chore: improving docs for mpe_accesscheck and adding a test for mpe_accesscheck
All checks were successful
Build / Build-and-ng-test (pull_request) Successful in 1m27s
All checks were successful
Build / Build-and-ng-test (pull_request) Successful in 1m27s
This commit is contained in:
parent
e7ab2cc956
commit
5b06f4ede8
@ -6,18 +6,28 @@
|
||||
MPE_SECURITY table. Alternatively, they may be in the &mpeadmins
|
||||
group (which has full access to everything).
|
||||
|
||||
@param [in] base_table The base table to check for
|
||||
@param [in] user= The user for which the access level should be returned. If
|
||||
not provided, the mf_user() result is used instead.
|
||||
@param [in] access_level= (APPROVE) access_level (per MPE_SECURITY) reqd.
|
||||
Valid values:
|
||||
@li EDIT
|
||||
@li APPROVE
|
||||
@li VIEW
|
||||
@param [in] cntl_lib= (MPELIB) The name of a global macro variable that
|
||||
contains the libref in which the MPE_SECURITY table is stored
|
||||
@param [out] outds= (MED_ACCESSCHECK) Output WORK table containing all the
|
||||
groups for which the user is granted the particular ACCESS_LEVEL.
|
||||
|
||||
<h4> SAS Macros </h4>
|
||||
@li mp_abort.sas
|
||||
@li mf_getuniquename.sas
|
||||
@li mf_getuser.sas
|
||||
@li mf_verifymacvars.sas
|
||||
@li mp_dropmembers.sas
|
||||
@li mpe_getgroups.sas
|
||||
|
||||
@param [in] base_table The base table to check for
|
||||
@param [in] access_level= (APPROVE) access_level (per MPE_SECURITY) reqd
|
||||
@param [out] outds= (MED_ACCESSCHECK) Output table containing all the groups
|
||||
the user is a member of, which are granted the access_level requested.
|
||||
<h4> Related Macros </h4>
|
||||
@li mpe_accesscheck.test.sas
|
||||
|
||||
@version 9.2
|
||||
@author 4GL Apps Ltd
|
||||
@ -31,42 +41,36 @@
|
||||
,outds=med_accesscheck /* WORK table to contain access details */
|
||||
,user= /* metadata user to check for */
|
||||
,access_level=APPROVE
|
||||
,cntl_lib=MPELIB
|
||||
);
|
||||
|
||||
%if &user= %then %let user=%mf_getuser();
|
||||
|
||||
%if %index(&outds,.) %then %do;
|
||||
%local lib ds;
|
||||
%let lib=%scan(&outds,1,.);
|
||||
%let ds=%scan(&outds,2,.);
|
||||
%if %upcase(&lib) ne WORK %then %do;
|
||||
%mp_abort(msg=outds should be a WORK table
|
||||
,mac=mpe_accesscheck);
|
||||
%end;
|
||||
%end;
|
||||
%else %let ds=&outds;
|
||||
%mp_abort(
|
||||
iftrue=(%index(&outds,.)>0 and %upcase(%scan(&outds,1,.)) ne WORK)
|
||||
,mac=mpe_accesscheck
|
||||
,msg=%str(outds should be a WORK table)
|
||||
)
|
||||
|
||||
%mp_abort(
|
||||
iftrue=(%mf_verifymacvars(base_table user access_level)=0)
|
||||
,mac=bitemporal_dataloader
|
||||
,msg=%str(Missing base_table/user access_level)
|
||||
,mac=mpe_accesscheck
|
||||
,msg=%str(Missing base_table/user access_level variables)
|
||||
)
|
||||
|
||||
/* ensure any existing table is dropped */
|
||||
%mp_dropmembers(&ds)
|
||||
/* make unique temp table vars */
|
||||
%local tempds1 tempds2;
|
||||
%let tempds1=%mf_getuniquename(prefix=usergroups);
|
||||
%let tempds2=%mf_getuniquename(prefix=tablegroups);
|
||||
|
||||
/* get list of user groups */
|
||||
%local tempds1;
|
||||
%let tempds1=%mf_getuniquename(prefix=usergroups);
|
||||
%mpe_getgroups(user=&user,outds=&tempds1)
|
||||
|
||||
/* get list of groups with access for that table */
|
||||
%local tempds2;
|
||||
%let tempds2=%mf_getuniquename(prefix=tablegroups);
|
||||
proc sql;
|
||||
create table &tempds2 as
|
||||
select distinct sas_group
|
||||
from &mpelib..mpe_security
|
||||
from &&&cntl_lib...mpe_security
|
||||
where &dc_dttmtfmt. lt tx_to
|
||||
and access_level="&access_level"
|
||||
and (
|
||||
|
67
sas/sasjs/macros/mpe_accesscheck.test.sas
Normal file
67
sas/sasjs/macros/mpe_accesscheck.test.sas
Normal file
@ -0,0 +1,67 @@
|
||||
/**
|
||||
@file
|
||||
@brief Testing mpe_accesscheck macro
|
||||
@details Checking functionality of mpe_accesscheck.sas macro
|
||||
|
||||
|
||||
<h4> SAS Macros </h4>
|
||||
@li mf_getuniquename.sas
|
||||
@li mf_getuser.sas
|
||||
@li mp_assertdsobs.sas
|
||||
@li mpe_getgroups.sas
|
||||
@li mpe_accesscheck.sas
|
||||
|
||||
|
||||
@author 4GL Apps Ltd
|
||||
@copyright 4GL Apps Ltd. This code may only be used within Data Controller
|
||||
and may not be re-distributed or re-sold without the express permission of
|
||||
4GL Apps Ltd.
|
||||
|
||||
**/
|
||||
|
||||
/* get the groups this user is actually a member of */
|
||||
%mpe_getgroups(user=%mf_getuser(),outds=work.groups)
|
||||
|
||||
data _null_;
|
||||
set work.groups;
|
||||
call symputx('groupname',groupname);
|
||||
run;
|
||||
|
||||
/* create demo MPE_SECURITY table */
|
||||
data work.mpe_security;
|
||||
if 0 then set &dc_libref..mpe_security;
|
||||
do access_level='EDIT','APPROVE','VIEW';
|
||||
LIBREF='SOMELIB';
|
||||
DSN='SOMEDS';
|
||||
sas_group="&groupname";
|
||||
tx_from=0;
|
||||
tx_to='31dec4999:23:59:59'dt;
|
||||
output;
|
||||
end;
|
||||
run;
|
||||
|
||||
|
||||
%mpe_accesscheck(
|
||||
SOMELIB.SOMEDS
|
||||
,outds=work.test1
|
||||
,access_level=APPROVE
|
||||
,cntl_lib=WORK
|
||||
)
|
||||
%mp_assertdsobs(work.test1,
|
||||
desc=Test 1 - One record returned,
|
||||
test=EQUALS 1,
|
||||
outds=work.test_results
|
||||
)
|
||||
|
||||
%mpe_accesscheck(
|
||||
SOMELIB.INVALID
|
||||
,outds=work.test2
|
||||
,access_level=APPROVE
|
||||
,cntl_lib=WORK
|
||||
)
|
||||
%mp_assertdsobs(work.test1,
|
||||
desc=Test 12 - 0 records returned,
|
||||
test=EQUALS 0,
|
||||
outds=work.test_results
|
||||
)
|
||||
|
Loading…
Reference in New Issue
Block a user