IAuthorizationExtension.GetPermissions 方法
定义
重要
一些信息与预发行产品相关,相应产品在发行之前可能会进行重大修改。 对于此处提供的信息,Microsoft 不作任何明示或暗示的担保。
返回授予特定用户针对报表服务器数据库中某一项的权限集。
public:
System::Collections::Specialized::StringCollection ^ GetPermissions(System::String ^ userName, IntPtr userToken, Microsoft::ReportingServices::Interfaces::SecurityItemType itemType, cli::array <System::Byte> ^ secDesc);public System.Collections.Specialized.StringCollection GetPermissions (string userName, IntPtr userToken, Microsoft.ReportingServices.Interfaces.SecurityItemType itemType, byte[] secDesc);abstract member GetPermissions : string * nativeint * Microsoft.ReportingServices.Interfaces.SecurityItemType * byte[] -> System.Collections.Specialized.StringCollectionPublic Function GetPermissions (userName As String, userToken As IntPtr, itemType As SecurityItemType, secDesc As Byte()) As StringCollection参数
- userName
- String
GetUserInfo(IIdentity, IntPtr) 的 IAuthenticationExtension 方法返回的用户的名称。
- userToken
-
IntPtr
nativeint
指向 GetUserInfo(IIdentity, IntPtr) 方法返回的用户 ID 的指针。
- itemType
- SecurityItemType
返回其权限的报表服务器数据库中某项的类型。
- secDesc
- Byte[]
与项关联的安全描述符。
返回
一个 StringCollection ,其中包含与给定项的用户关联的每个权限的名称。
示例
下面的示例使用 Microsoft.SqlServer.ReportingServices.ReportingService.GetPermissions 方法来计算 Report Server 数据库中某个项与特定用户的授权凭据相关的访问代码列表。 使用此方法可以提供由 Web 服务方法返回的一组权限 GetPermissions 。
Private Shared m_CatOperNames As Hashtable
Private Shared m_FldOperNames As Hashtable
Private Shared m_RptOperNames As Hashtable
Private Shared m_ResOperNames As Hashtable
Private Shared m_DSOperNames As Hashtable
Private Const NrRptOperations As Integer = 27
Private Const NrFldOperations As Integer = 9
Private Const NrResOperations As Integer = 7
Private Const NrDSOperations As Integer = 7
Private Const NrCatOperations As Integer = 15
Private Shared Sub InitializeMaps()
' create operation names data
m_CatOperNames = New Hashtable()
m_CatOperNames.Add(CatalogOperation.CreateRoles, OperationNames.OperCreateRoles)
m_CatOperNames.Add(CatalogOperation.DeleteRoles, OperationNames.OperDeleteRoles)
m_CatOperNames.Add(CatalogOperation.ReadRoleProperties, OperationNames.OperReadRoleProperties)
m_CatOperNames.Add(CatalogOperation.UpdateRoleProperties, OperationNames.OperUpdateRoleProperties)
m_CatOperNames.Add(CatalogOperation.ReadSystemProperties, OperationNames.OperReadSystemProperties)
m_CatOperNames.Add(CatalogOperation.UpdateSystemProperties, OperationNames.OperUpdateSystemProperties)
m_CatOperNames.Add(CatalogOperation.GenerateEvents, OperationNames.OperGenerateEvents)
m_CatOperNames.Add(CatalogOperation.ReadSystemSecurityPolicy, OperationNames.OperReadSystemSecurityPolicy)
m_CatOperNames.Add(CatalogOperation.UpdateSystemSecurityPolicy, OperationNames.OperUpdateSystemSecurityPolicy)
m_CatOperNames.Add(CatalogOperation.CreateSchedules, OperationNames.OperCreateSchedules)
m_CatOperNames.Add(CatalogOperation.DeleteSchedules, OperationNames.OperDeleteSchedules)
m_CatOperNames.Add(CatalogOperation.ReadSchedules, OperationNames.OperReadSchedules)
m_CatOperNames.Add(CatalogOperation.UpdateSchedules, OperationNames.OperUpdateSchedules)
m_CatOperNames.Add(CatalogOperation.ListJobs, OperationNames.OperListJobs)
m_CatOperNames.Add(CatalogOperation.CancelJobs, OperationNames.OperCancelJobs)
If m_CatOperNames.Count <> NrCatOperations Then
Throw New Exception("Number of catalog names don't match.")
End If
m_FldOperNames = New Hashtable()
m_FldOperNames.Add(FolderOperation.CreateFolder, OperationNames.OperCreateFolder)
m_FldOperNames.Add(FolderOperation.Delete, OperationNames.OperDelete)
m_FldOperNames.Add(FolderOperation.ReadProperties, OperationNames.OperReadProperties)
m_FldOperNames.Add(FolderOperation.UpdateProperties, OperationNames.OperUpdateProperties)
m_FldOperNames.Add(FolderOperation.CreateReport, OperationNames.OperCreateReport)
m_FldOperNames.Add(FolderOperation.CreateResource, OperationNames.OperCreateResource)
m_FldOperNames.Add(FolderOperation.ReadAuthorizationPolicy, OperationNames.OperReadAuthorizationPolicy)
m_FldOperNames.Add(FolderOperation.UpdateDeleteAuthorizationPolicy, OperationNames.OperUpdateDeleteAuthorizationPolicy)
m_FldOperNames.Add(FolderOperation.CreateDatasource, OperationNames.OperCreateDatasource)
If m_FldOperNames.Count <> NrFldOperations Then
Throw New Exception("Number of folder names don't match.")
End If
m_RptOperNames = New Hashtable()
m_RptOperNames.Add(ReportOperation.Delete, OperationNames.OperDelete)
m_RptOperNames.Add(ReportOperation.ReadProperties, OperationNames.OperReadProperties)
m_RptOperNames.Add(ReportOperation.UpdateProperties, OperationNames.OperUpdateProperties)
m_RptOperNames.Add(ReportOperation.UpdateParameters, OperationNames.OperUpdateParameters)
m_RptOperNames.Add(ReportOperation.ReadDatasource, OperationNames.OperReadDatasources)
m_RptOperNames.Add(ReportOperation.UpdateDatasource, OperationNames.OperUpdateDatasources)
m_RptOperNames.Add(ReportOperation.ReadReportDefinition, OperationNames.OperReadReportDefinition)
m_RptOperNames.Add(ReportOperation.UpdateReportDefinition, OperationNames.OperUpdateReportDefinition)
m_RptOperNames.Add(ReportOperation.CreateSubscription, OperationNames.OperCreateSubscription)
m_RptOperNames.Add(ReportOperation.DeleteSubscription, OperationNames.OperDeleteSubscription)
m_RptOperNames.Add(ReportOperation.ReadSubscription, OperationNames.OperReadSubscription)
m_RptOperNames.Add(ReportOperation.UpdateSubscription, OperationNames.OperUpdateSubscription)
m_RptOperNames.Add(ReportOperation.CreateAnySubscription, OperationNames.OperCreateAnySubscription)
m_RptOperNames.Add(ReportOperation.DeleteAnySubscription, OperationNames.OperDeleteAnySubscription)
m_RptOperNames.Add(ReportOperation.ReadAnySubscription, OperationNames.OperReadAnySubscription)
m_RptOperNames.Add(ReportOperation.UpdateAnySubscription, OperationNames.OperUpdateAnySubscription)
m_RptOperNames.Add(ReportOperation.UpdatePolicy, OperationNames.OperUpdatePolicy)
m_RptOperNames.Add(ReportOperation.ReadPolicy, OperationNames.OperReadPolicy)
m_RptOperNames.Add(ReportOperation.DeleteHistory, OperationNames.OperDeleteHistory)
m_RptOperNames.Add(ReportOperation.ListHistory, OperationNames.OperListHistory)
m_RptOperNames.Add(ReportOperation.ExecuteAndView, OperationNames.OperExecuteAndView)
m_RptOperNames.Add(ReportOperation.CreateResource, OperationNames.OperCreateResource)
m_RptOperNames.Add(ReportOperation.CreateSnapshot, OperationNames.OperCreateSnapshot)
m_RptOperNames.Add(ReportOperation.ReadAuthorizationPolicy, OperationNames.OperReadAuthorizationPolicy)
m_RptOperNames.Add(ReportOperation.UpdateDeleteAuthorizationPolicy, OperationNames.OperUpdateDeleteAuthorizationPolicy)
m_RptOperNames.Add(ReportOperation.Execute, OperationNames.OperExecute)
m_RptOperNames.Add(ReportOperation.CreateLink, OperationNames.OperCreateLink)
If m_RptOperNames.Count <> NrRptOperations Then
Throw New Exception("Number of report names don't match.")
End If
m_ResOperNames = New Hashtable()
m_ResOperNames.Add(ResourceOperation.Delete, OperationNames.OperDelete)
m_ResOperNames.Add(ResourceOperation.ReadProperties, OperationNames.OperReadProperties)
m_ResOperNames.Add(ResourceOperation.UpdateProperties, OperationNames.OperUpdateProperties)
m_ResOperNames.Add(ResourceOperation.ReadContent, OperationNames.OperReadContent)
m_ResOperNames.Add(ResourceOperation.UpdateContent, OperationNames.OperUpdateContent)
m_ResOperNames.Add(ResourceOperation.ReadAuthorizationPolicy, OperationNames.OperReadAuthorizationPolicy)
m_ResOperNames.Add(ResourceOperation.UpdateDeleteAuthorizationPolicy, OperationNames.OperUpdateDeleteAuthorizationPolicy)
If m_ResOperNames.Count <> NrResOperations Then
Throw New Exception("Number of resource names don't match.")
End If
m_DSOperNames = New Hashtable()
m_DSOperNames.Add(DatasourceOperation.Delete, OperationNames.OperDelete)
m_DSOperNames.Add(DatasourceOperation.ReadProperties, OperationNames.OperReadProperties)
m_DSOperNames.Add(DatasourceOperation.UpdateProperties, OperationNames.OperUpdateProperties)
m_DSOperNames.Add(DatasourceOperation.ReadContent, OperationNames.OperReadContent)
m_DSOperNames.Add(DatasourceOperation.UpdateContent, OperationNames.OperUpdateContent)
m_DSOperNames.Add(DatasourceOperation.ReadAuthorizationPolicy, OperationNames.OperReadAuthorizationPolicy)
m_DSOperNames.Add(DatasourceOperation.UpdateDeleteAuthorizationPolicy, OperationNames.OperUpdateDeleteAuthorizationPolicy)
If m_DSOperNames.Count <> NrDSOperations Then
Throw New Exception("Number of datasource names don't match.")
End If
End Sub 'InitializeMaps
Public Function GetPermissions(userName As String, userToken As IntPtr, itemType As SecurityItemType, secDesc() As Byte) As StringCollection
Dim permissions As New StringCollection()
Dim acl As AceCollection = DeserializeAcl(secDesc)
Dim ace As AceStruct
For Each ace In acl
If userName = ace.PrincipalName Then
Dim aclOperation As CatalogOperation
For Each aclOperation In ace.CatalogOperations
If Not permissions.Contains(CStr(m_CatOperNames(aclOperation))) Then
permissions.Add(CStr(m_CatOperNames(aclOperation)))
End If
Next aclOperation
Dim aclOperation As ReportOperation
For Each aclOperation In ace.ReportOperations
If Not permissions.Contains(CStr(m_RptOperNames(aclOperation))) Then
permissions.Add(CStr(m_RptOperNames(aclOperation)))
End If
Next aclOperation
Dim aclOperation As FolderOperation
For Each aclOperation In ace.FolderOperations
If Not permissions.Contains(CStr(m_FldOperNames(aclOperation))) Then
permissions.Add(CStr(m_FldOperNames(aclOperation)))
End If
Next aclOperation
Dim aclOperation As ResourceOperation
For Each aclOperation In ace.ResourceOperations
If Not permissions.Contains(CStr(m_ResOperNames(aclOperation))) Then
permissions.Add(CStr(m_ResOperNames(aclOperation)))
End If
Next aclOperation
Dim aclOperation As DatasourceOperation
For Each aclOperation In ace.DatasourceOperations
If Not permissions.Contains(CStr(m_DSOperNames(aclOperation))) Then
permissions.Add(CStr(m_DSOperNames(aclOperation)))
End If
Next aclOperation
End If
Next ace
Return permissions
End Function 'GetPermissions
private static Hashtable m_CatOperNames;
private static Hashtable m_FldOperNames;
private static Hashtable m_RptOperNames;
private static Hashtable m_ResOperNames;
private static Hashtable m_DSOperNames;
private const int NrRptOperations = 27;
private const int NrFldOperations = 9;
private const int NrResOperations = 7;
private const int NrDSOperations = 7;
private const int NrCatOperations = 15;
private static void InitializeMaps()
{
// create operation names data
m_CatOperNames = new Hashtable();
m_CatOperNames.Add(CatalogOperation.CreateRoles, OperationNames.OperCreateRoles);
m_CatOperNames.Add(CatalogOperation.DeleteRoles, OperationNames.OperDeleteRoles);
m_CatOperNames.Add(CatalogOperation.ReadRoleProperties, OperationNames.OperReadRoleProperties);
m_CatOperNames.Add(CatalogOperation.UpdateRoleProperties, OperationNames.OperUpdateRoleProperties);
m_CatOperNames.Add(CatalogOperation.ReadSystemProperties, OperationNames.OperReadSystemProperties);
m_CatOperNames.Add(CatalogOperation.UpdateSystemProperties, OperationNames.OperUpdateSystemProperties);
m_CatOperNames.Add(CatalogOperation.GenerateEvents, OperationNames.OperGenerateEvents);
m_CatOperNames.Add(CatalogOperation.ReadSystemSecurityPolicy, OperationNames.OperReadSystemSecurityPolicy);
m_CatOperNames.Add(CatalogOperation.UpdateSystemSecurityPolicy, OperationNames.OperUpdateSystemSecurityPolicy);
m_CatOperNames.Add(CatalogOperation.CreateSchedules, OperationNames.OperCreateSchedules);
m_CatOperNames.Add(CatalogOperation.DeleteSchedules, OperationNames.OperDeleteSchedules);
m_CatOperNames.Add(CatalogOperation.ReadSchedules, OperationNames.OperReadSchedules);
m_CatOperNames.Add(CatalogOperation.UpdateSchedules, OperationNames.OperUpdateSchedules);
m_CatOperNames.Add(CatalogOperation.ListJobs, OperationNames.OperListJobs);
m_CatOperNames.Add(CatalogOperation.CancelJobs, OperationNames.OperCancelJobs);
if (m_CatOperNames.Count != NrCatOperations)
{
throw new Exception("Number of catalog names don't match.");
}
m_FldOperNames = new Hashtable();
m_FldOperNames.Add(FolderOperation.CreateFolder, OperationNames.OperCreateFolder);
m_FldOperNames.Add(FolderOperation.Delete, OperationNames.OperDelete);
m_FldOperNames.Add(FolderOperation.ReadProperties, OperationNames.OperReadProperties);
m_FldOperNames.Add(FolderOperation.UpdateProperties, OperationNames.OperUpdateProperties);
m_FldOperNames.Add(FolderOperation.CreateReport, OperationNames.OperCreateReport);
m_FldOperNames.Add(FolderOperation.CreateResource, OperationNames.OperCreateResource);
m_FldOperNames.Add(FolderOperation.ReadAuthorizationPolicy, OperationNames.OperReadAuthorizationPolicy);
m_FldOperNames.Add(FolderOperation.UpdateDeleteAuthorizationPolicy,OperationNames.OperUpdateDeleteAuthorizationPolicy);
m_FldOperNames.Add(FolderOperation.CreateDatasource, OperationNames.OperCreateDatasource);
if (m_FldOperNames.Count != NrFldOperations)
{
throw new Exception("Number of folder names don't match.");
}
m_RptOperNames = new Hashtable();
m_RptOperNames.Add(ReportOperation.Delete, OperationNames.OperDelete);
m_RptOperNames.Add(ReportOperation.ReadProperties, OperationNames.OperReadProperties);
m_RptOperNames.Add(ReportOperation.UpdateProperties, OperationNames.OperUpdateProperties);
m_RptOperNames.Add(ReportOperation.UpdateParameters, OperationNames.OperUpdateParameters);
m_RptOperNames.Add(ReportOperation.ReadDatasource, OperationNames.OperReadDatasources);
m_RptOperNames.Add(ReportOperation.UpdateDatasource, OperationNames.OperUpdateDatasources);
m_RptOperNames.Add(ReportOperation.ReadReportDefinition, OperationNames.OperReadReportDefinition);
m_RptOperNames.Add(ReportOperation.UpdateReportDefinition, OperationNames.OperUpdateReportDefinition);
m_RptOperNames.Add(ReportOperation.CreateSubscription, OperationNames.OperCreateSubscription);
m_RptOperNames.Add(ReportOperation.DeleteSubscription, OperationNames.OperDeleteSubscription);
m_RptOperNames.Add(ReportOperation.ReadSubscription, OperationNames.OperReadSubscription);
m_RptOperNames.Add(ReportOperation.UpdateSubscription, OperationNames.OperUpdateSubscription);
m_RptOperNames.Add(ReportOperation.CreateAnySubscription, OperationNames.OperCreateAnySubscription);
m_RptOperNames.Add(ReportOperation.DeleteAnySubscription, OperationNames.OperDeleteAnySubscription);
m_RptOperNames.Add(ReportOperation.ReadAnySubscription, OperationNames.OperReadAnySubscription);
m_RptOperNames.Add(ReportOperation.UpdateAnySubscription, OperationNames.OperUpdateAnySubscription);
m_RptOperNames.Add(ReportOperation.UpdatePolicy, OperationNames.OperUpdatePolicy);
m_RptOperNames.Add(ReportOperation.ReadPolicy, OperationNames.OperReadPolicy);
m_RptOperNames.Add(ReportOperation.DeleteHistory, OperationNames.OperDeleteHistory);
m_RptOperNames.Add(ReportOperation.ListHistory, OperationNames.OperListHistory);
m_RptOperNames.Add(ReportOperation.ExecuteAndView, OperationNames.OperExecuteAndView);
m_RptOperNames.Add(ReportOperation.CreateResource, OperationNames.OperCreateResource);
m_RptOperNames.Add(ReportOperation.CreateSnapshot, OperationNames.OperCreateSnapshot);
m_RptOperNames.Add(ReportOperation.ReadAuthorizationPolicy, OperationNames.OperReadAuthorizationPolicy);
m_RptOperNames.Add(ReportOperation.UpdateDeleteAuthorizationPolicy,OperationNames.OperUpdateDeleteAuthorizationPolicy);
m_RptOperNames.Add(ReportOperation.Execute, OperationNames.OperExecute);
m_RptOperNames.Add(ReportOperation.CreateLink, OperationNames.OperCreateLink);
if (m_RptOperNames.Count != NrRptOperations)
{
throw new Exception("Number of report names don't match.");
}
m_ResOperNames = new Hashtable();
m_ResOperNames.Add(ResourceOperation.Delete, OperationNames.OperDelete);
m_ResOperNames.Add(ResourceOperation.ReadProperties, OperationNames.OperReadProperties);
m_ResOperNames.Add(ResourceOperation.UpdateProperties, OperationNames.OperUpdateProperties);
m_ResOperNames.Add(ResourceOperation.ReadContent, OperationNames.OperReadContent);
m_ResOperNames.Add(ResourceOperation.UpdateContent, OperationNames.OperUpdateContent);
m_ResOperNames.Add(ResourceOperation.ReadAuthorizationPolicy, OperationNames.OperReadAuthorizationPolicy);
m_ResOperNames.Add(ResourceOperation.UpdateDeleteAuthorizationPolicy, OperationNames.OperUpdateDeleteAuthorizationPolicy);
if (m_ResOperNames.Count != NrResOperations)
{
throw new Exception("Number of resource names don't match.");
}
m_DSOperNames = new Hashtable();
m_DSOperNames.Add(DatasourceOperation.Delete, OperationNames.OperDelete);
m_DSOperNames.Add(DatasourceOperation.ReadProperties, OperationNames.OperReadProperties);
m_DSOperNames.Add(DatasourceOperation.UpdateProperties, OperationNames.OperUpdateProperties);
m_DSOperNames.Add(DatasourceOperation.ReadContent, OperationNames.OperReadContent);
m_DSOperNames.Add(DatasourceOperation.UpdateContent, OperationNames.OperUpdateContent);
m_DSOperNames.Add(DatasourceOperation.ReadAuthorizationPolicy, OperationNames.OperReadAuthorizationPolicy);
m_DSOperNames.Add(DatasourceOperation.UpdateDeleteAuthorizationPolicy, OperationNames.OperUpdateDeleteAuthorizationPolicy);
if (m_DSOperNames.Count != NrDSOperations)
{
throw new Exception("Number of datasource names don't match.");
}
}
public StringCollection GetPermissions(string userName, IntPtr userToken, SecurityItemType itemType, byte[] secDesc)
{
StringCollection permissions = new StringCollection();
AceCollection acl = DeserializeAcl(secDesc);
foreach(AceStruct ace in acl)
{
if (userName == ace.PrincipalName)
{
foreach(CatalogOperation aclOperation in ace.CatalogOperations)
{
if (!permissions.Contains((string)m_CatOperNames[aclOperation]))
permissions.Add((string)m_CatOperNames[aclOperation]);
}
foreach(ReportOperation aclOperation in ace.ReportOperations)
{
if (!permissions.Contains((string)m_RptOperNames[aclOperation]))
permissions.Add((string)m_RptOperNames[aclOperation]);
}
foreach(FolderOperation aclOperation in ace.FolderOperations)
{
if (!permissions.Contains((string)m_FldOperNames[aclOperation]))
permissions.Add((string)m_FldOperNames[aclOperation]);
}
foreach(ResourceOperation aclOperation in ace.ResourceOperations)
{
if (!permissions.Contains((string)m_ResOperNames[aclOperation]))
permissions.Add((string)m_ResOperNames[aclOperation]);
}
foreach(DatasourceOperation aclOperation in ace.DatasourceOperations)
{
if (!permissions.Contains((string)m_DSOperNames[aclOperation]))
permissions.Add((string)m_DSOperNames[aclOperation]);
}
}
}
return permissions;
}
注解
此方法的返回值为 Web 服务方法提供基础支持 GetPermissions 。