How to Check if a User Has Permissions for an Object
Applies To: System Center 2012 Configuration Manager, System Center 2012 Configuration Manager SP1, System Center 2012 R2 Configuration Manager
In System Center 2012 R2 Configuration Manager, you can check for object permissions using the UserHasPermissions Method in Class SMS_RbacSecuredObject.
Important
The SMS_SecuredObject Server WMI Class contains a list of available permissions.
To check if a user has permissions for an object
Create a dictionary object to pass object name and permissions to check for to the UserHasPermissions Method in Class SMS_RbacSecuredObject.
Call the UserHasPermissions Method in Class SMS_RbacSecuredObject, passing in the dictionary object.
The method returns true, if the user has the permissions.
Example
The following example checks to see if the user has the indicated permissions:
public static bool UserHasPermissions(ConnectionManagerBase connectionManager, string objectName, int permissions, out int currentPermissions)
{
if (connectionManager == null)
{
throw new ArgumentNullException("connectionManager");
}
if (string.IsNullOrEmpty(objectName) == true)
{
throw new ArgumentException("The parameter 'objectName' cannot be null or an empty string", "objectName");
}
IResultObject outParams = null;
try
{
Dictionary<string, object> inParams = new Dictionary<string, object>();
inParams["ObjectPath"] = objectName;
inParams["Permissions"] = permissions;
outParams = connectionManager.ExecuteMethod("SMS_RbacSecuredObject", "UserHasPermissions", inParams);
if (outParams != null)
{
currentPermissions = outParams["Permissions"].IntegerValue;
return outParams["ReturnValue"].BooleanValue;
}
}
finally
{
if (outParams != null)
{
outParams.Dispose();
}
}
currentPermissions = 0;
return false;
}
The example method has the following parameters:
Parameter |
Type |
Description |
connectionManager |
|
A valid connection to the SMS Provider. |
objectName |
String |
Name of the object. |
permissions |
Integer |
The permissions. |
currentPermissions |
Integer |
The current permissions. |
Compiling the Code
The C# example requires:
Namespaces
Microsoft.ConfigurationManagement.ManagementProvider
Microsoft.ConfigurationManagement.ManagementProvider.WqlQueryEngine
System
Assembly
adminui.wqlqueryengine
microsoft.configurationmanagement.managementprovider
mscorlib
Robust Programming
For more information about error handling, see About Configuration Manager Errors.
See Also
SMS_Admin Server WMI Class
SMS_Role Server WMI Class
SMS_SecuredCategory Server WMI Class