Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

SSRS check if user in group using Custom Assembly

I have created a Custom Assembly for my SSRS Project.

The Custom Assembly has got 2 functions, IsInGroup and MyTest:

using System;
using System.Collections.Generic;
using System.Text;
using System.Security.Principal;

namespace SSRS_Custom_Fuctions
{
    public class Class1
    {

        public static bool IsInGroup(string user, string group)
        {
            using (var identity = new WindowsIdentity(user))
            {
                var principal = new WindowsPrincipal(identity);
                return principal.IsInRole(group);
            }
        }

        public static string MyTest()
        {
            return "Hello World";
        }
    }
}

1) The basic function MyTest which returns a string 'Hello World' works perfectly fine from the Report using the expression =SSRS_Custom_Functions.Class1.MyTest()

2) The function IsInGroup which returns a boolean value is not working. This is using the System.Security.Principal namespace to check if the username passed to the function exists in the group passed to the function. When trying to invoke it using expression =SSRS_Custom_Functions.Class1.IsInGroup(User.User1, "MyGroupName"), the report is bailing out with the following error message:

request for the permission of type System.Security failed

I have modified the configuration files rssrvpolicy.config in the ReportingServices file path and RSPreviewPolicy.config in the the VisualStudio file path according to Microsoft KB920769.

I added a CodeGroup which gives FullTrust to my custom assembly.

The following has been added to the policy level element:

<CodeGroup class="UnionCodeGroup"
           version="1"
           PermissionSetName="FullTrust"
           Name="SSRS_Custom_Fuctions"
           Description="Code group for my data processing extension">

<IMembershipCondition class="UrlMembershipCondition"
                      version="1"
                      Url="C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\PrivateAssemblies\SSRS_Custom_Fuctions.dll"/>
</CodeGroup>

I am still getting the same error message as above.

like image 697
JsonStatham Avatar asked Jul 31 '12 13:07

JsonStatham


2 Answers

In your assembly, you need to Assert the SecurityPermission object first before using it.

using System;
using System.Collections.Generic;
using System.Text;
using System.Security.Principal;

namespace SSRS_Custom_Fuctions
{
    public class Class1
    {

        public static bool IsInGroup(string user, string group)
        {

        System.Security.Permissions.SecurityPermission sp = new System.Security.Permissions.SecurityPermission(System.Security.Permissions.PermissionState.Unrestricted);
        sp.Assert();

            using (var identity = new WindowsIdentity(user))
            {
                var principal = new WindowsPrincipal(identity);
                return principal.IsInRole(group);
            }
        }

        public static string MyTest()
        {
            return "Hello World";
        }
    }
}
like image 153
general exception Avatar answered Nov 19 '22 20:11

general exception


In the AssemblyInfo file you need to add namespace System.Security and

[assembly: AllowPartiallyTrustedCallers()] .

Sign the assembly with certificate and also deploy the same in GAC of machine.

like image 21
bhupendra patel Avatar answered Nov 19 '22 21:11

bhupendra patel