How to Check if a User Has Permissions for a Resource
Applies To: System Center 2012 Configuration Manager, System Center 2012 Configuration Manager SP1, System Center 2012 R2 Configuration Manager
In System Center 2012 R2 Configuration Manager, you can check whether a user has permission for a resource using the GetCollectionsWithResourcePermissions method in the SMS_RbacSecuredObject class.
Important
The SMS_SecuredObject Server WMI Class contains a list of available permissions.
To check if a user has permissions for a resource
Create a dictionary object to pass object name and permissions to check for to the GetCollectionsWithResourcePermissions Method in Class SMS_RbacSecuredObject.
Call the GetCollectionsWithResourcePermissions Method in Class SMS_RbacSecuredObject, passing in the dictionary object.
The method returns true, if the user has the permissions.
Example
The following example checks to see if the user has resource permissions.
public bool CheckUserPermissions(ConnectionManagerBase connectionManager, string resourceID)
{
bool result = false;
int iId = 0;
IResultObject outParams = null;
if (int.TryParse(resourceID, out iId) == false)
{
throw new ArgumentException("Invalid resource ID");
}
//ControlAMT permissions.
int controlAMT = 0x1000000;
try
{
Dictionary<string, object> inParams = new Dictionary<string, object>();
inParams["Permissions"] = controlAMT;
inParams["ResourceID"] = iId;
outParams = connectionManager.ExecuteMethod("SMS_RbacSecuredObject", "GetCollectionsWithResourcePermissions", inParams);
if (outParams != null)
{
//If the return value equals 0 and the array is not empty, the user has the resource permissions.
if (outParams["ReturnValue"].IntegerValue == 0 && outParams["CollectionIDs"].StringArrayValue.Length != 0)
{
result = true;
}
}
}
finally
{
if (outParams != null)
{
outParams.Dispose();
}
}
return result;
}
The example method has the following parameters:
Parameter |
Type |
Description |
connection |
|
A valid connection to the SMS Provider. |
resourceID |
String |
Unique ID, supplied by Configuration Manager, for the resource. |
Compiling the Code
The C# example requires:
Namespaces
Microsoft.ConfigurationManagement.ManagementProvider
Microsoft.ConfigurationManagement.ManagementProvider.WqlQueryEngine
System
Assembly
adminui.wqlqueryengine
microsoft.configurationmanagement.managementprovider
mscorlib
Robust Programming
For more information about error handling, see About Configuration Manager Errors.
See Also
SMS_Admin Server WMI Class
SMS_Role Server WMI Class
SMS_SecuredCategory Server WMI Class