如何使用SQL Query在SSRS报告中为多个用户设置权限?

时间:2018-03-22 10:50:24

标签: sql-server reporting-services ssrs-2008 ssrs-2012 user-permissions

我正在开发一个SQL Server Reporting Services(SSRS)报表项目,在该项目中,我必须授予150个具有不同角色的不同用户的访问权限。有没有办法通过SQL查询提供用户访问,这简化了我的工作?

如果是有效问题,请提升。

1 个答案:

答案 0 :(得分:1)

我会为每个角色设置一个Active Directory组,然后将角色与报告文件夹相关联。然后是管理AD小组成员资格的问题。

在SSRS中,必须在SQL Server Management Studio,SSMS中执行新角色和对现有角色的调整。打开SSMS后,单击“连接”并选择“Reporting Services ...”

enter image description here

输入您的服务器名称和登录信息,然后单击“连接”。

enter image description here

连接到报表服务器后,打开安全文件夹,右键单击“角色”,然后单击“新角色...”

我创建了2个新角色(“浏览器组”,“功能所有者”),其权限与“浏览器”相同。

然后在报告管理器上单击文件夹的向下箭头,然后选择“安全性”

然后点击“新角色分配”

然后输入Active Directory组或电子邮件地址,并检查您创建的新角色。

然后,您可以在服务器中查询权限并在报告中显示这些权限。

;WITH 
catalog_type_description
AS
(
    SELECT tbl.* FROM (VALUES
      ( 1, 'Folder')
    , ( 2, 'Report')
    , ( 3, 'Resource')
    , ( 4, 'Linked Report')
    , ( 5, 'Data Source')
    , ( 6, 'Report Model')
    , ( 8, 'Shared Dataset')
    , ( 9, 'Report Part')
    ) tbl ([TypeID], [TypeDescription]) 
    WHERE 
        TypeID = 1
)
, 
nonreport_folders
AS
(
    SELECT tbl.* FROM (VALUES
      ( 'Images')
    , ( 'SharedDataSets')
    , ( 'Data Sources')
    , ( '')
    ) tbl ([FolderName]) 
)
, 
reporting_role_names -- added roles to the report server
AS
(
    SELECT tbl.* FROM (VALUES
      ( 'Browser Group')
    , ( 'Functional Owner')
    ) tbl ([RoleName]) 
)
, 
user_list
AS
(
    SELECT 
          usr.UserID
        , usr.UserName
        , UserNameFormat = 
            CASE 
                WHEN CHARINDEX('\', usr.UserName) > 0 THEN UPPER(SUBSTRING(usr.UserName ,CHARINDEX('\', usr.UserName) + 1, LEN(usr.UserName)))
                ELSE usr.UserName 
            END 
    FROM 
        dbo.Users AS usr
)
, 
reporting_roles
AS
(
    SELECT 
          cat.Name
        , rol.RoleName
        , usr.UserNameFormat
        , ReportingRoleName = rpt.RoleName
    FROM 
        dbo.[Catalog] AS cat
        INNER JOIN catalog_type_description AS tpd ON cat.[Type] = tpd.TypeID   
        LEFT JOIN dbo.PolicyUserRole AS urol ON urol.PolicyID = cat.PolicyID
        LEFT JOIN dbo.Roles AS rol ON urol.RoleID = rol.RoleID
        LEFT JOIN reporting_role_names AS rpt ON rpt.RoleName = rol.RoleName
        LEFT JOIN dbo.Policies AS pol ON urol.PolicyID = pol.PolicyID
        LEFT JOIN user_list AS usr ON urol.UserID = usr.UserID
        LEFT JOIN nonreport_folders AS nrf ON nrf.FolderName = cat.Name
    WHERE 
        1=1
        AND nrf.FolderName IS NULL
)
SELECT DISTINCT
      FolderName = rpt.Name
    , rpt.RoleName
    , UserNameFormat = STUFF((SELECT '; ' + rol.UserNameFormat FROM reporting_roles rol WHERE rol.RoleName = rpt.RoleName AND rol.Name = rpt.Name FOR XML PATH('')),1,1,'')
    , ReportingRoleName
FROM 
    reporting_roles AS rpt

参考文献:

https://social.technet.microsoft.com/wiki/contents/articles/40150.ssrs-how-to-setup-the-folder-security-roles-in-sql-server-reporting-services.aspx

https://code.msdn.microsoft.com/SQL-Server-Reporting-SSRS-50c4d06b

http://bhushan.extreme-advice.com/user-roles-and-permissions-in-ssrs/

https://www.mssqltips.com/sqlservertip/2793/sql-server-reporting-services-2012-permissions/

相关问题
最新问题