Assembly: Microsoft.ReportingServices.Interfaces (in microsoft.reportingservices.interfaces.dll)
/** @attribute CLSCompliantAttribute(false) */ public interface IAuthorizationExtension extends IExtension
Authorization is the process of determining whether an identity should be granted the requested type of access to a given resource in the report server database. This is accomplished in Reporting Services by storing and associating an access control list (AceCollection object) with each system and item resource in the report server database. Your authorization extension should provide an implementation of the CreateSecurityDescriptor method, which is called by the report server whenever a new role assignment is created for an item in the report server database. Your implementation of CreateSecurityDescriptor must, at minimum, serialize the AceCollection. You can optionally serialize additional user information as part of the security descriptor. Implement CheckAccess in order to evaluate whether a given user has the appropriate permissions to carry out a requested operation. Your implementation of CheckAccess should de-serialize the security descriptor, evaluate each AceStruct object, and check for a valid operation permission that corresponds to the username and the requested operation. If a matching operation is found, CheckAccess should return true.