BDC User Permission List ---- Add users from API

  • Article

Recently I came across an interesting request from my customer, who wanted to add users to the “BDC User Permission List” in the central admin. There is a How To article on MSDN and SDK – “How to: Add an Access Control Entry to a Metadata Object”, but unfortunately that doesn’t work.

 

After researching, I found that the API to use is the “ApplicationRegistry” API. This API provides access to all of the line-of-business (LOB) systems and LOB system instances registered in the Business Data Catalog. This is the top-level object in the Business Data Catalog's object model.

 

The sample in SDK tries to use one of the LOBInstances and then tries to add the users with their permissions to the BDC User Permission list. But this doesn’t work. To add the users to the BDC permission list, you need to add the users to the ApplicationRegistry object, which is at a level above the LOBInstances class. Below is the code I used to achieve the functionality:

<Code>

using System;

using System.Collections.Generic;

using System.Text;

using Microsoft.Office.Server.ApplicationRegistry.Administration;

using Microsoft.Office.Server.ApplicationRegistry.Infrastructure;

using WSSAdmin = Microsoft.SharePoint.Administration;

using OSSAdmin = Microsoft.Office.Server.Administration;

namespace C

{

    class GetStartedAndCreateSystem

    {

        const string yourSSPName = "SharedServices1";

        const string userName = "domainname\\username";

        static void Main(string[] args)

        {

            SetupBDC();

            SetAccessControlListForSpecifiedUser();

            Console.WriteLine("Press any key to exit...");

            //Console.Read();

        }

        static void SetupBDC()

        {

            SqlSessionProvider.Instance().SetSharedResourceProviderToUse(yourSSPName);

        }

        public static void SetAccessControlListForSpecifiedUser()

        {

            //replace the domain and user names here

            String currentIdentity = userName;

            try

            {

                ApplicationRegistry registry = ApplicationRegistry.Instance;

                IAccessControlList acl = registry.GetAccessControlList();

                acl.Add(new IndividualAccessControlEntry(currentIdentity, BdcRights.SetPermissions | BdcRights.Execute));

                registry.SetAccessControlList(acl);

            }

            catch (Exception Ex)

            {

                //your exception handling code here

            }

            Console.WriteLine("Done");

        }

    }

}

</Code>