BOB: Business Objects Board
Not endorsed by or affiliated with SAP

Register | Login 

Want to sponsor BOB? 
Want to sponsor BOB? (Opens a new window)  

General Notice: BOB is going to retire...please see details here.
General Notice: No events within the next 45 days.

SeeSec - security detail for XIr2 and XI3
1 members found this topic helpful
Goto page Previous  1, 2
Search this topic... | Search BOB's Downloads... | Search Box
Register or Login to Post    Forum Index -> BOB's Downloads  Previous TopicPrint TopicNext Topic
Author Message
Forum Member
Forum Member

Joined: 25 May 2016

Posts: 4

PostPosted: Wed May 25, 2016 7:13 am 
Post subject: Re: SeeSec - security detail for XIr2 and XI3

Is it possible to get this code approach on Excel VBA?
Back to top
Forum Fanatic
Forum Fanatic

Joined: 29 Aug 2002

Posts: 6671
Location: Connecticut, USA

PostPosted: Wed May 25, 2016 9:05 am 
Post subject: Re: SeeSec - security detail for XIr2 and XI3

Sort of. The COM implementation of the Platform SDK is not as complete as Java. The code has the following limitations:
  • No detailed rights are displayed
  • All objects appear to inherit rights from parent folders and groups

The second point may not appear to be significant, but it means that objects that break inheritance from their parents will not display in the output (they will in the Java version).

So, use at your own risk:
Option Explicit
' Required references:
' Crystal Enterprise Framework Library 14.0
' Crystal Enterprise InfoStore Library 14.0
' Microsoft Scripting Runtime

' Set the following three variables with logon info the the CMS.
Const strUser = "<user name>"
Const strCMS = "<cms name>"
Const strPwd = "<user password>"
Dim infoStore As infoStore
Dim c As Range
Dim allPrincs As Dictionary

Sub SeeSec()
    With ActiveSheet
        .Range("a1") = "Principal"
        .Range("b1") = "Object ID"
        .Range("c1") = "Object Kind"
        .Range("d1") = "Path"
        .Range("e1") = "Access Levels"
        .Range("f1") = "Inherits Folder"
        .Range("g1") = "Inherits Group"
        .Range("h1") = "Advanced Right Count"
    End With

    Set c = Range("a2")
    ' Log in to CMS and get infoStore
    Dim oSessionMgr As SessionMgr
    Dim oEnterpriseSession As EnterpriseSession
    Set oSessionMgr = New CrystalEnterpriseLib.SessionMgr
    Set oEnterpriseSession = oSessionMgr.Logon(strUser, strPwd, strCMS, "secEnterprise")
    Set infoStore = oEnterpriseSession.Service("", "InfoStore")
    Dim ioPrincs As InfoObjects
    Dim ioPrinc As InfoObject
    Set allPrincs = New Dictionary
    Set ioPrincs = infoStore.Query("select si_id,si_name from ci_systemobjects where si_kind in ('user','usergroup','customrole')")
    For Each ioPrinc In ioPrincs
        allPrincs.Add ioPrinc.ID, ioPrinc.Title

    ' Hold the last ID in each batch, so we know where to start the next one.
    Dim theID As Long
    Dim iObjects As InfoObjects
    While (True)
        Set iObjects = infoStore.Query("SELECT TOP 1000 si_path,si_id,si_kind,si_parentid FROM CI_infoobjects,ci_systemobjects,ci_appobjects where si_kind not in ('personalcategory','MetaData.DataDBField','MetaData.BusinessField','AuditEventInfo','BIWidgets','ClientAction','ClientActionSet','ClientActionUsage') and si_kind not like 'Encyclopedia%' and si_instance = 0 and si_id > " & theID & " order by si_id")
        If iObjects.Count = 0 Then GoTo skipit
        theID = printEm(infoStore, iObjects)
    Debug.Print "Done!"
   End Sub
Function printEm(oInfoStore As infoStore, iObjects As InfoObjects) As Long
    Dim maxID As Long
    Dim iObject As InfoObject
    For Each iObject In iObjects
        maxID = iObject.ID
        Dim objectSecurityInfo As SecurityInfo2
        Set objectSecurityInfo = iObject.SecurityInfo2
        Dim iEPs As ExplicitPrincipals
        Set iEPs = objectSecurityInfo.ExplicitPrincipals
        Dim iEP As ExplicitPrincipal
        For Each iEP In iEPs
            If (iObject.Kind = "Inbox" Or iObject.Kind = "FavoritesFolder" Or iObject.Kind = "PersonalCategory") _
                And LCase(iEP.Name) = LCase(iObject.Title) Then
                    GoTo skipout ' skip inbox & favorites folders for their owners.
            End If
            If iEP.Rights.Count = 0 And iEP.Roles.Count = 0 And iEP.InheritFolders And iEP.InheritGroups Then
                GoTo skipout ' nothing to see here (no rights assigned, inheriting folders & groups)
            End If
            Dim iERights As ExplicitRights
            Set iERights = iEP.Rights

            c.Value = allPrincs.Item(iEP.ID)
            c.Offset(0, 1) = iObject.ID
            c.Offset(0, 2) = iObject.Kind
            c.Offset(0, 3) = getObjectPath(iObject)
            Dim iERoles As ExplicitRoles
            Dim IERole As ExplicitRole
            Set iERoles = iEP.Roles

            For Each IERole In iERoles
                c.Offset(0, 4) = c.Offset(0, 4) & allPrincs.Item(IERole.ID) & "," ' should be Title
            If iERoles.Count > 0 Then
                c.Offset(0, 4) = Left(c.Offset(0, 4), Len(c.Offset(0, 4)) - 1)
            End If

            If iEP.InheritFolders Then
                c.Offset(0, 5) = "Y"
                c.Offset(0, 5) = "N"
            End If
            If iEP.InheritGroups Then
                c.Offset(0, 6) = "Y"
                c.Offset(0, 6) = "N"
            End If
            c.Offset(0, 7) = iERights.Count
            Set c = c.Offset(1, 0)
    printEm = maxID

End Function
Function getObjectPath(inObject As InfoObject)
    Dim oio As InfoObject: Set oio = inObject
        getObjectPath = oio.Title & "/" & getObjectPath
        Set oio = oio.Parent
    Loop Until oio.ID = 4
End Function

Last edited by joepeters on Tue Jun 21, 2016 10:11 am, edited 1 time in total
Back to top
Forum Member
Forum Member

Joined: 25 May 2016

Posts: 4

PostPosted: Thu May 26, 2016 3:24 am 
Post subject: Re: SeeSec - security detail for XIr2 and XI3

Thank you icon_smile.gif
Back to top
Display posts from previous:   
Register or Login to Post    Forum Index -> BOB's Downloads  Previous TopicPrint TopicNext Topic
Page 2 of 2 All times are GMT - 5 Hours
Goto page Previous  1, 2
Jump to:  

Index | About | FAQ | RAG | Privacy | Search |  Register |  Login 

Get community updates via Twitter:

Not endorsed by or affiliated with SAP
Powered by phpBB © phpBB Group
Generated in 0.0294 seconds using 17 queries. (SQL 0.0030 Parse 0.0009 Other 0.0255)
CCBot/2.0 (
Hosted by | Terms of Service
phpBB Customizations by the
Shameless plug for Moments of Light Logo