#1 2017-01-18 09:55:49

Frank Lee
Member
Registered: 2017-01-03

How to give login privilege to a newly created user

Hi,

We are able to create new users and gave them permission to access the RS by going through "Administration / Permissions / ReportServer Acess".

By this users are able to login , but we were trying to create new users through scripts and we are able to achieve that. The issue is these users cannot login into RS unless they are given permissions through Administration/Permissions.

Is there any alternative way to set user permissions, may be while creating users through scripts.

Regards,
Frank Lee

Offline

#2 2017-01-18 10:54:30

karolina
Member
Registered: 2014-08-09

Re: How to give login privilege to a newly created user

Hi Frank,

One of the way of achieving this is:
1. Create a group 'Users'
2. Grant permission to login for the whole group
3. Add users to the group 'Users' - not each user individually, but via OU (Organizational Unit)

Then when you add a user to OU, it will be automatically added to the Users group (provided that the OU is added to users) and will be able to login

Hope it helps.

Karolina

Offline

#3 2017-02-03 11:17:06

eduardo
Administrator
Registered: 2016-11-01
Website

Re: How to give login privilege to a newly created user

Hi Frank,

as Karolina said, you can add the user either to an OU with this right or to a group with this right.

You can also set this programatically, either for the specific user or to a group/OU. For example

import net.datenwerke.security.service.usermanager.UserManagerService;
import net.datenwerke.security.service.usermanager.entities.User;
import net.datenwerke.security.service.usermanager.entities.OrganisationalUnit;
import net.datenwerke.rs.core.service.genrights.access.AccessRsSecurityTarget;
import net.datenwerke.security.service.security.rights.Execute;
import net.datenwerke.security.service.security.entities.Ace;
import net.datenwerke.security.service.security.entities.AceAccessMap;
import net.datenwerke.security.service.security.entities.Acl;
import net.datenwerke.security.service.security.SecurityService;
import net.datenwerke.security.service.security.SecurityServiceSecuree;

UserManagerService userManagerService = GLOBALS.getInstance(UserManagerService.class);
SecurityService securityService = GLOBALS.getInstance(SecurityService.class);

/* create user */
User user = new User();
user.setUsername("mySampleUser");
user.setFirstname("Sample");
user.setLastname("Test");
				
				
List<OrganisationalUnit> ouList = userManagerService.getOUsByName("myOU");
for (OrganisationalUnit ou: ouList) {
	ou.addChild(user);
}
userManagerService.persist(user);
userManagerService.merge(user);
				
userManagerService.setPassword(user, "abcdef");
		
Class target = AccessRsSecurityTarget.class;
Acl acl = securityService.loadGenericTarget(target).getAcl();
Ace ace = securityService.createACE(target);
ace.setFolk(user);
AceAccessMap aceMap = ace.getAccessMap(SecurityServiceSecuree.SECUREE_ID);
		
aceMap.addAccessRight(new Execute());

acl.addAce(ace);
securityService.merge(acl);
securityService.persist(acl);

"User created"

Cheers,
Eduardo

Offline

Board footer

Powered by FluxBB