With SAS Global Forum 2015 just a few weeks away, I’m spending most of my time at the moment working on a demo version of our next Metacoda Plug-ins release. We’ll be showing this upcoming version at our Metacoda booth in The Quad (previously known as the SAS Support and Demo Area).
The next Metacoda Plug-ins release includes, among other things, the top three most requested features from our customers, namely:
- Export from the Object Permissions Explorer.
- Export from the Identity Permissions Explorer.
- Export from the Test Runner.
Export from the Object Permissions Explorer
After finding and selecting a metadata object in the Object Permissions Explorer you can now export a HTML report showing all of your users and/or groups, together with their effective permissions and access levels on that object.
Our customers have told us that they regularly use this plug-in whenever someone (such as a manager or auditor) asks them who has access to something. With this export you can now more easily provide that documentation when required.
Additionally, if it’s a metadata object for which access has to be carefully controlled, you can now export Metadata Security Test XML, use it for running regular metadata security effective permission tests, and get notified when the effective permissions change significantly from what you expect. If you’d like to find out more about this metadata security testing feature you might be interesting in my SASGF14 paper Test for Success: Automated Testing of SAS® Metadata Security Implementations.
Export from the Identity Permissions Explorer
With the Identity Permissions Explorer plug-in, once you have found a user or group of interest, you can see their effective permissions and access levels across a wide range of objects such as the entire metadata folder tree, all available libraries, or a set of metadata search results.
With our next release you can then export that view as a HTML report for documentation purposes, or as Metadata Security Test XML for automated security testing.
Export from the Test Runner
We initially designed our Test Runner plug-in on the basis that it would be used for the iterative development of structured test suites to be scheduled in regular batch runs. We therefore focused on reporting from the batch interface – creating HTML reports of test failures to be accessed from an alert email only when failures occurred. Some of our customers have told us that they are using the Test Runner plug-in as the main driver for testing, and as such, want to be able to export a report of the test failures from these interactive runs – essentially a TODO list for fixing potential security issues.
As one of the most requested features we have now included the ability to export a HTML report of test failures directly from the Test Runner plug-in so you don’t have to run it in batch (we still recommend using the batch interface though – it’s a very powerful feature).
I’m very much looking forward to showing these new features at SASGF15. We love getting feedback on our software and get a buzz from being able to deliver the features people ask for and find useful in their work.
So if you’re also keen to see these new features, please stop by our Metacoda booth at SASGF15 and we’d be happy to demo them to you. We’ll also show you some of the other new features we’ve been working on too – eagled-eyed readers might be able to spot a couple of them in some of the screenshots above :) (post a comment below if you can see them)