Loading...
Searching...
No Matches
viewlibarray.sas
Go to the documentation of this file.
1/**
2 @file viewlibarray.sas
3 @brief List the libraries for view access
4 @details
5
6 <h4> SAS Macros </h4>
7 @li dc_getlibs.sas
8 @li mp_abort.sas
9 @li mf_getuser.sas
10 @li mpe_getgroups.sas
11 @li mm_webout.sas
12 @li mf_existds.sas
13
14 @version 9.2
15 @author 4GL Apps Ltd
16 @copyright 4GL Apps Ltd. This code may only be used within Data Controller
17 and may not be re-distributed or re-sold without the express permission of
18 4GL Apps Ltd.
19**/
20
21%mpeinit()
22
23%let keepvars=libraryref libraryname;
24data _null_;
25 length keepvars $32;
26 set %sysfunc(ifc(%mf_existds(iwant),iwant,_null_));
27 call symputx('keepvars',keepvars);
28run;
29
30/**
31 * get full list of libraries
32 */
33%dc_getlibs(outds=work.mm_getLibs)
34
35/* get security groups */
36%mpe_getgroups(user=%mf_getuser(),outds=groups)
37
38/* get security settings */
39data sec;
40 set &mpelib..mpe_security;
41 where &dc_dttmtfmt. lt tx_to and ACCESS_LEVEL='VIEW';
42run;
43
44/* check for any matching groups */
45proc sql noprint;
46create table matches as
47 select * from sec
48 where upcase(sas_group) in (select upcase(groupname) from groups);
49select count(*) into: securitygroupscount from matches;
50select count(*) into: ALL_CNT from matches where libref='*ALL*';
51%put securitygroupscount=&securitygroupscount;
52%put ALL_CNT=&ALL_CNT;
53%mp_abort(iftrue= (&syscc ne 0)
54 ,mac=&_program..sas
55 ,msg=%str(syscc=&syscc)
56)
57
58%macro mpestp_viewlibs();
59%if not %symexist(DC_RESTRICT_VIEWER) %then %let DC_RESTRICT_VIEWER=NO;
60
61/* scenario 1 - user is in admin group, hence can view all libraries */
62proc sql noprint;
63select count(*) into: scenario1 from groups where groupname="&mpeadmins";
64%if &scenario1>0 %then %do;
65 %put user in admin group (scenario1=&scenario1);
66 %return;
67%end;
68/* scenario 2 - viewer unrestricted and no groups listed */
69%if &DC_RESTRICT_VIEWER=NO and &securitygroupscount=0 %then %do;
70 %put DC_RESTRICT_VIEWER=&DC_RESTRICT_VIEWER;
71 %put securitygroupscount=&securitygroupscount;
72 %return;
73%end;
74
75/* scenario 3 - an *ALL* libref is listed */
76%if &all_cnt>0 %then %do;
77 %put all_cnt=&all_cnt;
78 %return;
79%end;
80
81/* scenario 4 - specific librefs listed */
82%if &securitygroupscount>0 %then %do;
83 %put scenario 4;
84 %put securitygroupscount=&securitygroupscount;
85 proc sql;
86 delete from mm_getLibs
87 where upcase(libraryref) not in (select upcase(libref) from matches);
88 %return;
89%end;
90
91/* viewer restricted and no groups listed */
92%if &DC_RESTRICT_VIEWER=YES and &securitygroupscount=0 %then %do;
93 %put DC_RESTRICT_VIEWER=&DC_RESTRICT_VIEWER;
94 %put securitygroupscount=&securitygroupscount;
95 data mm_getlibs;
96 set mm_getlibs;
97 stop;
98 run;
99 %return;
100%end;
101
102%mp_abort(iftrue= (1=1)
103 ,mac=&_program..sas
104 ,msg=%str(unhandled security logic error!)
105)
106
107%mend mpestp_viewlibs;
108%mpestp_viewlibs()
109
110%global dc_viewlib_check;
111
112/**
113* deal with invalid and duplicate library definitions
114*/
115proc sort data=mm_getlibs;
116 by libraryref libraryname;
117run;
118
119data mm_getlibs;
120 set mm_getlibs;
121 by libraryref;
122 if symget('dc_viewlib_check')='YES' then do;
123 /* note - invalid libraries can result in exception errors. If this happens,
124 configure the dc_viewlib_check variable to NO in Data Controller Settings
125 */
126 rc=libname(libraryref,,'meta',cats('library="',libraryname,'";'));
127 drop rc;
128 if rc ne 0 then do;
129 putlog "NOTE: Library " libraryname " does not exist!!";
130 putlog (_all_) (=);
131 delete;
132 end;
133 end;
134 if not first.libraryref then delete;
135run;
136
137proc sort data=mm_getlibs (keep=&keepvars);
138 by libraryname;
139run;
140
141%mp_abort(iftrue= (&syscc ne 0)
142 ,mac=&_program..sas
143 ,msg=%str(syscc=&syscc)
144)
145
146%mm_webout(OPEN)
147%mm_webout(ARR, mm_getLibs)
148%mm_webout(CLOSE)