Delen via


IAuthorizationExtension Interface

Represents an extension that can be used to extend the authorization feature of SQL Server Reporting Services.

This API is not CLS-compliant. 

Namespace:  Microsoft.ReportingServices.Interfaces
Assemblies:   Microsoft.ReportingServices.SharePoint.UI.WebParts (in Microsoft.ReportingServices.SharePoint.UI.WebParts.dll)
  Microsoft.ReportingServices.Interfaces (in Microsoft.ReportingServices.Interfaces.dll)

Syntax

'Declaration
<CLSCompliantAttribute(False)> _
Public Interface IAuthorizationExtension _
    Inherits IExtension
'Usage
Dim instance As IAuthorizationExtension
[CLSCompliantAttribute(false)]
public interface IAuthorizationExtension : IExtension
[CLSCompliantAttribute(false)]
public interface class IAuthorizationExtension : IExtension
[<CLSCompliantAttribute(false)>]
type IAuthorizationExtension =  
    interface
        interface IExtension
    end
public interface IAuthorizationExtension extends IExtension

The IAuthorizationExtension type exposes the following members.

Properties

  Name Description
Public property LocalizedName Gets the localized name of the extension to be displayed in a user interface. (Inherited from IExtension.)

Top

Methods

  Name Description
Public method CheckAccess(String, IntPtr, array<Byte[], CatalogOperation) Indicates whether a user is authorized to access an item in the report server database for a given catalog operation.
Public method CheckAccess(String, IntPtr, array<Byte[], array<CatalogOperation[]) Indicates whether a user is authorized to access an item in the report server database for a given array of catalog operation.
Public method CheckAccess(String, IntPtr, array<Byte[], DatasourceOperation) Indicates whether a user is authorized to access an item in the report server database for a given data source operation.
Public method CheckAccess(String, IntPtr, array<Byte[], FolderOperation) Indicates whether a user is authorized to access an item in the report server database for a given folder operation.
Public method CheckAccess(String, IntPtr, array<Byte[], array<FolderOperation[]) Checks a user's authorization credentials against a security descriptor for operations on an item in the report server database
Public method CheckAccess(String, IntPtr, array<Byte[], ModelItemOperation) Indicates whether a user is authorized to access an item in the report server database for a given model item operation.
Public method CheckAccess(String, IntPtr, array<Byte[], ModelOperation) Indicates whether a user is authorized to access an item in the report server database for a given model operation.
Public method CheckAccess(String, IntPtr, array<Byte[], ReportOperation) Indicates whether a user is authorized to access an item in the report server database for a given report operation.
Public method CheckAccess(String, IntPtr, array<Byte[], ResourceOperation) Indicates whether a user is authorized to access an item in the report server database for a given resource operation.
Public method CheckAccess(String, IntPtr, array<Byte[], array<ResourceOperation[]) Indicates whether a user is authorized to access an item in the report server database for a given array of resource operations.
Public method CreateSecurityDescriptor Returns the security descriptor that is stored with an individual item in the report server database.
Public method GetPermissions Returns the set of permissions granted a specific user for an item in the report server database.
Public method SetConfiguration Used to pass custom configuration data to an extension. (Inherited from IExtension.)

Top

Remarks

Authorization is the process of determining whether an identity should be granted the requested type of access to a given resource in the report server database. This is accomplished in Reporting Services by storing and associating an access control list (AceCollection object) with each system and item resource in the report server database. Your authorization extension should provide an implementation of the CreateSecurityDescriptor method, which is called by the report server whenever a new role assignment is created for an item in the report server database. Your implementation of CreateSecurityDescriptor must, at minimum, serialize the AceCollection. You can optionally serialize additional user information as part of the security descriptor. Implement CheckAccess in order to evaluate whether a given user has the appropriate permissions to carry out a requested operation. Your implementation of CheckAccess should de-serialize the security descriptor, evaluate each AceStruct object, and check for a valid operation permission that corresponds to the username and the requested operation. If a matching operation is found, CheckAccess should return true.