Tasks and Permissions
In Reporting Services, tasks are all possible actions that a user or administrator performs. There are twenty tasks in all. Some examples of tasks include "View reports," "Manage reports," and "Manage report server properties."
Tasks are predefined. You cannot create custom tasks or modify the ones provided either programmatically or through a tool.
Each task consists of a set of permissions, which are also predefined. For example, the "Manage folders" task contains the permissions create and delete folders, and view and update folder properties. Users never interact with permissions directly. Users are granted permissions indirectly through the tasks that are included in role definitions. These permissions allow access to specific report server functionality. For example, users who have permission to subscribe to reports can use subscription-related pages and buttons in Report Manager to create and manage subscriptions. Users who do not have permission do not see subscription-related pages in Report Manager.
To work, a task must be assigned to a role that is actively used in a security policy. A task that is not assigned to a role has no impact on user actions or security. The following diagram shows how permissions are combined into tasks, and how tasks are combined into role definitions that can be used for specific role assignments.
Tasks fall into two categories: system level and item level. A role can include tasks only from a single category. The following table describes each category of tasks.
|Item-Level Tasks||Actions that are performed on items managed by a report server, such as folders, reports, and resources.|
|System-Level Tasks||Actions that are performed at the system level, such as managing jobs or shared schedules that can be used with many items.|