MicroStrategy ONE

Alter Folder ACE statement

Modifies an ACE (Access Control Entry) for a folder's ACL (Access Control List).

Copy 
ALTER ACE FOR FOLDER "folder_name" IN 
 FOLDER "location_path" (USER "user_name" | GROUP "group_name") [ACCESSRIGHTS 
 (VIEW | MODIFY | FULLCONTROL | DENIEDALL | DEFAULT | CUSTOM [GRANTgrant_accessright1 [, 
 ... grant_accessrightN]] 
 [DENY deny_accessright1 [ 
 ,... deny_accessrightN]]) 
 DEFAULT default_accessright1 [, 
 ... default_accessrightN]])] 
 [CHILDRENACCESSRIGHTS (VIEW | MODIFY | FULLCONTROL | DENIEDALL | DEFAULT 
 | CUSTOM [GRANT grant_accessright1 [, 
 ... grant_accessrightN]] 
 [DENY deny_accessright1 [, 
 ... deny_accessrightN]] 
 DEFAULT default_accessright1  [, 
 ... default_accessrightN]])] 
 FOR PROJECT "project_name";

where:

  • FOLDER  "folder_name" is the name of the folder for which an ACE is to be altered, of type string.

  • FOLDER "location_path" is the folder path where the folder is located, of type string.

  • USER "user_name" is the login name of the user to be assigned to the new ACE, of type string.

  • GROUP "group_name" is the login name of the group to be assigned to the new ACE, of type string.

  • ACCESSRIGHTS indicates what access rights to grant or deny:

    • VIEW grants View rights: BROWSE, READ, USE, EXECUTE.

    • MODIFY grants Modify rights: BROWSE, READ,WRITE, DELETE, USE, EXECUTE.

    • FULLCONTROL grants all rights.

    • DENIEDALL explicitly denies all rights.

    • DEFAULT neither grants nor denies rights; all rights are inherited from groups.

    • CUSTOM allows you to specify which rights are granted and denied:

      • GRANT grant_accessright1..N is the access right (or list of access rights) to be granted to/from the ACE, from the following list: BROWSE, READ, WRITE, DELETE, CONTROL, USE, EXECUTE.

      • DENY deny_accessright1..N is the access right (or list of access rights) to be denied to/from the ACE, from the following list: BROWSE, READ, WRITE, DELETE, CONTROL, USE, EXECUTE.

      • DEFAULT default_accessright1..N is the access right (or list of access rights) in the ACE to be inherited, from the following list: BROWSE, READ, WRITE, DELETE, CONTROL, USE, EXECUTE.

  • CHILDRENACCESSRIGHTS indicates what access rights to grant or deny to this folder's children, as for ACCESSRIGHTS.

  • PROJECT "project_name" is the name of the project where the folder is located, of type string.

Example

Copy 
>ALTER ACE FOR FOLDER "Subtotals" IN FOLDER 
 "\Project Objects" USER "Developer" ACCESSRIGHTS CUSTOM 
 DENY BROWSE, READ CHILDRENACCESSRIGHTS CUSTOM GRANT BROWSE, READ FOR PROJECT 
 "MicroStrategy Tutorial";