public IEnumerable <Student> GetAllStudents()
{
const string sqlQuery = "SELECT S.FirstName, S.LastName, S.BirthDate, St.Name, E.Semester FROM Student S " +
" LEFT JOIN Enrollment E ON S.IdEnrollment = E.IdEnrollment " +
" LEFT JOIN Studies St ON E.IdStudy = St.IdStudy";
var students = new List <Student>();
using var connection =
new SqlConnection(AppSettingsUtils.GetConnectionString());
using var command = new SqlCommand
{
Connection = connection,
CommandText = sqlQuery
};
connection.Open();
var dataReader = command.ExecuteReader();
while (dataReader.Read())
{
var student = new Student
{
FirstName = dataReader["FirstName"].ToString(),
LastName = dataReader["LastName"].ToString(),
BirthDate = DateTime.Parse(dataReader["BirthDate"].ToString()).ToString("yyyy-MM-dd"),
StudiesName = dataReader["Name"].ToString(),
Semester = Parse(dataReader["Semester"].ToString())
};
students.Add(student);
}
return(students);
}
public HttpResponseMessage SaveImage()
{
if (!Request.Content.IsMimeMultipartContent())
{
throw new HttpResponseException(HttpStatusCode.UnsupportedMediaType);
}
var httpRequest = HttpContext.Current.Request;
if (httpRequest.Files.Count == 0)
{
throw new HttpResponseException(HttpStatusCode.UnsupportedMediaType);
}
ImageInformation normalImageInformation = new ImageInformation
{
Width = AppSettingsUtils.GetDimensionWidth("PromotionProductImagesNormalDimension"),
Height = AppSettingsUtils.GetDimensionHeight("PromotionProductImagesNormalDimension"),
BlobDirectoryName = AppSettingsUtils.GetStringAppSetting("PromotionProductBlobImagesTempDirectory")
};
string fileName = UploadFileHandler.SaveUploadedImage(httpRequest.Files[0], normalImageInformation);
return(Request.CreateResponse <ImageModel>(HttpStatusCode.OK, new ImageModel {
ImageFileNamePath = normalImageInformation.RelativeFileName, ImageFileName = fileName
}));
}
public EnrollmentResponse PromoteStudents(PromoteStudentsRequest promoteStudentsRequest)
{
using var connection = new SqlConnection(AppSettingsUtils.GetConnectionString());
using var command = new SqlCommand { Connection = connection };
connection.Open();
command.CommandText = @"SELECT COUNT(1) FROM sys.objects WHERE name='PromoteStudents'";
if (!Convert.ToBoolean(Parse(command.ExecuteScalar().ToString())))
{
var fileInfo = new FileInfo("Resources/promote_students_procedure.sql");
command.CommandText = fileInfo.OpenText().ReadToEnd();
command.ExecuteNonQuery();
}
command.CommandText = "EXEC PromoteStudents @Semester, @Studies";
command.Parameters.AddWithValue("Semester", promoteStudentsRequest.Semester);
command.Parameters.AddWithValue("Studies", promoteStudentsRequest.Studies);
var dataReader = command.ExecuteReader();
if (dataReader.Read())
{
return(new EnrollmentResponse
{
IdEnrollment = Parse(dataReader["IdEnrollment"].ToString()),
Semester = Parse(dataReader["Semester"].ToString()),
IdStudy = Parse(dataReader["IdStudy"].ToString()),
StartDate = DateTime.Parse(dataReader["StartDate"].ToString()).ToString("yyyy-MM-dd")
});
}
throw new ResourceNotFoundException("Not Found");
}
public Enrollment GetEnrollmentByStudentIndexSqlInjectionVulnerable(string indexNumber)
{
var sqlQuery =
"SELECT S.IndexNumber, E.Semester, E.StartDate, St.Name FROM Enrollment " +
"E LEFT JOIN Student S on e.IdEnrollment = S.IdEnrollment " +
"LEFT JOIN Studies St on E.IdStudy = St.IdStudy " +
$"WHERE S.IndexNumber = {indexNumber}";
using var connection = new SqlConnection(AppSettingsUtils.GetConnectionString());
using var command = new SqlCommand
{
Connection = connection,
CommandText = sqlQuery
};
connection.Open();
var dataReader = command.ExecuteReader();
var enrollment = new Enrollment();
while (dataReader.Read())
{
{
enrollment.IndexNumber = dataReader["IndexNumber"].ToString();
enrollment.Semester = Parse(dataReader["Semester"].ToString());
enrollment.StartDate = DateTime.Parse(dataReader["StartDate"].ToString()).ToString("yyyy-MM-dd");
enrollment.StudiesName = dataReader["Name"].ToString();
}
}
return(enrollment);
}
public StudentWithStudiesResponse GetStudentByIndexNumberSqlInjectionInVulnerable(string indexNumber)
{
var sqlQuery = "SELECT S.FirstName, S.LastName, S.BirthDate, St.Name, E.Semester FROM Student S " +
"LEFT JOIN Enrollment E ON S.IdEnrollment = E.IdEnrollment " +
"LEFT JOIN Studies St ON E.IdStudy = St.IdStudy WHERE S.IndexNumber = @indexNumber";
using var connection =
new SqlConnection(AppSettingsUtils.GetConnectionString());
using var command = new SqlCommand
{
Connection = connection,
CommandText = sqlQuery
};
command.Parameters.AddWithValue("indexNumber", indexNumber);
connection.Open();
var dataReader = command.ExecuteReader();
if (dataReader.Read())
{
return(new StudentWithStudiesResponse
{
FirstName = dataReader["FirstName"].ToString(),
LastName = dataReader["LastName"].ToString(),
BirthDate = DateTime.Parse(dataReader["BirthDate"]
.ToString()).ToString("yyyy-MM-dd"),
StudiesName = dataReader["Name"].ToString(),
Semester = Parse(dataReader["Semester"].ToString())
});
}
throw new ResourceNotFoundException($"Student with indexNumber = {indexNumber} not found");
}
public TokenResponse RefreshJwtToken(RefreshTokenRequest refreshTokenRequest)
{
using var connection = new SqlConnection(AppSettingsUtils.GetConnectionString());
using var command = new SqlCommand { Connection = connection };
connection.Open();
command.CommandText = "SELECT S.IndexNumber FROM Student S WHERE S.Refresh_Token = @RefreshToken";
command.Parameters.AddWithValue("RefreshToken", refreshTokenRequest.RefreshToken);
var dataReader = command.ExecuteReader();
if (!dataReader.Read())
{
throw new ResourceNotFoundException("Refresh token doesn't exist");
}
var index = dataReader["IndexNumber"].ToString();
dataReader.Close();
var token = CreateJwtToken(index);
var newRefreshToken = Convert.ToBase64String(Guid.NewGuid().ToByteArray());
command.Parameters.Clear();
command.CommandText = "UPDATE Student SET Refresh_Token = @RefreshToken WHERE IndexNumber = @IndexNumber";
command.Parameters.AddWithValue("@RefreshToken", newRefreshToken);
command.Parameters.AddWithValue("IndexNumber", index);
command.ExecuteNonQuery();
return(new TokenResponse
{
Token = new JwtSecurityTokenHandler().WriteToken(token),
RefreshToken = newRefreshToken
});
}
private void ResizeLogos(PromotionProductDto promotionProductDto)
{
string logoFileName = System.IO.Path.Combine(AppSettingsUtils.GetStringAppSetting("PromotionProductBlobImagesTempDirectory"), promotionProductDto.Logo);
UploadFileHandler.ResizeFromStreamImage(logoFileName, promotionProductDto.Logo,
new ImageInformation
{
Width = AppSettingsUtils.GetDimensionWidth("PromotionProductImagesNormalDimension"),
Height = AppSettingsUtils.GetDimensionHeight("PromotionProductImagesNormalDimension"),
BlobDirectoryName = AppSettingsUtils.GetStringAppSetting("PromotionProductBlobImagesNormalDirectory")
});
UploadFileHandler.ResizeFromStreamImage(logoFileName, promotionProductDto.Logo,
new ImageInformation
{
Width = AppSettingsUtils.GetDimensionWidth("PromotionProductImagesThumbnailsDimension"),
Height = AppSettingsUtils.GetDimensionHeight("PromotionProductImagesThumbnailsDimension"),
BlobDirectoryName = AppSettingsUtils.GetStringAppSetting("PromotionProductBlobImagesThumbnailsDirectory")
});
UploadFileHandler.ResizeFromStreamImage(logoFileName, promotionProductDto.Logo,
new ImageInformation
{
Width = AppSettingsUtils.GetDimensionWidth("PromotionProductImagesPreviewDimension"),
Height = AppSettingsUtils.GetDimensionHeight("PromotionProductImagesPreviewDimension"),
BlobDirectoryName = AppSettingsUtils.GetStringAppSetting("PromotionProductBlobImagesPreviewDirectory")
});
}
public EnrollmentStudentResponse GetEnrollmentByStudentIndexSqlInjectionVulnerable(string indexNumber)
{
var sqlQuery =
"SELECT S.IndexNumber, E.Semester, E.StartDate, St.Name FROM Enrollment " +
"E LEFT JOIN Student S on e.IdEnrollment = S.IdEnrollment " +
"LEFT JOIN Studies St on E.IdStudy = St.IdStudy " +
$"WHERE S.IndexNumber = {indexNumber}";
using var connection = new SqlConnection(AppSettingsUtils.GetConnectionString());
using var command = new SqlCommand
{
Connection = connection,
CommandText = sqlQuery
};
connection.Open();
var dataReader = command.ExecuteReader();
if (dataReader.Read())
{
return(new EnrollmentStudentResponse
{
IndexNumber = dataReader["IndexNumber"].ToString(),
Semester = Parse(dataReader["Semester"].ToString()),
StartDate = DateTime.Parse(dataReader["StartDate"].ToString()).ToString("yyyy-MM-dd"),
StudiesName = dataReader["Name"].ToString()
});
}
throw new ResourceNotFoundException($"Enrollment for Student with indexNumber = {indexNumber} not found");
}
protected override void OnServiceHostsStarting()
{
bool mockTeamCity = AppSettingsUtils.ReadAppSettingBool("MockTeamCity");
Bootstraper.Bootstrap(mockTeamCity);
base.OnServiceHostsStarting();
}
static DeploymentController()
{
_onlyDeployableCheckedByDefault =
AppSettingsUtils.ReadAppSettingBool(_AppSettingsKey_OnlyDeployableCheckedByDefault);
_isCreatePackageVisible =
AppSettingsUtils.ReadAppSettingBool(_AppSettingsKey_IsCreatePackageVisible);
}
private void MapRelativeLogoPath(ProductDto productDto)
{
if (string.IsNullOrEmpty(productDto.Logo))
{
return;
}
productDto.RelativeFileName = UploadFileHandler.GetBlobRelativeFileName(AppSettingsUtils.GetStringAppSetting("StoragePrefixUrl"), AppSettingsUtils.GetStringAppSetting("ProductImagesBlobThumbnailsDirectory"), productDto.Logo);
}
public void ShouldGetZeroWhenTaxRatePercentageIsNotPresentInAppSettings()
{
_optionsMonitorMock.Setup(o => o.CurrentValue).Returns(new AppSettings()
{
});
var taxRate = AppSettingsUtils.GetTaxRatePercentage(_optionsMonitorMock.Object);
Assert.AreEqual(0, taxRate);
}
public bool CheckIfStudentExists(string index)
{
using var connection = new SqlConnection(AppSettingsUtils.GetConnectionString());
using var command = new SqlCommand { Connection = connection };
connection.Open();
command.CommandText = "SELECT 1 FROM Student S WHERE S.IndexNumber = @IndexNumber";
command.Parameters.AddWithValue("IndexNumber", index);
return(Convert.ToBoolean(Parse(command.ExecuteScalar().ToString())));
}
static ApiController()
{
string visibleEnvironmentsStr = AppSettingsUtils.ReadAppSettingString(_AppSettingsKey_VisibleEnvironments);
string deployableEnvironmentsStr = AppSettingsUtils.ReadAppSettingString(_AppSettingsKey_DeployableEnvironments);
string allowedProjectConfigurationsStr = AppSettingsUtils.ReadAppSettingString(_AppSettingsKey_AllowedProjectConfigurations);
_visibleEnvironments = ParseAppSettingSet(visibleEnvironmentsStr);
_deployableEnvironments = ParseAppSettingSet(deployableEnvironmentsStr);
_allowedProjectConfigurations = ParseAppSettingSet(allowedProjectConfigurationsStr);
_maxProjectConfigurationBuildsCount = AppSettingsUtils.ReadAppSettingInt(_AppSettingsKey_MaxProjectConfigurationBuildsCount);
}
public void ShouldGetTaxRatePercentage()
{
_optionsMonitorMock.Setup(o => o.CurrentValue).Returns(new AppSettings()
{
TaxRatePercentage = "20",
});
var taxRate = AppSettingsUtils.GetTaxRatePercentage(_optionsMonitorMock.Object);
Assert.AreEqual(20, taxRate);
}
public void ShouldSetLowerRangeToZeroWhenItsNotPresentInAppSettings()
{
_optionsMonitorMock.Setup(o => o.CurrentValue).Returns(new AppSettings()
{
MaximumDonationAmount = "2",
});
decimal minimumDonationAmount;
decimal maximumDonationAmount;
AppSettingsUtils.GetLowerAndHigherRange(_optionsMonitorMock.Object, out minimumDonationAmount, out maximumDonationAmount);
Assert.AreEqual(0, minimumDonationAmount);
}
protected override void OnConfiguring(DbContextOptionsBuilder optionsBuilder)
{
optionsBuilder.UseSqlServer(
AppSettingsUtils.ConnectionString("ParseTheParcel"),
x => x.MigrationsHistoryTable("__EFMigrationHistory", DefaultSchema));
optionsBuilder.EnableSensitiveDataLogging();
#if DEBUG
if (LoggerFactory != null)
{
optionsBuilder.UseLoggerFactory(LoggerFactory);
}
#endif
}
public void ShouldGetLowerAndHigherRange()
{
_optionsMonitorMock.Setup(o => o.CurrentValue).Returns(new AppSettings()
{
MinimumDonationAmount = "2",
MaximumDonationAmount = "100000"
});
decimal minimumDonationAmount;
decimal maximumDonationAmount;
AppSettingsUtils.GetLowerAndHigherRange(_optionsMonitorMock.Object, out minimumDonationAmount, out maximumDonationAmount);
Assert.AreEqual(2, minimumDonationAmount);
Assert.AreEqual(100000, maximumDonationAmount);
}
public TokenResponse LogIn(LoginRequestDto loginRequestDto)
{
using var connection = new SqlConnection(AppSettingsUtils.GetConnectionString());
using var command = new SqlCommand { Connection = connection };
connection.Open();
var transaction = connection.BeginTransaction();
command.Transaction = transaction;
command.CommandText = "SELECT S.Password, S.Salt FROM Student S WHERE S.IndexNumber = @IndexNumber";
command.Parameters.AddWithValue("IndexNumber", loginRequestDto.Index);
var dataReader = command.ExecuteReader();
if (!dataReader.Read())
{
throw new BadLoginOrPasswordException("Bad Login or Password");
}
var salt = (byte[])dataReader["Salt"];
var storedPassword = dataReader["Password"].ToString();
dataReader.Close();
if (!PasswordUtils.ValidatePassword(loginRequestDto.Password, storedPassword, salt))
{
throw new BadLoginOrPasswordException("Bad Login or Password");
}
var token = CreateJwtToken(loginRequestDto.Index);
var refreshToken = Convert.ToBase64String(Guid.NewGuid().ToByteArray());
command.Parameters.Clear();
command.CommandText = "UPDATE Student SET Refresh_Token = @RefreshToken WHERE IndexNumber = @IndexNumber";
command.Parameters.AddWithValue("@RefreshToken", refreshToken);
command.Parameters.AddWithValue("IndexNumber", loginRequestDto.Index);
command.ExecuteNonQuery();
transaction.Commit();
return(new TokenResponse
{
Token = new JwtSecurityTokenHandler().WriteToken(token),
RefreshToken = refreshToken
});
}
public static ValidationResult ValidateAmount(IOptionsMonitor <AppSettings> settings, decimal amount)
{
decimal minimumDonationAmount;
decimal maximumDonationAmount;
AppSettingsUtils.GetLowerAndHigherRange(settings, out minimumDonationAmount, out maximumDonationAmount);
var isLowerRangeValid = amount >= minimumDonationAmount;
var largerRangeExists = maximumDonationAmount != 0;
var isLargerRangeValid = !largerRangeExists ? true : amount <= maximumDonationAmount;
if (isLowerRangeValid && isLargerRangeValid)
{
return(ValidationResult.Success);
}
return(new ValidationResult("Donation amount can not be smaller than " + minimumDonationAmount + (largerRangeExists ? (" and can not be larger than " + maximumDonationAmount) : "")));
}
private void ResizeLogo(CompanyLogoDto companyLogo, bool isLogo)
{
string logoFileName = System.IO.Path.Combine(AppSettingsUtils.GetStringAppSetting("CompanyImagesBlobTempDirectory"), companyLogo.Logo);
if (isLogo)
{
UploadFileHandler.ResizeFromStreamImage(logoFileName, companyLogo.Logo,
new ImageInformation
{
Width = AppSettingsUtils.GetDimensionWidth("CompanyImagesLogoDimension"),
Height = AppSettingsUtils.GetDimensionHeight("CompanyImagesLogoDimension"),
BlobDirectoryName = AppSettingsUtils.GetStringAppSetting("CompanyImagesBlobLogoDirectory")
});
return;
}
UploadFileHandler.ResizeFromStreamImage(logoFileName, companyLogo.Logo,
new ImageInformation
{
Width = AppSettingsUtils.GetDimensionWidth("CompanyImagesNormalDimension"),
Height = AppSettingsUtils.GetDimensionHeight("CompanyImagesNormalDimension"),
BlobDirectoryName = AppSettingsUtils.GetStringAppSetting("CompanyImagesBlobNormalDirectory")
});
UploadFileHandler.ResizeFromStreamImage(logoFileName, companyLogo.Logo,
new ImageInformation
{
Width = AppSettingsUtils.GetDimensionWidth("CompanyImagesThumbnailsDimension"),
Height = AppSettingsUtils.GetDimensionHeight("CompanyImagesThumbnailsDimension"),
BlobDirectoryName = AppSettingsUtils.GetStringAppSetting("CompanyImagesBlobThumbnailsDirectory")
});
UploadFileHandler.ResizeFromStreamImage(logoFileName, companyLogo.Logo,
new ImageInformation
{
Width = AppSettingsUtils.GetDimensionWidth("CompanyImagesPreviewDimension"),
Height = AppSettingsUtils.GetDimensionHeight("CompanyImagesPreviewDimension"),
BlobDirectoryName = AppSettingsUtils.GetStringAppSetting("CompanyImagesBlobPreviewDirectory")
});
}
static SecurityUtils()
{
_canDeployRole = AppSettingsUtils.ReadAppSettingStringOptional(_AppSettingKey_CanDeployRole);
}
private void MapRelativeLogoPath(CompanyDto companyDto)
{
if (companyDto.Galleries == null || companyDto.Galleries.Count == 0 || companyDto.Logo == null)
{
return;
}
if (companyDto.Logo != null && !string.IsNullOrEmpty(companyDto.Logo.Logo))
{
companyDto.Logo.NormalRelativeFileName = UploadFileHandler.GetBlobRelativeFileName(AppSettingsUtils.GetStringAppSetting("StoragePrefixUrl"), AppSettingsUtils.GetStringAppSetting("CompanyImagesBlobLogoDirectory"), companyDto.Logo.Logo);
}
foreach (var companyLogo in companyDto.Galleries)
{
if (string.IsNullOrEmpty(companyLogo.Logo))
{
return;
}
companyLogo.NormalRelativeFileName = UploadFileHandler.GetBlobRelativeFileName(AppSettingsUtils.GetStringAppSetting("StoragePrefixUrl"), AppSettingsUtils.GetStringAppSetting("CompanyImagesBlobNormalDirectory"), companyLogo.Logo);
companyLogo.ThumbnailRelativeFileName = UploadFileHandler.GetBlobRelativeFileName(AppSettingsUtils.GetStringAppSetting("StoragePrefixUrl"), AppSettingsUtils.GetStringAppSetting("CompanyImagesBlobThumbnailsDirectory"), companyLogo.Logo);
companyLogo.PreviewRelativeFileName = UploadFileHandler.GetBlobRelativeFileName(AppSettingsUtils.GetStringAppSetting("StoragePrefixUrl"), AppSettingsUtils.GetStringAppSetting("CompanyImagesBlobPreviewDirectory"), companyLogo.Logo);
}
}
public GiftAidCalculator(IOptionsMonitor <AppSettings> settings)
{
TaxRatePercentage = AppSettingsUtils.GetTaxRatePercentage(settings);
}
static NCasServerSetting()
{
ServerUri = new Uri(AppSettingsUtils.GetString("ServerUrl"));
}
public EnrollmentResponse EnrollNewStudent(EnrollmentStudentRequest enrollmentStudentRequest)
{
using var connection = new SqlConnection(AppSettingsUtils.GetConnectionString());
using var command = new SqlCommand { Connection = connection };
connection.Open();
var transaction = connection.BeginTransaction();
command.Transaction = transaction;
command.CommandText = "SELECT s.IdStudy FROM Studies s WHERE s.Name = @StudiesName";
command.Parameters.AddWithValue("StudiesName", enrollmentStudentRequest.Studies);
var dataReader = command.ExecuteReader();
if (!dataReader.Read())
{
throw new ResourceNotFoundException(
$"Studies by name {enrollmentStudentRequest.Studies} does not exist in database");
}
var idStudy = Parse(dataReader["IdStudy"].ToString());
dataReader.Close();
command.Parameters.Clear();
command.CommandText =
"SELECT * FROM Enrollment E WHERE E.Semester = 1 AND E.IdStudy = @IdStudy";
command.Parameters.AddWithValue("IdStudy", idStudy);
dataReader = command.ExecuteReader();
var enrollmentResponse = new EnrollmentResponse();
if (!dataReader.Read())
{
dataReader.Close();
command.Parameters.Clear();
command.CommandText =
@"INSERT INTO Enrollment(IdEnrollment, Semester, StartDate, IdStudy)
OUTPUT INSERTED.IdEnrollment, INSERTED.Semester, INSERTED.StartDate, INSERTED.IdStudy
VALUES((SELECT MAX(E.IdEnrollment) FROM Enrollment E) + 1, @Semester, @StartDate, @IdStudy);";
command.Parameters.AddWithValue("Semester", 1);
command.Parameters.AddWithValue("StartDate", DateTime.Now);
command.Parameters.AddWithValue("IdStudy", idStudy);
enrollmentResponse.IdEnrollment = Parse(command.ExecuteScalar().ToString());
enrollmentResponse.Semester = Parse(command.Parameters["Semester"].Value.ToString());
enrollmentResponse.IdStudy = Parse(command.Parameters["IdStudy"].Value.ToString());
enrollmentResponse.StartDate =
DateTime.Parse(command.Parameters["StartDate"].Value.ToString()).ToString("yyyy-MM-dd");
}
else
{
enrollmentResponse.IdEnrollment = Parse(dataReader["IdEnrollment"].ToString());
enrollmentResponse.Semester = Parse(dataReader["Semester"].ToString());
enrollmentResponse.IdStudy = Parse(dataReader["IdStudy"].ToString());
enrollmentResponse.StartDate =
DateTime.Parse(dataReader["StartDate"].ToString()).ToString("yyyy-MM-dd");
}
dataReader.Close();
command.Parameters.Clear();
command.CommandText = "SELECT S.IndexNumber FROM Student S WHERE IndexNumber = @indexNumber";
command.Parameters.AddWithValue("indexNumber", enrollmentStudentRequest.Index);
dataReader = command.ExecuteReader();
if (dataReader.Read())
{
throw new BadRequestException("Student Index number not unique");;
}
dataReader.Close();
command.Parameters.Clear();
var salt = PasswordUtils.GenerateSalt();
command.CommandText =
@"INSERT INTO Student(IndexNumber, FirstName, LastName, BirthDate, IdEnrollment, Password, Salt)
VALUES (@IndexNumber, @FirstName, @LastName, @BirthDate, @IdEnrollment, @Password, @Salt)";
command.Parameters.AddWithValue("IndexNumber", enrollmentStudentRequest.Index);
command.Parameters.AddWithValue("FirstName", enrollmentStudentRequest.FirstName);
command.Parameters.AddWithValue("LastName", enrollmentStudentRequest.LastName);
command.Parameters.AddWithValue("BirthDate", enrollmentStudentRequest.BirthDate);
command.Parameters.AddWithValue("IdEnrollment", enrollmentResponse.IdEnrollment);
command.Parameters.AddWithValue("Password",
PasswordUtils.CreateSaltedPasswordHash(enrollmentStudentRequest.Password, salt));
command.Parameters.AddWithValue("Salt", salt);
command.ExecuteNonQuery();
transaction.Commit();
return(enrollmentResponse);
}
