Security Report

This forum is now locked, since Gold Support is no longer offered.

Moderator: SourceGear

Locked
shatfield
Posts: 5
Joined: Wed Apr 27, 2005 8:42 am

Security Report

Post by shatfield » Thu Jul 21, 2005 2:53 pm

The Audit Department has asked me to provide a security report of all users and which folders in which repositories they have access to, as well as what type of access each user has to those folders. Apparently this is a Sarbanes-Oxley related request.

Is this something that Vault currently provides (that I can't seem to find) or is this something that can be done manually by querying the database? Apparently this is very important for them to have.

Thanks for any help!
Steven Hatfield
MassMutual Settlement Solutions

jclausius
Posts: 3706
Joined: Tue Dec 16, 2003 1:17 pm
Location: SourceGear
Contact:

Post by jclausius » Thu Jul 21, 2005 3:30 pm

You could get this information "manually" by looking at the admin tool.

As for reporting, you could do this using a cursor and looping through each user (sgvault.dbo.tblusers) and for each distinct repository (sgvault.dbo.tblrepositories) (cursor #2), call sgvault.dbo.ufngetusersecurityrights(repid, userid, DEFAULT).
Jeff Clausius
SourceGear

shatfield
Posts: 5
Joined: Wed Apr 27, 2005 8:42 am

Manual... ok.

Post by shatfield » Mon Jul 25, 2005 2:11 pm

Is there a way that I can get this information from the web service(s) provided by Vault? Maybe I could write a little C# project that would do this for us....

Thanks for any info,
Steven

dan
Posts: 2448
Joined: Wed Dec 17, 2003 5:03 pm
Location: SourceGear
Contact:

Post by dan » Mon Jul 25, 2005 2:50 pm

This is certainly possible. The admin service doesn't have a nice client side library like the regular vault client service does, but the web service itself is accessible.

You can use the command line source code as an example of how to get set up, and once you are connected to the admin service, you can issue the web service commands (see http://www.sourcegear.com/vault/downloads.html, Client API Installer for CLC source code).

Or, you can see Jeremy's blog at http://weblogs.asp.net/jeremy_sheeley/a ... 75860.aspx for how to set up a simple client. Note that Jeremy's client is a regular client, and not an admin client, so you'd need to create an admin connection using myClient.Init(VaultClientNetLib.VaultConnection.AccessLevelType.Admin).

You can see the available admin service commands from your vault server at http://[vaultserver]/VaultService/VaultAdminService.asmx

Email me using the button below if you run into any questions or problems.

Locked