/* in the same group as admin2 need */
/* to read tables created by admin2. */
add ACL / generic
read
groupread
groupalter ;
list ACL _all_;
/* admin (same group) can read the */
/* table */
PROC PRINT data=d1.admin2_table
(obs=10) ;
title 'read by admin' ;
run ;
/* Admin has been given the ability to */
/* modify or replace tables created by */
/* admin2 with 'groupalter' */
data d1.admin2_table ;
do i = 1 to 100 ;
output ;
end ;
run ;
/* Provide other users in same group */
/* read access to the table */
PROC SPDO library=admin2d1 ;
/* assign who owns the ACLs */
set acluser user3 ;
/* Modify LIBNAME ACL for groupread */
/* and groupwrite. The ACL MUST */
/* include groupread if other users in */
/* the same group as admin2 are to be */
/* able to read tables that were */
/* created by admin2 */
add ACL user3_table /
groupread ;
list ACL _all_;
Bringing a Table Offline to Refresh
When it is time to refresh the table, the first step is to revoke read privileges to all user IDs,
except the ID that will perform the refresh.
LIBNAME d2 sasspds 'd2'
server=zztop.5162
user='prod1'
180 Chapter 14 • ACL Security Overview
