IAuthorizationExtension.GetPermissions Method
Returns the set of permissions granted a specific user for an item in the report server database. This method is not CLS-compliant.
Namespace: Microsoft.ReportingServices.Interfaces
Assembly: Microsoft.ReportingServices.Interfaces (in microsoft.reportingservices.interfaces.dll)
Syntax
'Declaration
<StrongNameIdentityPermissionAttribute(SecurityAction.LinkDemand, PublicKey:="0024000004800000940000000602000000240000525341310004000001000100272736ad6e5f9586bac2d531eabc3acc666c2f8ec879fa94f8f7b0327d2ff2ed523448f83c3d5c5dd2dfc7bc99c5286b2c125117bf5cbe242b9d41750732b2bdffe649c6efb8e5526d526fdd130095ecdb7bf210809c6cdad8824faa9ac0310ac3cba2aa0523567b2dfa7fe250b30facbd62d4ec99b94ac47c7d3b28f1f6e4c8")> _
Function GetPermissions ( _
userName As String, _
userToken As IntPtr, _
itemType As SecurityItemType, _
secDesc As Byte() _
) As StringCollection
[StrongNameIdentityPermissionAttribute(SecurityAction.LinkDemand, PublicKey="0024000004800000940000000602000000240000525341310004000001000100272736ad6e5f9586bac2d531eabc3acc666c2f8ec879fa94f8f7b0327d2ff2ed523448f83c3d5c5dd2dfc7bc99c5286b2c125117bf5cbe242b9d41750732b2bdffe649c6efb8e5526d526fdd130095ecdb7bf210809c6cdad8824faa9ac0310ac3cba2aa0523567b2dfa7fe250b30facbd62d4ec99b94ac47c7d3b28f1f6e4c8")]
StringCollection GetPermissions (
string userName,
IntPtr userToken,
SecurityItemType itemType,
byte[] secDesc
)
[StrongNameIdentityPermissionAttribute(SecurityAction::LinkDemand, PublicKey=L"0024000004800000940000000602000000240000525341310004000001000100272736ad6e5f9586bac2d531eabc3acc666c2f8ec879fa94f8f7b0327d2ff2ed523448f83c3d5c5dd2dfc7bc99c5286b2c125117bf5cbe242b9d41750732b2bdffe649c6efb8e5526d526fdd130095ecdb7bf210809c6cdad8824faa9ac0310ac3cba2aa0523567b2dfa7fe250b30facbd62d4ec99b94ac47c7d3b28f1f6e4c8")]
StringCollection^ GetPermissions (
String^ userName,
IntPtr userToken,
SecurityItemType itemType,
array<unsigned char>^ secDesc
)
/** @attribute StrongNameIdentityPermissionAttribute(SecurityAction.LinkDemand, PublicKey="0024000004800000940000000602000000240000525341310004000001000100272736ad6e5f9586bac2d531eabc3acc666c2f8ec879fa94f8f7b0327d2ff2ed523448f83c3d5c5dd2dfc7bc99c5286b2c125117bf5cbe242b9d41750732b2bdffe649c6efb8e5526d526fdd130095ecdb7bf210809c6cdad8824faa9ac0310ac3cba2aa0523567b2dfa7fe250b30facbd62d4ec99b94ac47c7d3b28f1f6e4c8") */
StringCollection GetPermissions (
String userName,
IntPtr userToken,
SecurityItemType itemType,
byte[] secDesc
)
function GetPermissions (
userName : String,
userToken : IntPtr,
itemType : SecurityItemType,
secDesc : byte[]
) : StringCollection
Parameters
- userName
The name of the user as returned by the GetUserInfo method of IAuthenticationExtension.
- userToken
A pointer to the user ID returned by the GetUserInfo method.
- itemType
The type of item in the report server database for which the permissions are returned.
- secDesc
The security descriptor associated with the item.
Return Value
A StringCollection that contains the name of each permission associated with the user for a given item.
Remarks
The return value of this method provides underlying support for the Web service GetPermissions method.
Example
The following example uses the GetPermissions method to evaluate the access code list for an item in the report server database with regards to a specific user's authorization credentials. You use this method to provide a set of permissions that are returned by the Web service GetPermissions method.
Private Shared m_CatOperNames As Hashtable
Private Shared m_FldOperNames As Hashtable
Private Shared m_RptOperNames As Hashtable
Private Shared m_ResOperNames As Hashtable
Private Shared m_DSOperNames As Hashtable
Private Const NrRptOperations As Integer = 27
Private Const NrFldOperations As Integer = 9
Private Const NrResOperations As Integer = 7
Private Const NrDSOperations As Integer = 7
Private Const NrCatOperations As Integer = 15
Private Shared Sub InitializeMaps()
' create operation names data
m_CatOperNames = New Hashtable()
m_CatOperNames.Add(CatalogOperation.CreateRoles, OperationNames.OperCreateRoles)
m_CatOperNames.Add(CatalogOperation.DeleteRoles, OperationNames.OperDeleteRoles)
m_CatOperNames.Add(CatalogOperation.ReadRoleProperties, OperationNames.OperReadRoleProperties)
m_CatOperNames.Add(CatalogOperation.UpdateRoleProperties, OperationNames.OperUpdateRoleProperties)
m_CatOperNames.Add(CatalogOperation.ReadSystemProperties, OperationNames.OperReadSystemProperties)
m_CatOperNames.Add(CatalogOperation.UpdateSystemProperties, OperationNames.OperUpdateSystemProperties)
m_CatOperNames.Add(CatalogOperation.GenerateEvents, OperationNames.OperGenerateEvents)
m_CatOperNames.Add(CatalogOperation.ReadSystemSecurityPolicy, OperationNames.OperReadSystemSecurityPolicy)
m_CatOperNames.Add(CatalogOperation.UpdateSystemSecurityPolicy, OperationNames.OperUpdateSystemSecurityPolicy)
m_CatOperNames.Add(CatalogOperation.CreateSchedules, OperationNames.OperCreateSchedules)
m_CatOperNames.Add(CatalogOperation.DeleteSchedules, OperationNames.OperDeleteSchedules)
m_CatOperNames.Add(CatalogOperation.ReadSchedules, OperationNames.OperReadSchedules)
m_CatOperNames.Add(CatalogOperation.UpdateSchedules, OperationNames.OperUpdateSchedules)
m_CatOperNames.Add(CatalogOperation.ListJobs, OperationNames.OperListJobs)
m_CatOperNames.Add(CatalogOperation.CancelJobs, OperationNames.OperCancelJobs)
If m_CatOperNames.Count <> NrCatOperations Then
Throw New Exception("Number of catalog names don't match.")
End If
m_FldOperNames = New Hashtable()
m_FldOperNames.Add(FolderOperation.CreateFolder, OperationNames.OperCreateFolder)
m_FldOperNames.Add(FolderOperation.Delete, OperationNames.OperDelete)
m_FldOperNames.Add(FolderOperation.ReadProperties, OperationNames.OperReadProperties)
m_FldOperNames.Add(FolderOperation.UpdateProperties, OperationNames.OperUpdateProperties)
m_FldOperNames.Add(FolderOperation.CreateReport, OperationNames.OperCreateReport)
m_FldOperNames.Add(FolderOperation.CreateResource, OperationNames.OperCreateResource)
m_FldOperNames.Add(FolderOperation.ReadAuthorizationPolicy, OperationNames.OperReadAuthorizationPolicy)
m_FldOperNames.Add(FolderOperation.UpdateDeleteAuthorizationPolicy, OperationNames.OperUpdateDeleteAuthorizationPolicy)
m_FldOperNames.Add(FolderOperation.CreateDatasource, OperationNames.OperCreateDatasource)
If m_FldOperNames.Count <> NrFldOperations Then
Throw New Exception("Number of folder names don't match.")
End If
m_RptOperNames = New Hashtable()
m_RptOperNames.Add(ReportOperation.Delete, OperationNames.OperDelete)
m_RptOperNames.Add(ReportOperation.ReadProperties, OperationNames.OperReadProperties)
m_RptOperNames.Add(ReportOperation.UpdateProperties, OperationNames.OperUpdateProperties)
m_RptOperNames.Add(ReportOperation.UpdateParameters, OperationNames.OperUpdateParameters)
m_RptOperNames.Add(ReportOperation.ReadDatasource, OperationNames.OperReadDatasources)
m_RptOperNames.Add(ReportOperation.UpdateDatasource, OperationNames.OperUpdateDatasources)
m_RptOperNames.Add(ReportOperation.ReadReportDefinition, OperationNames.OperReadReportDefinition)
m_RptOperNames.Add(ReportOperation.UpdateReportDefinition, OperationNames.OperUpdateReportDefinition)
m_RptOperNames.Add(ReportOperation.CreateSubscription, OperationNames.OperCreateSubscription)
m_RptOperNames.Add(ReportOperation.DeleteSubscription, OperationNames.OperDeleteSubscription)
m_RptOperNames.Add(ReportOperation.ReadSubscription, OperationNames.OperReadSubscription)
m_RptOperNames.Add(ReportOperation.UpdateSubscription, OperationNames.OperUpdateSubscription)
m_RptOperNames.Add(ReportOperation.CreateAnySubscription, OperationNames.OperCreateAnySubscription)
m_RptOperNames.Add(ReportOperation.DeleteAnySubscription, OperationNames.OperDeleteAnySubscription)
m_RptOperNames.Add(ReportOperation.ReadAnySubscription, OperationNames.OperReadAnySubscription)
m_RptOperNames.Add(ReportOperation.UpdateAnySubscription, OperationNames.OperUpdateAnySubscription)
m_RptOperNames.Add(ReportOperation.UpdatePolicy, OperationNames.OperUpdatePolicy)
m_RptOperNames.Add(ReportOperation.ReadPolicy, OperationNames.OperReadPolicy)
m_RptOperNames.Add(ReportOperation.DeleteHistory, OperationNames.OperDeleteHistory)
m_RptOperNames.Add(ReportOperation.ListHistory, OperationNames.OperListHistory)
m_RptOperNames.Add(ReportOperation.ExecuteAndView, OperationNames.OperExecuteAndView)
m_RptOperNames.Add(ReportOperation.CreateResource, OperationNames.OperCreateResource)
m_RptOperNames.Add(ReportOperation.CreateSnapshot, OperationNames.OperCreateSnapshot)
m_RptOperNames.Add(ReportOperation.ReadAuthorizationPolicy, OperationNames.OperReadAuthorizationPolicy)
m_RptOperNames.Add(ReportOperation.UpdateDeleteAuthorizationPolicy, OperationNames.OperUpdateDeleteAuthorizationPolicy)
m_RptOperNames.Add(ReportOperation.Execute, OperationNames.OperExecute)
m_RptOperNames.Add(ReportOperation.CreateLink, OperationNames.OperCreateLink)
If m_RptOperNames.Count <> NrRptOperations Then
Throw New Exception("Number of report names don't match.")
End If
m_ResOperNames = New Hashtable()
m_ResOperNames.Add(ResourceOperation.Delete, OperationNames.OperDelete)
m_ResOperNames.Add(ResourceOperation.ReadProperties, OperationNames.OperReadProperties)
m_ResOperNames.Add(ResourceOperation.UpdateProperties, OperationNames.OperUpdateProperties)
m_ResOperNames.Add(ResourceOperation.ReadContent, OperationNames.OperReadContent)
m_ResOperNames.Add(ResourceOperation.UpdateContent, OperationNames.OperUpdateContent)
m_ResOperNames.Add(ResourceOperation.ReadAuthorizationPolicy, OperationNames.OperReadAuthorizationPolicy)
m_ResOperNames.Add(ResourceOperation.UpdateDeleteAuthorizationPolicy, OperationNames.OperUpdateDeleteAuthorizationPolicy)
If m_ResOperNames.Count <> NrResOperations Then
Throw New Exception("Number of resource names don't match.")
End If
m_DSOperNames = New Hashtable()
m_DSOperNames.Add(DatasourceOperation.Delete, OperationNames.OperDelete)
m_DSOperNames.Add(DatasourceOperation.ReadProperties, OperationNames.OperReadProperties)
m_DSOperNames.Add(DatasourceOperation.UpdateProperties, OperationNames.OperUpdateProperties)
m_DSOperNames.Add(DatasourceOperation.ReadContent, OperationNames.OperReadContent)
m_DSOperNames.Add(DatasourceOperation.UpdateContent, OperationNames.OperUpdateContent)
m_DSOperNames.Add(DatasourceOperation.ReadAuthorizationPolicy, OperationNames.OperReadAuthorizationPolicy)
m_DSOperNames.Add(DatasourceOperation.UpdateDeleteAuthorizationPolicy, OperationNames.OperUpdateDeleteAuthorizationPolicy)
If m_DSOperNames.Count <> NrDSOperations Then
Throw New Exception("Number of datasource names don't match.")
End If
End Sub 'InitializeMaps
Public Function GetPermissions(userName As String, userToken As IntPtr, itemType As SecurityItemType, secDesc() As Byte) As StringCollection
Dim permissions As New StringCollection()
Dim acl As AceCollection = DeserializeAcl(secDesc)
Dim ace As AceStruct
For Each ace In acl
If userName = ace.PrincipalName Then
Dim aclOperation As CatalogOperation
For Each aclOperation In ace.CatalogOperations
If Not permissions.Contains(CStr(m_CatOperNames(aclOperation))) Then
permissions.Add(CStr(m_CatOperNames(aclOperation)))
End If
Next aclOperation
Dim aclOperation As ReportOperation
For Each aclOperation In ace.ReportOperations
If Not permissions.Contains(CStr(m_RptOperNames(aclOperation))) Then
permissions.Add(CStr(m_RptOperNames(aclOperation)))
End If
Next aclOperation
Dim aclOperation As FolderOperation
For Each aclOperation In ace.FolderOperations
If Not permissions.Contains(CStr(m_FldOperNames(aclOperation))) Then
permissions.Add(CStr(m_FldOperNames(aclOperation)))
End If
Next aclOperation
Dim aclOperation As ResourceOperation
For Each aclOperation In ace.ResourceOperations
If Not permissions.Contains(CStr(m_ResOperNames(aclOperation))) Then
permissions.Add(CStr(m_ResOperNames(aclOperation)))
End If
Next aclOperation
Dim aclOperation As DatasourceOperation
For Each aclOperation In ace.DatasourceOperations
If Not permissions.Contains(CStr(m_DSOperNames(aclOperation))) Then
permissions.Add(CStr(m_DSOperNames(aclOperation)))
End If
Next aclOperation
End If
Next ace
Return permissions
End Function 'GetPermissions
private static Hashtable m_CatOperNames;
private static Hashtable m_FldOperNames;
private static Hashtable m_RptOperNames;
private static Hashtable m_ResOperNames;
private static Hashtable m_DSOperNames;
private const int NrRptOperations = 27;
private const int NrFldOperations = 9;
private const int NrResOperations = 7;
private const int NrDSOperations = 7;
private const int NrCatOperations = 15;
private static void InitializeMaps()
{
// create operation names data
m_CatOperNames = new Hashtable();
m_CatOperNames.Add(CatalogOperation.CreateRoles, OperationNames.OperCreateRoles);
m_CatOperNames.Add(CatalogOperation.DeleteRoles, OperationNames.OperDeleteRoles);
m_CatOperNames.Add(CatalogOperation.ReadRoleProperties, OperationNames.OperReadRoleProperties);
m_CatOperNames.Add(CatalogOperation.UpdateRoleProperties, OperationNames.OperUpdateRoleProperties);
m_CatOperNames.Add(CatalogOperation.ReadSystemProperties, OperationNames.OperReadSystemProperties);
m_CatOperNames.Add(CatalogOperation.UpdateSystemProperties, OperationNames.OperUpdateSystemProperties);
m_CatOperNames.Add(CatalogOperation.GenerateEvents, OperationNames.OperGenerateEvents);
m_CatOperNames.Add(CatalogOperation.ReadSystemSecurityPolicy, OperationNames.OperReadSystemSecurityPolicy);
m_CatOperNames.Add(CatalogOperation.UpdateSystemSecurityPolicy, OperationNames.OperUpdateSystemSecurityPolicy);
m_CatOperNames.Add(CatalogOperation.CreateSchedules, OperationNames.OperCreateSchedules);
m_CatOperNames.Add(CatalogOperation.DeleteSchedules, OperationNames.OperDeleteSchedules);
m_CatOperNames.Add(CatalogOperation.ReadSchedules, OperationNames.OperReadSchedules);
m_CatOperNames.Add(CatalogOperation.UpdateSchedules, OperationNames.OperUpdateSchedules);
m_CatOperNames.Add(CatalogOperation.ListJobs, OperationNames.OperListJobs);
m_CatOperNames.Add(CatalogOperation.CancelJobs, OperationNames.OperCancelJobs);
if (m_CatOperNames.Count != NrCatOperations)
{
throw new Exception("Number of catalog names don't match.");
}
m_FldOperNames = new Hashtable();
m_FldOperNames.Add(FolderOperation.CreateFolder, OperationNames.OperCreateFolder);
m_FldOperNames.Add(FolderOperation.Delete, OperationNames.OperDelete);
m_FldOperNames.Add(FolderOperation.ReadProperties, OperationNames.OperReadProperties);
m_FldOperNames.Add(FolderOperation.UpdateProperties, OperationNames.OperUpdateProperties);
m_FldOperNames.Add(FolderOperation.CreateReport, OperationNames.OperCreateReport);
m_FldOperNames.Add(FolderOperation.CreateResource, OperationNames.OperCreateResource);
m_FldOperNames.Add(FolderOperation.ReadAuthorizationPolicy, OperationNames.OperReadAuthorizationPolicy);
m_FldOperNames.Add(FolderOperation.UpdateDeleteAuthorizationPolicy,OperationNames.OperUpdateDeleteAuthorizationPolicy);
m_FldOperNames.Add(FolderOperation.CreateDatasource, OperationNames.OperCreateDatasource);
if (m_FldOperNames.Count != NrFldOperations)
{
throw new Exception("Number of folder names don't match.");
}
m_RptOperNames = new Hashtable();
m_RptOperNames.Add(ReportOperation.Delete, OperationNames.OperDelete);
m_RptOperNames.Add(ReportOperation.ReadProperties, OperationNames.OperReadProperties);
m_RptOperNames.Add(ReportOperation.UpdateProperties, OperationNames.OperUpdateProperties);
m_RptOperNames.Add(ReportOperation.UpdateParameters, OperationNames.OperUpdateParameters);
m_RptOperNames.Add(ReportOperation.ReadDatasource, OperationNames.OperReadDatasources);
m_RptOperNames.Add(ReportOperation.UpdateDatasource, OperationNames.OperUpdateDatasources);
m_RptOperNames.Add(ReportOperation.ReadReportDefinition, OperationNames.OperReadReportDefinition);
m_RptOperNames.Add(ReportOperation.UpdateReportDefinition, OperationNames.OperUpdateReportDefinition);
m_RptOperNames.Add(ReportOperation.CreateSubscription, OperationNames.OperCreateSubscription);
m_RptOperNames.Add(ReportOperation.DeleteSubscription, OperationNames.OperDeleteSubscription);
m_RptOperNames.Add(ReportOperation.ReadSubscription, OperationNames.OperReadSubscription);
m_RptOperNames.Add(ReportOperation.UpdateSubscription, OperationNames.OperUpdateSubscription);
m_RptOperNames.Add(ReportOperation.CreateAnySubscription, OperationNames.OperCreateAnySubscription);
m_RptOperNames.Add(ReportOperation.DeleteAnySubscription, OperationNames.OperDeleteAnySubscription);
m_RptOperNames.Add(ReportOperation.ReadAnySubscription, OperationNames.OperReadAnySubscription);
m_RptOperNames.Add(ReportOperation.UpdateAnySubscription, OperationNames.OperUpdateAnySubscription);
m_RptOperNames.Add(ReportOperation.UpdatePolicy, OperationNames.OperUpdatePolicy);
m_RptOperNames.Add(ReportOperation.ReadPolicy, OperationNames.OperReadPolicy);
m_RptOperNames.Add(ReportOperation.DeleteHistory, OperationNames.OperDeleteHistory);
m_RptOperNames.Add(ReportOperation.ListHistory, OperationNames.OperListHistory);
m_RptOperNames.Add(ReportOperation.ExecuteAndView, OperationNames.OperExecuteAndView);
m_RptOperNames.Add(ReportOperation.CreateResource, OperationNames.OperCreateResource);
m_RptOperNames.Add(ReportOperation.CreateSnapshot, OperationNames.OperCreateSnapshot);
m_RptOperNames.Add(ReportOperation.ReadAuthorizationPolicy, OperationNames.OperReadAuthorizationPolicy);
m_RptOperNames.Add(ReportOperation.UpdateDeleteAuthorizationPolicy,OperationNames.OperUpdateDeleteAuthorizationPolicy);
m_RptOperNames.Add(ReportOperation.Execute, OperationNames.OperExecute);
m_RptOperNames.Add(ReportOperation.CreateLink, OperationNames.OperCreateLink);
if (m_RptOperNames.Count != NrRptOperations)
{
throw new Exception("Number of report names don't match.");
}
m_ResOperNames = new Hashtable();
m_ResOperNames.Add(ResourceOperation.Delete, OperationNames.OperDelete);
m_ResOperNames.Add(ResourceOperation.ReadProperties, OperationNames.OperReadProperties);
m_ResOperNames.Add(ResourceOperation.UpdateProperties, OperationNames.OperUpdateProperties);
m_ResOperNames.Add(ResourceOperation.ReadContent, OperationNames.OperReadContent);
m_ResOperNames.Add(ResourceOperation.UpdateContent, OperationNames.OperUpdateContent);
m_ResOperNames.Add(ResourceOperation.ReadAuthorizationPolicy, OperationNames.OperReadAuthorizationPolicy);
m_ResOperNames.Add(ResourceOperation.UpdateDeleteAuthorizationPolicy, OperationNames.OperUpdateDeleteAuthorizationPolicy);
if (m_ResOperNames.Count != NrResOperations)
{
throw new Exception("Number of resource names don't match.");
}
m_DSOperNames = new Hashtable();
m_DSOperNames.Add(DatasourceOperation.Delete, OperationNames.OperDelete);
m_DSOperNames.Add(DatasourceOperation.ReadProperties, OperationNames.OperReadProperties);
m_DSOperNames.Add(DatasourceOperation.UpdateProperties, OperationNames.OperUpdateProperties);
m_DSOperNames.Add(DatasourceOperation.ReadContent, OperationNames.OperReadContent);
m_DSOperNames.Add(DatasourceOperation.UpdateContent, OperationNames.OperUpdateContent);
m_DSOperNames.Add(DatasourceOperation.ReadAuthorizationPolicy, OperationNames.OperReadAuthorizationPolicy);
m_DSOperNames.Add(DatasourceOperation.UpdateDeleteAuthorizationPolicy, OperationNames.OperUpdateDeleteAuthorizationPolicy);
if (m_DSOperNames.Count != NrDSOperations)
{
throw new Exception("Number of datasource names don't match.");
}
}
public StringCollection GetPermissions(string userName, IntPtr userToken, SecurityItemType itemType, byte[] secDesc)
{
StringCollection permissions = new StringCollection();
AceCollection acl = DeserializeAcl(secDesc);
foreach(AceStruct ace in acl)
{
if (userName == ace.PrincipalName)
{
foreach(CatalogOperation aclOperation in ace.CatalogOperations)
{
if (!permissions.Contains((string)m_CatOperNames[aclOperation]))
permissions.Add((string)m_CatOperNames[aclOperation]);
}
foreach(ReportOperation aclOperation in ace.ReportOperations)
{
if (!permissions.Contains((string)m_RptOperNames[aclOperation]))
permissions.Add((string)m_RptOperNames[aclOperation]);
}
foreach(FolderOperation aclOperation in ace.FolderOperations)
{
if (!permissions.Contains((string)m_FldOperNames[aclOperation]))
permissions.Add((string)m_FldOperNames[aclOperation]);
}
foreach(ResourceOperation aclOperation in ace.ResourceOperations)
{
if (!permissions.Contains((string)m_ResOperNames[aclOperation]))
permissions.Add((string)m_ResOperNames[aclOperation]);
}
foreach(DatasourceOperation aclOperation in ace.DatasourceOperations)
{
if (!permissions.Contains((string)m_DSOperNames[aclOperation]))
permissions.Add((string)m_DSOperNames[aclOperation]);
}
}
}
return permissions;
}
Thread Safety
Any public static (Shared in Microsoft Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.
Platforms
Development Platforms
For a list of the supported platforms, see Hardware and Software Requirements for Installing SQL Server 2005.
Target Platforms
For a list of the supported platforms, see Hardware and Software Requirements for Installing SQL Server 2005.
See Also
Reference
IAuthorizationExtension Interface
IAuthorizationExtension Members
Microsoft.ReportingServices.Interfaces Namespace