Menu
I'm writing a powershell script to deploy a number of reports to SQL Server Reporting Services 2008 R2 using the SSRS web services. I'm pretty happy with the approach, it was easy to create a new deployment folder and upload the reports. Following is a snippet of code showing creation of a folder :
$reportServerUri = "http://{0}/ReportServer/ReportService2005.asmx" -f $reportServerName
$proxy = New-WebServiceProxy -Uri $reportServerUri -Namespace SSRS.ReportingService2005 -Credential $credential
#Dont currently set any properties so set empty array of properties
$propertyArray = @()
$warnings = $proxy.CreateFolder($folderName, $folderParent, $propertyArray)
However I'd also like to be able to set permissions on the folder and this is where I am a bit stuck. What I want to replicate is where, from the web UI, I would select the security option of the folder and add a user\group against a role.
I thought this might be done through the propertyArray on the createFolder call but I haven't been able to find any information in the docs yet (probed existing properties and can't see anything relevant), I've been looking at http://msdn.microsoft.com/en-us/library/cc282788.aspx for guidance. So reached a dead end there. I thought there might be a specific method to manage permissions at this level but have not been able to identify one.
I am using the ReportingService2005 web services, I know there are also 2010 web services but I havent been able to find what I'm looking for there either.
Does anyone know how I add permissions to folders using the web services api (and presumably a consistent method for other objects like reports and shared data sources)? I assume it must be possible as the web UI allows you to do it. This is not a powershell question but instead about the api's to use to manage permissions.
Update - Below is the snippet of code that seems to do the job. I need to refine this a bit as it looks like the update to policies must include the original list so I need to get the current policies, add my new policy to this and update with the full list. But I'll fix that later!
$Policies = $global:ssrsproxy.GetPolicies($ItemPath, [ref] $InheritsFromParent)
$PolicyAlreadyExists = $false
$Policies | Foreach-Object{ if ($_.GroupUserName -eq $GroupUserName)
{$PolicyAlreadyExists = $true} }
$Policies | Foreach-Object{ $_ | get-member }
if ($PolicyAlreadyExists){
"Policy already applied."
} else {
$Policy = New-Object SSRS.ReportingService2005.Policy
$Policy.GroupUserName = $GroupUserName
$Roles = @()
$Role = New-Object SSRS.ReportingService2005.Role
$Role.Name = $RoleName
$Roles += $Role
$Policy.Roles = $Roles
$global:ssrsproxy.SetPolicies($ItemPath, $Policy)
"Policy applied."
}
605
To provide security for a single SSRS report, Please click the down arrow beside the report to open the menu items. Please select the Security option from the menu items. Browser: This is the basic role that can assign to the user. A user with Browser role can View Reports, Folders, Models, and resources.
Click Home, and then click Folder settings. From there, create a new role assignment so that you can grant access to the “Content Manager” role. To grant access so that the user can edit or build reports, you can give them additional permissions in SSRS, such as the Report Builder permission to the Home folder.
Use the SetPolicies method. First define an array of Policy(s) containing group/user and required roles, then pass this array to SetPolicies along with the item.
94
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
