chore: automated commit

2022-07-09 23:35:24 +01:00
parent 60a51c94ba
commit 0acbd660f5
4 changed files with 19 additions and 16 deletions
--- a/docs/column-level-security.md
+++ b/docs/column-level-security.md
@@ -2,12 +2,9 @@
 layout: article
 title: Column Level Security
 description: Column Level Security prevents end users from viewing or editing specific columns in SAS according to their group membership.
-og_image:  https://docs.datacontroller.io/img/rls_table.png
+og_image:  https://docs.datacontroller.io/img/cls_table.png
 ---

-!!! warning
-    In development - coming soon!
-
 # Column Level Security

 Column level security is implemented by mapping _allowed_ columns to a list of SAS groups. In VIEW mode, only allowed columns are visible.  In EDIT mode, allowed columns are _editable_ - the remaining columns are read-only.
@@ -28,14 +25,14 @@ When `CLS_SCOPE in ('VIEW','ALL')` then only the listed columns are _visible_ (u
 When `CLS_SCOPE in ('EDIT','ALL')` then only the listed columns are _editable_ (the remaining columns are read-only, and visible).  Furthermore:

 * The user will be unable to ADD or DELETE records.
-* Primary Key values are always read only 
+* Primary Key values are always read only
 * Primary Key values cannot be hidden (`CLS_HIDE=1` will have no effect)


 ### CLS_GROUP
-The SAS Group to which the rule applies.  The user could also be a member of a [DC group](/dcc-groups). 
+The SAS Group to which the rule applies.  The user could also be a member of a [DC group](/dcc-groups).

- - If a user is in ANY of the groups, the columns will be restricted.  
+ - If a user is in ANY of the groups, the columns will be restricted.
 - If a user is in NONE of the groups, no restrictions apply (all columns available).
 - If a user is in MULTIPLE groups, they will see all allowed columns across all groups.

@@ -46,7 +43,7 @@ The library of the target table against which the security rule will be applied
 The target table against which the security rule will be applied

 ### CLS_VARIABLE_NM
-This is the name of the variable against which the security rule will be applied.  Note that 
+This is the name of the variable against which the security rule will be applied.  Note that

 ### CLS_ACTIVE
 If you would like this rule to be applied, be sure this value is set to 1.
--- a/docs/dcc-tables.md
+++ b/docs/dcc-tables.md
@@ -73,9 +73,9 @@ Leave blank if not required.

 ### PRE_EDIT_HOOK

-[Hook script](#hook-scripts) to execute _prior_ to an edit being made. This allows data to be modified before being presented for editing. 
+[Hook script](#hook-scripts) to execute _prior_ to an edit being made. This allows data to be modified before being presented for editing.

-Leave blank if not required.  
+Leave blank if not required.

 SAS Developer Notes:

@@ -117,7 +117,7 @@ SAS Developer Notes:

 ### POST_APPROVE HOOK

-This [hook script](#hook-scripts) is `%inc`'d _after_ an approval is made. This is the most common type of hook script, and is useful for, say, running a SAS job after a mapping table is updated, or running a model after changing a parameter.  
+This [hook script](#hook-scripts) is `%inc`'d _after_ an approval is made. This is the most common type of hook script, and is useful for, say, running a SAS job after a mapping table is updated, or running a model after changing a parameter.

 Leave blank if not required.

@@ -148,10 +148,16 @@ Not required, but recommended.
 For retained / surrogate keys, an auto-incrementing field is used to represent each unique record. In this case, the RK (integer) field itself should be added in the [BUSKEY](#buskey) column, and the natural / underlying key should be added here.
 Leave blank unless using retained / surrogate keys.

-### HELPFUL_LINK
+### AUDIT_LIBDS

-If more information is available to describe the table being updated (eg on sharepoint), provide a url here and it will be made available to approvers.
-Leave blank if not required.
+If this field is blank (ie empty, missing), **every** change is captured in the [MPE_AUDIT](/tables/mpe_audit.md).  This can result in large data volumes for frequently changing tables.
+
+Alternative options are:
+
+1.  Enter a zero (`0`) to switch off audit logging completely
+2.  Enter a library.dataset reference of an alternative audit table in which to capture the change history.
+
+For option 2, the base table structure can be generated using this macro:  [https://core.sasjs.io/mddl__dc__difftable_8sas_source.html](https://core.sasjs.io/mddl__dc__difftable_8sas_source.html).


 ## HOOK Scripts
--- a/docs/img/cls_table.png
+++ b/docs/img/cls_table.png
--- a/docs/tables/mpe_tables.md
+++ b/docs/tables/mpe_tables.md
@@ -12,7 +12,7 @@ A more detailed breakdown of the columns / features is available in the [configu

 ## Columns

- - `TX_FROM num`: SCD2 open datetime 
+ - `TX_FROM num`: SCD2 open datetime
 - 🔑 `TX_TO num`: SCD2 close datetime
 - 🔑 `LIBREF char(8)`: SAS Libref (8 chars)
 - 🔑 `DSN char(64)`: The library member name
@@ -33,4 +33,4 @@ A more detailed breakdown of the columns / features is available in the [configu
 - `SIGNOFF_HOOK char(200)`: Run SAS code after signoff.  See [config](/dcc-tables/#signoff_hook)
 - `NOTES char(1000)`: Additional notes. See [config](/dcc-tables/#notes)
 - `RK_UNDERLYING char(1000)`: The key on which the retained key is generated. See [config](/dcc-tables/#rk_underlying)
- - `HELPFUL_LINK char(300)`: URL to additional notes about the table. See [config](/dcc-tables/#helpful_link)
+ - `AUDIT_LIBDS char(41)`: Configure alternative audit history tracking tables (or switch off audit history). See [config](/dcc-tables/#audit-libds)