Udostępnij za pośrednictwem


IAuthorizationExtension.CheckAccess Method (String, IntPtr, array<Byte , DatasourceOperation)

Indicates whether a user is authorized to access an item in the report server database for a given data source operation.

Namespace:  Microsoft.ReportingServices.Interfaces
Assemblies:   Microsoft.ReportingServices.SharePoint.UI.WebParts (in Microsoft.ReportingServices.SharePoint.UI.WebParts.dll)
  Microsoft.ReportingServices.Interfaces (in Microsoft.ReportingServices.Interfaces.dll)

Syntax

'Declaration
<StrongNameIdentityPermissionAttribute(SecurityAction.LinkDemand, PublicKey := "0024000004800000940000000602000000240000525341310004000001000100272736ad6e5f9586bac2d531eabc3acc666c2f8ec879fa94f8f7b0327d2ff2ed523448f83c3d5c5dd2dfc7bc99c5286b2c125117bf5cbe242b9d41750732b2bdffe649c6efb8e5526d526fdd130095ecdb7bf210809c6cdad8824faa9ac0310ac3cba2aa0523567b2dfa7fe250b30facbd62d4ec99b94ac47c7d3b28f1f6e4c8")> _
Function CheckAccess ( _
    userName As String, _
    userToken As IntPtr, _
    secDesc As Byte(), _
    requiredOperation As DatasourceOperation _
) As Boolean
'Usage
Dim instance As IAuthorizationExtension 
Dim userName As String 
Dim userToken As IntPtr 
Dim secDesc As Byte()
Dim requiredOperation As DatasourceOperation 
Dim returnValue As Boolean 

returnValue = instance.CheckAccess(userName, _
    userToken, secDesc, requiredOperation)
[StrongNameIdentityPermissionAttribute(SecurityAction.LinkDemand, PublicKey = "0024000004800000940000000602000000240000525341310004000001000100272736ad6e5f9586bac2d531eabc3acc666c2f8ec879fa94f8f7b0327d2ff2ed523448f83c3d5c5dd2dfc7bc99c5286b2c125117bf5cbe242b9d41750732b2bdffe649c6efb8e5526d526fdd130095ecdb7bf210809c6cdad8824faa9ac0310ac3cba2aa0523567b2dfa7fe250b30facbd62d4ec99b94ac47c7d3b28f1f6e4c8")]
bool CheckAccess(
    string userName,
    IntPtr userToken,
    byte[] secDesc,
    DatasourceOperation requiredOperation
)
[StrongNameIdentityPermissionAttribute(SecurityAction::LinkDemand, PublicKey = L"0024000004800000940000000602000000240000525341310004000001000100272736ad6e5f9586bac2d531eabc3acc666c2f8ec879fa94f8f7b0327d2ff2ed523448f83c3d5c5dd2dfc7bc99c5286b2c125117bf5cbe242b9d41750732b2bdffe649c6efb8e5526d526fdd130095ecdb7bf210809c6cdad8824faa9ac0310ac3cba2aa0523567b2dfa7fe250b30facbd62d4ec99b94ac47c7d3b28f1f6e4c8")]
bool CheckAccess(
    String^ userName, 
    IntPtr userToken, 
    array<unsigned char>^ secDesc, 
    DatasourceOperation requiredOperation
)
[<StrongNameIdentityPermissionAttribute(SecurityAction.LinkDemand, PublicKey = "0024000004800000940000000602000000240000525341310004000001000100272736ad6e5f9586bac2d531eabc3acc666c2f8ec879fa94f8f7b0327d2ff2ed523448f83c3d5c5dd2dfc7bc99c5286b2c125117bf5cbe242b9d41750732b2bdffe649c6efb8e5526d526fdd130095ecdb7bf210809c6cdad8824faa9ac0310ac3cba2aa0523567b2dfa7fe250b30facbd62d4ec99b94ac47c7d3b28f1f6e4c8")>]
abstract CheckAccess : 
        userName:string * 
        userToken:IntPtr * 
        secDesc:byte[] * 
        requiredOperation:DatasourceOperation -> bool
function CheckAccess(
    userName : String, 
    userToken : IntPtr, 
    secDesc : byte[], 
    requiredOperation : DatasourceOperation
) : boolean

Parameters

  • userName
    Type: System.String
    The name of the user requesting access to the report server.
  • userToken
    Type: System.IntPtr
    A user account token. This token is primarily used by the report server as a handle to a Microsoft Windows account in support of credential management for Windows Authentication.
  • secDesc
    Type: array<System.Byte[]
    The security descriptor for the item.

Return Value

Type: System.Boolean
Returns true if the currently authenticated user is granted access to the item based on the supplied operation and security descriptor.

Examples

The following example code uses the CheckAccess method to evaluate a user's authorization credentials against a security descriptor for an item in the report server database.

Public Function CheckAccess(userName As String, userToken As IntPtr, secDesc() As Byte, requiredOperation As DatasourceOperation) As Boolean
   Dim acl As AceCollection = DeserializeAcl(secDesc)
   Dim ace As AceStruct
   For Each ace In  acl
      ' First check to see if the user or group has an access control entry for the item
      If userName = ace.PrincipalName Then
         ' If an entry is found, return true if the given required operation
         ' is contained in the ACE structure.
         Dim aclOperation As DatasourceOperation
         For Each aclOperation In  ace.DatasourceOperations
            If aclOperation = requiredOperation Then
               Return True
            End If
         Next aclOperation
      End If
   Next ace
   Return False
End Function 'CheckAccess
Private Function DeserializeAcl(secDesc() As Byte) As AceCollection
   Dim bf As New BinaryFormatter()
   Dim sdStream As New MemoryStream(secDesc)
   Dim acl As AceCollection = CType(bf.Deserialize(sdStream), AceCollection)
   Return acl
End Function 'DeserializeAcl
public bool CheckAccess(string userName, IntPtr userToken, byte[] secDesc, DatasourceOperation requiredOperation)
{
   AceCollection acl = DeserializeAcl(secDesc);
   foreach(AceStruct ace in acl)
   {
       // First check to see if the user or group has an access control entry for the item
      if (userName == ace.PrincipalName)
      {
          // If an entry is found, return true if the given required operation
          // is contained in the ACE structure.
         foreach(DatasourceOperation aclOperation in ace.DatasourceOperations)
         {
             if (aclOperation == requiredOperation)
                return true;
         }
      }
   }
   return false;
}

private AceCollection DeserializeAcl(byte[] secDesc)
{
   BinaryFormatter bf = new BinaryFormatter();
   MemoryStream sdStream = new MemoryStream(secDesc);
   AceCollection acl = (AceCollection)bf.Deserialize(sdStream);
   return acl;
}

See Also

Reference

IAuthorizationExtension Interface

CheckAccess Overload

Microsoft.ReportingServices.Interfaces Namespace