randypaulo 6:00 pm on February 22, 2012
Tags: , , ,   

[Powershell] Set user permission in SSRS Item (SQL Reporting Server) using powershell


Combining both (article1 and article2), i was able to come up with a powershell script to set user permission in SQL Reporting Services (SSRS)

<#
.SYNOPSIS
        Set user permissions in SQL Reporting Services using Web Service

.DESCRIPTION
        Set user permissions in SQL Reporting Services using Web Service

.EXAMPLE
        Add-SSRSItemSecurity -webServiceUrl "http://[ServerName]/ReportServer/ReportService2005.asmx" -itemPath "MyReportFolder" -groupUserName RPAULO\User1 -role Browser

.EXAMPLE
        Add-SSRSItemSecurity -url "http://[ServerName]/ReportServer/ReportService2005.asmx" -itemPath "MyReportFolder" -u RPAULO\User1 -r "Content Manager"

#>
function Add-SSRSItemSecurity
(
        [Parameter(Position=0,Mandatory=$true)]
        [Alias("url")]
        [string]$webServiceUrl,

        [Parameter(Position=1,Mandatory=$true)]
        [Alias("path")]
        [string]$itemPath,
        
        [Parameter(Position=2,Mandatory=$true)]
        [Alias("u")]
        [string]$groupUserName,
        
        [Parameter(Position=3,Mandatory=$true)]
        [Alias("r")]
        [string]$role,
        
        [Parameter(Position=2)]
        [bool]$inherit=$true
)

{
        
        #Fix item path if not starting with /
        if(!$itemPath.StartsWith("/")) { $itemPath = "/" + $itemPath}
        
        #Create Proxy
        Write-Host "[Add-SSRSItemSecurity()] Creating Proxy, connecting to : $webServiceUrl"
        $ssrsProxy = New-WebServiceProxy -Uri $webServiceUrl -UseDefaultCredential
        
        $type = $ssrsProxy.GetType().Namespace;
        $policyType = "{0}.Policy" -f $type;
        $roleType = "{0}.Role" -f $type;
        
        Write-Host "[Add-SSRSItemSecurity()] Retrieving all existing policies."
        $policies = $ssrsProxy.GetPolicies($itemPath, [ref]$inherit);
        
        $a = 1;
        foreach($policy in $policies)
        {

                foreach($r in $policy.Roles)
                {
                        $msg = "[Add-SSRSItemSecurity()]  Existing Policy # {0} Group Name: {1}, Role: {2}" -f $a, $policy.GroupUserName, $r.Name
                        Write-Host $msg
                }
                $a+=1;
        }

        $msg = "[Add-SSRSItemSecurity()] Total Existing Policies: " + $policies.Length;
        Write-Host $msg
        
        $Policy = $policies | 
    Where-Object { $_.GroupUserName -eq $groupUserName } | 
    Select-Object -First 1
        
        if (-not $Policy) {
            $Policy = New-Object ($policyType)
            $Policy.GroupUserName = $GroupUserName
            $Policy.Roles = @()
            $Policies += $Policy
                $msg = "[Add-SSRSItemSecurity()] Adding new policy: '{0}'" -f $GroupUserName
                Write-Host $msg
        }

        $r = $Policy.Roles |
            Where-Object { $_.Name -eq $role } |
            Select-Object -First 1
        if (-not $r) {
            $r = New-Object ($roleType)
            $r.Name = $role
            $Policy.Roles += $r
                $msg = "[Add-SSRSItemSecurity()] Adding new role: '{0}'" -f $role
                Write-Host $msg
        }
        
        #Set the policies
        $ssrsProxy.SetPolicies($itemPath,$policies);

}