public static ReportWithRlsEmbeddingData GetReportWithRlsEmbeddingData() { var userName = "******"; PowerBIClient pbiClient = TokenManager.GetPowerBiAppOnlyClient(); var report = pbiClient.Reports.GetReportInGroup(workspaceId, reportWithRlsId); var datasetId = report.DatasetId; var embedUrl = "https://app.powerbi.com/reportEmbed"; var reportName = report.Name; GenerateTokenRequest tokenRequestAllData = new GenerateTokenRequest(accessLevel: "view", identities: new List <EffectiveIdentity> { new EffectiveIdentity(username: userName, datasets: new List <string> { datasetWithRlsId.ToString() }, roles: new List <string> { "All Data" }) }); string embedTokenAllData = pbiClient.Reports.GenerateTokenInGroup(workspaceId, reportWithRlsId, tokenRequestAllData).Token; EffectiveIdentity identityWesternSales = new EffectiveIdentity(username: userName, roles: new List <string> { "Western Region" }, datasets: new List <string> { datasetWithRlsId.ToString() }); GenerateTokenRequest tokenRequestWesternSales = new GenerateTokenRequest("view", null, identities: new List <EffectiveIdentity> { identityWesternSales }); string embedTokenWesternSales = pbiClient.Reports.GenerateTokenInGroup(workspaceId, report.Id, tokenRequestWesternSales).Token; EffectiveIdentity identityCentralSales = new EffectiveIdentity(username: userName, roles: new List <string> { "Central Region" }, datasets: new List <string> { datasetWithRlsId.ToString() }); GenerateTokenRequest tokenRequestCentralSales = new GenerateTokenRequest(accessLevel: "view", datasetId: datasetId, identities: new List <EffectiveIdentity> { identityCentralSales }); string embedTokenCentralSales = pbiClient.Reports.GenerateTokenInGroup(workspaceId, report.Id, tokenRequestCentralSales).Token; EffectiveIdentity identityEasternSales = new EffectiveIdentity(userName, roles: new List <string> { "Eastern Region" }, datasets: new List <string> { datasetWithRlsId.ToString() }); GenerateTokenRequest tokenRequestEasternSales = new GenerateTokenRequest(accessLevel: "view", datasetId: datasetId, identities: new List <EffectiveIdentity> { identityEasternSales }); string embedTokenEasternSales = pbiClient.Reports.GenerateTokenInGroup(workspaceId, report.Id, tokenRequestEasternSales).Token; EffectiveIdentity identityCombo = new EffectiveIdentity(userName, roles: new List <string> { "Central Region", "Eastern Region" }, datasets: new List <string> { datasetWithRlsId.ToString() }); GenerateTokenRequest tokenRequestCombo = new GenerateTokenRequest(accessLevel: "view", datasetId: datasetId, identities: new List <EffectiveIdentity> { identityCombo }); string embedTokenCombo = pbiClient.Reports.GenerateTokenInGroup(workspaceId, report.Id, tokenRequestCombo).Token; return(new ReportWithRlsEmbeddingData { reportId = report.Id.ToString(), reportName = reportName, embedUrl = embedUrl, embedTokenAllData = embedTokenAllData, embedTokenWesternSales = embedTokenWesternSales, embedTokenCentralSales = embedTokenCentralSales, embedTokenEasternSales = embedTokenEasternSales, embedTokenCombo = embedTokenCombo }); }
public async Task <EmbedConfig> GetReportEmbedConfigAsync(int userId, string username, string roles, string reportId) { var model = (EmbedConfig)CachingProvider.Instance().GetItem($"PBI_{Settings.PortalId}_{Settings.SettingsId}_{userId}_{Thread.CurrentThread.CurrentUICulture.Name}_Report_{reportId}"); if (model != null) { return(model); } model = new EmbedConfig(); // Get token credentials for user var getCredentialsResult = await GetTokenCredentials(); if (!getCredentialsResult) { // The error message set in GetTokenCredentials model.ErrorMessage = "Authentication failed."; return(model); } // Create a Power BI Client object. It will be used to call Power BI APIs. using (var client = new PowerBIClient(new Uri(Settings.ApiUrl), tokenCredentials)) { // Get a list of reports. var reports = await client.Reports.GetReportsInGroupAsync(Guid.Parse(Settings.WorkspaceId)).ConfigureAwait(false); // No reports retrieved for the given workspace. if (reports.Value.Count() == 0) { model.ErrorMessage = "No reports were found in the workspace"; } var report = reports.Value.FirstOrDefault(r => r.Id.ToString().Equals(reportId, StringComparison.InvariantCultureIgnoreCase)); if (report == null) { model.ErrorMessage = "No report with the given ID was found in the workspace. Make sure ReportId is valid."; } //Delete bookmarks is report is modified CheckBookmarks(report, Settings.PortalId); // Generate Embed Token for reports without effective identities. GenerateTokenRequest generateTokenRequestParameters; // This is how you create embed token with effective identities if (!string.IsNullOrWhiteSpace(username)) { // Check if the dataset has effective identity required // var dataset = await client.Datasets.GetDatasetAsync(report.DatasetId).ConfigureAwait(false); // The line above returns an unauthorization exception when using "Service Principal" credentials. Seems a bug in the PowerBI API. var dataset = client.Datasets.GetDatasets(Guid.Parse(Settings.WorkspaceId)).Value.FirstOrDefault(x => x.Id == report.DatasetId); if (dataset != null && (dataset.IsEffectiveIdentityRequired.GetValueOrDefault(false) || dataset.IsEffectiveIdentityRolesRequired.GetValueOrDefault(false)) && !dataset.IsOnPremGatewayRequired.GetValueOrDefault(false)) { var rls = new EffectiveIdentity(username, new List <string> { report.DatasetId }); if (!string.IsNullOrWhiteSpace(roles) && dataset.IsEffectiveIdentityRolesRequired.GetValueOrDefault(false)) { var rolesList = new List <string>(); rolesList.AddRange(roles.Split(',')); rls.Roles = rolesList; } // Generate Embed Token with effective identities. generateTokenRequestParameters = new GenerateTokenRequest(accessLevel: "view", identities: new List <EffectiveIdentity> { rls }); } else { generateTokenRequestParameters = new GenerateTokenRequest(accessLevel: "view"); } } else { // Generate Embed Token for reports without effective identities. generateTokenRequestParameters = new GenerateTokenRequest(accessLevel: "view"); } var tokenResponse = await client.Reports.GenerateTokenInGroupAsync(Guid.Parse(Settings.WorkspaceId), report.Id, generateTokenRequestParameters).ConfigureAwait(false); if (tokenResponse == null) { model.ErrorMessage = "Failed to generate embed token."; } // Generate Embed Configuration. model.EmbedToken = tokenResponse; model.EmbedUrl = report.EmbedUrl; model.Id = report.Id.ToString(); model.ContentType = "report"; CachingProvider.Instance().Insert($"PBI_{Settings.PortalId}_{Settings.SettingsId}_{userId}_{Thread.CurrentThread.CurrentUICulture.Name}_Report_{reportId}", model, null, DateTime.Now.AddSeconds(60), TimeSpan.Zero); } return(model); }
// register application as native. public async Task <ActionResult> TestReport(string username, string roles) { string GroupId = "me"; string ReportId = "0400c967-973f-43ad-9959-1868e548e0ac"; var result = new EmbededConfig(); try { result = new EmbededConfig { Username = username, Roles = roles }; var error = GetWebConfigErrors(); if (error != null) { result.ErrorMessage = error; return(View(result)); } var credential = new UserPasswordCredential(Username, Password); var authenticationContext = new AuthenticationContext(AuthorityUrl); var authenticationResult = await authenticationContext.AcquireTokenAsync(ResourceUrl, ClientId, credential); if (authenticationResult == null) { result.ErrorMessage = "Authentication Failed."; return(View(result)); } var tokenCredentials = new TokenCredentials(authenticationResult.AccessToken, "Bearer"); using (var client = new PowerBIClient(new Uri(ApiUrl), tokenCredentials)) { var reports = await client.Reports.GetReportsInGroupAsync(GroupId); Report report; if (string.IsNullOrEmpty(ReportId)) { report = reports.Value.FirstOrDefault(); } else { report = reports.Value.FirstOrDefault(r => r.Id == ReportId); } if (report == null) { result.ErrorMessage = "Group has no reports."; return(View(result)); } var datasets = await client.Datasets.GetDatasetByIdInGroupAsync(GroupId, report.DatasetId); result.IsEffectiveIdentityRequired = datasets.IsEffectiveIdentityRequired; result.IsEffectiveIdentityRolesRequired = datasets.IsEffectiveIdentityRolesRequired; GenerateTokenRequest generateTokenRequestParameters; if (!string.IsNullOrEmpty(username)) { var rls = new EffectiveIdentity(username, new List <string> { report.DatasetId }); if (!string.IsNullOrWhiteSpace(roles)) { var rolesList = new List <string>(); rolesList.AddRange(roles.Split(',')); rls.Roles = rolesList; } generateTokenRequestParameters = new GenerateTokenRequest(accessLevel: "view", identities: new List <EffectiveIdentity> { rls }); } else { generateTokenRequestParameters = new GenerateTokenRequest(accessLevel: "view"); } var tokenResponse = await client.Reports.GenerateTokenInGroupAsync(GroupId, report.Id, generateTokenRequestParameters); if (tokenResponse == null) { result.ErrorMessage = "Failed to generate embed token."; return(View(result)); } result.EmbedToken = tokenResponse; result.EmbedUrl = report.EmbedUrl; result.Id = report.Id; return(View(result)); } } catch (HttpOperationException exc) { result.ErrorMessage = string.Format("Status: {0} ({1})\r\nResponse: {2}\r\nRequestId: {3}", exc.Response.StatusCode, (int)exc.Response.StatusCode, exc.Response.Content, exc.Response.Headers["RequestId"].FirstOrDefault()); } catch (Exception exc) { result.ErrorMessage = exc.ToString(); } return(View(result)); }
public static async Task <EmbedConfig> GetEmbedReportConfigData(string clientId, string groupId, string username, string password, string authorityUrl, string resourceUrl, string apiUrl, string reportUniqueId, string reportName, ServiceContext serviceContext, IServiceEventSource serviceEventSource) { ServiceEventSourceHelper serviceEventSourceHelper = new ServiceEventSourceHelper(serviceEventSource); var result = new EmbedConfig(); var roles = ""; try { var error = GetWebConfigErrors(clientId, groupId, username, password); if (error != null) { result.ErrorMessage = error; return(result); } // Create a user password cradentials. var credential = new UserPasswordCredential(username, password); // Authenticate using created credentials var authenticationContext = new AuthenticationContext(authorityUrl); var authenticationResult = await authenticationContext.AcquireTokenAsync(resourceUrl, clientId, credential); if (authenticationResult == null) { result.ErrorMessage = "Authentication Failed."; return(result); } var tokenCredentials = new TokenCredentials(authenticationResult.AccessToken, "Bearer"); // Create a Power BI Client object. It will be used to call Power BI APIs. using (var client = new PowerBIClient(new Uri(apiUrl), tokenCredentials)) { // Get a list of reports. var reports = await client.Reports.GetReportsInGroupAsync(groupId); Report report; if (string.IsNullOrEmpty(reportName)) { // Get the first report in the group. report = reports.Value.FirstOrDefault(); } else { report = reports.Value.FirstOrDefault(r => r.Name.Equals(reportName)); } if (report == null) { result.ErrorMessage = $"PowerBI Group has no report registered for Name[{reportName}]."; return(result); } var datasets = await client.Datasets.GetDatasetByIdInGroupAsync(groupId, report.DatasetId); result.IsEffectiveIdentityRequired = datasets.IsEffectiveIdentityRequired; result.IsEffectiveIdentityRolesRequired = datasets.IsEffectiveIdentityRolesRequired; GenerateTokenRequest generateTokenRequestParameters; // This is how you create embed token with effective identities if ((result.IsEffectiveIdentityRequired != null && result.IsEffectiveIdentityRequired == true) && (result.IsEffectiveIdentityRolesRequired != null && result.IsEffectiveIdentityRolesRequired == true) && !string.IsNullOrEmpty(username)) { var rls = new EffectiveIdentity(username, new List <string> { report.DatasetId }); if (!string.IsNullOrWhiteSpace(roles)) { var rolesList = new List <string>(); rolesList.AddRange(roles.Split(',')); rls.Roles = rolesList; } // Generate Embed Token with effective identities. generateTokenRequestParameters = new GenerateTokenRequest(accessLevel: "view", identities: new List <EffectiveIdentity> { rls }); } else { // Generate Embed Token for reports without effective identities. generateTokenRequestParameters = new GenerateTokenRequest(accessLevel: "view"); } var tokenResponse = await client.Reports.GenerateTokenInGroupAsync(groupId, report.Id, generateTokenRequestParameters); if (tokenResponse == null) { serviceEventSourceHelper.ServiceMessage(serviceContext, $"Embed Report - Error during user authentication for report - Result=[{tokenResponse.ToString()}]"); result.ErrorMessage = "Failed to authenticate user for report request"; return(result); } // Generate Embed Configuration. result.EmbedToken = tokenResponse; result.EmbedUrl = report.EmbedUrl; result.Id = report.Id; return(result); } } catch (HttpOperationException exc) { result.ErrorMessage = string.Format($"Status: {exc.Response.StatusCode} Response Content: [{exc.Response.Content}] RequestId: {exc.Response.Headers["RequestId"].FirstOrDefault()}"); } catch (Exception exc) { result.ErrorMessage = exc.ToString(); } return(result); }
/// <summary> /// Initializes a new instance of the GenerateTokenRequest class. /// </summary> /// <param name="accessLevel">The dataset mode or type. Possible values /// include: 'View', 'Edit', 'Create'</param> /// <param name="datasetId">The dataset Id</param> /// <param name="allowSaveAs">Allow SaveAs the report with generated /// token.</param> /// <param name="identity">The effective identity to use for RLS /// rules</param> public GenerateTokenRequest(string accessLevel, string datasetId, bool?allowSaveAs, EffectiveIdentity identity) { AccessLevel = accessLevel; DatasetId = datasetId; AllowSaveAs = allowSaveAs; Identities = new[] { identity }; CustomInit(); }
public async Task <bool> EmbedTile() { // Get token credentials for user var getCredentialsResult = await GetTokenCredentials(); if (!getCredentialsResult) { // The error message set in GetTokenCredentials m_tileEmbedConfig.ErrorMessage = m_embedConfig.ErrorMessage; return(false); } try { // Create a Power BI Client object. It will be used to call Power BI APIs. using (var client = new PowerBIClient(new Uri(ApiUrl), m_tokenCredentials)) { // Get a list of dashboards. var dashboards = await client.Dashboards.GetDashboardsInGroupAsync(WorkspaceId); // Get the first report in the workspace. var dashboard = dashboards.Value.Where(it => it.Id == DashboardId).FirstOrDefault(); if (dashboard == null) { m_tileEmbedConfig.ErrorMessage = "Workspace has no dashboards."; return(false); } var tiles = await client.Dashboards.GetTilesInGroupAsync(WorkspaceId, dashboard.Id); // Get the first tile in the workspace. var tile = tiles.Value.FirstOrDefault(); ClaimsPrincipal user = HttpContext.Current.User as ClaimsPrincipal; List <Claim> claims = user.Claims.ToList(); var ident = user.Identities.ToList(); //string name = claims.FirstOrDefault(c => c.Type == "name")?.Value; string name = "e6092d2d-07be-49f2-91b7-cdf3491fe744";//obj id 1329be85-964f-450d-a4be-a4ad585a3cf8 "*****@*****.**";12c70cdd-7645-445f-b79d-30cdda50388d //"3e5c9d8b-9be4-485f-aaec-997fe09d8208 //var generateTokenRequestParameters = new GenerateTokenRequest("View", null, // identities: new List<EffectiveIdentity> { // new EffectiveIdentity(username: name, // roles: new List<string> // { // "InternetSalesUS" ////"InternetSalesAU" // //"InternetSalesManager" // }, // datasets: new List<string> { tile.DatasetId }) }); var rls = new EffectiveIdentity(username: name, datasets: new List <string> { tile.DatasetId }); // if (!string.IsNullOrWhiteSpace(roles)) // { var rolesList = new List <string>(); //rolesList.AddRange(roles.Split(',')); if (ident[0].Name == "*****@*****.**") { rolesList.Add("InternetSalesUS"); } else { rolesList.Add("InternetSalesAU"); } rls.Roles = rolesList; var generateTokenRequestParameters = new GenerateTokenRequest(accessLevel: "view", identities: new List <EffectiveIdentity> { rls }); // Generate Embed Token for a tile. //var generateTokenRequestParameters = new GenerateTokenRequest(accessLevel: "view"); var tokenResponse = await client.Tiles.GenerateTokenInGroupAsync(WorkspaceId, dashboard.Id, tile.Id, generateTokenRequestParameters); if (tokenResponse == null) { m_tileEmbedConfig.ErrorMessage = "Failed to generate embed token."; return(false); } // Generate Embed Configuration. m_tileEmbedConfig = new TileEmbedConfig() { EmbedToken = tokenResponse, EmbedUrl = tile.EmbedUrl, Id = tile.Id, dashboardId = dashboard.Id }; return(true); } } catch (HttpOperationException exc) { m_embedConfig.ErrorMessage = string.Format("Status: {0} ({1})\r\nResponse: {2}\r\nRequestId: {3}", exc.Response.StatusCode, (int)exc.Response.StatusCode, exc.Response.Content, exc.Response.Headers["RequestId"].FirstOrDefault()); return(false); } }
public async Task <ActionResult> EmbedReport() { string tenantID = ClaimsPrincipal.Current.FindFirst("http://schemas.microsoft.com/identity/claims/tenantid").Value; string reportId = Request.Form["SelectedReport"].ToString(); using (var client = await CreatePowerBIClientForISV()) { var report = client.Reports.GetReportInGroup(GroupId, reportId); GenerateTokenRequest generateTokenRequestParameters = new GenerateTokenRequest( accessLevel: "edit", allowSaveAs: true); //no role specified means you can access everything! // Generate Embed Token. if (!tenantID.StartsWith("1")) // the owner tenant of this app starts with 1, which can access everything { switch (report.Name.ToLower()) { case "adventureworks": // for non Analysis Service, map user to Username() var salesUser = new EffectiveIdentity( username: "******", roles: new List <string> { "Sales" }, datasets: new List <string> { report.DatasetId }); generateTokenRequestParameters = new GenerateTokenRequest( accessLevel: "edit", allowSaveAs: true, identities: new List <EffectiveIdentity> { salesUser }); break; case "testaasrls": // for Analysis Service, map user to CustomData() var embedUser = new EffectiveIdentity( username: MvcApplication.pbiUserName, customData: "embed", roles: new List <string> { "Sales Embedded" }, datasets: new List <string> { report.DatasetId }); generateTokenRequestParameters = new GenerateTokenRequest( accessLevel: "edit", allowSaveAs: true, identities: new List <EffectiveIdentity> { embedUser }); break; } } else { switch (report.Name.ToLower()) { case "testaasrls": // for Analysis Service, map user to CustomData() var embedUser = new EffectiveIdentity( username: MvcApplication.pbiUserName, customData: "*****@*****.**", roles: new List <string> { "Sales BiDi" }, datasets: new List <string> { report.DatasetId }); generateTokenRequestParameters = new GenerateTokenRequest( accessLevel: "edit", allowSaveAs: true, identities: new List <EffectiveIdentity> { embedUser }); break; } } var tokenResponse = await client.Reports.GenerateTokenInGroupAsync(GroupId, reportId, generateTokenRequestParameters); // Refresh the dataset // await client.Datasets.RefreshDatasetInGroupAsync(GroupId, report.DatasetId); // Generate Embed Configuration. var embedConfig = new EmbedConfig() { EmbedToken = tokenResponse, EmbedUrl = report.EmbedUrl, Id = reportId, Name = report.Name }; return(View(embedConfig)); } }
public async Task <ActionResult> EmbedReport(string username, string roles) { var result = new EmbedConfig(); try { result = new EmbedConfig { Username = username, Roles = roles }; var error = GetWebConfigErrors(); if (error != null) { result.ErrorMessage = error; return(View(result)); } // Create a user password cradentials. var credential = new UserPasswordCredential(Username, Password); // Authenticate using created credentials var authenticationContext = new AuthenticationContext(AuthorityUrl); var authenticationResult = await authenticationContext.AcquireTokenAsync(ResourceUrl, ApplicationId, credential); if (authenticationResult == null) { result.ErrorMessage = "Authentication Failed."; return(View(result)); } var tokenCredentials = new TokenCredentials(authenticationResult.AccessToken, "Bearer"); // Create a Power BI Client object. It will be used to call Power BI APIs. using (var client = new PowerBIClient(new Uri(ApiUrl), tokenCredentials)) { // Get a list of reports. var reports = await client.Reports.GetReportsInGroupAsync(WorkspaceId); // No reports retrieved for the given workspace. if (reports.Value.Count() == 0) { result.ErrorMessage = "No reports were found in the workspace"; return(View(result)); } Report report; if (string.IsNullOrWhiteSpace(ReportId)) { // Get the first report in the workspace. report = reports.Value.FirstOrDefault(); } else { report = reports.Value.FirstOrDefault(r => r.Id == ReportId); } if (report == null) { result.ErrorMessage = "No report with the given ID was found in the workspace. Make sure ReportId is valid."; return(View(result)); } var datasets = await client.Datasets.GetDatasetByIdInGroupAsync(WorkspaceId, report.DatasetId); result.IsEffectiveIdentityRequired = datasets.IsEffectiveIdentityRequired; result.IsEffectiveIdentityRolesRequired = datasets.IsEffectiveIdentityRolesRequired; GenerateTokenRequest generateTokenRequestParameters; // This is how you create embed token with effective identities if (!string.IsNullOrWhiteSpace(username)) { var rls = new EffectiveIdentity(username, new List <string> { report.DatasetId }); if (!string.IsNullOrWhiteSpace(roles)) { var rolesList = new List <string>(); rolesList.AddRange(roles.Split(',')); rls.Roles = rolesList; } // Generate Embed Token with effective identities. generateTokenRequestParameters = new GenerateTokenRequest(accessLevel: "view", identities: new List <EffectiveIdentity> { rls }); } else { // Generate Embed Token for reports without effective identities. generateTokenRequestParameters = new GenerateTokenRequest(accessLevel: "view"); } var tokenResponse = await client.Reports.GenerateTokenInGroupAsync(WorkspaceId, report.Id, generateTokenRequestParameters); if (tokenResponse == null) { result.ErrorMessage = "Failed to generate embed token."; return(View(result)); } // Generate Embed Configuration. result.EmbedToken = tokenResponse; result.EmbedUrl = report.EmbedUrl; result.Id = report.Id; return(View(result)); } } catch (HttpOperationException exc) { result.ErrorMessage = string.Format("Status: {0} ({1})\r\nResponse: {2}\r\nRequestId: {3}", exc.Response.StatusCode, (int)exc.Response.StatusCode, exc.Response.Content, exc.Response.Headers["RequestId"].FirstOrDefault()); } catch (Exception exc) { result.ErrorMessage = exc.ToString(); } return(View(result)); }
public async Task <ActionResult> EmbedDashboardRls(string userName) { var roles = "Client User"; var result = new EmbedConfig(); result.Username = userName; result.Roles = roles; if (userName == "Northridge") { result.Username = userName; userName = "******"; } else { result.Username = "******"; userName = "******"; } var error = GetWebConfigErrors(); if (error != null) { return(View(new EmbedConfig() { ErrorMessage = error })); } try { // Create a user password cradentials. var credential = new UserPasswordCredential(Username, Password); // Authenticate using created credentials var authenticationContext = new AuthenticationContext(AuthorityUrl); var authenticationResult = await authenticationContext.AcquireTokenAsync(ResourceUrl, ClientId, credential); if (authenticationResult == null) { return(View(new EmbedConfig() { ErrorMessage = "Authentication Failed." })); } var tokenCredentials = new TokenCredentials(authenticationResult.AccessToken, "Bearer"); // Create a Power BI Client object. It will be used to call Power BI APIs. using (var client = new PowerBIClient(new Uri(ApiUrl), tokenCredentials)) { // Get a list of dashboards. var dashboards = await client.Dashboards.GetDashboardsInGroupAsync(GroupId); // Get the first report in the group. var dashboard = dashboards.Value.FirstOrDefault(); if (dashboard == null) { return(View(new EmbedConfig() { ErrorMessage = "Group has no dashboards." })); } // Generate Embed Token. var dataSetIds = await GetDashboardDatasetIdsAsync(client, dashboard.Id, GroupId); var rls = new EffectiveIdentity(userName, dataSetIds); if (!string.IsNullOrWhiteSpace(roles)) { var rolesList = new List <string>(); rolesList.AddRange(roles.Split(',')); rls.Roles = rolesList; } // Generate Embed Token with effective identities. var generateTokenRequestParameters = new GenerateTokenRequest(accessLevel: "view", identities: new List <EffectiveIdentity> { rls }); var tokenResponse = await client.Dashboards.GenerateTokenInGroupAsync(GroupId, dashboard.Id, generateTokenRequestParameters); if (tokenResponse == null) { result.ErrorMessage = "Failed to generate embed token."; return(View(result)); } // Generate Embed Configuration. result.EmbedToken = tokenResponse; result.EmbedUrl = dashboard.EmbedUrl; result.Id = dashboard.Id; if (tokenResponse == null) { return(View(new EmbedConfig() { ErrorMessage = "Failed to generate embed token." })); } return(View(result)); } } catch (HttpOperationException exc) { result.ErrorMessage = string.Format("Status: {0} ({1})\r\nResponse: {2}\r\nRequestId: {3}", exc.Response.StatusCode, (int)exc.Response.StatusCode, exc.Response.Content, exc.Response.Headers["RequestId"].FirstOrDefault()); throw exc; } catch (Exception exc) { result.ErrorMessage = exc.ToString(); throw exc; } }
public static ReportWithRlsEmbeddingData GetReportWithRlsEmbeddingData() { PowerBIClient pbiClient = GetPowerBiClient(); var report = pbiClient.Reports.GetReportInGroup(workspaceId, reportWithRlsId); var datasetId = report.DatasetId; var embedUrl = report.EmbedUrl; var reportName = report.Name; Console.WriteLine("Getting RLS-enabled embed tokens"); GenerateTokenRequest tokenRequestAllData = new GenerateTokenRequest(accessLevel: "view", identities: new List <EffectiveIdentity> { new EffectiveIdentity(username: "******", datasets: new List <string> { datasetWithRlsId }, roles: new List <string> { "AllData" }) }); string embedTokenAllData = pbiClient.Reports.GenerateTokenInGroup(workspaceId, reportWithRlsId, tokenRequestAllData).Token; Console.WriteLine("Got 1"); EffectiveIdentity identityWesternSales = new EffectiveIdentity(username: "******", roles: new List <string> { "WesternSales" }, datasets: new List <string> { datasetWithRlsId }); GenerateTokenRequest tokenRequestWesternSales = new GenerateTokenRequest("view", null, identities: new List <EffectiveIdentity> { identityWesternSales }); string embedTokenWesternSales = pbiClient.Reports.GenerateTokenInGroup(workspaceId, report.Id, tokenRequestWesternSales).Token; Console.WriteLine("Got 2"); EffectiveIdentity identityCentralSales = new EffectiveIdentity(username: "******", roles: new List <string> { "CentralSales" }, datasets: new List <string> { datasetWithRlsId }); GenerateTokenRequest tokenRequestCentralSales = new GenerateTokenRequest(accessLevel: "view", datasetId: datasetId, identities: new List <EffectiveIdentity> { identityCentralSales }); string embedTokenCentralSales = pbiClient.Reports.GenerateTokenInGroup(workspaceId, report.Id, tokenRequestCentralSales).Token; Console.WriteLine("Got 3"); EffectiveIdentity identityEasternSales = new EffectiveIdentity("Bob", roles: new List <string> { "EasternSales" }, datasets: new List <string> { datasetWithRlsId }); GenerateTokenRequest tokenRequestEasternSales = new GenerateTokenRequest(accessLevel: "view", datasetId: datasetId, identities: new List <EffectiveIdentity> { identityEasternSales }); string embedTokenEasternSales = pbiClient.Reports.GenerateTokenInGroup(workspaceId, report.Id, tokenRequestEasternSales).Token; Console.WriteLine("Got 4"); return(new ReportWithRlsEmbeddingData { reportId = report.Id, reportName = reportName, embedUrl = embedUrl, embedTokenAllData = embedTokenAllData, embedTokenWesternSales = embedTokenWesternSales, embedTokenCentralSales = embedTokenCentralSales, embedTokenEasternSales = embedTokenEasternSales }); }
public async Task <ActionResult> EmbedReportAas(string username, string roles) { var result = new EmbedConfig(); try { result = new EmbedConfig { Username = username, Roles = roles }; var error = GetWebConfigErrors(); if (error != null) { result.ErrorMessage = error; return(View(result)); } // Create a user password cradentials. var credential = new UserPasswordCredential(Username, Password); // Authenticate using created credentials var authenticationContext = new AuthenticationContext(AuthorityUrl); var authenticationResult = await authenticationContext.AcquireTokenAsync(ResourceUrl, ClientId, credential); if (authenticationResult == null) { result.ErrorMessage = "Authentication Failed."; return(View(result)); } var tokenCredentials = new TokenCredentials(authenticationResult.AccessToken, "Bearer"); // Create a Power BI Client object. It will be used to call Power BI APIs. using (var client = new PowerBIClient(new Uri(ApiUrl), tokenCredentials)) { // Get a list of reports. var reports = await client.Reports.GetReportsInGroupAsync(GroupId); Report report; if (string.IsNullOrEmpty(ReportAasId)) { // Get the first report in the group. report = reports.Value.FirstOrDefault(); } else { report = reports.Value.FirstOrDefault(r => r.Id == ReportAasId); } result.Reports = reports.Value.Select(r => new ReportModel { Id = r.Id, Name = r.Name, EmbedUrl = r.EmbedUrl }).ToList(); if (report == null) { result.ErrorMessage = "Group has no reports."; return(View(result)); } var datasets = await client.Datasets.GetDatasetByIdInGroupAsync(GroupId, report.DatasetId); result.IsEffectiveIdentityRequired = datasets.IsEffectiveIdentityRequired; result.IsEffectiveIdentityRolesRequired = datasets.IsEffectiveIdentityRolesRequired; GenerateTokenRequest generateTokenRequestParameters; // This is how you create embed token with effective identities if (!string.IsNullOrEmpty(username)) { var rls = new EffectiveIdentity( Username, new List <string> { report.DatasetId }, null, "PowerBi itself do not accept any arguments when we request token " + "(apart from username and list of roles).In PowerBi desktop we can " + "access username value and use it in filters, etc." + "My idea was to use username as an argument and pass array of glids " + "as a username.Then, on PowerBi desktop side we can use contains" + " logic to filter data.However it turned out that username is limited" + " to 256 characters.So we can pass up to 15 - 25 glids at most." + "However we can workaround this limitation by adding some extra " + "logic of parsing username.I guess that passing multiple glids" + " to PowerBi will be done for some specific cases.Like comparison " + "of all clients related to the same zor.In such case we could"); //if (!string.IsNullOrWhiteSpace(roles)) //{ // var rolesList = new List<string>(); // rolesList.AddRange(roles.Split(',')); // rls.Roles = rolesList; //} // Generate Embed Token with effective identities. generateTokenRequestParameters = new GenerateTokenRequest( accessLevel: "view", identities: new List <EffectiveIdentity> { rls }); } else { // Generate Embed Token for reports without effective identities. generateTokenRequestParameters = new GenerateTokenRequest(accessLevel: "view"); } var tokenResponse = await client.Reports.GenerateTokenInGroupAsync(GroupId, report.Id, generateTokenRequestParameters); if (tokenResponse == null) { result.ErrorMessage = "Failed to generate embed token."; return(View(result)); } // Generate Embed Configuration. result.EmbedToken = tokenResponse; result.EmbedUrl = report.EmbedUrl; result.Id = report.Id; return(View(result)); } } catch (HttpOperationException exc) { result.ErrorMessage = string.Format("Status: {0} ({1})\r\nResponse: {2}\r\nRequestId: {3}", exc.Response.StatusCode, (int)exc.Response.StatusCode, exc.Response.Content, exc.Response.Headers["RequestId"].FirstOrDefault()); } catch (Exception exc) { result.ErrorMessage = exc.ToString(); } return(View(result)); }
public async Task <ActionResult> EmbedReportRls(string userName, string roles) { roles = "Client User"; var result = new EmbedConfig(); try { result.Username = userName; result.Roles = roles; if (userName == "Northridge") { result.Username = userName; userName = "******"; } else { result.Username = "******"; userName = "******"; } var error = GetWebConfigErrors(); if (error != null) { result.ErrorMessage = error; return(View(result)); } // Create a user password cradentials. var credential = new UserPasswordCredential(Username, Password); // Authenticate using created credentials var authenticationContext = new AuthenticationContext(AuthorityUrl); var authenticationResult = await authenticationContext.AcquireTokenAsync(ResourceUrl, ClientId, credential); if (authenticationResult == null) { result.ErrorMessage = "Authentication Failed."; return(View(result)); } var tokenCredentials = new TokenCredentials(authenticationResult.AccessToken, "Bearer"); // Create a Power BI Client object. It will be used to call Power BI APIs. using (var client = new PowerBIClient(new Uri(ApiUrl), tokenCredentials)) { // Get a list of reports. var reports = await client.Reports.GetReportsInGroupAsync(GroupId); Report report; if (string.IsNullOrEmpty(ReportRlsId)) { // Get the first report in the group. report = reports.Value.FirstOrDefault(); } else { report = reports.Value.FirstOrDefault(r => r.Id == ReportRlsId); } result.Reports = reports.Value.Select(r => new ReportModel { Id = r.Id, Name = r.Name, EmbedUrl = r.EmbedUrl }).ToList(); if (report == null) { result.ErrorMessage = "Group has no reports."; return(View(result)); } var datasets = await client.Datasets.GetDatasetByIdInGroupAsync(GroupId, report.DatasetId); result.IsEffectiveIdentityRequired = datasets.IsEffectiveIdentityRequired; result.IsEffectiveIdentityRolesRequired = datasets.IsEffectiveIdentityRolesRequired; GenerateTokenRequest generateTokenRequestParameters; // This is how you create embed token with effective identities //if (!string.IsNullOrEmpty(gl)) //{ var rls = new EffectiveIdentity(userName, new List <string> { report.DatasetId }); if (!string.IsNullOrWhiteSpace(roles)) { var rolesList = new List <string>(); rolesList.AddRange(roles.Split(',')); rls.Roles = rolesList; } // Generate Embed Token with effective identities. generateTokenRequestParameters = new GenerateTokenRequest(accessLevel: "view", identities: new List <EffectiveIdentity> { rls }); //} //else //{ // // Generate Embed Token for reports without effective identities. // generateTokenRequestParameters = new GenerateTokenRequest(accessLevel: "view"); //} var tokenResponse = await client.Reports.GenerateTokenInGroupAsync(GroupId, report.Id, generateTokenRequestParameters); if (tokenResponse == null) { result.ErrorMessage = "Failed to generate embed token."; return(View(result)); } // Generate Embed Configuration. result.EmbedToken = tokenResponse; result.EmbedUrl = report.EmbedUrl; result.Id = report.Id; return(View(result)); } } catch (HttpOperationException exc) { result.ErrorMessage = string.Format("Status: {0} ({1})\r\nResponse: {2}\r\nRequestId: {3}", exc.Response.StatusCode, (int)exc.Response.StatusCode, exc.Response.Content, exc.Response.Headers["RequestId"].FirstOrDefault()); } catch (Exception exc) { result.ErrorMessage = exc.ToString(); } return(View(result)); }
public async Task <bool> EmbedReport(string username, string roles) { // Get token credentials for user var getCredentialsResult = await GetTokenCredentials(); if (!getCredentialsResult) { // The error message set in GetTokenCredentials return(false); } try { // Create a Power BI Client object. It will be used to call Power BI APIs. using (var client = new PowerBIClient(new Uri(ApiUrl), m_tokenCredentials)) { // Get a list of reports. var reports = await client.Reports.GetReportsInGroupAsync(WorkspaceId); // No reports retrieved for the given workspace. if (reports.Value.Count() == 0) { m_embedConfig.ErrorMessage = "No reports were found in the workspace"; return(false); } Report report; if (string.IsNullOrWhiteSpace(ReportId)) { // Get the first report in the workspace. report = reports.Value.FirstOrDefault(); } else { report = reports.Value.FirstOrDefault(r => r.Id.Equals(ReportId, StringComparison.InvariantCultureIgnoreCase)); } if (report == null) { m_embedConfig.ErrorMessage = "No report with the given ID was found in the workspace. Make sure ReportId is valid."; return(false); } var datasets = await client.Datasets.GetDatasetByIdInGroupAsync(WorkspaceId, report.DatasetId); m_embedConfig.IsEffectiveIdentityRequired = datasets.IsEffectiveIdentityRequired; m_embedConfig.IsEffectiveIdentityRolesRequired = datasets.IsEffectiveIdentityRolesRequired; GenerateTokenRequest generateTokenRequestParameters; // This is how you create embed token with effective identities ClaimsPrincipal user = HttpContext.Current.User as ClaimsPrincipal; List <Claim> claims = user.Claims.ToList(); var ident = user.Identities.ToList(); //string name = claims.FirstOrDefault(c => c.Type == "name")?.Value; string usernameObj = "e6092d2d-07be-49f2-91b7-cdf3491fe744";//obj id 1329be85-964f-450d-a4be-a4ad585a3cf8 "*****@*****.**";12c70cdd-7645-445f-b79d-30cdda50388d //"3e5c9d8b-9be4-485f-aaec-997fe09d8208 //var customData = null; if (!string.IsNullOrWhiteSpace(usernameObj)) { var rls = new EffectiveIdentity(usernameObj, new List <string> { report.DatasetId }); // if (!string.IsNullOrWhiteSpace(roles)) // { var rolesList = new List <string>(); //rolesList.AddRange(roles.Split(',')); if (ident[0].Name == "*****@*****.**") { rolesList.Add("InternetSalesUS"); } else { rolesList.Add("InternetSalesAU"); } rls.Roles = rolesList; // } // Generate Embed Token with effective identities. generateTokenRequestParameters = new GenerateTokenRequest(accessLevel: "view", identities: new List <EffectiveIdentity> { rls }); } else { // Generate Embed Token for reports without effective identities. generateTokenRequestParameters = new GenerateTokenRequest(accessLevel: "view"); } var tokenResponse = await client.Reports.GenerateTokenInGroupAsync(WorkspaceId, report.Id, generateTokenRequestParameters); if (tokenResponse == null) { m_embedConfig.ErrorMessage = "Failed to generate embed token."; return(false); } // Generate Embed Configuration. m_embedConfig.EmbedToken = tokenResponse; m_embedConfig.EmbedUrl = report.EmbedUrl; m_embedConfig.Id = report.Id; } } catch (HttpOperationException exc) { m_embedConfig.ErrorMessage = string.Format("Status: {0} ({1})\r\nResponse: {2}\r\nRequestId: {3}", exc.Response.StatusCode, (int)exc.Response.StatusCode, exc.Response.Content, exc.Response.Headers["RequestId"].FirstOrDefault()); return(false); } return(true); }
public async Task <EmbedConfig> GetDashboardEmbedConfigAsync(int userId, string username, string roles, string dashboardId) { var model = (EmbedConfig)CachingProvider.Instance().GetItem($"PBI_{Settings.PortalId}_{Settings.SettingsId}_{userId}_{Thread.CurrentThread.CurrentUICulture.Name}_Dashboard_{dashboardId}"); if (model != null) { return(model); } model = new EmbedConfig(); // Get token credentials for user var getCredentialsResult = await GetTokenCredentials(); if (!getCredentialsResult) { // The error message set in GetTokenCredentials model.ErrorMessage = "Authentication failed."; return(model); } // Create a Power BI Client object. It will be used to call Power BI APIs. using (var client = new PowerBIClient(new Uri(Settings.ApiUrl), tokenCredentials)) { // Get a list of reports. var dashboards = await client.Dashboards.GetDashboardsInGroupAsync(Guid.Parse(Settings.WorkspaceId)).ConfigureAwait(false); // No dashboards retrieved for the given workspace. if (dashboards.Value.Count() == 0) { model.ErrorMessage = "No dashboards were found in the workspace"; } var dashboard = dashboards.Value.FirstOrDefault(r => r.Id.ToString().Equals(dashboardId, StringComparison.InvariantCultureIgnoreCase)); if (dashboard == null) { model.ErrorMessage = "No dashboard with the given ID was found in the workspace. Make sure ReportId is valid."; } // Generate Embed Token for reports without effective identities. GenerateTokenRequest generateTokenRequestParameters; // This is how you create embed token with effective identities if (!string.IsNullOrWhiteSpace(username)) { var rls = new EffectiveIdentity(username, new List <string> { dashboardId }); if (!string.IsNullOrWhiteSpace(roles)) { var rolesList = new List <string>(); rolesList.AddRange(roles.Split(',')); rls.Roles = rolesList; } // Generate Embed Token with effective identities. generateTokenRequestParameters = new GenerateTokenRequest(accessLevel: "view", identities: new List <EffectiveIdentity> { rls }); } else { // Generate Embed Token for reports without effective identities. generateTokenRequestParameters = new GenerateTokenRequest(accessLevel: "view"); } EmbedToken tokenResponse; try { tokenResponse = await client.Dashboards.GenerateTokenInGroupAsync(Guid.Parse(Settings.WorkspaceId), dashboard.Id, generateTokenRequestParameters).ConfigureAwait(false); } catch (HttpOperationException ex) { if (ex.Response.Content.Contains("shouldn't have effective identity")) { // HACK: Creating embed token for accessing dataset shouldn't have effective identity" // See https://community.powerbi.com/t5/Developer/quot-shouldn-t-have-effective-identity-quot-error-when-passing/m-p/437177 generateTokenRequestParameters = new GenerateTokenRequest(accessLevel: "view"); tokenResponse = await client.Dashboards.GenerateTokenInGroupAsync(Guid.Parse(Settings.WorkspaceId), dashboard.Id, generateTokenRequestParameters).ConfigureAwait(false); } else { throw; } } if (tokenResponse == null) { model.ErrorMessage = "Failed to generate embed token."; } // Generate Embed Configuration. model.EmbedToken = tokenResponse; model.EmbedUrl = dashboard.EmbedUrl; model.Id = dashboard.Id.ToString(); model.ContentType = "dashboard"; CachingProvider.Instance().Insert($"PBI_{Settings.PortalId}_{Settings.SettingsId}_{userId}_{Thread.CurrentThread.CurrentUICulture.Name}_Dashboard_{dashboardId}", model, null, DateTime.Now.AddSeconds(60), TimeSpan.Zero); } return(model); }
public async Task <IHttpActionResult> Get(string username, string roles) { var result = new EmbedConfig(); try { result = new EmbedConfig { Username = username, Roles = roles }; var error = GetWebConfigErrors(); if (error != null) { result.ErrorMessage = error; return(Ok(AirFusion.WindEdition.API.ResponseResult <EmbedConfig> .GetResult(result))); } var credential = new UserPasswordCredential(Username, Password); // Authenticate using created credentials var authenticationContext = new AuthenticationContext(AuthorityUrl); var authenticationResult = await authenticationContext.AcquireTokenAsync(ResourceUrl, ApplicationId, credential); if (authenticationResult == null) { result.ErrorMessage = "Authentication Failed."; return(Ok(AirFusion.WindEdition.API.ResponseResult <EmbedConfig> .GetResult(result))); } var tokenCredentials = new TokenCredentials(authenticationResult.AccessToken, "Bearer"); using (var client = new PowerBIClient(new Uri(ApiUrl), tokenCredentials)) { // Get a list of reports. var reports = await client.Reports.GetReportsInGroupAsync(WorkspaceId); // No reports retrieved for the given workspace. if (reports.Value.Count() == 0) { result.ErrorMessage = "No reports were found in the workspace"; return(Ok(AirFusion.WindEdition.API.ResponseResult <EmbedConfig> .GetResult(result))); } Report report; if (string.IsNullOrWhiteSpace(ReportId)) { // Get the first report in the workspace. report = reports.Value.FirstOrDefault(); } else { report = reports.Value.FirstOrDefault(r => r.Id == ReportId); } if (report == null) { result.ErrorMessage = "No report with the given ID was found in the workspace. Make sure ReportId is valid."; return(Ok(AirFusion.WindEdition.API.ResponseResult <EmbedConfig> .GetResult(result))); } var datasets = await client.Datasets.GetDatasetByIdInGroupAsync(WorkspaceId, report.DatasetId); result.IsEffectiveIdentityRequired = datasets.IsEffectiveIdentityRequired; result.IsEffectiveIdentityRolesRequired = datasets.IsEffectiveIdentityRolesRequired; GenerateTokenRequest generateTokenRequestParameters; // This is how you create embed token with effective identities if (!string.IsNullOrWhiteSpace(username)) { var rls = new EffectiveIdentity(username, new List <string> { report.DatasetId }); if (!string.IsNullOrWhiteSpace(roles)) { var rolesList = new List <string>(); rolesList.AddRange(roles.Split(',')); rls.Roles = rolesList; } // Generate Embed Token with effective identities. generateTokenRequestParameters = new GenerateTokenRequest(accessLevel: "view", identities: new List <EffectiveIdentity> { rls }); } else { // Generate Embed Token for reports without effective identities. generateTokenRequestParameters = new GenerateTokenRequest(accessLevel: "view"); } var tokenResponse = await client.Reports.GenerateTokenInGroupAsync(WorkspaceId, report.Id, generateTokenRequestParameters); if (tokenResponse == null) { result.ErrorMessage = "Failed to generate embed token."; return(Ok(AirFusion.WindEdition.API.ResponseResult <EmbedConfig> .GetResult(result))); } // Generate Embed Configuration. result.EmbedToken = tokenResponse; result.EmbedUrl = report.EmbedUrl; result.Id = report.Id; var json = new JavaScriptSerializer().Serialize(result); return(Ok(AirFusion.WindEdition.API.ResponseResult <EmbedConfig> .GetResult(result))); } } catch (Exception ex) { result.ErrorMessage = "Error Occured"; } return(Ok(AirFusion.WindEdition.API.ResponseResult <EmbedConfig> .GetResult(result))); }
private async Task <EmbedConfig> EmbedReport(EmbedReportRequest embedReportRequest) { var config = new EmbedConfig(); UserCredential = embedReportRequest.Credential; try { var data = await AuthenticateAsync(); using (var pClient = new PowerBIClient(new Uri(POWER_BI_API_URL), PTokenCredentials)) { var groups = await pClient.Groups.GetGroupsWithHttpMessagesAsync(); var group = groups.Body.Value.FirstOrDefault(s => s.Id == embedReportRequest.WorkSpaceId); if (group == null) { throw new ValidationException(PowerResource.ValidationErrorParentGroupNotFoundError); } var reports = await pClient.Reports.GetReportsInGroupAsync(group.Id); if (!reports.Value.Any()) { config.ErrorMessage = PowerResource.EmbedReportNotFoundError; return(config); } var embeddingReport = reports.Value.FirstOrDefault(s => s.Id == embedReportRequest.ReportId); if (embeddingReport == null) { config.ErrorMessage = PowerResource.EmbedReportNotFoundError; } var dataSet = await pClient.Datasets.GetDatasetByIdInGroupAsync(group.Id, embeddingReport.DatasetId); config.IsEffectiveIdentityRequired = dataSet.IsEffectiveIdentityRequired; config.IsEffectiveIdentityRolesRequired = dataSet.IsEffectiveIdentityRolesRequired; var upDateResponse = await UpdateAndRefreshDataSet(pClient, embedReportRequest, group.Id, embeddingReport.Id, dataSet.Id); if (upDateResponse) { GenerateTokenRequest generateTokenRequestParameters; if (!string.IsNullOrWhiteSpace(embedReportRequest.EmbedUserName)) { var rls = new EffectiveIdentity(embedReportRequest.EmbedUserName, new List <string> { embeddingReport.DatasetId }); if (!string.IsNullOrWhiteSpace(embedReportRequest.EmbedRoles)) { var rolesList = new List <string>(); rolesList.AddRange(embedReportRequest.EmbedRoles.Split(',')); rls.Roles = rolesList; } generateTokenRequestParameters = new GenerateTokenRequest(accessLevel: "view", identities: new List <EffectiveIdentity> { rls }); } else { generateTokenRequestParameters = new GenerateTokenRequest(accessLevel: "view"); } var tokenResponse = await pClient.Reports.GenerateTokenInGroupAsync(group.Id, embeddingReport.Id, generateTokenRequestParameters); if (tokenResponse == null) { config.ErrorMessage = "Failed to generate embed token."; return(config); } config.EmbedToken = tokenResponse; config.EmbedUrl = embeddingReport.EmbedUrl; config.Id = embeddingReport.Id; return(config); } } } catch (Exception e) { Console.WriteLine(e); throw; } return(null); }
public async Task <ActionResult> OnGetAsync() { var result = await authorizationService.AuthorizeAsync(HttpContext.User, RoleName.SysAdmin); var usr = await userManager.FindByNameAsync(HttpContext.User.Identity.Name); bool ok = await userManager.IsInRoleAsync(usr, RoleName.SysAdmin); string username = null; string roles = null; Input = new EmbedConfig(); try { Input = new EmbedConfig { Username = username, Roles = roles }; var error = GetWebConfigErrors(); if (error != null) { Input.ErrorMessage = error; return(Page()); } // Create a user password cradentials. //var credential = new UserPasswordCredential(pbiSettings.Username, pbiSettings.Password); //// Authenticate using created credentials //var authenticationContext = new AuthenticationContext(pbiSettings.AuthorityUrl); //var authenticationResult = await authenticationContext.AcquireTokenAsync(pbiSettings.ResourceUrl, pbiSettings.ApplicationId, credential); //https://community.powerbi.com/t5/Developer/Embed-Power-BI-dashboard-in-ASP-Net-core/m-p/284314#M8436 var authenticationResult = await AuthenticateAsync(); if (authenticationResult == null) { Input.ErrorMessage = "Authentication Failed."; return(Page()); } var tokenCredentials = new TokenCredentials(authenticationResult.AccessToken, "Bearer"); // Create a Power BI Client object. It will be used to call Power BI APIs. using (var client = new PowerBIClient(new Uri(pbiSettings.ApiUrl), tokenCredentials, new DelegatingHandler[0])) { // Get a list of reports. var reports = await client.Reports.GetReportsInGroupAsync(pbiSettings.WorkspaceId); // No reports retrieved for the given workspace. if (reports.Value.Count() == 0) { Input.ErrorMessage = "No reports were found in the workspace"; return(Page()); } Report report; if (string.IsNullOrWhiteSpace(pbiSettings.ReportId)) { // Get the first report in the workspace. report = reports.Value.FirstOrDefault(); } else { report = reports.Value.FirstOrDefault(r => r.Id == pbiSettings.ReportId); } if (report == null) { Input.ErrorMessage = "No report with the given ID was found in the workspace. Make sure ReportId is valid."; return(Page()); } var datasets = await client.Datasets.GetDatasetByIdInGroupAsync(pbiSettings.WorkspaceId, report.DatasetId); Input.IsEffectiveIdentityRequired = datasets.IsEffectiveIdentityRequired; Input.IsEffectiveIdentityRolesRequired = datasets.IsEffectiveIdentityRolesRequired; GenerateTokenRequest generateTokenRequestParameters; // This is how you create embed token with effective identities if (!string.IsNullOrWhiteSpace(username)) { var rls = new EffectiveIdentity(username, new List <string> { report.DatasetId }); if (!string.IsNullOrWhiteSpace(roles)) { var rolesList = new List <string>(); rolesList.AddRange(roles.Split(',')); rls.Roles = rolesList; } // Generate Embed Token with effective identities. generateTokenRequestParameters = new GenerateTokenRequest(accessLevel: "view", identities: new List <EffectiveIdentity> { rls }); } else { // Generate Embed Token for reports without effective identities. generateTokenRequestParameters = new GenerateTokenRequest(accessLevel: "view"); } var tokenResponse = await client.Reports.GenerateTokenInGroupAsync(pbiSettings.WorkspaceId, report.Id, generateTokenRequestParameters); if (tokenResponse == null) { Input.ErrorMessage = "Failed to generate embed token."; return(Page()); } // Generate Embed Configuration. Input.EmbedToken = tokenResponse; Input.EmbedUrl = report.EmbedUrl; Input.Id = report.Id; return(Page()); } } catch (HttpOperationException exc) { Input.ErrorMessage = string.Format("Status: {0} ({1})\r\nResponse: {2}\r\nRequestId: {3}", exc.Response.StatusCode, (int)exc.Response.StatusCode, exc.Response.Content, exc.Response.Headers["RequestId"].FirstOrDefault()); } catch (Exception exc) { Input.ErrorMessage = exc.ToString(); } return(Page()); }
public static ReportWithRlsEmbeddingData GetReportWithRlsEmbeddingData() { var userName = "******"; PowerBIClient pbiClient = TokenManager.GetPowerBiClient(); var report = pbiClient.Reports.GetReportInGroup(workspaceId, reportWithRlsId); var datasetId = report.DatasetId; var embedUrl = report.EmbedUrl; var reportName = report.Name; Console.WriteLine("Getting RLS-enabled embed tokens"); GenerateTokenRequest tokenRequestAllData = new GenerateTokenRequest(accessLevel: "view", identities: new List <EffectiveIdentity> { new EffectiveIdentity(username: userName, datasets: new List <string> { datasetWithRlsId.ToString() }, roles: new List <string> { "Admin" }) }); string embedTokenAllData = pbiClient.Reports.GenerateTokenInGroup(workspaceId, reportWithRlsId, tokenRequestAllData).Token; EffectiveIdentity identityWesternSales = new EffectiveIdentity(username: userName, roles: new List <string> { "Western Region" }, datasets: new List <string> { datasetWithRlsId.ToString() }); GenerateTokenRequest tokenRequestWesternSales = new GenerateTokenRequest("view", null, identities: new List <EffectiveIdentity> { identityWesternSales }); string embedTokenWesternSales = pbiClient.Reports.GenerateTokenInGroup(workspaceId, report.Id, tokenRequestWesternSales).Token; EffectiveIdentity identityCentralSales = new EffectiveIdentity(username: userName, roles: new List <string> { "Central Region" }, datasets: new List <string> { datasetWithRlsId.ToString() }); GenerateTokenRequest tokenRequestCentralSales = new GenerateTokenRequest(accessLevel: "view", datasetId: datasetId, identities: new List <EffectiveIdentity> { identityCentralSales }); string embedTokenCentralSales = pbiClient.Reports.GenerateTokenInGroup(workspaceId, report.Id, tokenRequestCentralSales).Token; EffectiveIdentity identityEasternSales = new EffectiveIdentity(userName, roles: new List <string> { "Eastern Region" }, datasets: new List <string> { datasetWithRlsId.ToString() }); GenerateTokenRequest tokenRequestEasternSales = new GenerateTokenRequest(accessLevel: "view", datasetId: datasetId, identities: new List <EffectiveIdentity> { identityEasternSales }); string embedTokenEasternSales = pbiClient.Reports.GenerateTokenInGroup(workspaceId, report.Id, tokenRequestEasternSales).Token; EffectiveIdentity identityCombo = new EffectiveIdentity(userName, roles: new List <string> { "Central Region", "Eastern Region" }, datasets: new List <string> { datasetWithRlsId.ToString() }); GenerateTokenRequest tokenRequestCombo = new GenerateTokenRequest(accessLevel: "view", datasetId: datasetId, identities: new List <EffectiveIdentity> { identityCombo }); string embedTokenCombo = pbiClient.Reports.GenerateTokenInGroup(workspaceId, report.Id, tokenRequestCombo).Token; return(new ReportWithRlsEmbeddingData { reportId = report.Id.ToString(), reportName = reportName, embedUrl = embedUrl, embedTokenAllData = embedTokenAllData, embedTokenWesternSales = embedTokenWesternSales, embedTokenCentralSales = embedTokenCentralSales, embedTokenEasternSales = embedTokenEasternSales, embedTokenCombo = embedTokenCombo }); }
public async Task <ActionResult> EmbedReport(string username, string roles, string token) { var result = new EmbedConfig(); try { if (String.IsNullOrEmpty(token)) { result.ErrorMessage = "you are not authorized no token was found"; return(View("Error", result)); } System.IdentityModel.Tokens.Jwt.JwtSecurityToken jwtToken; if (CustomValidation.ValidateToken(token, out jwtToken)) { var claims = jwtToken.Claims.Cast <System.Security.Claims.Claim>().ToList(); var campaignId = claims.FirstOrDefault(x => x.Type == "CampaignId"); var languageId = claims.FirstOrDefault(x => x.Type == "LanguageId"); // if the data is not inside the token if (campaignId == null || languageId == null) { Environment.Exit(0); } Console.WriteLine($"CampaignId: {campaignId.Value}"); Console.WriteLine($"LanguageId: {languageId.Value}"); var ReportInfo = dbConnector.GetReportInfo(int.Parse(campaignId.Value), languageId.Value); if (ReportInfo == null) { result.ErrorMessage = "No Report was created for this campaign"; return(View("Error", result)); } result = new EmbedConfig { Username = username, Roles = roles }; var error = GetWebConfigErrors(); if (error != null) { result.ErrorMessage = error; return(View(result)); } // Create a user password cradentials. var credential = new UserPasswordCredential(Username, Password); // Authenticate using created credentials var authenticationContext = new AuthenticationContext(AuthorityUrl); var authenticationResult = await authenticationContext.AcquireTokenAsync(ResourceUrl, ApplicationId, credential); if (authenticationResult == null) { result.ErrorMessage = "Authentication Failed."; return(View(result)); } var tokenCredentials = new TokenCredentials(authenticationResult.AccessToken, "Bearer"); // Create a Power BI Client object. It will be used to call Power BI APIs. using (var client = new PowerBIClient(new Uri(ApiUrl), tokenCredentials)) { //Refresh Dataset befaure calling reports (limitation 8 refersh for Pro account) // object result_ds = client.Datasets.RefreshDataset(WorkspaceId, DatasetKey); // Get a list of reports. var reports = await client.Reports.GetReportsInGroupAsync(WorkspaceId); // No reports retrieved for the given workspace. if (reports.Value.Count() == 0) { result.ErrorMessage = "No reports were found in the workspace"; return(View(result)); } Report report; if (string.IsNullOrWhiteSpace(ReportInfo.ReportId)) { // Get the first report in the workspace. report = reports.Value.FirstOrDefault(); } else { report = reports.Value.FirstOrDefault(r => r.Id == ReportInfo.ReportId); } if (report == null) { result.ErrorMessage = "No report with the given ID was found in the workspace. Make sure ReportId is valid."; return(View(result)); } var datasets = await client.Datasets.GetDatasetByIdInGroupAsync(WorkspaceId, report.DatasetId); result.IsEffectiveIdentityRequired = datasets.IsEffectiveIdentityRequired; result.IsEffectiveIdentityRolesRequired = datasets.IsEffectiveIdentityRolesRequired; GenerateTokenRequest generateTokenRequestParameters; // This is how you create embed token with effective identities if (!string.IsNullOrWhiteSpace(username)) { var rls = new EffectiveIdentity(username, new List <string> { report.DatasetId }); if (!string.IsNullOrWhiteSpace(roles)) { var rolesList = new List <string>(); rolesList.AddRange(roles.Split(',')); rls.Roles = rolesList; } // Generate Embed Token with effective identities. generateTokenRequestParameters = new GenerateTokenRequest(accessLevel: "view", identities: new List <EffectiveIdentity> { rls }); } else { // Generate Embed Token for reports without effective identities. generateTokenRequestParameters = new GenerateTokenRequest(accessLevel: "view"); } var tokenResponse = await client.Reports.GenerateTokenInGroupAsync(WorkspaceId, report.Id, generateTokenRequestParameters); if (tokenResponse == null) { result.ErrorMessage = "Failed to generate embed token."; return(View(result)); } // Generate Embed Configuration. result.EmbedToken = tokenResponse; result.EmbedUrl = report.EmbedUrl; result.Id = report.Id; result.CampaignId = int.Parse(campaignId.Value); return(View(result)); } } } catch (HttpOperationException exc) { result.ErrorMessage = string.Format("Status: {0} ({1})\r\nResponse: {2}\r\nRequestId: {3}", exc.Response.StatusCode, (int)exc.Response.StatusCode, exc.Response.Content, exc.Response.Headers["RequestId"].FirstOrDefault()); } catch (Exception exc) { result.ErrorMessage = exc.ToString(); } return(View("Error")); }
public async Task <bool> EmbedReport(string username, string roles) { // Get token credentials for user var getCredentialsResult = await GetTokenCredentials(); if (!getCredentialsResult) { // The error message set in GetTokenCredentials return(false); } try { // Create a Power BI Client object. It will be used to call Power BI APIs. using (var client = new PowerBIClient(new Uri(ApiUrl), m_tokenCredentials)) { // Get a list of reports. var reports = await client.Reports.GetReportsInGroupAsync(WorkspaceId); // No reports retrieved for the given workspace. if (reports.Value.Count() == 0) { m_embedConfig.ErrorMessage = "No reports were found in the workspace"; return(false); } Report report; if (string.IsNullOrWhiteSpace(ReportId)) { // Get the first report in the workspace. report = reports.Value.FirstOrDefault(); } else { report = reports.Value.FirstOrDefault(r => r.Id.Equals(ReportId, StringComparison.InvariantCultureIgnoreCase)); } if (report == null) { m_embedConfig.ErrorMessage = "No report with the given ID was found in the workspace. Make sure ReportId is valid."; return(false); } var datasets = await client.Datasets.GetDatasetByIdInGroupAsync(WorkspaceId, report.DatasetId); m_embedConfig.IsEffectiveIdentityRequired = datasets.IsEffectiveIdentityRequired; m_embedConfig.IsEffectiveIdentityRolesRequired = datasets.IsEffectiveIdentityRolesRequired; GenerateTokenRequest generateTokenRequestParameters; // This is how you create embed token with effective identities if (!string.IsNullOrWhiteSpace(username)) { var rls = new EffectiveIdentity(username, new List <string> { report.DatasetId }); if (!string.IsNullOrWhiteSpace(roles)) { var rolesList = new List <string>(); rolesList.AddRange(roles.Split(',')); rls.Roles = rolesList; } // Generate Embed Token with effective identities. generateTokenRequestParameters = new GenerateTokenRequest(accessLevel: "view", identities: new List <EffectiveIdentity> { rls }); } else { // Generate Embed Token for reports without effective identities. generateTokenRequestParameters = new GenerateTokenRequest(accessLevel: "view"); } var tokenResponse = await client.Reports.GenerateTokenInGroupAsync(WorkspaceId, report.Id, generateTokenRequestParameters); if (tokenResponse == null) { m_embedConfig.ErrorMessage = "Failed to generate embed token."; return(false); } // Generate Embed Configuration. m_embedConfig.EmbedToken = tokenResponse; m_embedConfig.EmbedUrl = report.EmbedUrl; m_embedConfig.Id = report.Id; } } catch (HttpOperationException exc) { m_embedConfig.ErrorMessage = string.Format("Status: {0} ({1})\r\nResponse: {2}\r\nRequestId: {3}", exc.Response.StatusCode, (int)exc.Response.StatusCode, exc.Response.Content, exc.Response.Headers["RequestId"].FirstOrDefault()); return(false); } return(true); }
public async Task <bool> EmbedReport(string username, string roles) { m_embedConfig.Trace(this, "EmbedReport called. Getting token credentials from SharePoint", 2); // Get token credentials for user var getCredentialsResult = await GetTokenCredentials(); if (!getCredentialsResult) { m_embedConfig.Trace(this, "Failure to get token credentials.", 4); // The error message set in GetTokenCredentials return(false); } else { m_embedConfig.Trace(this, $"Credentials received successfully. Username: {m_embedConfig.Username ?? "UNDEFINED"}, Token Id: {m_embedConfig.EmbedToken?.TokenId ?? "UNDEFINED"}", 4); } try { m_embedConfig.Trace(this, $"Creating a PowerBi Client for '{ApiUrl ?? "UNDEFINED"}' with token for Caller: {m_tokenCredentials.CallerId ?? "UNDEFINED"} / Tenant: {m_tokenCredentials.TenantId ?? "UNDEFINED"}", 2); // Create a Power BI Client object. It will be used to call Power BI APIs. using (var client = new PowerBIClient(new Uri(ApiUrl), m_tokenCredentials)) { m_embedConfig.Trace(this, $"Created a PowerBi Client for '{ApiUrl ?? "UNDEFINED"}' with token for Caller: {m_tokenCredentials.CallerId ?? "UNDEFINED"} / Tenant: {m_tokenCredentials.TenantId ?? "UNDEFINED"}", 4); m_embedConfig.Trace(this, $"Query the PowerBi environment for all reports for workspace {WorkspaceId ?? "UNDEFINED"}", 4); // Get a list of reports. var reports = await client.Reports.GetReportsInGroupAsync(WorkspaceId); // No reports retrieved for the given workspace. if (reports.Value.Count() == 0) { m_embedConfig.Trace(this, $"UNEXPECTED - No reports were found (or accessible) in {WorkspaceId ?? "UNDEFINED"}. Abort processing", 6); m_embedConfig.ErrorMessage = "No reports were found in the workspace"; return(false); } Report report; if (string.IsNullOrWhiteSpace(ReportId)) { m_embedConfig.Trace(this, $"No report id was configured. Attempt to select the first available report in {WorkspaceId}", 6); // Get the first report in the workspace. report = reports.Value.FirstOrDefault(); m_embedConfig.Trace(this, $"First report found: { (report != null ? report.Name : "UNDEFINED") }", 6); } else { m_embedConfig.Trace(this, $"Report Id configured: {ReportId ?? "UNDEFINED"}. Attempt to find this in {WorkspaceId ?? "UNDEFINED"}", 6); report = reports.Value.FirstOrDefault(r => r.Id.Equals(ReportId, StringComparison.InvariantCultureIgnoreCase)); m_embedConfig.Trace(this, $"First report found: { (report != null ? report.Name : "UNDEFINED")}", 6); } if (report == null) { m_embedConfig.Trace(this, $"No report was found. Abort further processing.", 6); m_embedConfig.ErrorMessage = "No report with the given ID was found in the workspace. Make sure ReportId is valid."; return(false); } m_embedConfig.Trace(this, $"Report found. Attempt to get dataset specifics for this report's dataset {report.DatasetId ?? "UNDEFINED"}", 4); var datasets = await client.Datasets.GetDatasetByIdInGroupAsync(WorkspaceId, report.DatasetId); m_embedConfig.Trace(this, $"Dataset group found, name: {(datasets != null ? datasets.Name : "UNDEFINED")}", 4); m_embedConfig.Trace(this, $"Dataset group properties: IsEffectiveEntityRequired = {datasets.IsEffectiveIdentityRequired}, IsEffectiveIdentityRolesRequired = {datasets.IsEffectiveIdentityRolesRequired}", 4); m_embedConfig.IsEffectiveIdentityRequired = datasets.IsEffectiveIdentityRequired; m_embedConfig.IsEffectiveIdentityRolesRequired = datasets.IsEffectiveIdentityRolesRequired; GenerateTokenRequest generateTokenRequestParameters; // This is how you create embed token with effective identities //Changed username to the service principal to allow the access to AAS based on the service principal, I used the client_id here of the powerbidemo sp: username = "******"; m_embedConfig.Trace(this, $"Generating token request parameters for dataset = {report.DatasetId ?? "UNDEFINED"}, for User = {username ?? "UNDEFINED"}, with Roles = {roles ?? "UNDEFINED"}", 4); if (!string.IsNullOrWhiteSpace(username)) { //TODO we have to fill the custom properties field with the username (e-mail or client_id) to use RLS // var rls = new EffectiveIdentity(username, new List <string> { report.DatasetId }); if (!string.IsNullOrWhiteSpace(roles)) { var rolesList = new List <string>(); rolesList.AddRange(roles.Split(',')); rls.Roles = rolesList; } rls.CustomData = "*****@*****.**"; // Generate Embed Token with effective identities. m_embedConfig.Trace(this, $"Generating token request after username is set, dataset = {report.DatasetId ?? "UNDEFINED"}, for User = {username ?? "UNDEFINED"}, with Roles = {roles ?? "UNDEFINED"}", 4); generateTokenRequestParameters = new GenerateTokenRequest(accessLevel: "view", identities: new List <EffectiveIdentity> { rls }); //The report without RLS defined should use the the identity withour the Effective identity. //generateTokenRequestParameters = new GenerateTokenRequest(accessLevel: "view"); } else { // Generate Embed Token for reports without effective identities. generateTokenRequestParameters = new GenerateTokenRequest(accessLevel: "view"); } m_embedConfig.Trace(this, $"Generating token response for report", 2); var tokenResponse = await client.Reports.GenerateTokenInGroupAsync(WorkspaceId, report.Id, generateTokenRequestParameters); if (tokenResponse == null) { m_embedConfig.Trace(this, $"UNEXPECTED - Generating token respose for report did not yield results", 4); m_embedConfig.ErrorMessage = "Failed to generate embed token."; return(false); } // Generate Embed Configuration. m_embedConfig.EmbedToken = tokenResponse; m_embedConfig.EmbedUrl = report.EmbedUrl; m_embedConfig.Id = report.Id; } } catch (HttpOperationException exc) { m_embedConfig.Trace(this, $"HttpOperationException received. Message: {exc.Message}, StackTrace: {exc.StackTrace}", 2); m_embedConfig.ErrorMessage = string.Format("Status: {0} ({1})\r\nResponse: {2}\r\nRequestId: {3}", exc.Response.StatusCode, (int)exc.Response.StatusCode, exc.Response.Content, exc.Response.Headers["RequestId"].FirstOrDefault()); return(false); } return(true); }