private void ChangeAccess(string username)
{
string connection = @"Data Source=LAPTOP-9BG7K3OP;Initial Catalog=BSK_2;Integrated Security=True";
string databasename = "BSK_2";
try
{
using (SqlConnection conn = new SqlConnection(connection))
{
conn.Open();
string sql2 = String.Format("USE {0};", databasename) + String.Format("SELECT ClearanceLevelNumber FROM MacSec.Users WHERE LoginName = '{0}';", username);
SqlCommand cmd2 = new SqlCommand(sql2, conn);
try
{
SqlDataReader reader = cmd2.ExecuteReader();
string output = "";
try
{
if (reader.Read())
{
output = (String.Format("{0}", reader["ClearanceLevelNumber"]));
}
}
finally
{
// Always call Close when done reading.
reader.Close();
}
foreach (string command in DenyAccesLevel.DenyAccess(username, Convert.ToInt32(output)))
{
SqlCommand sqlCommand = new SqlCommand(command, conn);
sqlCommand.ExecuteNonQuery();
}
}
catch (Exception ex)
{
MessageBox.Show(ex.Message);
Console.WriteLine(ex.Message);
}
}
}
catch (Exception ex)
{
MessageBox.Show(ex.Message);
Console.WriteLine(ex.Message);
}
}
public bool CreateUser(string username, string password)
{
string connection = @"Data Source=LAPTOP-9BG7K3OP;Initial Catalog=BSK_2;Integrated Security=True";
string databasename = "BSK_2";
try
{
using (SqlConnection conn = new SqlConnection(connection))
{
conn.Open();
string sql = "CREATE LOGIN " + username + " WITH PASSWORD = '******'; USE " + databasename + "; CREATE USER " + username + " FOR LOGIN " + username + ";" +
"alter role [db_datareader] add member [" + username + "];" +
"alter role [db_datawriter] add member [" + username + "];";
SqlCommand cmd = new SqlCommand(sql, conn);
cmd.ExecuteNonQuery();
string sql2 = "insert into MacSec.Users Values(" + "'" + username + "'," + "'Unclassified'," + "0);";
SqlCommand cmd2 = new SqlCommand(sql2, conn);
cmd2.ExecuteNonQuery();
foreach (string command in DenyAccesLevel.FillDenyList0(username))
{
SqlCommand sqlCommand = new SqlCommand(command, conn);
sqlCommand.ExecuteNonQuery();
}
}
Thread.Sleep(50);
return(ConnectToDataBase(username, password));
}
catch (Exception ex)
{
MessageBox.Show(ex.Message);
Console.WriteLine(ex.Message);
return(ConnectToDataBase(username, password));
}
}