Share via


IAuthorizationExtension.GetPermissions Method

Definition

Returns the set of permissions granted a specific user for an item in the report server database.

public:
 System::Collections::Specialized::StringCollection ^ GetPermissions(System::String ^ userName, IntPtr userToken, Microsoft::ReportingServices::Interfaces::SecurityItemType itemType, cli::array <System::Byte> ^ secDesc);
public System.Collections.Specialized.StringCollection GetPermissions (string userName, IntPtr userToken, Microsoft.ReportingServices.Interfaces.SecurityItemType itemType, byte[] secDesc);
abstract member GetPermissions : string * nativeint * Microsoft.ReportingServices.Interfaces.SecurityItemType * byte[] -> System.Collections.Specialized.StringCollection
Public Function GetPermissions (userName As String, userToken As IntPtr, itemType As SecurityItemType, secDesc As Byte()) As StringCollection

Parameters

userName
String

The name of the user as returned by the GetUserInfo(IIdentity, IntPtr) method of IAuthenticationExtension.

userToken
IntPtr

nativeint

A pointer to the user ID returned by the GetUserInfo(IIdentity, IntPtr) method.

itemType
SecurityItemType

The type of item in the report server database for which the permissions are returned.

secDesc
Byte[]

The security descriptor associated with the item.

Returns

A StringCollection that contains the name of each permission associated with the user for a given item.

Examples

The following example uses the Microsoft.SqlServer.ReportingServices.ReportingService.GetPermissions method to evaluate the access code list for an item in the report server database with regards to a specific user's authorization credentials. You use this method to provide a set of permissions that are returned by the Web service GetPermissions method.

Private Shared m_CatOperNames As Hashtable  
Private Shared m_FldOperNames As Hashtable  
Private Shared m_RptOperNames As Hashtable  
Private Shared m_ResOperNames As Hashtable  
Private Shared m_DSOperNames As Hashtable  

Private Const NrRptOperations As Integer = 27  
Private Const NrFldOperations As Integer = 9  
Private Const NrResOperations As Integer = 7  
Private Const NrDSOperations As Integer = 7  
Private Const NrCatOperations As Integer = 15  

Private Shared Sub InitializeMaps()  

   ' create operation names data  
   m_CatOperNames = New Hashtable()  
   m_CatOperNames.Add(CatalogOperation.CreateRoles, OperationNames.OperCreateRoles)  
   m_CatOperNames.Add(CatalogOperation.DeleteRoles, OperationNames.OperDeleteRoles)  
   m_CatOperNames.Add(CatalogOperation.ReadRoleProperties, OperationNames.OperReadRoleProperties)  
   m_CatOperNames.Add(CatalogOperation.UpdateRoleProperties, OperationNames.OperUpdateRoleProperties)  
   m_CatOperNames.Add(CatalogOperation.ReadSystemProperties, OperationNames.OperReadSystemProperties)  
   m_CatOperNames.Add(CatalogOperation.UpdateSystemProperties, OperationNames.OperUpdateSystemProperties)  
   m_CatOperNames.Add(CatalogOperation.GenerateEvents, OperationNames.OperGenerateEvents)  
   m_CatOperNames.Add(CatalogOperation.ReadSystemSecurityPolicy, OperationNames.OperReadSystemSecurityPolicy)  
   m_CatOperNames.Add(CatalogOperation.UpdateSystemSecurityPolicy, OperationNames.OperUpdateSystemSecurityPolicy)  
   m_CatOperNames.Add(CatalogOperation.CreateSchedules, OperationNames.OperCreateSchedules)  
   m_CatOperNames.Add(CatalogOperation.DeleteSchedules, OperationNames.OperDeleteSchedules)  
   m_CatOperNames.Add(CatalogOperation.ReadSchedules, OperationNames.OperReadSchedules)  
   m_CatOperNames.Add(CatalogOperation.UpdateSchedules, OperationNames.OperUpdateSchedules)  
   m_CatOperNames.Add(CatalogOperation.ListJobs, OperationNames.OperListJobs)  
   m_CatOperNames.Add(CatalogOperation.CancelJobs, OperationNames.OperCancelJobs)  
   If m_CatOperNames.Count <> NrCatOperations Then  
      Throw New Exception("Number of catalog names don't match.")  
   End If  

   m_FldOperNames = New Hashtable()  
   m_FldOperNames.Add(FolderOperation.CreateFolder, OperationNames.OperCreateFolder)  
   m_FldOperNames.Add(FolderOperation.Delete, OperationNames.OperDelete)  
   m_FldOperNames.Add(FolderOperation.ReadProperties, OperationNames.OperReadProperties)  
   m_FldOperNames.Add(FolderOperation.UpdateProperties, OperationNames.OperUpdateProperties)  
   m_FldOperNames.Add(FolderOperation.CreateReport, OperationNames.OperCreateReport)  
   m_FldOperNames.Add(FolderOperation.CreateResource, OperationNames.OperCreateResource)  
   m_FldOperNames.Add(FolderOperation.ReadAuthorizationPolicy, OperationNames.OperReadAuthorizationPolicy)  
   m_FldOperNames.Add(FolderOperation.UpdateDeleteAuthorizationPolicy, OperationNames.OperUpdateDeleteAuthorizationPolicy)  
   m_FldOperNames.Add(FolderOperation.CreateDatasource, OperationNames.OperCreateDatasource)  
   If m_FldOperNames.Count <> NrFldOperations Then  
      Throw New Exception("Number of folder names don't match.")  
   End If  

   m_RptOperNames = New Hashtable()  
   m_RptOperNames.Add(ReportOperation.Delete, OperationNames.OperDelete)  
   m_RptOperNames.Add(ReportOperation.ReadProperties, OperationNames.OperReadProperties)  
   m_RptOperNames.Add(ReportOperation.UpdateProperties, OperationNames.OperUpdateProperties)  
   m_RptOperNames.Add(ReportOperation.UpdateParameters, OperationNames.OperUpdateParameters)  
   m_RptOperNames.Add(ReportOperation.ReadDatasource, OperationNames.OperReadDatasources)  
   m_RptOperNames.Add(ReportOperation.UpdateDatasource, OperationNames.OperUpdateDatasources)  
   m_RptOperNames.Add(ReportOperation.ReadReportDefinition, OperationNames.OperReadReportDefinition)  
   m_RptOperNames.Add(ReportOperation.UpdateReportDefinition, OperationNames.OperUpdateReportDefinition)  
   m_RptOperNames.Add(ReportOperation.CreateSubscription, OperationNames.OperCreateSubscription)  
   m_RptOperNames.Add(ReportOperation.DeleteSubscription, OperationNames.OperDeleteSubscription)  
   m_RptOperNames.Add(ReportOperation.ReadSubscription, OperationNames.OperReadSubscription)  
   m_RptOperNames.Add(ReportOperation.UpdateSubscription, OperationNames.OperUpdateSubscription)  
   m_RptOperNames.Add(ReportOperation.CreateAnySubscription, OperationNames.OperCreateAnySubscription)  
   m_RptOperNames.Add(ReportOperation.DeleteAnySubscription, OperationNames.OperDeleteAnySubscription)  
   m_RptOperNames.Add(ReportOperation.ReadAnySubscription, OperationNames.OperReadAnySubscription)  
   m_RptOperNames.Add(ReportOperation.UpdateAnySubscription, OperationNames.OperUpdateAnySubscription)  
   m_RptOperNames.Add(ReportOperation.UpdatePolicy, OperationNames.OperUpdatePolicy)  
   m_RptOperNames.Add(ReportOperation.ReadPolicy, OperationNames.OperReadPolicy)  
   m_RptOperNames.Add(ReportOperation.DeleteHistory, OperationNames.OperDeleteHistory)  
   m_RptOperNames.Add(ReportOperation.ListHistory, OperationNames.OperListHistory)  
   m_RptOperNames.Add(ReportOperation.ExecuteAndView, OperationNames.OperExecuteAndView)  
   m_RptOperNames.Add(ReportOperation.CreateResource, OperationNames.OperCreateResource)  
   m_RptOperNames.Add(ReportOperation.CreateSnapshot, OperationNames.OperCreateSnapshot)  
   m_RptOperNames.Add(ReportOperation.ReadAuthorizationPolicy, OperationNames.OperReadAuthorizationPolicy)  
   m_RptOperNames.Add(ReportOperation.UpdateDeleteAuthorizationPolicy, OperationNames.OperUpdateDeleteAuthorizationPolicy)  
   m_RptOperNames.Add(ReportOperation.Execute, OperationNames.OperExecute)  
   m_RptOperNames.Add(ReportOperation.CreateLink, OperationNames.OperCreateLink)  
   If m_RptOperNames.Count <> NrRptOperations Then  
      Throw New Exception("Number of report names don't match.")  
   End If  
   m_ResOperNames = New Hashtable()  
   m_ResOperNames.Add(ResourceOperation.Delete, OperationNames.OperDelete)  
   m_ResOperNames.Add(ResourceOperation.ReadProperties, OperationNames.OperReadProperties)  
   m_ResOperNames.Add(ResourceOperation.UpdateProperties, OperationNames.OperUpdateProperties)  
   m_ResOperNames.Add(ResourceOperation.ReadContent, OperationNames.OperReadContent)  
   m_ResOperNames.Add(ResourceOperation.UpdateContent, OperationNames.OperUpdateContent)  
   m_ResOperNames.Add(ResourceOperation.ReadAuthorizationPolicy, OperationNames.OperReadAuthorizationPolicy)  
   m_ResOperNames.Add(ResourceOperation.UpdateDeleteAuthorizationPolicy, OperationNames.OperUpdateDeleteAuthorizationPolicy)  
   If m_ResOperNames.Count <> NrResOperations Then  
      Throw New Exception("Number of resource names don't match.")  
   End If  

   m_DSOperNames = New Hashtable()  
   m_DSOperNames.Add(DatasourceOperation.Delete, OperationNames.OperDelete)  
   m_DSOperNames.Add(DatasourceOperation.ReadProperties, OperationNames.OperReadProperties)  
   m_DSOperNames.Add(DatasourceOperation.UpdateProperties, OperationNames.OperUpdateProperties)  
   m_DSOperNames.Add(DatasourceOperation.ReadContent, OperationNames.OperReadContent)  
   m_DSOperNames.Add(DatasourceOperation.UpdateContent, OperationNames.OperUpdateContent)  
   m_DSOperNames.Add(DatasourceOperation.ReadAuthorizationPolicy, OperationNames.OperReadAuthorizationPolicy)  
   m_DSOperNames.Add(DatasourceOperation.UpdateDeleteAuthorizationPolicy, OperationNames.OperUpdateDeleteAuthorizationPolicy)  
   If m_DSOperNames.Count <> NrDSOperations Then  
      Throw New Exception("Number of datasource names don't match.")  
   End If  
End Sub 'InitializeMaps  

Public Function GetPermissions(userName As String, userToken As IntPtr, itemType As SecurityItemType, secDesc() As Byte) As StringCollection  
   Dim permissions As New StringCollection()  
   Dim acl As AceCollection = DeserializeAcl(secDesc)  
   Dim ace As AceStruct  
   For Each ace In  acl  
      If userName = ace.PrincipalName Then  
         Dim aclOperation As CatalogOperation  
         For Each aclOperation In  ace.CatalogOperations  
            If Not permissions.Contains(CStr(m_CatOperNames(aclOperation))) Then  
               permissions.Add(CStr(m_CatOperNames(aclOperation)))  
            End If  
         Next aclOperation  
         Dim aclOperation As ReportOperation  
         For Each aclOperation In  ace.ReportOperations  
            If Not permissions.Contains(CStr(m_RptOperNames(aclOperation))) Then  
               permissions.Add(CStr(m_RptOperNames(aclOperation)))  
            End If  
         Next aclOperation  
         Dim aclOperation As FolderOperation  
         For Each aclOperation In  ace.FolderOperations  
            If Not permissions.Contains(CStr(m_FldOperNames(aclOperation))) Then  
               permissions.Add(CStr(m_FldOperNames(aclOperation)))  
            End If  
         Next aclOperation  
         Dim aclOperation As ResourceOperation  
         For Each aclOperation In  ace.ResourceOperations  
            If Not permissions.Contains(CStr(m_ResOperNames(aclOperation))) Then  
               permissions.Add(CStr(m_ResOperNames(aclOperation)))  
            End If  
         Next aclOperation  
         Dim aclOperation As DatasourceOperation  
         For Each aclOperation In  ace.DatasourceOperations  
            If Not permissions.Contains(CStr(m_DSOperNames(aclOperation))) Then  
               permissions.Add(CStr(m_DSOperNames(aclOperation)))  
            End If  
         Next aclOperation  
      End If  
   Next ace  
   Return permissions  
End Function 'GetPermissions  
private static Hashtable m_CatOperNames;  
private static Hashtable m_FldOperNames;  
private static Hashtable m_RptOperNames;  
private static Hashtable m_ResOperNames;  
private static Hashtable m_DSOperNames;  

private const int NrRptOperations = 27;  
private const int NrFldOperations = 9;  
private const int NrResOperations = 7;   
private const int NrDSOperations = 7;  
private const int NrCatOperations = 15;  

private static void InitializeMaps()  
{  

   // create operation names data  
   m_CatOperNames = new Hashtable();  
   m_CatOperNames.Add(CatalogOperation.CreateRoles,                   OperationNames.OperCreateRoles);  
   m_CatOperNames.Add(CatalogOperation.DeleteRoles,                   OperationNames.OperDeleteRoles);  
   m_CatOperNames.Add(CatalogOperation.ReadRoleProperties,            OperationNames.OperReadRoleProperties);  
   m_CatOperNames.Add(CatalogOperation.UpdateRoleProperties,          OperationNames.OperUpdateRoleProperties);  
   m_CatOperNames.Add(CatalogOperation.ReadSystemProperties,          OperationNames.OperReadSystemProperties);  
   m_CatOperNames.Add(CatalogOperation.UpdateSystemProperties,        OperationNames.OperUpdateSystemProperties);  
   m_CatOperNames.Add(CatalogOperation.GenerateEvents,                OperationNames.OperGenerateEvents);  
   m_CatOperNames.Add(CatalogOperation.ReadSystemSecurityPolicy,      OperationNames.OperReadSystemSecurityPolicy);  
   m_CatOperNames.Add(CatalogOperation.UpdateSystemSecurityPolicy,    OperationNames.OperUpdateSystemSecurityPolicy);  
   m_CatOperNames.Add(CatalogOperation.CreateSchedules,               OperationNames.OperCreateSchedules);  
   m_CatOperNames.Add(CatalogOperation.DeleteSchedules,               OperationNames.OperDeleteSchedules);  
   m_CatOperNames.Add(CatalogOperation.ReadSchedules,                 OperationNames.OperReadSchedules);  
   m_CatOperNames.Add(CatalogOperation.UpdateSchedules,               OperationNames.OperUpdateSchedules);  
   m_CatOperNames.Add(CatalogOperation.ListJobs,                      OperationNames.OperListJobs);  
   m_CatOperNames.Add(CatalogOperation.CancelJobs,                    OperationNames.OperCancelJobs);  
   if (m_CatOperNames.Count != NrCatOperations)  
   {  
      throw new Exception("Number of catalog names don't match.");  
   }  

   m_FldOperNames = new Hashtable();  
   m_FldOperNames.Add(FolderOperation.CreateFolder,                  OperationNames.OperCreateFolder);  
   m_FldOperNames.Add(FolderOperation.Delete,                        OperationNames.OperDelete);  
   m_FldOperNames.Add(FolderOperation.ReadProperties,                OperationNames.OperReadProperties);  
   m_FldOperNames.Add(FolderOperation.UpdateProperties,              OperationNames.OperUpdateProperties);  
   m_FldOperNames.Add(FolderOperation.CreateReport,                  OperationNames.OperCreateReport);  
   m_FldOperNames.Add(FolderOperation.CreateResource,                OperationNames.OperCreateResource);  
   m_FldOperNames.Add(FolderOperation.ReadAuthorizationPolicy,       OperationNames.OperReadAuthorizationPolicy);  
   m_FldOperNames.Add(FolderOperation.UpdateDeleteAuthorizationPolicy,OperationNames.OperUpdateDeleteAuthorizationPolicy);  
   m_FldOperNames.Add(FolderOperation.CreateDatasource,              OperationNames.OperCreateDatasource);  
   if (m_FldOperNames.Count != NrFldOperations)  
   {  
       throw new Exception("Number of folder names don't match.");  
   }  

   m_RptOperNames = new Hashtable();  
   m_RptOperNames.Add(ReportOperation.Delete,                        OperationNames.OperDelete);  
   m_RptOperNames.Add(ReportOperation.ReadProperties,                OperationNames.OperReadProperties);  
   m_RptOperNames.Add(ReportOperation.UpdateProperties,              OperationNames.OperUpdateProperties);  
   m_RptOperNames.Add(ReportOperation.UpdateParameters,              OperationNames.OperUpdateParameters);  
   m_RptOperNames.Add(ReportOperation.ReadDatasource,                OperationNames.OperReadDatasources);  
   m_RptOperNames.Add(ReportOperation.UpdateDatasource,              OperationNames.OperUpdateDatasources);  
   m_RptOperNames.Add(ReportOperation.ReadReportDefinition,          OperationNames.OperReadReportDefinition);  
   m_RptOperNames.Add(ReportOperation.UpdateReportDefinition,        OperationNames.OperUpdateReportDefinition);  
   m_RptOperNames.Add(ReportOperation.CreateSubscription,            OperationNames.OperCreateSubscription);  
   m_RptOperNames.Add(ReportOperation.DeleteSubscription,            OperationNames.OperDeleteSubscription);  
   m_RptOperNames.Add(ReportOperation.ReadSubscription,              OperationNames.OperReadSubscription);  
   m_RptOperNames.Add(ReportOperation.UpdateSubscription,            OperationNames.OperUpdateSubscription);  
   m_RptOperNames.Add(ReportOperation.CreateAnySubscription,         OperationNames.OperCreateAnySubscription);  
   m_RptOperNames.Add(ReportOperation.DeleteAnySubscription,         OperationNames.OperDeleteAnySubscription);  
   m_RptOperNames.Add(ReportOperation.ReadAnySubscription,           OperationNames.OperReadAnySubscription);  
   m_RptOperNames.Add(ReportOperation.UpdateAnySubscription,         OperationNames.OperUpdateAnySubscription);  
   m_RptOperNames.Add(ReportOperation.UpdatePolicy,                  OperationNames.OperUpdatePolicy);  
   m_RptOperNames.Add(ReportOperation.ReadPolicy,                    OperationNames.OperReadPolicy);  
   m_RptOperNames.Add(ReportOperation.DeleteHistory,                 OperationNames.OperDeleteHistory);  
   m_RptOperNames.Add(ReportOperation.ListHistory,                   OperationNames.OperListHistory);  
   m_RptOperNames.Add(ReportOperation.ExecuteAndView,                OperationNames.OperExecuteAndView);  
   m_RptOperNames.Add(ReportOperation.CreateResource,                OperationNames.OperCreateResource);  
   m_RptOperNames.Add(ReportOperation.CreateSnapshot,                OperationNames.OperCreateSnapshot);  
   m_RptOperNames.Add(ReportOperation.ReadAuthorizationPolicy,       OperationNames.OperReadAuthorizationPolicy);  
   m_RptOperNames.Add(ReportOperation.UpdateDeleteAuthorizationPolicy,OperationNames.OperUpdateDeleteAuthorizationPolicy);  
   m_RptOperNames.Add(ReportOperation.Execute,                       OperationNames.OperExecute);  
   m_RptOperNames.Add(ReportOperation.CreateLink,                    OperationNames.OperCreateLink);  
   if (m_RptOperNames.Count != NrRptOperations)  
   {  
      throw new Exception("Number of report names don't match.");  
   }  
   m_ResOperNames = new Hashtable();  
   m_ResOperNames.Add(ResourceOperation.Delete,                            OperationNames.OperDelete);  
   m_ResOperNames.Add(ResourceOperation.ReadProperties,                    OperationNames.OperReadProperties);  
   m_ResOperNames.Add(ResourceOperation.UpdateProperties,                  OperationNames.OperUpdateProperties);  
   m_ResOperNames.Add(ResourceOperation.ReadContent,                       OperationNames.OperReadContent);  
   m_ResOperNames.Add(ResourceOperation.UpdateContent,                     OperationNames.OperUpdateContent);  
   m_ResOperNames.Add(ResourceOperation.ReadAuthorizationPolicy,           OperationNames.OperReadAuthorizationPolicy);  
   m_ResOperNames.Add(ResourceOperation.UpdateDeleteAuthorizationPolicy,   OperationNames.OperUpdateDeleteAuthorizationPolicy);  
   if (m_ResOperNames.Count != NrResOperations)  
   {  
      throw new Exception("Number of resource names don't match.");  
   }  

   m_DSOperNames = new Hashtable();  
   m_DSOperNames.Add(DatasourceOperation.Delete,                            OperationNames.OperDelete);  
   m_DSOperNames.Add(DatasourceOperation.ReadProperties,                    OperationNames.OperReadProperties);  
   m_DSOperNames.Add(DatasourceOperation.UpdateProperties,                  OperationNames.OperUpdateProperties);  
   m_DSOperNames.Add(DatasourceOperation.ReadContent,                       OperationNames.OperReadContent);  
   m_DSOperNames.Add(DatasourceOperation.UpdateContent,                     OperationNames.OperUpdateContent);  
   m_DSOperNames.Add(DatasourceOperation.ReadAuthorizationPolicy,           OperationNames.OperReadAuthorizationPolicy);  
   m_DSOperNames.Add(DatasourceOperation.UpdateDeleteAuthorizationPolicy,   OperationNames.OperUpdateDeleteAuthorizationPolicy);  
   if (m_DSOperNames.Count != NrDSOperations)  
   {  
      throw new Exception("Number of datasource names don't match.");  
   }  
}  

public StringCollection GetPermissions(string userName, IntPtr userToken, SecurityItemType itemType, byte[] secDesc)  
{  
   StringCollection permissions = new StringCollection();  
   AceCollection acl = DeserializeAcl(secDesc);  
   foreach(AceStruct ace in acl)  
   {  
      if (userName == ace.PrincipalName)  
      {  
         foreach(CatalogOperation aclOperation in ace.CatalogOperations)  
         {  
            if (!permissions.Contains((string)m_CatOperNames[aclOperation]))  
               permissions.Add((string)m_CatOperNames[aclOperation]);  
         }  
         foreach(ReportOperation aclOperation in ace.ReportOperations)  
         {  
            if (!permissions.Contains((string)m_RptOperNames[aclOperation]))  
               permissions.Add((string)m_RptOperNames[aclOperation]);  
         }  
         foreach(FolderOperation aclOperation in ace.FolderOperations)  
         {  
            if (!permissions.Contains((string)m_FldOperNames[aclOperation]))  
               permissions.Add((string)m_FldOperNames[aclOperation]);  
         }  
         foreach(ResourceOperation aclOperation in ace.ResourceOperations)  
         {  
            if (!permissions.Contains((string)m_ResOperNames[aclOperation]))  
               permissions.Add((string)m_ResOperNames[aclOperation]);  
         }  
         foreach(DatasourceOperation aclOperation in ace.DatasourceOperations)  
         {  
            if (!permissions.Contains((string)m_DSOperNames[aclOperation]))  
               permissions.Add((string)m_DSOperNames[aclOperation]);  
         }  
      }  
   }  
   return permissions;  

}

Remarks

The return value of this method provides underlying support for the Web service GetPermissions method.

Applies to