IAuthorizationExtension.GetPermissions Method
Definition
Important
Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
Returns the set of permissions granted a specific user for an item in the report server database.
public:
System::Collections::Specialized::StringCollection ^ GetPermissions(System::String ^ userName, IntPtr userToken, Microsoft::ReportingServices::Interfaces::SecurityItemType itemType, cli::array <System::Byte> ^ secDesc);
public System.Collections.Specialized.StringCollection GetPermissions (string userName, IntPtr userToken, Microsoft.ReportingServices.Interfaces.SecurityItemType itemType, byte[] secDesc);
abstract member GetPermissions : string * nativeint * Microsoft.ReportingServices.Interfaces.SecurityItemType * byte[] -> System.Collections.Specialized.StringCollection
Public Function GetPermissions (userName As String, userToken As IntPtr, itemType As SecurityItemType, secDesc As Byte()) As StringCollection
Parameters
- userName
- String
The name of the user as returned by the GetUserInfo(IIdentity, IntPtr) method of IAuthenticationExtension.
- userToken
-
IntPtr
nativeint
A pointer to the user ID returned by the GetUserInfo(IIdentity, IntPtr) method.
- itemType
- SecurityItemType
The type of item in the report server database for which the permissions are returned.
- secDesc
- Byte[]
The security descriptor associated with the item.
Returns
A StringCollection that contains the name of each permission associated with the user for a given item.
Examples
The following example uses the Microsoft.SqlServer.ReportingServices.ReportingService.GetPermissions
method to evaluate the access code list for an item in the report server database with regards to a specific user's authorization credentials. You use this method to provide a set of permissions that are returned by the Web service GetPermissions method.
Private Shared m_CatOperNames As Hashtable
Private Shared m_FldOperNames As Hashtable
Private Shared m_RptOperNames As Hashtable
Private Shared m_ResOperNames As Hashtable
Private Shared m_DSOperNames As Hashtable
Private Const NrRptOperations As Integer = 27
Private Const NrFldOperations As Integer = 9
Private Const NrResOperations As Integer = 7
Private Const NrDSOperations As Integer = 7
Private Const NrCatOperations As Integer = 15
Private Shared Sub InitializeMaps()
' create operation names data
m_CatOperNames = New Hashtable()
m_CatOperNames.Add(CatalogOperation.CreateRoles, OperationNames.OperCreateRoles)
m_CatOperNames.Add(CatalogOperation.DeleteRoles, OperationNames.OperDeleteRoles)
m_CatOperNames.Add(CatalogOperation.ReadRoleProperties, OperationNames.OperReadRoleProperties)
m_CatOperNames.Add(CatalogOperation.UpdateRoleProperties, OperationNames.OperUpdateRoleProperties)
m_CatOperNames.Add(CatalogOperation.ReadSystemProperties, OperationNames.OperReadSystemProperties)
m_CatOperNames.Add(CatalogOperation.UpdateSystemProperties, OperationNames.OperUpdateSystemProperties)
m_CatOperNames.Add(CatalogOperation.GenerateEvents, OperationNames.OperGenerateEvents)
m_CatOperNames.Add(CatalogOperation.ReadSystemSecurityPolicy, OperationNames.OperReadSystemSecurityPolicy)
m_CatOperNames.Add(CatalogOperation.UpdateSystemSecurityPolicy, OperationNames.OperUpdateSystemSecurityPolicy)
m_CatOperNames.Add(CatalogOperation.CreateSchedules, OperationNames.OperCreateSchedules)
m_CatOperNames.Add(CatalogOperation.DeleteSchedules, OperationNames.OperDeleteSchedules)
m_CatOperNames.Add(CatalogOperation.ReadSchedules, OperationNames.OperReadSchedules)
m_CatOperNames.Add(CatalogOperation.UpdateSchedules, OperationNames.OperUpdateSchedules)
m_CatOperNames.Add(CatalogOperation.ListJobs, OperationNames.OperListJobs)
m_CatOperNames.Add(CatalogOperation.CancelJobs, OperationNames.OperCancelJobs)
If m_CatOperNames.Count <> NrCatOperations Then
Throw New Exception("Number of catalog names don't match.")
End If
m_FldOperNames = New Hashtable()
m_FldOperNames.Add(FolderOperation.CreateFolder, OperationNames.OperCreateFolder)
m_FldOperNames.Add(FolderOperation.Delete, OperationNames.OperDelete)
m_FldOperNames.Add(FolderOperation.ReadProperties, OperationNames.OperReadProperties)
m_FldOperNames.Add(FolderOperation.UpdateProperties, OperationNames.OperUpdateProperties)
m_FldOperNames.Add(FolderOperation.CreateReport, OperationNames.OperCreateReport)
m_FldOperNames.Add(FolderOperation.CreateResource, OperationNames.OperCreateResource)
m_FldOperNames.Add(FolderOperation.ReadAuthorizationPolicy, OperationNames.OperReadAuthorizationPolicy)
m_FldOperNames.Add(FolderOperation.UpdateDeleteAuthorizationPolicy, OperationNames.OperUpdateDeleteAuthorizationPolicy)
m_FldOperNames.Add(FolderOperation.CreateDatasource, OperationNames.OperCreateDatasource)
If m_FldOperNames.Count <> NrFldOperations Then
Throw New Exception("Number of folder names don't match.")
End If
m_RptOperNames = New Hashtable()
m_RptOperNames.Add(ReportOperation.Delete, OperationNames.OperDelete)
m_RptOperNames.Add(ReportOperation.ReadProperties, OperationNames.OperReadProperties)
m_RptOperNames.Add(ReportOperation.UpdateProperties, OperationNames.OperUpdateProperties)
m_RptOperNames.Add(ReportOperation.UpdateParameters, OperationNames.OperUpdateParameters)
m_RptOperNames.Add(ReportOperation.ReadDatasource, OperationNames.OperReadDatasources)
m_RptOperNames.Add(ReportOperation.UpdateDatasource, OperationNames.OperUpdateDatasources)
m_RptOperNames.Add(ReportOperation.ReadReportDefinition, OperationNames.OperReadReportDefinition)
m_RptOperNames.Add(ReportOperation.UpdateReportDefinition, OperationNames.OperUpdateReportDefinition)
m_RptOperNames.Add(ReportOperation.CreateSubscription, OperationNames.OperCreateSubscription)
m_RptOperNames.Add(ReportOperation.DeleteSubscription, OperationNames.OperDeleteSubscription)
m_RptOperNames.Add(ReportOperation.ReadSubscription, OperationNames.OperReadSubscription)
m_RptOperNames.Add(ReportOperation.UpdateSubscription, OperationNames.OperUpdateSubscription)
m_RptOperNames.Add(ReportOperation.CreateAnySubscription, OperationNames.OperCreateAnySubscription)
m_RptOperNames.Add(ReportOperation.DeleteAnySubscription, OperationNames.OperDeleteAnySubscription)
m_RptOperNames.Add(ReportOperation.ReadAnySubscription, OperationNames.OperReadAnySubscription)
m_RptOperNames.Add(ReportOperation.UpdateAnySubscription, OperationNames.OperUpdateAnySubscription)
m_RptOperNames.Add(ReportOperation.UpdatePolicy, OperationNames.OperUpdatePolicy)
m_RptOperNames.Add(ReportOperation.ReadPolicy, OperationNames.OperReadPolicy)
m_RptOperNames.Add(ReportOperation.DeleteHistory, OperationNames.OperDeleteHistory)
m_RptOperNames.Add(ReportOperation.ListHistory, OperationNames.OperListHistory)
m_RptOperNames.Add(ReportOperation.ExecuteAndView, OperationNames.OperExecuteAndView)
m_RptOperNames.Add(ReportOperation.CreateResource, OperationNames.OperCreateResource)
m_RptOperNames.Add(ReportOperation.CreateSnapshot, OperationNames.OperCreateSnapshot)
m_RptOperNames.Add(ReportOperation.ReadAuthorizationPolicy, OperationNames.OperReadAuthorizationPolicy)
m_RptOperNames.Add(ReportOperation.UpdateDeleteAuthorizationPolicy, OperationNames.OperUpdateDeleteAuthorizationPolicy)
m_RptOperNames.Add(ReportOperation.Execute, OperationNames.OperExecute)
m_RptOperNames.Add(ReportOperation.CreateLink, OperationNames.OperCreateLink)
If m_RptOperNames.Count <> NrRptOperations Then
Throw New Exception("Number of report names don't match.")
End If
m_ResOperNames = New Hashtable()
m_ResOperNames.Add(ResourceOperation.Delete, OperationNames.OperDelete)
m_ResOperNames.Add(ResourceOperation.ReadProperties, OperationNames.OperReadProperties)
m_ResOperNames.Add(ResourceOperation.UpdateProperties, OperationNames.OperUpdateProperties)
m_ResOperNames.Add(ResourceOperation.ReadContent, OperationNames.OperReadContent)
m_ResOperNames.Add(ResourceOperation.UpdateContent, OperationNames.OperUpdateContent)
m_ResOperNames.Add(ResourceOperation.ReadAuthorizationPolicy, OperationNames.OperReadAuthorizationPolicy)
m_ResOperNames.Add(ResourceOperation.UpdateDeleteAuthorizationPolicy, OperationNames.OperUpdateDeleteAuthorizationPolicy)
If m_ResOperNames.Count <> NrResOperations Then
Throw New Exception("Number of resource names don't match.")
End If
m_DSOperNames = New Hashtable()
m_DSOperNames.Add(DatasourceOperation.Delete, OperationNames.OperDelete)
m_DSOperNames.Add(DatasourceOperation.ReadProperties, OperationNames.OperReadProperties)
m_DSOperNames.Add(DatasourceOperation.UpdateProperties, OperationNames.OperUpdateProperties)
m_DSOperNames.Add(DatasourceOperation.ReadContent, OperationNames.OperReadContent)
m_DSOperNames.Add(DatasourceOperation.UpdateContent, OperationNames.OperUpdateContent)
m_DSOperNames.Add(DatasourceOperation.ReadAuthorizationPolicy, OperationNames.OperReadAuthorizationPolicy)
m_DSOperNames.Add(DatasourceOperation.UpdateDeleteAuthorizationPolicy, OperationNames.OperUpdateDeleteAuthorizationPolicy)
If m_DSOperNames.Count <> NrDSOperations Then
Throw New Exception("Number of datasource names don't match.")
End If
End Sub 'InitializeMaps
Public Function GetPermissions(userName As String, userToken As IntPtr, itemType As SecurityItemType, secDesc() As Byte) As StringCollection
Dim permissions As New StringCollection()
Dim acl As AceCollection = DeserializeAcl(secDesc)
Dim ace As AceStruct
For Each ace In acl
If userName = ace.PrincipalName Then
Dim aclOperation As CatalogOperation
For Each aclOperation In ace.CatalogOperations
If Not permissions.Contains(CStr(m_CatOperNames(aclOperation))) Then
permissions.Add(CStr(m_CatOperNames(aclOperation)))
End If
Next aclOperation
Dim aclOperation As ReportOperation
For Each aclOperation In ace.ReportOperations
If Not permissions.Contains(CStr(m_RptOperNames(aclOperation))) Then
permissions.Add(CStr(m_RptOperNames(aclOperation)))
End If
Next aclOperation
Dim aclOperation As FolderOperation
For Each aclOperation In ace.FolderOperations
If Not permissions.Contains(CStr(m_FldOperNames(aclOperation))) Then
permissions.Add(CStr(m_FldOperNames(aclOperation)))
End If
Next aclOperation
Dim aclOperation As ResourceOperation
For Each aclOperation In ace.ResourceOperations
If Not permissions.Contains(CStr(m_ResOperNames(aclOperation))) Then
permissions.Add(CStr(m_ResOperNames(aclOperation)))
End If
Next aclOperation
Dim aclOperation As DatasourceOperation
For Each aclOperation In ace.DatasourceOperations
If Not permissions.Contains(CStr(m_DSOperNames(aclOperation))) Then
permissions.Add(CStr(m_DSOperNames(aclOperation)))
End If
Next aclOperation
End If
Next ace
Return permissions
End Function 'GetPermissions
private static Hashtable m_CatOperNames;
private static Hashtable m_FldOperNames;
private static Hashtable m_RptOperNames;
private static Hashtable m_ResOperNames;
private static Hashtable m_DSOperNames;
private const int NrRptOperations = 27;
private const int NrFldOperations = 9;
private const int NrResOperations = 7;
private const int NrDSOperations = 7;
private const int NrCatOperations = 15;
private static void InitializeMaps()
{
// create operation names data
m_CatOperNames = new Hashtable();
m_CatOperNames.Add(CatalogOperation.CreateRoles, OperationNames.OperCreateRoles);
m_CatOperNames.Add(CatalogOperation.DeleteRoles, OperationNames.OperDeleteRoles);
m_CatOperNames.Add(CatalogOperation.ReadRoleProperties, OperationNames.OperReadRoleProperties);
m_CatOperNames.Add(CatalogOperation.UpdateRoleProperties, OperationNames.OperUpdateRoleProperties);
m_CatOperNames.Add(CatalogOperation.ReadSystemProperties, OperationNames.OperReadSystemProperties);
m_CatOperNames.Add(CatalogOperation.UpdateSystemProperties, OperationNames.OperUpdateSystemProperties);
m_CatOperNames.Add(CatalogOperation.GenerateEvents, OperationNames.OperGenerateEvents);
m_CatOperNames.Add(CatalogOperation.ReadSystemSecurityPolicy, OperationNames.OperReadSystemSecurityPolicy);
m_CatOperNames.Add(CatalogOperation.UpdateSystemSecurityPolicy, OperationNames.OperUpdateSystemSecurityPolicy);
m_CatOperNames.Add(CatalogOperation.CreateSchedules, OperationNames.OperCreateSchedules);
m_CatOperNames.Add(CatalogOperation.DeleteSchedules, OperationNames.OperDeleteSchedules);
m_CatOperNames.Add(CatalogOperation.ReadSchedules, OperationNames.OperReadSchedules);
m_CatOperNames.Add(CatalogOperation.UpdateSchedules, OperationNames.OperUpdateSchedules);
m_CatOperNames.Add(CatalogOperation.ListJobs, OperationNames.OperListJobs);
m_CatOperNames.Add(CatalogOperation.CancelJobs, OperationNames.OperCancelJobs);
if (m_CatOperNames.Count != NrCatOperations)
{
throw new Exception("Number of catalog names don't match.");
}
m_FldOperNames = new Hashtable();
m_FldOperNames.Add(FolderOperation.CreateFolder, OperationNames.OperCreateFolder);
m_FldOperNames.Add(FolderOperation.Delete, OperationNames.OperDelete);
m_FldOperNames.Add(FolderOperation.ReadProperties, OperationNames.OperReadProperties);
m_FldOperNames.Add(FolderOperation.UpdateProperties, OperationNames.OperUpdateProperties);
m_FldOperNames.Add(FolderOperation.CreateReport, OperationNames.OperCreateReport);
m_FldOperNames.Add(FolderOperation.CreateResource, OperationNames.OperCreateResource);
m_FldOperNames.Add(FolderOperation.ReadAuthorizationPolicy, OperationNames.OperReadAuthorizationPolicy);
m_FldOperNames.Add(FolderOperation.UpdateDeleteAuthorizationPolicy,OperationNames.OperUpdateDeleteAuthorizationPolicy);
m_FldOperNames.Add(FolderOperation.CreateDatasource, OperationNames.OperCreateDatasource);
if (m_FldOperNames.Count != NrFldOperations)
{
throw new Exception("Number of folder names don't match.");
}
m_RptOperNames = new Hashtable();
m_RptOperNames.Add(ReportOperation.Delete, OperationNames.OperDelete);
m_RptOperNames.Add(ReportOperation.ReadProperties, OperationNames.OperReadProperties);
m_RptOperNames.Add(ReportOperation.UpdateProperties, OperationNames.OperUpdateProperties);
m_RptOperNames.Add(ReportOperation.UpdateParameters, OperationNames.OperUpdateParameters);
m_RptOperNames.Add(ReportOperation.ReadDatasource, OperationNames.OperReadDatasources);
m_RptOperNames.Add(ReportOperation.UpdateDatasource, OperationNames.OperUpdateDatasources);
m_RptOperNames.Add(ReportOperation.ReadReportDefinition, OperationNames.OperReadReportDefinition);
m_RptOperNames.Add(ReportOperation.UpdateReportDefinition, OperationNames.OperUpdateReportDefinition);
m_RptOperNames.Add(ReportOperation.CreateSubscription, OperationNames.OperCreateSubscription);
m_RptOperNames.Add(ReportOperation.DeleteSubscription, OperationNames.OperDeleteSubscription);
m_RptOperNames.Add(ReportOperation.ReadSubscription, OperationNames.OperReadSubscription);
m_RptOperNames.Add(ReportOperation.UpdateSubscription, OperationNames.OperUpdateSubscription);
m_RptOperNames.Add(ReportOperation.CreateAnySubscription, OperationNames.OperCreateAnySubscription);
m_RptOperNames.Add(ReportOperation.DeleteAnySubscription, OperationNames.OperDeleteAnySubscription);
m_RptOperNames.Add(ReportOperation.ReadAnySubscription, OperationNames.OperReadAnySubscription);
m_RptOperNames.Add(ReportOperation.UpdateAnySubscription, OperationNames.OperUpdateAnySubscription);
m_RptOperNames.Add(ReportOperation.UpdatePolicy, OperationNames.OperUpdatePolicy);
m_RptOperNames.Add(ReportOperation.ReadPolicy, OperationNames.OperReadPolicy);
m_RptOperNames.Add(ReportOperation.DeleteHistory, OperationNames.OperDeleteHistory);
m_RptOperNames.Add(ReportOperation.ListHistory, OperationNames.OperListHistory);
m_RptOperNames.Add(ReportOperation.ExecuteAndView, OperationNames.OperExecuteAndView);
m_RptOperNames.Add(ReportOperation.CreateResource, OperationNames.OperCreateResource);
m_RptOperNames.Add(ReportOperation.CreateSnapshot, OperationNames.OperCreateSnapshot);
m_RptOperNames.Add(ReportOperation.ReadAuthorizationPolicy, OperationNames.OperReadAuthorizationPolicy);
m_RptOperNames.Add(ReportOperation.UpdateDeleteAuthorizationPolicy,OperationNames.OperUpdateDeleteAuthorizationPolicy);
m_RptOperNames.Add(ReportOperation.Execute, OperationNames.OperExecute);
m_RptOperNames.Add(ReportOperation.CreateLink, OperationNames.OperCreateLink);
if (m_RptOperNames.Count != NrRptOperations)
{
throw new Exception("Number of report names don't match.");
}
m_ResOperNames = new Hashtable();
m_ResOperNames.Add(ResourceOperation.Delete, OperationNames.OperDelete);
m_ResOperNames.Add(ResourceOperation.ReadProperties, OperationNames.OperReadProperties);
m_ResOperNames.Add(ResourceOperation.UpdateProperties, OperationNames.OperUpdateProperties);
m_ResOperNames.Add(ResourceOperation.ReadContent, OperationNames.OperReadContent);
m_ResOperNames.Add(ResourceOperation.UpdateContent, OperationNames.OperUpdateContent);
m_ResOperNames.Add(ResourceOperation.ReadAuthorizationPolicy, OperationNames.OperReadAuthorizationPolicy);
m_ResOperNames.Add(ResourceOperation.UpdateDeleteAuthorizationPolicy, OperationNames.OperUpdateDeleteAuthorizationPolicy);
if (m_ResOperNames.Count != NrResOperations)
{
throw new Exception("Number of resource names don't match.");
}
m_DSOperNames = new Hashtable();
m_DSOperNames.Add(DatasourceOperation.Delete, OperationNames.OperDelete);
m_DSOperNames.Add(DatasourceOperation.ReadProperties, OperationNames.OperReadProperties);
m_DSOperNames.Add(DatasourceOperation.UpdateProperties, OperationNames.OperUpdateProperties);
m_DSOperNames.Add(DatasourceOperation.ReadContent, OperationNames.OperReadContent);
m_DSOperNames.Add(DatasourceOperation.UpdateContent, OperationNames.OperUpdateContent);
m_DSOperNames.Add(DatasourceOperation.ReadAuthorizationPolicy, OperationNames.OperReadAuthorizationPolicy);
m_DSOperNames.Add(DatasourceOperation.UpdateDeleteAuthorizationPolicy, OperationNames.OperUpdateDeleteAuthorizationPolicy);
if (m_DSOperNames.Count != NrDSOperations)
{
throw new Exception("Number of datasource names don't match.");
}
}
public StringCollection GetPermissions(string userName, IntPtr userToken, SecurityItemType itemType, byte[] secDesc)
{
StringCollection permissions = new StringCollection();
AceCollection acl = DeserializeAcl(secDesc);
foreach(AceStruct ace in acl)
{
if (userName == ace.PrincipalName)
{
foreach(CatalogOperation aclOperation in ace.CatalogOperations)
{
if (!permissions.Contains((string)m_CatOperNames[aclOperation]))
permissions.Add((string)m_CatOperNames[aclOperation]);
}
foreach(ReportOperation aclOperation in ace.ReportOperations)
{
if (!permissions.Contains((string)m_RptOperNames[aclOperation]))
permissions.Add((string)m_RptOperNames[aclOperation]);
}
foreach(FolderOperation aclOperation in ace.FolderOperations)
{
if (!permissions.Contains((string)m_FldOperNames[aclOperation]))
permissions.Add((string)m_FldOperNames[aclOperation]);
}
foreach(ResourceOperation aclOperation in ace.ResourceOperations)
{
if (!permissions.Contains((string)m_ResOperNames[aclOperation]))
permissions.Add((string)m_ResOperNames[aclOperation]);
}
foreach(DatasourceOperation aclOperation in ace.DatasourceOperations)
{
if (!permissions.Contains((string)m_DSOperNames[aclOperation]))
permissions.Add((string)m_DSOperNames[aclOperation]);
}
}
}
return permissions;
}
Remarks
The return value of this method provides underlying support for the Web service GetPermissions method.