private void grantPriviledges_2()
{
NetworkCredential clientCredentials = new NetworkCredential("Test", "123", "Chathu-Nable");
ReportingService2010SoapClient client = new ReportingService2010SoapClient();
client.ClientCredentials.Windows.AllowedImpersonationLevel = System.Security.Principal.TokenImpersonationLevel.Impersonation;
client.ClientCredentials.Windows.ClientCredential = clientCredentials;
client.Open();
TrustedUserHeader t = new TrustedUserHeader();
Policy [] arrPolicies = null;
bool doesInheritParent = false;
client.GetPolicies(t, "/New Folder", out arrPolicies, out doesInheritParent);
List <Policy> listPolicies = new List <Policy>();
if (arrPolicies != null)
{
listPolicies = arrPolicies.ToList();
}
listPolicies.Add(
new Policy()
{
Roles = new[] { new Role()
{
Name = "Browser"
}, new Role()
{
Name = "Content Manager"
} }, GroupUserName = "******"
}
);
client.SetPolicies(t, "/New Folder", listPolicies.ToArray());
/*
*
* Policy[] MyPolicyArr = new Policy[2];
*
*
* Role[] MyRoles = new Role[3];
*
* Role browser = new Role();
* browser.Name = "Browser";
*
* Role myReports = new Role();
* myReports.Name = "My Reports";
*
* Role publisher = new Role();
* publisher.Name = "Publisher";
*
* Role contentManager = new Role() { Name = "Content Manager" };
*
* MyRoles[0] = publisher;
* MyRoles[1] = browser;
* MyRoles[2] = contentManager;
*
*
* MyPolicyArr[0] = new Policy() { GroupUserName = @"Chathu-Nable\Test", Roles = MyRoles };
* MyPolicyArr[1] = new Policy() { GroupUserName = @"Chathu-Nable\Test2", Roles = MyRoles };
*
*
* client.SetPolicies(t, "/New Folder", MyPolicyArr);
*
* //rs.SetPolicies("/SecurityTestFolder", MyPolicyArr);
*
*/
//MessageBox.Show(policies.Length + "") ;
}
public void GrantPriviledges(List <string> reportPaths, List <string> userNames, List <string> roles)
{
foreach (string reportPath in reportPaths)
{
List <Policy> listPolicies = new List <Policy>();
bool doesInheritParent = false;
Policy[] arrPolicies = null;
serviceClient.GetPolicies(userHeader, reportPath, out arrPolicies, out doesInheritParent);
if (arrPolicies != null)
{
listPolicies.InsertRange(0, arrPolicies.ToList());
}
foreach (string userName in userNames)
{
//if the policy exist for the same user modify that policy object
Policy newPolicy = listPolicies.Find((Policy paramPolicy) =>
{
return(paramPolicy.GroupUserName.ToLower().Equals(userName.ToLower()));
});
if (newPolicy == null)
{
newPolicy = new Policy();
listPolicies.Add(newPolicy);
}
newPolicy.GroupUserName = userName;
List <Role> listCurrentRoles = newPolicy.Roles != null?newPolicy.Roles.ToList() : new List <Role>();
foreach (string role in roles)
{
if (!listCurrentRoles.Exists((Role paramRole) => {
return(paramRole.Name.ToLower().Equals(role.ToLower()));
}))
{
listCurrentRoles.Add(new Role()
{
Name = role
});
}
}
newPolicy.Roles = listCurrentRoles.ToArray();
}
serviceClient.SetPolicies(userHeader, reportPath, listPolicies.ToArray());
}
/*
* listPolicies.Add(
* new Policy() { Roles = new[] { new Role() { Name = "Browser" }, new Role() { Name = "Content Manager" } }, GroupUserName = "******" }
* );
*
*
* client.SetPolicies(t, "/New Folder", listPolicies.ToArray());
*/
}
/// <summary>
/// Adds a role to Reporting Services for a user to an itemPath
/// </summary>
/// <param name="itemPath">the ItemPath for the role to be applied to.</param>
/// <param name="reportingUserToAddRoleFor">the user (either domain or local user) to have the role added for.</param>
/// <param name="reportingRoleToAdd">the Reporting Services role e.g. 'Content Manager'</param>
public void AddRole(string itemPath, string reportingUserToAddRoleFor, string reportingRoleToAdd)
{
try
{
var supportedRoles = new[] { "Browser", "Content Manager", "My Reports", "Publisher", "Report Builder" };
if (string.IsNullOrWhiteSpace(itemPath) || !itemPath.StartsWith("/"))
{
throw new ArgumentException($"itemPath: '{itemPath}' cannot be null or empty and must begin with a '/'");
}
if (string.IsNullOrWhiteSpace(reportingUserToAddRoleFor))
{
throw new ArgumentException($"reportingUserToAddRoleFor: '{reportingUserToAddRoleFor}' cannot be null or empty");
}
if (string.IsNullOrWhiteSpace(reportingRoleToAdd))
{
throw new ArgumentException($"reportingRoleToAdd: '{reportingRoleToAdd}' cannot be null or empty");
}
if (!supportedRoles.Contains(reportingRoleToAdd))
{
throw new ArgumentOutOfRangeException($"reportingRoleToAdd: '{reportingRoleToAdd}' is not supported. Only '{string.Join(", ", supportedRoles)}' are supported.");
}
Log("Attempting to retrieve a list of all existing policies for itemPath: '{0}'", itemPath);
Policy policy;
var existingPoliciesResponse = reportingServicesClient.GetPolicies(new GetPoliciesRequest {
ItemPath = itemPath
});
var existingPolicies = existingPoliciesResponse.Policies;
if (reportingUserToAddRoleFor.Contains("\\"))
{
policy = existingPolicies.FirstOrDefault(p => p != null &&
p.GroupUserName.ToUpperInvariant() == reportingUserToAddRoleFor.ToUpperInvariant()
);
}
else
{
policy = existingPolicies.FirstOrDefault(p => p != null &&
p.GroupUserName.ToUpperInvariant().Split('\\')[1] == reportingUserToAddRoleFor.ToUpperInvariant()
);
}
if (policy == null)
{
Log("Adding new policy for User: '******' to existing policy list", reportingUserToAddRoleFor);
policy = new Policy()
{
GroupUserName = reportingUserToAddRoleFor.ToUpperInvariant(),
Roles = new Role[] { }
};
existingPolicies = existingPolicies.Concat(new[] { policy }).ToArray();
}
else
{
Log("User: '******' already has a policy list, so using this", reportingUserToAddRoleFor);
}
Log("Attempting to select the role of: '{0}' for GroupUserName: '******'", reportingRoleToAdd,
reportingUserToAddRoleFor);
var existingRoles = policy.Roles;
var role = existingRoles.FirstOrDefault(r =>
r != null &&
r.Name.ToUpperInvariant() == reportingRoleToAdd.ToUpperInvariant()
);
if (role == null)
{
Log("Adding new role of: '{0}' for User: '******'.", reportingRoleToAdd, reportingUserToAddRoleFor);
role = new Role()
{
Name = reportingRoleToAdd
};
policy.Roles = existingRoles.Concat(new[] { role }).ToArray();
}
else
{
Log("User: '******' already has a role of type: '{1}', nothing to add.", reportingUserToAddRoleFor, reportingRoleToAdd);
}
Log("Setting policy role of: '{0}' for user: '******' for itemPath: '{2}'", reportingRoleToAdd, reportingUserToAddRoleFor, itemPath);
reportingServicesClient.SetPolicies(new SetPoliciesRequest {
ItemPath = itemPath, Policies = existingPolicies
});
}
catch (Exception ex)
{
Log("An error occurred whilst attempting to set roles for user in Reporting Services!");
Log("Message: {0}", ex.Message);
throw;
}
}
