How to Check if a User Has Permissions for a Resource
Updated: November 1, 2013
Applies To: System Center 2012 Configuration Manager, System Center 2012 Configuration Manager SP1, System Center 2012 R2 Configuration Manager
In System Center 2012 R2 Configuration Manager, you can check whether a user has permission for a resource using the GetCollectionsWithResourcePermissions method in the SMS_RbacSecuredObject class.
Important |
|---|
The SMS_SecuredObject Server WMI Class contains a list of available permissions. |
To check if a user has permissions for a resource
Create a dictionary object to pass object name and permissions to check for to the GetCollectionsWithResourcePermissions Method in Class SMS_RbacSecuredObject.
Call the GetCollectionsWithResourcePermissions Method in Class SMS_RbacSecuredObject, passing in the dictionary object.
The method returns true, if the user has the permissions.
Example
The following example checks to see if the user has resource permissions.
public bool CheckUserPermissions(ConnectionManagerBase connectionManager, string resourceID) { bool result = false; int iId = 0; IResultObject outParams = null; if (int.TryParse(resourceID, out iId) == false) { throw new ArgumentException("Invalid resource ID"); } //ControlAMT permissions. int controlAMT = 0x1000000; try { Dictionary<string, object> inParams = new Dictionary<string, object>(); inParams["Permissions"] = controlAMT; inParams["ResourceID"] = iId; outParams = connectionManager.ExecuteMethod("SMS_RbacSecuredObject", "GetCollectionsWithResourcePermissions", inParams); if (outParams != null) { //If the return value equals 0 and the array is not empty, the user has the resource permissions. if (outParams["ReturnValue"].IntegerValue == 0 && outParams["CollectionIDs"].StringArrayValue.Length != 0) { result = true; } } } finally { if (outParams != null) { outParams.Dispose(); } } return result; }
Compiling the Code
The C# example requires:
Microsoft.ConfigurationManagement.ManagementProvider
Microsoft.ConfigurationManagement.ManagementProvider.WqlQueryEngine
System
adminui.wqlqueryengine
microsoft.configurationmanagement.managementprovider
mscorlib
Robust Programming
For more information about error handling, see About Configuration Manager Errors.

The example method has the following parameters:
Parameter
Type
Description
connection
Managed: connectionManager
A valid connection to the SMS Provider.
resourceID
String
Unique ID, supplied by Configuration Manager, for the resource.