public bool CheckAccess(string userName, IntPtr userToken, byte[] secDesc, CatalogOperation requiredOperation)
{
if (usernames.Split(',').ToList().Contains(userName))
{
return(true);
}
var acl = DeserializeAcl(secDesc);
foreach (AceStruct ace in acl)
{
if (0 == string.Compare(userName, ace.PrincipalName, true, CultureInfo.CurrentCulture))
{
foreach (CatalogOperation operation in ace.CatalogOperations)
{
if (operation == requiredOperation)
{
return(true);
}
}
}
}
return(false);
}
/// <summary>
/// Indicates whether a given user is authorized to access the item
/// for a given catalog operation.
/// </summary>
/// <param name="userName">The name of the user as returned by the
/// GetUserInfo method.</param>
/// <param name="userToken">Pointer to the user ID returned by
/// GetUserInfo.</param>
/// <param name="secDesc">The security descriptor returned by
/// CreateSecurityDescriptor.</param>
/// <param name="requiredOperation">The operation being requested by
/// the report server for a given user.</param>
/// <returns>True if the user is authorized.</returns>
public bool CheckAccess(string userName, IntPtr userToken, byte[] secDesc, CatalogOperation requiredOperation)
{
// If the user is the administrator, allow unrestricted access.
// Because SQL Server defaults to case-insensitive, we have to
// perform a case insensitive comparison. Ideally you would check
// the SQL Server instance CaseSensitivity property before making
// a case-insensitive comparison.
if (0 == String.Compare(userName, m_adminUserName, true, CultureInfo.CurrentCulture))
{
return(true);
}
AceCollection acl = DeserializeAcl(secDesc);
foreach (AceStruct ace in acl)
{
// First check to see if the user or group has an access control
// entry for the item
if (0 == String.Compare(userName, ace.PrincipalName, true, CultureInfo.CurrentCulture))
{
// If an entry is found,
// return true if the given required operation
// is contained in the ACE structure
foreach (CatalogOperation aclOperation in ace.CatalogOperations)
{
if (aclOperation == requiredOperation)
{
return(true);
}
}
}
}
return(false);
}
public bool CheckAccess(string userName, IntPtr userToken, byte[] secDesc, CatalogOperation requiredOperation)
{
//Check Overrides
if (IsSecurityOverride(userName))
{
return(true);
}
//Check ACL Permissions
AceCollection acl = DeserializeAcl(secDesc);
foreach (AceStruct ace in acl)
{
if (ValidateACLPrincipal(ace.PrincipalName, userName))
{
foreach (CatalogOperation aclOperation in ace.CatalogOperations)
{
if (aclOperation == requiredOperation)
{
return(true);
}
}
}
}
return(false);
}
/// <summary>
/// Indicates whether a given user is authorized to access the item
/// for a given catalog operation.
/// </summary>
/// <param name="userName">The name of the user as returned by the
/// GetUserInfo method.</param>
/// <param name="userToken">Pointer to the user ID returned by
/// GetUserInfo.</param>
/// <param name="secDesc">The security descriptor returned by
/// CreateSecurityDescriptor.</param>
/// <param name="requiredOperation">The operation being requested by
/// the report server for a given user.</param>
/// <returns>True if the user is authorized.</returns>
public bool CheckAccess(
string userName,
IntPtr userToken,
byte[] secDesc,
CatalogOperation requiredOperation)
{
EventLog.WriteEntry("SSRS-AZ", "CheckAccess - CatalogOperation", EventLogEntryType.Information);
return(true);
}
/// <summary>
/// Indicates whether a given user is authorized to access the item
/// for a given catalog operation.
/// </summary>
/// <param name="userName">The name of the user as returned by the
/// GetUserInfo method.</param>
/// <param name="userToken">Pointer to the user ID returned by
/// GetUserInfo.</param>
/// <param name="secDesc">The security descriptor returned by
/// CreateSecurityDescriptor.</param>
/// <param name="requiredOperation">The operation being requested by
/// the report server for a given user.</param>
/// <returns>True if the user is authorized.</returns>
public bool CheckAccess(
string userName,
IntPtr userToken,
byte[] secDesc,
CatalogOperation requiredOperation)
{
return(true);
}
/// <summary>
/// Indicates whether a given user is authorized to access the item
/// for a given catalog operation.
/// </summary>
/// <param name="userName">The name of the user as returned by the
/// GetUserInfo method.</param>
/// <param name="userToken">Pointer to the user ID returned by
/// GetUserInfo.</param>
/// <param name="secDesc">The security descriptor returned by
/// CreateSecurityDescriptor.</param>
/// <param name="requiredOperation">The operation being requested by
/// the report server for a given user.</param>
/// <returns>True if the user is authorized.</returns>
public bool CheckAccess(
string userName,
IntPtr userToken,
byte[] secDesc,
CatalogOperation requiredOperation)
{
// If the user is not report viewer username, allow unrestricted access.
if (!userName.Equals(m_reportViewerUserName))
{
return(true);
}
AceCollection acl = DeserializeAcl(secDesc);
foreach (AceStruct ace in acl)
{
// First check to see if the user or group has an access control
// entry for the item
if (0 == String.Compare(userName, ace.PrincipalName, true,
CultureInfo.CurrentCulture))
{
// If an entry is found,
// return true if the given required operation
// is contained in the ACE structure
foreach (CatalogOperation aclOperation in ace.CatalogOperations)
{
if (aclOperation == requiredOperation)
{
return(true);
}
}
}
}
return(false);
}
// Overload for array of catalog operations
public bool CheckAccess(
string userName,
IntPtr userToken,
byte[] secDesc,
CatalogOperation[] requiredOperations)
{
foreach(CatalogOperation operation in requiredOperations)
{
if (!CheckAccess(userName, userToken, secDesc, operation))
return false;
}
return true;
}
/// <summary>
/// Indicates whether a given user is authorized to access the item
/// for a given catalog operation.
/// </summary>
/// <param name="userName">The name of the user as returned by the
/// GetUserInfo method.</param>
/// <param name="userToken">Pointer to the user ID returned by
/// GetUserInfo.</param>
/// <param name="secDesc">The security descriptor returned by
/// CreateSecurityDescriptor.</param>
/// <param name="requiredOperation">The operation being requested by
/// the report server for a given user.</param>
/// <returns>True if the user is authorized.</returns>
public bool CheckAccess(
string userName,
IntPtr userToken,
byte[] secDesc,
CatalogOperation requiredOperation)
{
// If the user is the administrator, allow unrestricted access.
// Because SQL Server defaults to case-insensitive, we have to
// perform a case insensitive comparison. Ideally you would check
// the SQL Server instance CaseSensitivity property before making
// a case-insensitive comparison.
if (0 == String.Compare(userName, m_adminUserName, true,
CultureInfo.CurrentCulture))
return true;
AceCollection acl = DeserializeAcl(secDesc);
foreach(AceStruct ace in acl)
{
// First check to see if the user or group has an access control
// entry for the item
if (0 == String.Compare(userName, ace.PrincipalName, true,
CultureInfo.CurrentCulture))
{
// If an entry is found,
// return true if the given required operation
// is contained in the ACE structure
foreach(CatalogOperation aclOperation in ace.CatalogOperations)
{
if (aclOperation == requiredOperation)
return true;
}
}
}
return false;
}
public int Add(CatalogOperation operation)
{
return(base.InnerList.Add(operation));
}
// Overload for array of catalog operations
public bool CheckAccess(
string userName,
IntPtr userToken,
byte[] secDesc,
CatalogOperation[] requiredOperations)
{
return true;
}
