According to the authorization policy here https://wiki.cask.co/display/CE/Authorization+4.3#Authorization4.3-Impersonation,
We should do the following:
1. The user who makes the enable call will be checked for the EXECUTE privilege. We will not enable/resume the schedule if the user does not have EXECUTE privilege.
2. When scheduler runs the program, no EXECUTE privilege check will be made.