For reference, this
topic documents the underlying security report macros.
You can choose to directly use the underlying report macros instead
of using only %MDSECDS (which is the standard approach to building
authorization data sets). However, the underlying macros don't offer
any unique inclusion or exclusion parameters. The following figure
introduces the underlying macros. In the figure, arrow direction indicates
input to and output from each underlying macro.
The numbers in the preceding
figure correspond to these activities:
-
%MDSECGO extracts information
for a specified set of objects. You specify one folder and indicate
whether to include subdirectories. You can also provide a list of
object types to include and filter the data set by attribute value.
Note: The same level of control
is provided by using %MDSECDS on its own.
-
For every object in
a specified data set, %MDSECGP gets effective permission settings
for a specified set of identities and permissions.
Note: This is the point at which
using the underlying macros creates an opportunity for you to define
a subset of the objs data set.
-
%MDSECTR transforms
the extracted data set from a long format (a separate row for each
permission) to a wide format (all permissions in the same row).
-
%MDSECVW creates a joined
view or data set that can be used for reporting.
The following table
introduces a few utility macros that can be useful in security reporting:
Utility Macros for Security Reporting
|
|
|
|
|
Extracts information
about top-level metadata objects or locates templates for a particular
object type.
|
|
|
Returns the object ID
for a specified folder.
|
|
|
Defines the table into
which %MDSECGO inserts rows.
|
The underlying macros
and utility macros are in
SAS-installation-directory\SASFoundation\9.3\core\sasmacro (Windows)
or
SAS-installation-directory/SASFoundation/9.3/sasautos (UNIX).
