Share via

How to Check if a User Has Permissions for an Object

  • Article

 

Applies To: System Center 2012 Configuration Manager, System Center 2012 Configuration Manager SP1, System Center 2012 R2 Configuration Manager

In System Center 2012 R2 Configuration Manager, you can check for object permissions using the UserHasPermissions Method in Class SMS_RbacSecuredObject.

Important

The SMS_SecuredObject Server WMI Class contains a list of available permissions.

To check if a user has permissions for an object

  1. Create a dictionary object to pass object name and permissions to check for to the UserHasPermissions Method in Class SMS_RbacSecuredObject.

  2. Call the UserHasPermissions Method in Class SMS_RbacSecuredObject, passing in the dictionary object.

  3. The method returns true, if the user has the permissions.

Example

The following example checks to see if the user has the indicated permissions:

public static bool UserHasPermissions(ConnectionManagerBase connectionManager, string objectName, int permissions, out int currentPermissions)
{
    if (connectionManager == null)
    {
        throw new ArgumentNullException("connectionManager");
    }
    if (string.IsNullOrEmpty(objectName) == true)
    {
        throw new ArgumentException("The parameter 'objectName' cannot be null or an empty string", "objectName");
    }
    IResultObject outParams = null;
    try
    {
        Dictionary<string, object> inParams = new Dictionary<string, object>();
        inParams["ObjectPath"] = objectName;
        inParams["Permissions"] = permissions;
        outParams = connectionManager.ExecuteMethod("SMS_RbacSecuredObject", "UserHasPermissions", inParams);
       if (outParams != null)
       {
            currentPermissions = outParams["Permissions"].IntegerValue;
            return outParams["ReturnValue"].BooleanValue;
       }
    }
    finally
    {
        if (outParams != null)
        {
            outParams.Dispose();
        }
    }
    currentPermissions = 0;
    return false;
}

The example method has the following parameters:

Parameter

Type

Description

connectionManager

  • Managed: connectionManager

A valid connection to the SMS Provider.

objectName

String

Name of the object.

permissions

Integer

The permissions.

currentPermissions

Integer

The current permissions.

Compiling the Code

The C# example requires:

Namespaces

Microsoft.ConfigurationManagement.ManagementProvider

Microsoft.ConfigurationManagement.ManagementProvider.WqlQueryEngine

System

Assembly

adminui.wqlqueryengine

microsoft.configurationmanagement.managementprovider

mscorlib

Robust Programming

For more information about error handling, see About Configuration Manager Errors.

See Also

SMS_Admin Server WMI Class
SMS_Role Server WMI Class
SMS_SecuredCategory Server WMI Class