MicroStrategy ONE
Add Configuration Object ACE statement
Adds a new ACE (Access Control Entry) to a configuration object's ACL (Access Control List).
ADD ACE FORconf_object_type "object_name" (USER "user_name" | GROUP "group_name") ACCESSRIGHTS
(VIEW | MODIFY | FULLCONTROL | DENIEDALL | DEFAULT | CUSTOM [GRANTgrant_accessright1 [,
... grant_accessrightN]]
[DENY deny_accessright1 [,
... deny_accessrightN]]);
where:
-
conf_object_type is the type of configuration object for which an ACE is to be added, from the following list: DBINSTANCE, DBCONNECTION, DBLOGIN, SCHEDULE, USER, EVENT.
-
"object_name" is the name of the configuration object, of type string.
-
USER "user_name" is the login name of the user to be assigned to the new ACE, of type string.
-
GROUP "group_name" is the login name of the group to be assigned to the new ACE, of type string.
-
ACCESSRIGHTS indicates what access rights to grant or deny:
-
VIEW grants View rights: BROWSE, READ, USE, EXECUTE.
-
MODIFY grants Modify rights: BROWSE, READ,WRITE, DELETE, USE, EXECUTE.
-
FULLCONTROL grants all rights.
-
DENIEDALL explicitly denies all rights.
-
DEFAULT neither grants nor denies rights; all rights are inherited from groups.
-
CUSTOM allows you to specify which rights are granted and denied:
-
GRANT grant_accessright1..N is the access right (or list of access rights) to be granted to/from the ACE, from the following list: BROWSE, READ, WRITE, DELETE, CONTROL, USE, EXECUTE.
-
DENY deny_accessright1..N is the access right (or list of access rights) to be denied to/from the ACE, from the following list: BROWSE, READ, WRITE, DELETE, CONTROL, USE, EXECUTE.
Example
ADD ACE FOR SCHEDULE "All the time" USER "Developer" ACCESSRIGHTS FULLCONTROL;