Saturday, February 14, 2009

How to use AzMan to manage roles with Active Directory

How to use AzMan to manage roles with Active Directory

In my recent project I had a requirement to configure user roles in AzMan with Active Direcrtory. AzMan consist of Operations, Tasks and Roles.  List of operations can be added into Tasks and list of Tasks can be added into Roles.  You can play with AzMan with a snapin (just type Azman.msc in your run command) that will come with windows server 2003, or if you install 2003 administrative tools for XP professional.  

Sample Active Directory Connection String : 
msldap://Server IP/CN=AzManStore,DC=Domain Name

Initializing the AzMan Store:
Dim _AzManStore As New AzAuthorizationStore()
        _AzManStore.Initialize(0, Convert.ToString(ConfigurationManager.ConnectionStrings("ADRoleConnectionString")), Nothing)
        _azApp = _AzManStore.OpenApplication(Roles.ApplicationName)
        _azRoleProvider = New AzManRoleProvider()

Getting the list of Operations from AzMan:
Public Function GetOperations(ByVal username As String) As List(Of IAzOperation)
        Dim _Operations As New List(Of IAzOperation)

        For Each azOperation As IAzOperation In _azApp.Operations
            If Me.IsOperationAllowed(azOperation, username) Then
                _Operations.Add(azOperation)
            End If
        Next

        Return _Operations
    End Function

Getting the list of operations based on a given task:
Public Function GetOperationsByTask(ByVal username As String, ByVal taskName As String) As List(Of IAzOperation)
        Dim _Operations As New List(Of IAzOperation)
        Dim _azTask As IAzTask

        If taskName.Length > 0 Then
            _azTask = _azApp.OpenTask(taskName)

            For i As Integer = 0 To _azTask.Operations.Length - 1
                Dim _TaskOperation As IAzOperation = _azApp.OpenOperation(_azTask.Operations(i))
                If Me.IsOperationAllowed(_TaskOperation, username) Then
                    _Operations.Add(_TaskOperation)
                End If
            Next
        End If
        

        Return _Operations
    End Function

Checking whether an operation is allowed for a user:
Private Function IsOperationAllowed(ByVal pOperation As IAzOperation, ByVal pUsername As String) As Boolean
        Dim _User As MembershipUser = Membership.GetUser(pUsername)
        Dim userContext As IAzClientContext = _azApp.InitializeClientContextFromStringSid(_User.ProviderUserKey.ToString, 1, Nothing)

        'Check if user has access to the operations
        Dim operationIds() As Object = {pOperation.OperationID}
        Dim scope() As Object = {String.Empty}

        Dim result() As Object = userContext.AccessCheck("Auditstring", scope, operationIds)

        'Test the integer array we got back to see which operations are authorized
        If (result(0) = NO_ERROR) Then
            Return True
        Else
            Return False
        End If
    End Function 

How to get the list of reports from SSRS using VB.NET

Here is the sample code to get the list of reports in a tree structure, before this you need to add the web reference to your reporting server's web service, a sample url will loook like this:

http:///reportserver/reportservice2005.asmx 

Here is the sample code.

Public Shared Function GetReportsNode(ByVal pUserName As String, ByVal pPassword As String, ByVal pDomain As String) As TreeNode
        Dim _reportRoot As TreeNode
        Dim _report As TreeNode
        Dim _folder As TreeNode
        Dim _condition As reportservice2005.SearchCondition
        Dim _conditions(0) As reportservice2005.SearchCondition
        Dim _cReports As reportservice2005.CatalogItem()
        Dim _cItems As reportservice2005.CatalogItem()
        Dim _rp As reportservice2005.ReportingService2005 = New reportservice2005.ReportingService2005()

        'Pass login credentils to SSRS
        _rp.Credentials = New System.Net.NetworkCredential(pUserName, pPassword, pDomain)
        '_rp.Credentials = System.Net.CredentialCache.DefaultCredentials

        'Get the list of all items
        _cItems = _rp.ListChildren("/", True)
        _reportRoot = New TreeNode("Reports")
        _reportRoot.NavigateUrl = "#"

        For Each _cItem As reportservice2005.CatalogItem In _cItems
            If _cItem.Type = reportservice2005.ItemTypeEnum.Folder Then
                _condition = New reportservice2005.SearchCondition

                'Build the condition object to get all the reports from a folder, by setting Report property "Name" to empty
                _condition.Condition = reportservice2005.ConditionEnum.Contains
                _condition.ConditionSpecified = True
                _condition.Name = "Name"
                _condition.Value = ""

                _conditions(0) = _condition

                _folder = New TreeNode(_cItem.Name)
                'Find all the items inside a given folder.
                _cReports = _rp.FindItems(_cItem.Path, reportservice2005.BooleanOperatorEnum.Or, _conditions)

                'loop through each item and create the tree structure
                For Each _cReport As reportservice2005.CatalogItem In _cReports
                    _report = New TreeNode(_cReport.Name)
                    _report.NavigateUrl = "Reports/Reports.aspx?ReportPath=" & _cReport.Path
                    _folder.ChildNodes.Add(_report)
                Next

                _reportRoot.ChildNodes.Add(_folder)
            End If
        Next

        Return _reportRoot
    End Function