MicroStrategy ONE
Alter Folder ACE statement
Modifies an ACE (Access Control Entry) for a folder's ACL (Access Control List).
ALTER ACE FOR FOLDER "folder_name" IN
FOLDER "location_path" (USER "user_name" | GROUP "group_name") [ACCESSRIGHTS
(VIEW | MODIFY | FULLCONTROL | DENIEDALL | DEFAULT | CUSTOM [GRANTgrant_accessright1 [,
... grant_accessrightN]]
[DENY deny_accessright1 [
,... deny_accessrightN]])
DEFAULT default_accessright1 [,
... default_accessrightN]])]
[CHILDRENACCESSRIGHTS (VIEW | MODIFY | FULLCONTROL | DENIEDALL | DEFAULT
| CUSTOM [GRANT grant_accessright1 [,
... grant_accessrightN]]
[DENY deny_accessright1 [,
... deny_accessrightN]]
DEFAULT default_accessright1 [,
... default_accessrightN]])]
FOR PROJECT "project_name";
where:
-
FOLDER "folder_name" is the name of the folder for which an ACE is to be altered, of type string.
-
FOLDER "location_path" is the folder path where the folder is located, of type string.
-
USER "user_name" is the login name of the user to be assigned to the new ACE, of type string.
-
GROUP "group_name" is the login name of the group to be assigned to the new ACE, of type string.
-
ACCESSRIGHTS indicates what access rights to grant or deny:
-
VIEW grants View rights: BROWSE, READ, USE, EXECUTE.
-
MODIFY grants Modify rights: BROWSE, READ,WRITE, DELETE, USE, EXECUTE.
-
FULLCONTROL grants all rights.
-
DENIEDALL explicitly denies all rights.
-
DEFAULT neither grants nor denies rights; all rights are inherited from groups.
-
CUSTOM allows you to specify which rights are granted and denied:
-
GRANT grant_accessright1..N is the access right (or list of access rights) to be granted to/from the ACE, from the following list: BROWSE, READ, WRITE, DELETE, CONTROL, USE, EXECUTE.
-
DENY deny_accessright1..N is the access right (or list of access rights) to be denied to/from the ACE, from the following list: BROWSE, READ, WRITE, DELETE, CONTROL, USE, EXECUTE.
-
DEFAULT default_accessright1..N is the access right (or list of access rights) in the ACE to be inherited, from the following list: BROWSE, READ, WRITE, DELETE, CONTROL, USE, EXECUTE.
-
CHILDRENACCESSRIGHTS indicates what access rights to grant or deny to this folder's children, as for ACCESSRIGHTS.
-
PROJECT "project_name" is the name of the project where the folder is located, of type string.
Example
>ALTER ACE FOR FOLDER "Subtotals" IN FOLDER
"\Project Objects" USER "Developer" ACCESSRIGHTS CUSTOM
DENY BROWSE, READ CHILDRENACCESSRIGHTS CUSTOM GRANT BROWSE, READ FOR PROJECT
"MicroStrategy Tutorial";