Since Crystal Enterprise uses object security, you access a user's rights for an object by retrieving them directly from the InfoObject, which you gain from using InfoStore.Query. The SecurityInfo property provides your principal access to the rights of users and groups for an InfoObject. In particular, the ObjectPrincipals collection contains each user and group that has specific rights to this object. A user or group's rights may not be contained within this collection if the rights have been inherited and no specific rights for the user or group have been set on the object. If the user/group is not in ObjectPrincipals, then use the AnyPrincipal collection. The following section of code demonstrates how to retrieve the ObjectPrincipal (the object that contains, among other things, the user or group's rights) for a particular report.
Report = IStore.Query("Select SI_ID From CI_INFOOBJECTS Where SI_ID="+ReportID).Item(1);
SecurityInfo = Report.SecurityInfo;
Principal = SecurityInfo.ObjectPrincipals.Item("#" + UserID);
Response.Write ("There are no specific rights for this user.");
Principal=SecurityInfo.AnyPrincipal(UserID);
Response.Write ("There are no specific rights for this user.");
Note that when the ObjectPrincipal is retrieved from the collection, it uses the number sign concatenated to the user ID: this ensures that the value given to the collection is not treated as an index array. If the user does not have specific rights to this object, the call fails, and AnyPrincipal is used instead. Note that for AnyPrincipal you do not need the # sign: this is because the property is not strictly an array; rather, the user is looked up using the ID.
Note: You can always use AnyPrincipal if you want. It is used in this case to determine whether or not the user/group has specific rights to the object.
Go to the next section: Retrieving rights
| Crystal Decisions, Inc. http://www.crystaldecisions.com Support services: http://support.crystaldecisions.com |