for all of the global privileges that are assigned to a user account in
the system. The metadata is stored in a SAS data set.

Syntax:
%LSAF_GETUSERPRIVILEGES(LSAF_USERID=lsaf-userid <, SAS_DSNAME=SAS-data-set>);

          
History:
   2013-11-01
initial coding
   2016-08-26
rebrand as LSAF
   2019-11-01
update to handle a blank SAS output file.
Expected Macro Variables:
_lsafMsg_ - The return message.
_lsafRC_ - The return code.
Parameters:
lsaf_userid - - Required - The user account.
sas_dsname - - Optional - The name of the output SAS data set to contain the metadata
        for the global privileges, specified as libref.dataset. The default value is
        WORK.LSAFGETUSERPRIVILEGES. The data set contains a row for each global privilege
        that is assigned to the user account and the columns with the following names.
        The data set is sorted by privilegeId.
        - userId: The user ID of the user.
        - privilegeId: The identifier of the privilege.
        - privilegeName: The name of the privilege.
File: lsaf_getuserprivileges.sas
First available in version: 1.3

%lsaf_getuserswithglobalprivilege(lsaf_privilegeid=, sas_dsname=work.lsafgetuserswithglobalprivilege);

[ Exposure: external ]
Gets all of the user accounts that have the specified privilege identifier. The properties are
stored in the SAS data set LSAFGETUSERSWITHGLOBALPRIVILEGE.

Syntax:
%LSAF_GETUSERSWITHGLOBALPRIVILEGE(LSAF_PRIVILEGEID=lsaf-privilegeid <,SAS_DSNAME=SAS-data-set>);

          
History:
   2020-03-18
initial coding
Expected Macro Variables:
_lsafMsg_ - The return message.
_lsafRC_ - The return code.
Parameters:
lsaf_privilegeid - - Required - The identifier of the global privilege. A list of the
        privileges can be retrieved by calling the lsaf_getglobalprivileges macro.
sas_dsname - - Optional - The name of the output SAS data set to contain the user accounts
        with the corresponding privilege identifier, specified as libref.dataset. The
        default value is WORK.LSAFGETUSERSWITHGLOBALPRIVILEGE. The data set contains a row
        for each user account and columns with the following names. The data set is sorted
        by user acccount name.
        - userName: The user account name.
        - userDescription: The user account description.
        - privilegeType: The privilege type. Valid value: GLOBAL.
        - privilegeId: The identifier of the privilege.
        - privilegeName: The name of the privilege.
File: lsaf_getuserswithglobalprivilege.sas
First available in version: 2.3

%lsaf_hasglobalprivilege(lsaf_userid=, lsaf_privilege=);

[ Exposure: external ]
Determines whether a global privilege is assigned to a user account. A list of privilege
IDs can be found by running the %lsaf_getglobalprivileges and checking the PrivilegeID
column.

The SAS macro variable _lsafHasGlobalPrivilege_ is set to a value of 1 when the global
privilege is assigned, 0 if it is not. In the event of an incorrect call to the macro
that results in an error, the return value of _lsafHasGlobalPrivilege_ is set to -1.

Syntax:
%LSAF_HASGLOBALPRIVILEGE(LSAF_USERID=lsaf-userid, LSAF_PRIVILEGE=lsaf-privilege-id);

          
History:
   2013-11-01
initial coding
   2016-08-26
rebrand as LSAF
   2019-01-18
renamed from lsaf_isuserprivilege to lsaf_hasglobalprivilege
Expected Macro Variables:
_lsafHasGlobalPrivilege_ - Indicates whether the privilege is assigned to the user
        account.
_lsafMsg_ - The return message.
_lsafRC_ - The return code.
Parameters:
lsaf_userid - - Required - The user ID.
lsaf_privilege - - Required - The identifier of the global privilege.
File: lsaf_hasglobalprivilege.sas
First available in version: 1.3

%lsaf_isglobalprivilege(lsaf_privilege=);

[ Exposure: external ]
Determines whether the specified value is a valid SAS Life Science Analytics Framework global
privilege.

The SAS macro variable _lsafIsGlobalPrivilege_ is set to a value of 1 if the specified value is a
valid global privilege, 0 if it is not. In the event of an incorrect call to the macro that
results in an error, the return value of _lsafIsGlobalPrivilege_ is set to -1. To retrieve a list
of global privileges, submit the lsaf_getglobalprivileges macro.

Syntax:
%LSAF_ISGLOBALPRIVILEGE(LSAF_PRIVILEGE=lsaf-privilege-id);

          
History:
   2019-01-23
initial coding
Expected Macro Variables:
_lsafIsGlobalPrivilege_ - Indicates whether the item is a valid global privilege.
_lsafMsg_ - The return message.
_lsafRC_ - The return code.
Parameters:
lsaf_privilege - - Required - The global privilege ID.
File: lsaf_isglobalprivilege.sas
First available in version: 2.1

%lsaf_removeuserprivilege(lsaf_userid=, lsaf_privilege=);

[ Exposure: external ]
Removes a global privilege from a user account in the system.

Syntax:
%LSAF_REMOVEUSERPRIVILEGE(LSAF_USERID=lsaf-userid, LSAF_PRIVILEGE=lsaf-privilege);

          
History:
   2013-11-01
initial coding
   2016-08-26
rebrand as LSAF
Expected Macro Variables:
_lsafMsg_ - The return message.
_lsafRC_ - The return code.
Parameters:
lsaf_userid - - Required - The user account.
lsaf_privilege - - Required - The identifier of the global privilege.
File: lsaf_removeuserprivilege.sas
First available in version: 1.3