AceStruct Class

 

Updated: February 25, 2016

Represents an access control entry for a trustee (user, group, or computer) that specifies the operations that a trustee can perform on items in the report server database.

Namespace:   Microsoft.ReportingServices.Interfaces
Assemblies:   Microsoft.ReportingServices.Interfaces (in Microsoft.ReportingServices.Interfaces.dll)
  Microsoft.ReportingServices.SharePoint.UI.WebParts (in Microsoft.ReportingServices.SharePoint.UI.WebParts.dll)

System::Object
  Microsoft.ReportingServices.Interfaces::AceStruct

[SerializableAttribute]
public ref class AceStruct 

NameDescription
System_CAPS_pubmethodAceStruct(AceStruct^)

Creates a new instance of the AceStruct class based on an existing AceStruct object.

System_CAPS_pubmethodAceStruct(String^)

Creates a new instance of the AceStruct class with the specified principal name.

NameDescription
System_CAPS_pubmethodEquals(Object^)

(Inherited from Object.)

System_CAPS_protmethodFinalize()

(Inherited from Object.)

System_CAPS_pubmethodGetHashCode()

(Inherited from Object.)

System_CAPS_pubmethodGetType()

(Inherited from Object.)

System_CAPS_protmethodMemberwiseClone()

(Inherited from Object.)

System_CAPS_pubmethodToString()

(Inherited from Object.)

NameDescription
System_CAPS_pubfieldCatalogOperations

Specifies operations that users can perform on catalog item types.

System_CAPS_pubfieldDatasourceOperations

Specifies operations that users can perform on data source item types.

System_CAPS_pubfieldFolderOperations

Specifies operations that users can perform on folder item types.

System_CAPS_pubfieldModelItemOperations

Specifies operations that users can perform on model item operation types.

System_CAPS_pubfieldModelOperations

Specifies operations that users can perform on model operation types.

System_CAPS_pubfieldPrincipalName

Specifies a user, group, or computer name.

System_CAPS_pubfieldReportOperations

Specifies operations that users can perform on report item types.

System_CAPS_pubfieldResourceOperations

Specifies operations that users can perform on resource item types.

An AceStruct object contains collections of operations or permissions for an individual user, group or computer. A collection of AceStruct objects constitutes an AceCollection, which functions as the access control list for an item in the report server database.

AceStruct objects are a critical component to the security descriptor that is associated with securable items in the report server database. An AceStruct object is a data structure that contains the name of the principal user and the operations that the user is allowed to perform on a particular item in the report server database. An AceStruct is similar to an access control entry that you might be familiar with from other Microsoft server products, in that it is an element of an access control list (AceCollection object in Reporting Services). When evaluating an AceCollection, you enumerate one or more AceStruct objects as part of the collection. A simple access check using C# might look like the following:

// C#
AceCollection acl = DeserializeAcl(secDesc);
foreach(AceStruct ace in acl)
{
   if (userName == ace.PrincipalName)
   {
      foreach(FolderOperation aclOperation in ace.FolderOperations)
      {
         if (aclOperation == requiredOperation)
         return true;
      }
   }
}

When working with access control entries, you do not specify operations or trustees. This is handled by the report server and the Report Server Web service methods for setting policies and assigning roles. In your security extension, you need only process the access control entries and grant or deny access based on a given set of conditions.

Any public static ( Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.

Return to top
Show: