IAuthorizationExtension.CheckAccess Method (String, IntPtr, Byte[], ReportOperation)


Updated: February 25, 2016

Indicates whether a user is authorized to access an item in the report server database for a given report operation.

Namespace:   Microsoft.ReportingServices.Interfaces
Assemblies:   Microsoft.ReportingServices.Interfaces (in Microsoft.ReportingServices.Interfaces.dll)
  Microsoft.ReportingServices.SharePoint.UI.WebParts (in Microsoft.ReportingServices.SharePoint.UI.WebParts.dll)

	PublicKey = "0024000004800000940000000602000000240000525341310004000001000100272736ad6e5f9586bac2d531eabc3acc666c2f8ec879fa94f8f7b0327d2ff2ed523448f83c3d5c5dd2dfc7bc99c5286b2c125117bf5cbe242b9d41750732b2bdffe649c6efb8e5526d526fdd130095ecdb7bf210809c6cdad8824faa9ac0310ac3cba2aa0523567b2dfa7fe250b30facbd62d4ec99b94ac47c7d3b28f1f6e4c8")]
bool CheckAccess(
	string userName,
	IntPtr userToken,
	byte[] secDesc,
	ReportOperation requiredOperation


Type: System.String

The name of the user requesting access to the report server.

Type: System.IntPtr

A user account token. This token is primarily used by the report server as a handle to a Microsoft Windows account in support of credential management for Windows Authentication.

Type: System.Byte[]

The security descriptor for the item.

Type: Microsoft.ReportingServices.Interfaces.ReportOperation

The operation being requested by the report server for a given user.

Return Value

Type: System.Boolean

Returns true if the currently authenticated user is granted access to the item based on the supplied operation and security descriptor.

The following example code uses the CheckAccess method to evaluate a user's authorization credentials against a security descriptor for an item in the report server database.

public bool CheckAccess(string userName, IntPtr userToken, byte[] secDesc, ReportOperation requiredOperation)
   AceCollection acl = DeserializeAcl(secDesc);
   foreach(AceStruct ace in acl)
       // First check to see if the user or group has an access control entry for the item
      if (userName == ace.PrincipalName)
          // If an entry is found, return true if the given required operation
          // is contained in the ACE structure.
         foreach(ReportOperation aclOperation in ace.ReportOperations)
             if (aclOperation == requiredOperation)
                return true;
   return false;

private AceCollection DeserializeAcl(byte[] secDesc)
   BinaryFormatter bf = new BinaryFormatter();
   MemoryStream sdStream = new MemoryStream(secDesc);
   AceCollection acl = (AceCollection)bf.Deserialize(sdStream);
   return acl;
Return to top