Loading...
Searching...
No Matches
viewlibs.sas
Go to the documentation of this file.
1/**
2 @file viewlibs.sas
3 @brief List the libraries for view access
4 @details
5
6 <h4> SAS Macros </h4>
7 @li dc_getlibs.sas
8 @li mp_abort.sas
9 @li mf_getuser.sas
10 @li mpe_getgroups.sas
11 @li mpeinit.sas
12
13 @version 9.3
14 @author 4GL Apps Ltd
15 @copyright 4GL Apps Ltd. This code may only be used within Data Controller
16 and may not be re-distributed or re-sold without the express permission of
17 4GL Apps Ltd.
18**/
19
20%mpeinit()
21
22/**
23 * get full list of libraries
24 */
25%dc_getlibs(outds=work.mm_getLibs)
26
27/* get security groups */
28%mpe_getgroups(user=%mf_getuser(),outds=groups)
29
30/* get security settings */
31data sec;
32 set &mpelib..mpe_security;
33 where &dc_dttmtfmt.lt tx_to and ACCESS_LEVEL='VIEW';
34run;
35
36/* check for any matching groups */
37proc sql noprint;
38create table matches as
39 select * from sec
40 where upcase(sas_group) in (select upcase(groupname) from groups);
41select count(*) into: securitygroupscount from matches;
42select count(*) into: ALL_CNT from matches where libref='*ALL*';
43%put securitygroupscount=&securitygroupscount;
44%put ALL_CNT=&ALL_CNT;
45%mp_abort(iftrue= (&syscc ne 0)
46 ,mac=&_program..sas
47 ,msg=%str(syscc=&syscc)
48)
49
50%macro mpestp_viewlibs();
51%if not %symexist(DC_RESTRICT_VIEWER) %then %let DC_RESTRICT_VIEWER=NO;
52
53/* scenario 1 - user is in admin group, hence can view all libraries */
54proc sql noprint;
55select count(*) into: scenario1 from groups where groupname="&mpeadmins";
56%if &scenario1>0 %then %do;
57 %put user in admin group (scenario1=&scenario1);
58 %return;
59%end;
60/* scenario 2 - viewer unrestricted and no groups listed */
61%if &DC_RESTRICT_VIEWER=NO and &securitygroupscount=0 %then %do;
62 %put DC_RESTRICT_VIEWER=&DC_RESTRICT_VIEWER;
63 %put securitygroupscount=&securitygroupscount;
64 %return;
65%end;
66
67/* scenario 3 - an *ALL* libref is listed */
68%if &all_cnt>0 %then %do;
69 %put all_cnt=&all_cnt;
70 %return;
71%end;
72
73/* scenario 4 - specific librefs listed */
74%if &securitygroupscount>0 %then %do;
75 %put scenario 4;
76 %put securitygroupscount=&securitygroupscount;
77 proc sql;
78 delete from mm_getLibs
79 where upcase(libraryref) not in (select upcase(libref) from matches);
80 %return;
81%end;
82
83/* viewer restricted and no groups listed */
84%if &DC_RESTRICT_VIEWER=YES and &securitygroupscount=0 %then %do;
85 %put DC_RESTRICT_VIEWER=&DC_RESTRICT_VIEWER;
86 %put securitygroupscount=&securitygroupscount;
87 data mm_getlibs;
88 set mm_getlibs;
89 stop;
90 run;
91 %return;
92%end;
93
94%mp_abort(iftrue= (1=1)
95 ,mac=&_program..sas
96 ,msg=%str(unhandled security logic err!)
97)
98
99%mend mpestp_viewlibs;
100%mpestp_viewlibs()
101
102%global dc_viewlib_check;
103
104/**
105* deal with invalid and duplicate library definitions
106*/
107proc sort data=mm_getlibs;
108 by libraryref libraryname;
109run;
110
111data mm_getlibs;
112 set mm_getlibs;
113 by libraryref;
114 if symget('dc_viewlib_check')='YES' then do;
115 /* note - invalid libraries can result in exception errors. If this happens,
116 configure the dc_viewlib_check variable to NO in Data Controller Settings
117 */
118 rc=libname(libraryref,,'meta',cats('library="',libraryname,'";'));
119 drop rc;
120 if rc ne 0 then do;
121 putlog "NOTE: Library " libraryname " does not exist!!";
122 putlog (_all_) (=);
123 delete;
124 end;
125 end;
126 if not first.libraryref then delete;
127run;
128
129proc sort data=mm_getlibs out=saslibs;
130 by libraryname;
131run;
132
133%mp_abort(iftrue= (&syscc ne 0)
134 ,mac=&_program..sas
135 ,msg=%str(syscc=&syscc)
136)
137
138%webout(OPEN)
139%webout(OBJ,saslibs,missing=STRING)
140%webout(CLOSE)
141
142%mpeterm()