Business Context
An automated nightly script is being developed to catalog all tables in personal caslibs. The script must be robust and not terminate unexpectedly. It needs to correctly handle users who are logged in but have no tables, and it must not fail with an authorization error when checking for a user who is not currently active.
About the Set : accessControl
Management of access rights and data security.
Discover all actions of accessControl Data Preparation
Simulate a scenario with an active user ('active_user_empty') who has no tables in their personal caslib. We will also test against a user ('inactive_user') who does not have an active CAS session.
Copied!
| 1 | /* No |
| 2 | data setup is required. The test relies on the state of user sessions and their caslibs (or lack thereof). We assume 'active_user_empty' has a |
| 3 | session and 'inactive_user' does not. */ |
Étapes de réalisation
1
Gain Administrative Access: Execute the action to prepare for the audit.
Copied!
| 1 | |
| 2 | PROC CAS; |
| 3 | ACCESSCONTROL.accessPersonalCaslibs; |
| 4 | RUN; |
| 5 |
2
Test on Empty Caslib: Attempt to list tables for 'active_user_empty'. The action should execute successfully but return an empty result set, as expected.
Copied!
| 1 | PROC CAS; |
| 2 | /* Should run without error and produce an empty table list */ |
| 3 | TABLE.tableInfo / caslib="CASUSER(active_user_empty)"; |
| 4 | RUN; |
3
Test on Non-Existent Caslib: Attempt to list tables for 'inactive_user'. The action is expected to fail, but the error message should indicate the caslib was not found, NOT an authorization error. This proves the access elevation worked, and the subsequent failure is for a valid reason.
Copied!
| 1 | PROC CAS; |
| 2 | /* Should fail with a 'caslib not found' error, not 'access denied' */ |
| 3 | TABLE.tableInfo / caslib="CASUSER(inactive_user)"; |
| 4 | RUN; |
Expected Result
The test demonstrates the robustness of an administrative script. The action on the empty caslib succeeds, preventing the script from failing unnecessarily. The action on the non-existent caslib fails with a predictable 'not found' error, which can be trapped and handled by the script, rather than an untrappable authorization error. This confirms the action behaves correctly in edge-case scenarios.