Add permissions but no DELETE

kapalczynski

I know that I can add permissions as seen below... But this gives all EDIT permissions...

I want ADD and UPDATE but NO DELETE...

Can this be done?

# Import system modules
import arcpy

# Set local variables
datasetName = "c:/Connections/gdb@production.sde/production.GDB.ctgFuseFeature"

# Run ChangePrivileges
arcpy.management.ChangePrivileges(datasetName, "WENDELCLARK", "GRANT", "GRANT")

DanPatterson

According to the help

Change Privileges (Data Management)—ArcGIS Pro | Documentation

The RDBMS equivalent commands for the Edit parameter are Update, Insert, and Delete. All three are granted or revoked simultaneously by the Edit parameter

fine-tuning doesn't appear to be accessable throught this approach

... sort of retired...

kapalczynski

Dang that's unfortunate

DavidPike

What about via the DBMS?

AlfredBaldenweck

The trick is to not use arcpy, like @DavidPike suggested. I think this worked for me in the past; give it a shot?

stateGrpDict = {
            "ak": r"[usergroup]",
            "az": r"[usergroup]",
            #...
        }
# Create Table View to grab connection information.
# This part makes more sense in context, but 
# basically i'm grabbing the name of a US State 
#from the database's name via the connection.
db = arcpy.management.MakeTableView(inTbl)[0]
con = db.connectionProperties
conDB = con["connection_info"]["database"]
conDBS = conDB[4:6]
conDS = con["dataset"]
grp = stateGrpDict.get(conDBS, None)

# Apply View, Insert, and Update privileges, but not Delete
# privileges.
# ChangePrivileges() is all or nothing.
# This way, no one can delete the records.
executor = arcpy.ArcSDESQLExecute(IN_WKSPC)
sql = f"GRANT SELECT, INSERT, UPDATE ON {conDS} TO {grp}"
executor.execute(sql)
del executor