public bool CheckAccess(string userName, IntPtr userToken, byte[] secDesc, CatalogOperation requiredOperation) { if (usernames.Split(',').ToList().Contains(userName)) { return(true); } var acl = DeserializeAcl(secDesc); foreach (AceStruct ace in acl) { if (0 == string.Compare(userName, ace.PrincipalName, true, CultureInfo.CurrentCulture)) { foreach (CatalogOperation operation in ace.CatalogOperations) { if (operation == requiredOperation) { return(true); } } } } return(false); }
/// <summary> /// Indicates whether a given user is authorized to access the item /// for a given catalog operation. /// </summary> /// <param name="userName">The name of the user as returned by the /// GetUserInfo method.</param> /// <param name="userToken">Pointer to the user ID returned by /// GetUserInfo.</param> /// <param name="secDesc">The security descriptor returned by /// CreateSecurityDescriptor.</param> /// <param name="requiredOperation">The operation being requested by /// the report server for a given user.</param> /// <returns>True if the user is authorized.</returns> public bool CheckAccess(string userName, IntPtr userToken, byte[] secDesc, CatalogOperation requiredOperation) { // If the user is the administrator, allow unrestricted access. // Because SQL Server defaults to case-insensitive, we have to // perform a case insensitive comparison. Ideally you would check // the SQL Server instance CaseSensitivity property before making // a case-insensitive comparison. if (0 == String.Compare(userName, m_adminUserName, true, CultureInfo.CurrentCulture)) { return(true); } AceCollection acl = DeserializeAcl(secDesc); foreach (AceStruct ace in acl) { // First check to see if the user or group has an access control // entry for the item if (0 == String.Compare(userName, ace.PrincipalName, true, CultureInfo.CurrentCulture)) { // If an entry is found, // return true if the given required operation // is contained in the ACE structure foreach (CatalogOperation aclOperation in ace.CatalogOperations) { if (aclOperation == requiredOperation) { return(true); } } } } return(false); }
public bool CheckAccess(string userName, IntPtr userToken, byte[] secDesc, CatalogOperation requiredOperation) { //Check Overrides if (IsSecurityOverride(userName)) { return(true); } //Check ACL Permissions AceCollection acl = DeserializeAcl(secDesc); foreach (AceStruct ace in acl) { if (ValidateACLPrincipal(ace.PrincipalName, userName)) { foreach (CatalogOperation aclOperation in ace.CatalogOperations) { if (aclOperation == requiredOperation) { return(true); } } } } return(false); }
/// <summary> /// Indicates whether a given user is authorized to access the item /// for a given catalog operation. /// </summary> /// <param name="userName">The name of the user as returned by the /// GetUserInfo method.</param> /// <param name="userToken">Pointer to the user ID returned by /// GetUserInfo.</param> /// <param name="secDesc">The security descriptor returned by /// CreateSecurityDescriptor.</param> /// <param name="requiredOperation">The operation being requested by /// the report server for a given user.</param> /// <returns>True if the user is authorized.</returns> public bool CheckAccess( string userName, IntPtr userToken, byte[] secDesc, CatalogOperation requiredOperation) { EventLog.WriteEntry("SSRS-AZ", "CheckAccess - CatalogOperation", EventLogEntryType.Information); return(true); }
/// <summary> /// Indicates whether a given user is authorized to access the item /// for a given catalog operation. /// </summary> /// <param name="userName">The name of the user as returned by the /// GetUserInfo method.</param> /// <param name="userToken">Pointer to the user ID returned by /// GetUserInfo.</param> /// <param name="secDesc">The security descriptor returned by /// CreateSecurityDescriptor.</param> /// <param name="requiredOperation">The operation being requested by /// the report server for a given user.</param> /// <returns>True if the user is authorized.</returns> public bool CheckAccess( string userName, IntPtr userToken, byte[] secDesc, CatalogOperation requiredOperation) { return(true); }
/// <summary> /// Indicates whether a given user is authorized to access the item /// for a given catalog operation. /// </summary> /// <param name="userName">The name of the user as returned by the /// GetUserInfo method.</param> /// <param name="userToken">Pointer to the user ID returned by /// GetUserInfo.</param> /// <param name="secDesc">The security descriptor returned by /// CreateSecurityDescriptor.</param> /// <param name="requiredOperation">The operation being requested by /// the report server for a given user.</param> /// <returns>True if the user is authorized.</returns> public bool CheckAccess( string userName, IntPtr userToken, byte[] secDesc, CatalogOperation requiredOperation) { // If the user is not report viewer username, allow unrestricted access. if (!userName.Equals(m_reportViewerUserName)) { return(true); } AceCollection acl = DeserializeAcl(secDesc); foreach (AceStruct ace in acl) { // First check to see if the user or group has an access control // entry for the item if (0 == String.Compare(userName, ace.PrincipalName, true, CultureInfo.CurrentCulture)) { // If an entry is found, // return true if the given required operation // is contained in the ACE structure foreach (CatalogOperation aclOperation in ace.CatalogOperations) { if (aclOperation == requiredOperation) { return(true); } } } } return(false); }
// Overload for array of catalog operations public bool CheckAccess( string userName, IntPtr userToken, byte[] secDesc, CatalogOperation[] requiredOperations) { foreach(CatalogOperation operation in requiredOperations) { if (!CheckAccess(userName, userToken, secDesc, operation)) return false; } return true; }
/// <summary> /// Indicates whether a given user is authorized to access the item /// for a given catalog operation. /// </summary> /// <param name="userName">The name of the user as returned by the /// GetUserInfo method.</param> /// <param name="userToken">Pointer to the user ID returned by /// GetUserInfo.</param> /// <param name="secDesc">The security descriptor returned by /// CreateSecurityDescriptor.</param> /// <param name="requiredOperation">The operation being requested by /// the report server for a given user.</param> /// <returns>True if the user is authorized.</returns> public bool CheckAccess( string userName, IntPtr userToken, byte[] secDesc, CatalogOperation requiredOperation) { // If the user is the administrator, allow unrestricted access. // Because SQL Server defaults to case-insensitive, we have to // perform a case insensitive comparison. Ideally you would check // the SQL Server instance CaseSensitivity property before making // a case-insensitive comparison. if (0 == String.Compare(userName, m_adminUserName, true, CultureInfo.CurrentCulture)) return true; AceCollection acl = DeserializeAcl(secDesc); foreach(AceStruct ace in acl) { // First check to see if the user or group has an access control // entry for the item if (0 == String.Compare(userName, ace.PrincipalName, true, CultureInfo.CurrentCulture)) { // If an entry is found, // return true if the given required operation // is contained in the ACE structure foreach(CatalogOperation aclOperation in ace.CatalogOperations) { if (aclOperation == requiredOperation) return true; } } } return false; }
public int Add(CatalogOperation operation) { return(base.InnerList.Add(operation)); }
// Overload for array of catalog operations public bool CheckAccess( string userName, IntPtr userToken, byte[] secDesc, CatalogOperation[] requiredOperations) { return true; }