![]() | SUMMARY | DETAIL |
Macros to manipulate and create roles, their availability in contexts, and their membership lists.
Macro Summary | |
external | %lsaf_addinheritedrole(lsaf_path=, lsaf_role=, lsaf_role_context=);
Assigns a role to the specified context as an inherited role.
|
external | %lsaf_addrolemember(lsaf_path=, lsaf_role=, lsaf_role_context=, lsaf_member=, lsaf_type=USER, lsaf_group_context=);
Adds a user account or user group as a member of a role in the specified context.
|
external | %lsaf_addroleprivilege(lsaf_path=, lsaf_role=, lsaf_privilege=);
Adds a privilege to a role in the specified context.
|
external | %lsaf_createrole(lsaf_path=, lsaf_role=, lsaf_description=);
Creates a role in the specified context.
|
external | %lsaf_deleterole(lsaf_path=, lsaf_role=);
Deletes a role from the specified context.
|
external | %lsaf_getrolemembers(lsaf_path=, lsaf_role=, lsaf_role_context=, sas_dsname=work.lsafGetRoleMembers);
Gets the metadata for all of the members that are assigned to a role within the specified ...
|
external | %lsaf_getroleprivileges(lsaf_path=, lsaf_role=, sas_dsname=work.lsafGetRolePrivileges);
Gets the metadata for all of the privileges that are assigned to a role. The metadata is ...
|
external | %lsaf_getroles(lsaf_path=, sas_dsname=work.lsafGetRoles);
Gets the metadata for all of the roles that are defined and inherited in a context. The ...
|
external | %lsaf_hasscopedprivilege(lsaf_path=, lsaf_privilege=, lsaf_member=, lsaf_type=USER, lsaf_group_context=);
Indicates whether a user or group has a specific role privilege in the specified context.
|
external | %lsaf_isrolemember(lsaf_path=, lsaf_role=, lsaf_role_context=, lsaf_member=, lsaf_type=USER, lsaf_group_context=);
Indicates whether a user account or user group is a member of a role in the specified context.
|
external | %lsaf_isroleprivilege(lsaf_path=, lsaf_role=, lsaf_privilege=);
Indicates whether a privilege is assigned to a role in the specified context. Applies only ...
|
external | %lsaf_removeinheritedrole(lsaf_path=, lsaf_role=, lsaf_role_context=);
Removes a role from the specified context.
|
external | %lsaf_removerolemember(lsaf_path=, lsaf_role=, lsaf_role_context=, lsaf_member=, lsaf_type=USER, lsaf_group_context=);
Removes a user account or a user group as a member of a role in the specified context.
|
external | %lsaf_removeroleprivilege(lsaf_path=, lsaf_role=, lsaf_privilege=);
Removes a privilege from a role in the specified context.
|
external | %lsaf_roleexists(lsaf_path=, lsaf_role=, lsaf_role_context=);
Indicates whether a role exists as defined or inherited in a specified context.
|
Macro Detail |
%lsaf_addinheritedrole(lsaf_path=, lsaf_role=, lsaf_role_context=);
[ Exposure:
external
]
_lsafMsg_
-
The return message._lsafRC_
-
The return code.lsaf_path
-
- Required - The path of the context.lsaf_role
-
- Required - The name of the role.lsaf_role_context
-
- Required - The context in which the role is defined, specified as
%lsaf_addrolemember(lsaf_path=, lsaf_role=, lsaf_role_context=, lsaf_member=, lsaf_type=USER, lsaf_group_context=);
[ Exposure:
external
]
_lsafMsg_
-
The return message._lsafRC_
-
The return code.lsaf_path
-
- Required - The path of the context item in which the role is assigned.lsaf_role
-
- Required - The name of the role.lsaf_role_context
-
- Optional - The context in which the role is defined, specified as alsaf_member
-
- Required - The identifier of the user account or the name of the userlsaf_type
-
- Conditional - The type of member to add. Valid values (case-insensitive):lsaf_group_context
-
- conditional - The context in which the group is defined, specified
%lsaf_addroleprivilege(lsaf_path=, lsaf_role=, lsaf_privilege=);
[ Exposure:
external
]
_lsafMsg_
-
The return message._lsafRC_
-
The return code.lsaf_path
-
- Required - The path of the context in which the role is defined.lsaf_role
-
- Required - The name of the role.lsaf_privilege
-
- Required - The identifier of the privilege.
%lsaf_createrole(lsaf_path=, lsaf_role=, lsaf_description=);
[ Exposure:
external
]
_lsafMsg_
-
The return message._lsafRC_
-
The return code.lsaf_path
-
- Required - The path of the context in which to create the role.lsaf_role
-
- Required - The name of the role.lsaf_description
-
- Optional - The description of the role.
%lsaf_deleterole(lsaf_path=, lsaf_role=);
[ Exposure:
external
]
_lsafMsg_
-
The return message._lsafRC_
-
The return code.lsaf_path
-
- Required - The path of the context in which the role is defined.lsaf_role
-
- Required - The name of the role.
%lsaf_getrolemembers(lsaf_path=, lsaf_role=, lsaf_role_context=, sas_dsname=work.lsafGetRoleMembers);
[ Exposure:
external
]
_lsafMsg_
-
The return message._lsafRC_
-
The return code.lsaf_path
-
- Required - The path of the context where the role is assigned.lsaf_role
-
- Required - The name of the role.lsaf_role_context
-
- Optional - The context in which the role is defined, specified as asas_dsname
-
- Optional - The name of the output SAS data set to contain the metadata
%lsaf_getroleprivileges(lsaf_path=, lsaf_role=, sas_dsname=work.lsafGetRolePrivileges);
[ Exposure:
external
]
_lsafMsg_
-
The return message._lsafRC_
-
The return code.lsaf_path
-
- Required - The path of the context in which the role is defined.lsaf_role
-
- Required - The name of the role.sas_dsname
-
- Optional - The name of the output SAS data set to the metadata for the
%lsaf_getroles(lsaf_path=, sas_dsname=work.lsafGetRoles);
[ Exposure:
external
]
_lsafMsg_
-
The return message._lsafRC_
-
The return code.lsaf_path
-
- Required - The path of the context in which the roles are located.sas_dsname
-
- Optional - The name of the output SAS data set to contain the metadata
%lsaf_hasscopedprivilege(lsaf_path=, lsaf_privilege=, lsaf_member=, lsaf_type=USER, lsaf_group_context=);
[ Exposure:
external
]
_lsafHasScopedPrivilege_
-
Indicates whether the user or group has the privilege in the_lsafMsg_
-
The return message._lsafRC_
-
The return code.lsaf_path
-
- Required - The path of the context.lsaf_privilege
-
- Required - The identifier of the privilege.lsaf_member
-
- Required - The user ID or group name of the member.lsaf_type
-
- Conditional - The type of member. Valid values (case-insensitive):lsaf_group_context
-
- Conditional - The context in which the member group is defined,
%lsaf_isrolemember(lsaf_path=, lsaf_role=, lsaf_role_context=, lsaf_member=, lsaf_type=USER, lsaf_group_context=);
[ Exposure:
external
]
_lsafIsRoleMember_
-
Indicates whether the user account or user group is a member of the_lsafMsg_
-
The return message._lsafRC_
-
The return code.lsaf_path
-
- Required - The path of the context.lsaf_role
-
- Required - The name of the role.lsaf_role_context
-
- Optional - The context in which the role is defined, specified as alsaf_member
-
- Required - The user identifier or user group name of the member.lsaf_type
-
- Conditional - The type of the member. Valid values (case-insensitive):lsaf_group_context
-
- Conditional - The context in which the member group is defined,
%lsaf_isroleprivilege(lsaf_path=, lsaf_role=, lsaf_privilege=);
[ Exposure:
external
]
_lsafIsRolePrivilege_
-
Indicates whether the privilege is assigned to the role in the_lsafMsg_
-
The return message._lsafRC_
-
The return code.lsaf_path
-
- Required - The path of the context in which the role is assigned.lsaf_role
-
- Required - The name of the role.lsaf_privilege
-
- Required - The identifier of the privilege.
%lsaf_removeinheritedrole(lsaf_path=, lsaf_role=, lsaf_role_context=);
[ Exposure:
external
]
_lsafMsg_
-
The return message._lsafRC_
-
The return code.lsaf_path
-
- Required - The path of the context from which to remove the role.lsaf_role
-
- Required - The name of the role.lsaf_role_context
-
- Required - The context in which the role is defined, sepcified as
%lsaf_removerolemember(lsaf_path=, lsaf_role=, lsaf_role_context=, lsaf_member=, lsaf_type=USER, lsaf_group_context=);
[ Exposure:
external
]
_lsafMsg_
-
The return message._lsafRC_
-
The return code.lsaf_path
-
- Required - The path of the context that contains the role.lsaf_role
-
- Required - The name of the role.lsaf_role_context
-
- Optional - The context in which the role is defined, specified as alsaf_member
-
- Required - The identifier of the user account or the name of the user group.lsaf_type
-
- Conditional - Type of the member. Valid values (case-insensitive):lsaf_group_context
-
- Conditional - The context in which the group to remove is defined,
%lsaf_removeroleprivilege(lsaf_path=, lsaf_role=, lsaf_privilege=);
[ Exposure:
external
]
_lsafMsg_
-
The return message._lsafRC_
-
The return code.lsaf_path
-
- Required - The path of the context in which the role is defined.lsaf_role
-
- Required - The name of the role.lsaf_privilege
-
- Required - The identifier of the privilege.
%lsaf_roleexists(lsaf_path=, lsaf_role=, lsaf_role_context=);
[ Exposure:
external
]
_lsafMsg_
-
The return message._lsafRC_
-
The return code._lsafRoleExists_
-
Indicates the existence of the role.lsaf_path
-
- Required - The path of the context.lsaf_role
-
- Required - The name of the role.lsaf_role_context
-
- Optional - The context in which the role is defined, specified as a