private void grantPriviledges_2() { NetworkCredential clientCredentials = new NetworkCredential("Test", "123", "Chathu-Nable"); ReportingService2010SoapClient client = new ReportingService2010SoapClient(); client.ClientCredentials.Windows.AllowedImpersonationLevel = System.Security.Principal.TokenImpersonationLevel.Impersonation; client.ClientCredentials.Windows.ClientCredential = clientCredentials; client.Open(); TrustedUserHeader t = new TrustedUserHeader(); Policy [] arrPolicies = null; bool doesInheritParent = false; client.GetPolicies(t, "/New Folder", out arrPolicies, out doesInheritParent); List <Policy> listPolicies = new List <Policy>(); if (arrPolicies != null) { listPolicies = arrPolicies.ToList(); } listPolicies.Add( new Policy() { Roles = new[] { new Role() { Name = "Browser" }, new Role() { Name = "Content Manager" } }, GroupUserName = "******" } ); client.SetPolicies(t, "/New Folder", listPolicies.ToArray()); /* * * Policy[] MyPolicyArr = new Policy[2]; * * * Role[] MyRoles = new Role[3]; * * Role browser = new Role(); * browser.Name = "Browser"; * * Role myReports = new Role(); * myReports.Name = "My Reports"; * * Role publisher = new Role(); * publisher.Name = "Publisher"; * * Role contentManager = new Role() { Name = "Content Manager" }; * * MyRoles[0] = publisher; * MyRoles[1] = browser; * MyRoles[2] = contentManager; * * * MyPolicyArr[0] = new Policy() { GroupUserName = @"Chathu-Nable\Test", Roles = MyRoles }; * MyPolicyArr[1] = new Policy() { GroupUserName = @"Chathu-Nable\Test2", Roles = MyRoles }; * * * client.SetPolicies(t, "/New Folder", MyPolicyArr); * * //rs.SetPolicies("/SecurityTestFolder", MyPolicyArr); * */ //MessageBox.Show(policies.Length + "") ; }
public void GrantPriviledges(List <string> reportPaths, List <string> userNames, List <string> roles) { foreach (string reportPath in reportPaths) { List <Policy> listPolicies = new List <Policy>(); bool doesInheritParent = false; Policy[] arrPolicies = null; serviceClient.GetPolicies(userHeader, reportPath, out arrPolicies, out doesInheritParent); if (arrPolicies != null) { listPolicies.InsertRange(0, arrPolicies.ToList()); } foreach (string userName in userNames) { //if the policy exist for the same user modify that policy object Policy newPolicy = listPolicies.Find((Policy paramPolicy) => { return(paramPolicy.GroupUserName.ToLower().Equals(userName.ToLower())); }); if (newPolicy == null) { newPolicy = new Policy(); listPolicies.Add(newPolicy); } newPolicy.GroupUserName = userName; List <Role> listCurrentRoles = newPolicy.Roles != null?newPolicy.Roles.ToList() : new List <Role>(); foreach (string role in roles) { if (!listCurrentRoles.Exists((Role paramRole) => { return(paramRole.Name.ToLower().Equals(role.ToLower())); })) { listCurrentRoles.Add(new Role() { Name = role }); } } newPolicy.Roles = listCurrentRoles.ToArray(); } serviceClient.SetPolicies(userHeader, reportPath, listPolicies.ToArray()); } /* * listPolicies.Add( * new Policy() { Roles = new[] { new Role() { Name = "Browser" }, new Role() { Name = "Content Manager" } }, GroupUserName = "******" } * ); * * * client.SetPolicies(t, "/New Folder", listPolicies.ToArray()); */ }
/// <summary> /// Adds a role to Reporting Services for a user to an itemPath /// </summary> /// <param name="itemPath">the ItemPath for the role to be applied to.</param> /// <param name="reportingUserToAddRoleFor">the user (either domain or local user) to have the role added for.</param> /// <param name="reportingRoleToAdd">the Reporting Services role e.g. 'Content Manager'</param> public void AddRole(string itemPath, string reportingUserToAddRoleFor, string reportingRoleToAdd) { try { var supportedRoles = new[] { "Browser", "Content Manager", "My Reports", "Publisher", "Report Builder" }; if (string.IsNullOrWhiteSpace(itemPath) || !itemPath.StartsWith("/")) { throw new ArgumentException($"itemPath: '{itemPath}' cannot be null or empty and must begin with a '/'"); } if (string.IsNullOrWhiteSpace(reportingUserToAddRoleFor)) { throw new ArgumentException($"reportingUserToAddRoleFor: '{reportingUserToAddRoleFor}' cannot be null or empty"); } if (string.IsNullOrWhiteSpace(reportingRoleToAdd)) { throw new ArgumentException($"reportingRoleToAdd: '{reportingRoleToAdd}' cannot be null or empty"); } if (!supportedRoles.Contains(reportingRoleToAdd)) { throw new ArgumentOutOfRangeException($"reportingRoleToAdd: '{reportingRoleToAdd}' is not supported. Only '{string.Join(", ", supportedRoles)}' are supported."); } Log("Attempting to retrieve a list of all existing policies for itemPath: '{0}'", itemPath); Policy policy; var existingPoliciesResponse = reportingServicesClient.GetPolicies(new GetPoliciesRequest { ItemPath = itemPath }); var existingPolicies = existingPoliciesResponse.Policies; if (reportingUserToAddRoleFor.Contains("\\")) { policy = existingPolicies.FirstOrDefault(p => p != null && p.GroupUserName.ToUpperInvariant() == reportingUserToAddRoleFor.ToUpperInvariant() ); } else { policy = existingPolicies.FirstOrDefault(p => p != null && p.GroupUserName.ToUpperInvariant().Split('\\')[1] == reportingUserToAddRoleFor.ToUpperInvariant() ); } if (policy == null) { Log("Adding new policy for User: '******' to existing policy list", reportingUserToAddRoleFor); policy = new Policy() { GroupUserName = reportingUserToAddRoleFor.ToUpperInvariant(), Roles = new Role[] { } }; existingPolicies = existingPolicies.Concat(new[] { policy }).ToArray(); } else { Log("User: '******' already has a policy list, so using this", reportingUserToAddRoleFor); } Log("Attempting to select the role of: '{0}' for GroupUserName: '******'", reportingRoleToAdd, reportingUserToAddRoleFor); var existingRoles = policy.Roles; var role = existingRoles.FirstOrDefault(r => r != null && r.Name.ToUpperInvariant() == reportingRoleToAdd.ToUpperInvariant() ); if (role == null) { Log("Adding new role of: '{0}' for User: '******'.", reportingRoleToAdd, reportingUserToAddRoleFor); role = new Role() { Name = reportingRoleToAdd }; policy.Roles = existingRoles.Concat(new[] { role }).ToArray(); } else { Log("User: '******' already has a role of type: '{1}', nothing to add.", reportingUserToAddRoleFor, reportingRoleToAdd); } Log("Setting policy role of: '{0}' for user: '******' for itemPath: '{2}'", reportingRoleToAdd, reportingUserToAddRoleFor, itemPath); reportingServicesClient.SetPolicies(new SetPoliciesRequest { ItemPath = itemPath, Policies = existingPolicies }); } catch (Exception ex) { Log("An error occurred whilst attempting to set roles for user in Reporting Services!"); Log("Message: {0}", ex.Message); throw; } }