IAuthorizationExtension.CheckAccess Method

  • Reference

Definition

Namespace:
Microsoft.ReportingServices.Interfaces
Assemblies:
Microsoft.ReportingServices.Interfaces.dll, Microsoft.ReportingServices.SharePoint.UI.WebParts.dll

Indicates whether a user is authorized to access an item in the report server database for a given operation.

Overloads

CheckAccess(String, IntPtr, Byte[], CatalogOperation)

Indicates whether a user is authorized to access an item in the report server database for a given catalog operation.
CheckAccess(String, IntPtr, Byte[], CatalogOperation[])

Indicates whether a user is authorized to access an item in the report server database for a given array of catalog operation.
CheckAccess(String, IntPtr, Byte[], DatasourceOperation)

Indicates whether a user is authorized to access an item in the report server database for a given data source operation.
CheckAccess(String, IntPtr, Byte[], FolderOperation)

Indicates whether a user is authorized to access an item in the report server database for a given folder operation.
CheckAccess(String, IntPtr, Byte[], FolderOperation[])

Checks a user's authorization credentials against a security descriptor for operations on an item in the report server database
CheckAccess(String, IntPtr, Byte[], ModelItemOperation)

Indicates whether a user is authorized to access an item in the report server database for a given model item operation.
CheckAccess(String, IntPtr, Byte[], ModelOperation)

Indicates a value whether a user is authorized to access an item in the report server database for a given model operation.
CheckAccess(String, IntPtr, Byte[], ReportOperation)

Indicates whether a user is authorized to access an item in the report server database for a given report operation.
CheckAccess(String, IntPtr, Byte[], ResourceOperation)

Indicates whether a user is authorized to access an item in the report server database for a given resource operation.
CheckAccess(String, IntPtr, Byte[], ResourceOperation[])

Indicates whether a user is authorized to access an item in the report server database for a given array of resource operations.

CheckAccess(String, IntPtr, Byte[], CatalogOperation)

Indicates whether a user is authorized to access an item in the report server database for a given catalog operation.

public:
 bool CheckAccess(System::String ^ userName, IntPtr userToken, cli::array <System::Byte> ^ secDesc, Microsoft::ReportingServices::Interfaces::CatalogOperation requiredOperation);
public bool CheckAccess (string userName, IntPtr userToken, byte[] secDesc, Microsoft.ReportingServices.Interfaces.CatalogOperation requiredOperation);
abstract member CheckAccess : string * nativeint * byte[] * Microsoft.ReportingServices.Interfaces.CatalogOperation -> bool
Public Function CheckAccess (userName As String, userToken As IntPtr, secDesc As Byte(), requiredOperation As CatalogOperation) As Boolean

Parameters

userName
String

The name of the user requesting access to the report server.

userToken
IntPtr

nativeint

A user account token. This token is primarily used by the report server as a handle to a Microsoft Windows account in support of credential management for Windows Authentication.

secDesc
Byte[]

The security descriptor for the item.

requiredOperation
CatalogOperation

The operation being requested by the report server for a given user.

Returns

Boolean

Returns true if the currently authenticated user is granted access to the item based on the supplied operation and security descriptor.

Examples

The following example code uses the [CheckAccess Method (String, IntPtr, Byte<xref:Microsoft.ReportingServices.Interfaces.IAuthorizationExtension.CheckAccess%2A> method to evaluate a user's authorization credentials against a security descriptor for an item in the report server database.

Public Function CheckAccess(userName As String, userToken As IntPtr, secDesc() As Byte, requiredOperation As CatalogOperation) As Boolean  
   Dim acl As AceCollection = DeserializeAcl(secDesc)  
   Dim ace As AceStruct  
   For Each ace In  acl  
      ' First check to see if the user or group has an access control entry for the item  
      If userName = ace.PrincipalName Then  
         ' If an entry is found, return true if the given required operation  
         ' is contained in the ACE structure.  
         Dim aclOperation As CatalogOperation  
         For Each aclOperation In  ace.CatalogOperations  
            If aclOperation = requiredOperation Then  
               Return True  
            End If  
         Next aclOperation  
      End If  
   Next ace  
   Return False  
End Function 'CheckAccess  

Private Function DeserializeAcl(secDesc() As Byte) As AceCollection  
   Dim bf As New BinaryFormatter()  
   Dim sdStream As New MemoryStream(secDesc)  
   Dim acl As AceCollection = CType(bf.Deserialize(sdStream), AceCollection)  
   Return acl  
End Function 'DeserializeAcl  

public bool CheckAccess(string userName, IntPtr userToken, byte[] secDesc, CatalogOperation requiredOperation)  
{  
   AceCollection acl = DeserializeAcl(secDesc);  
   foreach(AceStruct ace in acl)  
   {  
       // First check to see if the user or group has an access control entry for the item  
      if (userName == ace.PrincipalName)  
      {  
          // If an entry is found, return true if the given required operation  
          // is contained in the ACE structure.  
         foreach(CatalogOperation aclOperation in ace.CatalogOperations)  
         {  
             if (aclOperation == requiredOperation)  
                return true;  
         }  
      }  
   }  
   return false;  
}  

private AceCollection DeserializeAcl(byte[] secDesc)  
{  
   BinaryFormatter bf = new BinaryFormatter();  
   MemoryStream sdStream = new MemoryStream(secDesc);  
   AceCollection acl = (AceCollection)bf.Deserialize(sdStream);  
   return acl;  
}

Applies to

CheckAccess(String, IntPtr, Byte[], CatalogOperation[])

Indicates whether a user is authorized to access an item in the report server database for a given array of catalog operation.

public:
 bool CheckAccess(System::String ^ userName, IntPtr userToken, cli::array <System::Byte> ^ secDesc, cli::array <Microsoft::ReportingServices::Interfaces::CatalogOperation> ^ requiredOperations);
public bool CheckAccess (string userName, IntPtr userToken, byte[] secDesc, Microsoft.ReportingServices.Interfaces.CatalogOperation[] requiredOperations);
abstract member CheckAccess : string * nativeint * byte[] * Microsoft.ReportingServices.Interfaces.CatalogOperation[] -> bool
Public Function CheckAccess (userName As String, userToken As IntPtr, secDesc As Byte(), requiredOperations As CatalogOperation()) As Boolean

Parameters

userName
String

The name of the user requesting access to the report server.

userToken
IntPtr

nativeint

A user account token. This token is primarily used by the report server as a handle to a Microsoft Windows account in support of credential management for Windows Authentication.

secDesc
Byte[]

The security descriptor for the item.

requiredOperations
CatalogOperation[]

The operations being requested by the report server for a given user.

Returns

Boolean

Returns true if the currently authenticated user is granted access to the item based on the supplied operation and security descriptor.

Examples

The following example code uses the [CheckAccess Method (String, IntPtr, Byte<xref:Microsoft.ReportingServices.Interfaces.IAuthorizationExtension.CheckAccess%2A> method to evaluate a user's authorization credentials against a security descriptor for an item in the report server database. The example makes use of the overloaded [CheckAccess Method (String, IntPtr, Byte<xref:Microsoft.ReportingServices.Interfaces.IAuthorizationExtension.CheckAccess%2A> method that takes a single operation as an argument.

' Overload for array of catalog operations  
Public Function CheckAccess(userName As String, userToken As IntPtr, secDesc() As Byte, requiredOperations() As CatalogOperation) As Boolean  
   Dim operation As CatalogOperation  
   For Each operation In  requiredOperations  
      If Not CheckAccess(userName, userToken, secDesc, operation) Then  
         Return False  
      End If  
   Next operation  
   Return True  
End Function 'CheckAccess  

// Overload for array of catalog operations  
public bool CheckAccess(string userName, IntPtr userToken, byte[] secDesc, CatalogOperation[] requiredOperations)  
{  
   foreach(CatalogOperation operation in requiredOperations)  
   {  
      if (!CheckAccess(userName, userToken, secDesc, operation))  
         return false;  
   }  
   return true;   
}

Applies to

CheckAccess(String, IntPtr, Byte[], DatasourceOperation)

Indicates whether a user is authorized to access an item in the report server database for a given data source operation.

public:
 bool CheckAccess(System::String ^ userName, IntPtr userToken, cli::array <System::Byte> ^ secDesc, Microsoft::ReportingServices::Interfaces::DatasourceOperation requiredOperation);
public bool CheckAccess (string userName, IntPtr userToken, byte[] secDesc, Microsoft.ReportingServices.Interfaces.DatasourceOperation requiredOperation);
abstract member CheckAccess : string * nativeint * byte[] * Microsoft.ReportingServices.Interfaces.DatasourceOperation -> bool
Public Function CheckAccess (userName As String, userToken As IntPtr, secDesc As Byte(), requiredOperation As DatasourceOperation) As Boolean

Parameters

userName
String

The name of the user requesting access to the report server.

userToken
IntPtr

nativeint

A user account token. This token is primarily used by the report server as a handle to a Microsoft Windows account in support of credential management for Windows Authentication.

secDesc
Byte[]

The security descriptor for the item.

requiredOperation
DatasourceOperation

The operation being requested by the report server for a given user.

Returns

Boolean

Returns true if the currently authenticated user is granted access to the item based on the supplied operation and security descriptor.

Examples

The following example code uses the [CheckAccess Method (String, IntPtr, Byte<xref:Microsoft.ReportingServices.Interfaces.IAuthorizationExtension.CheckAccess%2A> method to evaluate a user's authorization credentials against a security descriptor for an item in the report server database.

Public Function CheckAccess(userName As String, userToken As IntPtr, secDesc() As Byte, requiredOperation As DatasourceOperation) As Boolean  
   Dim acl As AceCollection = DeserializeAcl(secDesc)  
   Dim ace As AceStruct  
   For Each ace In  acl  
      ' First check to see if the user or group has an access control entry for the item  
      If userName = ace.PrincipalName Then  
         ' If an entry is found, return true if the given required operation  
         ' is contained in the ACE structure.  
         Dim aclOperation As DatasourceOperation  
         For Each aclOperation In  ace.DatasourceOperations  
            If aclOperation = requiredOperation Then  
               Return True  
            End If  
         Next aclOperation  
      End If  
   Next ace  
   Return False  
End Function 'CheckAccess  
Private Function DeserializeAcl(secDesc() As Byte) As AceCollection  
   Dim bf As New BinaryFormatter()  
   Dim sdStream As New MemoryStream(secDesc)  
   Dim acl As AceCollection = CType(bf.Deserialize(sdStream), AceCollection)  
   Return acl  
End Function 'DeserializeAcl  

public bool CheckAccess(string userName, IntPtr userToken, byte[] secDesc, DatasourceOperation requiredOperation)  
{  
   AceCollection acl = DeserializeAcl(secDesc);  
   foreach(AceStruct ace in acl)  
   {  
       // First check to see if the user or group has an access control entry for the item  
      if (userName == ace.PrincipalName)  
      {  
          // If an entry is found, return true if the given required operation  
          // is contained in the ACE structure.  
         foreach(DatasourceOperation aclOperation in ace.DatasourceOperations)  
         {  
             if (aclOperation == requiredOperation)  
                return true;  
         }  
      }  
   }  
   return false;  
}  

private AceCollection DeserializeAcl(byte[] secDesc)  
{  
   BinaryFormatter bf = new BinaryFormatter();  
   MemoryStream sdStream = new MemoryStream(secDesc);  
   AceCollection acl = (AceCollection)bf.Deserialize(sdStream);  
   return acl;  
}

Applies to

CheckAccess(String, IntPtr, Byte[], FolderOperation)

Indicates whether a user is authorized to access an item in the report server database for a given folder operation.

public:
 bool CheckAccess(System::String ^ userName, IntPtr userToken, cli::array <System::Byte> ^ secDesc, Microsoft::ReportingServices::Interfaces::FolderOperation requiredOperation);
public bool CheckAccess (string userName, IntPtr userToken, byte[] secDesc, Microsoft.ReportingServices.Interfaces.FolderOperation requiredOperation);
abstract member CheckAccess : string * nativeint * byte[] * Microsoft.ReportingServices.Interfaces.FolderOperation -> bool
Public Function CheckAccess (userName As String, userToken As IntPtr, secDesc As Byte(), requiredOperation As FolderOperation) As Boolean

Parameters

userName
String

The name of the user requesting access to the report server.

userToken
IntPtr

nativeint

A user account token. This token is primarily used by the report server as a handle to a Microsoft Windows account in support of credential management for Windows Authentication.

secDesc
Byte[]

The security descriptor for the item.

requiredOperation
FolderOperation

The operation being requested by the report server for a given user.

Returns

Boolean

Returns true if the currently authenticated user is granted access to the item based on the supplied operation and security descriptor.

Examples

The following example code uses the [CheckAccess Method (String, IntPtr, Byte<xref:Microsoft.ReportingServices.Interfaces.IAuthorizationExtension.CheckAccess%2A> method to evaluate a user's authorization credentials against a security descriptor for an item in the report server database.

Public Function CheckAccess(userName As String, userToken As IntPtr, secDesc() As Byte, requiredOperation As FolderOperation) As Boolean  
   Dim acl As AceCollection = DeserializeAcl(secDesc)  
   Dim ace As AceStruct  
   For Each ace In  acl  
      ' First check to see if the user or group has an access control entry for the item  
      If userName = ace.PrincipalName Then  
         ' If an entry is found, return true if the given required operation  
         ' is contained in the ACE structure.  
         Dim aclOperation As FolderOperation  
         For Each aclOperation In  ace.FolderOperations  
            If aclOperation = requiredOperation Then  
               Return True  
            End If  
         Next aclOperation  
      End If  
   Next ace  
   Return False  
End Function 'CheckAccess  

Private Function DeserializeAcl(secDesc() As Byte) As AceCollection  
   Dim bf As New BinaryFormatter()  
   Dim sdStream As New MemoryStream(secDesc)  
   Dim acl As AceCollection = CType(bf.Deserialize(sdStream), AceCollection)  
   Return acl  
End Function 'DeserializeAcl  

public bool CheckAccess(string userName, IntPtr userToken, byte[] secDesc, FolderOperation requiredOperation)  
{  
   AceCollection acl = DeserializeAcl(secDesc);  
   foreach(AceStruct ace in acl)  
   {  
       // First check to see if the user or group has an access control entry for the item  
      if (userName == ace.PrincipalName)  
      {  
          // If an entry is found, return true if the given required operation  
          // is contained in the ACE structure.  
         foreach(FolderOperation aclOperation in ace.FolderOperations)  
         {  
             if (aclOperation == requiredOperation)  
                return true;  
         }  
      }  
   }  
   return false;  
}  

private AceCollection DeserializeAcl(byte[] secDesc)  
{  
   BinaryFormatter bf = new BinaryFormatter();  
   MemoryStream sdStream = new MemoryStream(secDesc);  
   AceCollection acl = (AceCollection)bf.Deserialize(sdStream);  
   return acl;  
}

Applies to

CheckAccess(String, IntPtr, Byte[], FolderOperation[])

Checks a user's authorization credentials against a security descriptor for operations on an item in the report server database

public:
 bool CheckAccess(System::String ^ userName, IntPtr userToken, cli::array <System::Byte> ^ secDesc, cli::array <Microsoft::ReportingServices::Interfaces::FolderOperation> ^ requiredOperations);
public bool CheckAccess (string userName, IntPtr userToken, byte[] secDesc, Microsoft.ReportingServices.Interfaces.FolderOperation[] requiredOperations);
abstract member CheckAccess : string * nativeint * byte[] * Microsoft.ReportingServices.Interfaces.FolderOperation[] -> bool
Public Function CheckAccess (userName As String, userToken As IntPtr, secDesc As Byte(), requiredOperations As FolderOperation()) As Boolean

Parameters

userName
String

The name of the user requesting access to the report server.

userToken
IntPtr

nativeint

A user account token. This token is primarily used by the report server as a handle to a Microsoft Windows account in support of credential management for Windows Authentication.

secDesc
Byte[]

The security descriptor for the item.

requiredOperations
FolderOperation[]

The operations being requested by the report server for a given user.

Returns

Boolean

Returns true if the currently authenticated user is granted access to the item based on the supplied operation and security descriptor.

Examples

The following example code uses the [CheckAccess Method (String, IntPtr, Byte<xref:Microsoft.ReportingServices.Interfaces.IAuthorizationExtension.CheckAccess%2A> method to evaluate a user's authorization credentials against a security descriptor for an item in the report server database. The example makes use of the overloaded [CheckAccess Method (String, IntPtr, Byte<xref:Microsoft.ReportingServices.Interfaces.IAuthorizationExtension.CheckAccess%2A> method that takes a single operation as an argument.

' Overload for array of folder operations  
Public Function CheckAccess(userName As String, userToken As IntPtr, secDesc() As Byte, requiredOperations() As FolderOperation) As Boolean  
   Dim operation As FolderOperation  
   For Each operation In  requiredOperations  
      If Not CheckAccess(userName, userToken, secDesc, operation) Then  
         Return False  
      End If  
   Next operation  
   Return True  
End Function 'CheckAccess  

// Overload for array of folder operations  
public bool CheckAccess(string userName, IntPtr userToken, byte[] secDesc, FolderOperation[] requiredOperations)  
{  
   foreach(FolderOperation operation in requiredOperations)  
   {  
      if (!CheckAccess(userName, userToken, secDesc, operation))  
         return false;  
   }  
   return true;   
}

Applies to

CheckAccess(String, IntPtr, Byte[], ModelItemOperation)

Indicates whether a user is authorized to access an item in the report server database for a given model item operation.

public:
 bool CheckAccess(System::String ^ userName, IntPtr userToken, cli::array <System::Byte> ^ secDesc, Microsoft::ReportingServices::Interfaces::ModelItemOperation requiredOperation);
public bool CheckAccess (string userName, IntPtr userToken, byte[] secDesc, Microsoft.ReportingServices.Interfaces.ModelItemOperation requiredOperation);
abstract member CheckAccess : string * nativeint * byte[] * Microsoft.ReportingServices.Interfaces.ModelItemOperation -> bool
Public Function CheckAccess (userName As String, userToken As IntPtr, secDesc As Byte(), requiredOperation As ModelItemOperation) As Boolean

Parameters

userName
String

The name of the user requesting access to the report server.

userToken
IntPtr

nativeint

A user account token. This token is primarily used by the report server as a handle to a Microsoft Windows account in support of credential management for Windows Authentication.

secDesc
Byte[]

The security descriptor for the item.

requiredOperation
ModelItemOperation

The operations being requested by the report server for a given user.

Returns

Boolean

Returns true if the currently authenticated user is granted access to the item based on the supplied operation and security descriptor.

Applies to

CheckAccess(String, IntPtr, Byte[], ModelOperation)

Indicates a value whether a user is authorized to access an item in the report server database for a given model operation.

public:
 bool CheckAccess(System::String ^ userName, IntPtr userToken, cli::array <System::Byte> ^ secDesc, Microsoft::ReportingServices::Interfaces::ModelOperation requiredOperation);
public bool CheckAccess (string userName, IntPtr userToken, byte[] secDesc, Microsoft.ReportingServices.Interfaces.ModelOperation requiredOperation);
abstract member CheckAccess : string * nativeint * byte[] * Microsoft.ReportingServices.Interfaces.ModelOperation -> bool
Public Function CheckAccess (userName As String, userToken As IntPtr, secDesc As Byte(), requiredOperation As ModelOperation) As Boolean

Parameters

userName
String

The name of the user requesting access to the report server.

userToken
IntPtr

nativeint

A user account token. This token is primarily used by the report server as a handle to a Microsoft Windows account in support of credential management for Windows Authentication.

secDesc
Byte[]

The security descriptor for the item.

requiredOperation
ModelOperation

The operations being requested by the report server for a given user.

Returns

Boolean

true if the currently authenticated user is granted access to the item based on the supplied operation and security descriptor; otherwise, false.

Applies to

CheckAccess(String, IntPtr, Byte[], ReportOperation)

Indicates whether a user is authorized to access an item in the report server database for a given report operation.

public:
 bool CheckAccess(System::String ^ userName, IntPtr userToken, cli::array <System::Byte> ^ secDesc, Microsoft::ReportingServices::Interfaces::ReportOperation requiredOperation);
public bool CheckAccess (string userName, IntPtr userToken, byte[] secDesc, Microsoft.ReportingServices.Interfaces.ReportOperation requiredOperation);
abstract member CheckAccess : string * nativeint * byte[] * Microsoft.ReportingServices.Interfaces.ReportOperation -> bool
Public Function CheckAccess (userName As String, userToken As IntPtr, secDesc As Byte(), requiredOperation As ReportOperation) As Boolean

Parameters

userName
String

The name of the user requesting access to the report server.

userToken
IntPtr

nativeint

A user account token. This token is primarily used by the report server as a handle to a Microsoft Windows account in support of credential management for Windows Authentication.

secDesc
Byte[]

The security descriptor for the item.

requiredOperation
ReportOperation

The operation being requested by the report server for a given user.

Returns

Boolean

Returns true if the currently authenticated user is granted access to the item based on the supplied operation and security descriptor.

Examples

The following example code uses the [CheckAccess Method (String, IntPtr, Byte<xref:Microsoft.ReportingServices.Interfaces.IAuthorizationExtension.CheckAccess%2A> method to evaluate a user's authorization credentials against a security descriptor for an item in the report server database.

Public Function CheckAccess(userName As String, userToken As IntPtr, secDesc() As Byte, requiredOperation As ReportOperation) As Boolean  
   Dim acl As AceCollection = DeserializeAcl(secDesc)  
   Dim ace As AceStruct  
   For Each ace In  acl  
      ' First check to see if the user or group has an access control entry for the item  
      If userName = ace.PrincipalName Then  
         ' If an entry is found, return true if the given required operation  
         ' is contained in the ACE structure.  
         Dim aclOperation As ReportOperation  
         For Each aclOperation In  ace.ReportOperations  
            If aclOperation = requiredOperation Then  
               Return True  
            End If  
         Next aclOperation  
      End If  
   Next ace  
   Return False  
End Function 'CheckAccess  

Private Function DeserializeAcl(secDesc() As Byte) As AceCollection  
   Dim bf As New BinaryFormatter()  
   Dim sdStream As New MemoryStream(secDesc)  
   Dim acl As AceCollection = CType(bf.Deserialize(sdStream), AceCollection)  
   Return acl  
End Function 'DeserializeAcl  

public bool CheckAccess(string userName, IntPtr userToken, byte[] secDesc, ReportOperation requiredOperation)  
{  
   AceCollection acl = DeserializeAcl(secDesc);  
   foreach(AceStruct ace in acl)  
   {  
       // First check to see if the user or group has an access control entry for the item  
      if (userName == ace.PrincipalName)  
      {  
          // If an entry is found, return true if the given required operation  
          // is contained in the ACE structure.  
         foreach(ReportOperation aclOperation in ace.ReportOperations)  
         {  
             if (aclOperation == requiredOperation)  
                return true;  
         }  
      }  
   }  
   return false;  
}  

private AceCollection DeserializeAcl(byte[] secDesc)  
{  
   BinaryFormatter bf = new BinaryFormatter();  
   MemoryStream sdStream = new MemoryStream(secDesc);  
   AceCollection acl = (AceCollection)bf.Deserialize(sdStream);  
   return acl;  
}

Applies to

CheckAccess(String, IntPtr, Byte[], ResourceOperation)

Indicates whether a user is authorized to access an item in the report server database for a given resource operation.

public:
 bool CheckAccess(System::String ^ userName, IntPtr userToken, cli::array <System::Byte> ^ secDesc, Microsoft::ReportingServices::Interfaces::ResourceOperation requiredOperation);
public bool CheckAccess (string userName, IntPtr userToken, byte[] secDesc, Microsoft.ReportingServices.Interfaces.ResourceOperation requiredOperation);
abstract member CheckAccess : string * nativeint * byte[] * Microsoft.ReportingServices.Interfaces.ResourceOperation -> bool
Public Function CheckAccess (userName As String, userToken As IntPtr, secDesc As Byte(), requiredOperation As ResourceOperation) As Boolean

Parameters

userName
String

The name of the user requesting access to the report server.

userToken
IntPtr

nativeint

A user account token. This token is primarily used by the report server as a handle to a Microsoft Windows account in support of credential management for Windows Authentication.

secDesc
Byte[]

The security descriptor for the item.

requiredOperation
ResourceOperation

The operation being requested by the report server for a given user.

Returns

Boolean

Returns true if the currently authenticated user is granted access to the item based on the supplied operation and security descriptor.

Examples

The following example code uses the [CheckAccess Method (String, IntPtr, Byte<xref:Microsoft.ReportingServices.Interfaces.IAuthorizationExtension.CheckAccess%2A> method to evaluate a user's authorization credentials against a security descriptor for an item in the report server database.

Public Function CheckAccess(userName As String, userToken As IntPtr, secDesc() As Byte, requiredOperation As ResourceOperation) As Boolean  
   Dim acl As AceCollection = DeserializeAcl(secDesc)  
   Dim ace As AceStruct  
   For Each ace In  acl  
      ' First check to see if the user or group has an access control entry for the item  
      If userName = ace.PrincipalName Then  
         ' If an entry is found, return true if the given required operation  
         ' is contained in the ACE structure.  
         Dim aclOperation As ResourceOperation  
         For Each aclOperation In  ace.ResourceOperations  
            If aclOperation = requiredOperation Then  
               Return True  
            End If  
         Next aclOperation  
      End If  
   Next ace  
   Return False  
End Function 'CheckAccess  

Private Function DeserializeAcl(secDesc() As Byte) As AceCollection  
   Dim bf As New BinaryFormatter()  
   Dim sdStream As New MemoryStream(secDesc)  
   Dim acl As AceCollection = CType(bf.Deserialize(sdStream), AceCollection)  
   Return acl  
End Function 'DeserializeAcl  

public bool CheckAccess(string userName, IntPtr userToken, byte[] secDesc, ResourceOperation requiredOperation)  
{  
   AceCollection acl = DeserializeAcl(secDesc);  
   foreach(AceStruct ace in acl)  
   {  
       // First check to see if the user or group has an access control entry for the item  
      if (userName == ace.PrincipalName)  
      {  
          // If an entry is found, return true if the given required operation  
          // is contained in the ACE structure.  
         foreach(ResourceOperation aclOperation in ace.ResourceOperations)  
         {  
             if (aclOperation == requiredOperation)  
                return true;  
         }  
      }  
   }  
   return false;  
}  

private AceCollection DeserializeAcl(byte[] secDesc)  
{  
   BinaryFormatter bf = new BinaryFormatter();  
   MemoryStream sdStream = new MemoryStream(secDesc);  
   AceCollection acl = (AceCollection)bf.Deserialize(sdStream);  
   return acl;  
}

Applies to

CheckAccess(String, IntPtr, Byte[], ResourceOperation[])

Indicates whether a user is authorized to access an item in the report server database for a given array of resource operations.

public:
 bool CheckAccess(System::String ^ userName, IntPtr userToken, cli::array <System::Byte> ^ secDesc, cli::array <Microsoft::ReportingServices::Interfaces::ResourceOperation> ^ requiredOperations);
public bool CheckAccess (string userName, IntPtr userToken, byte[] secDesc, Microsoft.ReportingServices.Interfaces.ResourceOperation[] requiredOperations);
abstract member CheckAccess : string * nativeint * byte[] * Microsoft.ReportingServices.Interfaces.ResourceOperation[] -> bool
Public Function CheckAccess (userName As String, userToken As IntPtr, secDesc As Byte(), requiredOperations As ResourceOperation()) As Boolean

Parameters

userName
String

The name of the user requesting access to the report server.

userToken
IntPtr

nativeint

A user account token. This token is primarily used by the report server as a handle to a Microsoft Windows account in support of credential management for Windows Authentication.

secDesc
Byte[]

The security descriptor for the item.

requiredOperations
ResourceOperation[]

The operations being requested by the report server for a given user.

Returns

Boolean

Returns true if the currently authenticated user is granted access to the item based on the supplied operation and security descriptor.

Examples

The following example code uses the [CheckAccess Method (String, IntPtr, Byte<xref:Microsoft.ReportingServices.Interfaces.IAuthorizationExtension.CheckAccess%2A> method to evaluate a user's authorization credentials against a security descriptor for an item in the report server database. The example makes use of the overloaded [CheckAccess Method (String, IntPtr, Byte<xref:Microsoft.ReportingServices.Interfaces.IAuthorizationExtension.CheckAccess%2A> method that takes a single operation as an argument.

' Overload for array of resource operations  
Public Function CheckAccess(userName As String, userToken As IntPtr, secDesc() As Byte, requiredOperations() As ResourceOperation) As Boolean  
   Dim operation As ResourceOperation  
   For Each operation In  requiredOperations  
      If Not CheckAccess(userName, userToken, secDesc, operation) Then  
         Return False  
      End If  
   Next operation  
   Return True  
End Function 'CheckAccess  

// Overload for array of resource operations  
public bool CheckAccess(string userName, IntPtr userToken, byte[] secDesc, ResourceOperation[] requiredOperations)  
{  
   foreach(ResourceOperation operation in requiredOperations)  
   {  
      if (!CheckAccess(userName, userToken, secDesc, operation))  
         return false;  
   }  
   return true;   
}

Applies to