/////////////////////////////////////////////////////////////////////////////
/////////////////////////////////////////////////////////////////////////////
public override int GetNumberOfInactiveProfiles(ProfileAuthenticationOption authenticationOption, DateTime userInactiveSinceDate)
{
try
{
AccessConnectionHolder holder = AccessConnectionHelper.GetConnection(_DatabaseFileName, true);
try
{
string sqlQuery = @"SELECT COUNT(*) FROM aspnet_Users u, aspnet_Profile p " +
@"WHERE ApplicationId = @AppId AND LastActivityDate <= @LastActivityDate AND u.UserId = p.UserId" + GetClauseForAuthenticationOptions(authenticationOption);
OleDbCommand cmd = new OleDbCommand(sqlQuery, holder.Connection);
cmd.Parameters.Add(new OleDbParameter("@AppId", GetApplicationId(holder)));
cmd.Parameters.Add(CreateDateTimeOleDbParameter("@LastActivityDate", userInactiveSinceDate));
return((int)cmd.ExecuteScalar());
}
catch (Exception e)
{
throw AccessConnectionHelper.GetBetterException(e, holder);
}
finally
{
holder.Close();
}
}
catch
{
throw;
}
}
/////////////////////////////////////////////////////////////////////////////
/////////////////////////////////////////////////////////////////////////////
public override int DeleteInactiveProfiles(ProfileAuthenticationOption authenticationOption, DateTime userInactiveSinceDate)
{
try
{
AccessConnectionHolder holder = AccessConnectionHelper.GetConnection(_DatabaseFileName, true);
try
{
string inClause = @"SELECT UserId FROM aspnet_Users " +
@"WHERE ApplicationId = @AppId AND LastActivityDate <= @LastActivityDate " + GetClauseForAuthenticationOptions(authenticationOption);
string sqlQuery = @"DELETE FROM aspnet_Profile WHERE UserId IN (" + inClause + ")";
OleDbCommand cmd = new OleDbCommand(sqlQuery, holder.Connection);
cmd.Parameters.Add(new OleDbParameter("@AppId", GetApplicationId(holder)));
cmd.Parameters.Add(CreateDateTimeOleDbParameter("@LastActivityDate", userInactiveSinceDate));
return(cmd.ExecuteNonQuery());
}
catch (Exception e)
{
throw AccessConnectionHelper.GetBetterException(e, holder);
}
finally
{
holder.Close();
}
}
catch
{
throw;
}
}
////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////
private void GetPropertyValuesFromDatabase(string username, SettingsPropertyValueCollection svc)
{
try
{
AccessConnectionHolder holder = AccessConnectionHelper.GetConnection(_DatabaseFileName, true);
string[] names = null;
string values = null;
OleDbDataReader reader = null;
////////////////////////////////////////////////////////////
// Step 1: Get Values from DB
try
{
int appId = GetApplicationId(holder);
int userId = AccessConnectionHelper.GetUserID(holder.Connection, appId, username, false);
if (userId != 0)
{ // User exists?
OleDbCommand cmd = new OleDbCommand(@"SELECT PropertyNames, PropertyValuesString " +
@"FROM aspnet_Profile " +
@"WHERE UserId = @UserId", holder.Connection);
cmd.Parameters.Add(new OleDbParameter("@UserId", userId));
reader = cmd.ExecuteReader();
if (reader.Read())
{
names = reader.GetString(0).Split(':');
values = reader.GetString(1);
}
try
{ // Not a critical part -- don't throw exceptions here
cmd = new OleDbCommand(@"UPDATE aspnet_Users SET LastActivityDate=@LastActivityDate WHERE UserId = @UserId", holder.Connection);
cmd.Parameters.Add(CreateDateTimeOleDbParameter("@LastActivityDate", DateTime.Now));
cmd.Parameters.Add(new OleDbParameter("@UserId", userId));
cmd.ExecuteNonQuery();
}
catch { }
}
}
catch (Exception e)
{
throw AccessConnectionHelper.GetBetterException(e, holder);
}
finally
{
if (reader != null)
{
reader.Close();
}
holder.Close();
}
if (names != null && names.Length > 0)
{
ParseDataFromDB(names, values, new byte[0], svc);
}
}
catch
{
throw;
}
}
public static string[] GetRolesForAuthorization(string authorizationname)
{
SecUtility.CheckParameter(ref authorizationname, true, false, true, 255, "authorizationname");
if (authorizationname.Length < 1)
{
return(new string[0]);
}
AccessConnectionHolder holder = AccessConnectionHelper.GetConnection(_DatabaseFileName, true);
OleDbConnection connection = holder.Connection;
OleDbDataReader reader = null;
try
{
try
{
int appId = GetApplicationId(holder);
int authorizationId = GetAuthorizationId(connection, appId, authorizationname);
if (authorizationId == 0)
{
return(new string[0]);
}
OleDbCommand command;
StringCollection sc = new StringCollection();
String[] strReturn;
command = new OleDbCommand(@"SELECT RoleName FROM aspnet_AuthorizationsInRoles ar, aspnet_Roles r " +
@"WHERE ar.AuthorizationId = @AuthorizationId AND ar.RoleId = r.RoleId " +
@"ORDER BY RoleName",
connection);
command.Parameters.Add(new OleDbParameter("@AuthorizationId", authorizationId));
reader = command.ExecuteReader(CommandBehavior.SequentialAccess);
while (reader.Read())
{
sc.Add(reader.GetString(0));
}
strReturn = new String[sc.Count];
sc.CopyTo(strReturn, 0);
return(strReturn);
}
catch (Exception e)
{
throw AccessConnectionHelper.GetBetterException(e, holder);
}
finally
{
if (reader != null)
{
reader.Close();
}
holder.Close();
}
}
catch
{
throw;
}
}
private OleDbParameter CreateDateTimeOleDbParameter(string parameterName, DateTime dt)
{
OleDbParameter p = new OleDbParameter(parameterName, OleDbType.DBTimeStamp);
p.Direction = ParameterDirection.Input;
p.Value = AccessConnectionHelper.RoundToSeconds(dt);
return(p);
}
public static bool IsRoleInAuthorization(string rolename, string authorizationName)
{
SecUtility.CheckParameter(ref rolename, true, false, true, 255, "rolename");
if (rolename.Length < 1)
{
return(false);
}
SecUtility.CheckParameter(ref authorizationName, true, true, true, 255, "authorizationName");
AccessConnectionHolder holder = AccessConnectionHelper.GetConnection(_DatabaseFileName, true);
OleDbConnection connection = holder.Connection;
try
{
try
{
int appId = GetApplicationId(holder);
int roleId = GetRoleId(connection, appId, rolename);
int authorizationId = GetAuthorizationId(connection, appId, authorizationName);
OleDbCommand command;
if (roleId == 0)
{
return(false);
}
if (authorizationId == 0)
{
return(false);
}
command = new OleDbCommand(@"SELECT UserId FROM aspnet_UsersInRoles WHERE RoleId = @RoleId AND AuthorizationId = @AuthorizationId", connection);
command.Parameters.Add(new OleDbParameter("@RoleId", roleId));
command.Parameters.Add(new OleDbParameter("@AuthorizationId", authorizationId));
object result = command.ExecuteScalar();
if (result == null || !(result is int) || ((int)result) != roleId)
{
return(false);
}
return(true);
}
catch (Exception e)
{
throw AccessConnectionHelper.GetBetterException(e, holder);
}
finally
{
holder.Close();
}
}
catch
{
throw;
}
}
//////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////
public static string[] FindAuthorizationsInRole(string roleName, string authorizationnameToMatch)
{
SecUtility.CheckParameter(ref roleName, true, true, true, 255, "roleName");
SecUtility.CheckParameter(ref authorizationnameToMatch, true, true, false, 255, "authorizationnameToMatch");
StringCollection sc = new StringCollection();
AccessConnectionHolder holder = AccessConnectionHelper.GetConnection(_DatabaseFileName, true);
OleDbDataReader reader = null;
OleDbConnection connection = holder.Connection;
try
{
try
{
int appId = GetApplicationId(holder);
int roleId = GetRoleId(connection, appId, roleName);
OleDbCommand command;
if (roleId == 0)
{
throw new ProviderException("Role not found " + roleName);
}
command = new OleDbCommand(@"SELECT AuthorizationName " +
@"FROM aspnet_AuthorizationsInRoles ar, aspnet_Authorizations a " +
@"WHERE ar.RoleId = @RoleId AND ar.AuthorizationId = a.AuthorizationId AND A.AuthorizationName LIKE '%'+@AuthorizationNameToMatch+'%' " +
@"ORDER BY UserName", connection);
command.Parameters.Add(new OleDbParameter("@RoleId", roleId));
command.Parameters.Add(new OleDbParameter("@AuthorizationNameToMatch", authorizationnameToMatch));
reader = command.ExecuteReader(CommandBehavior.SequentialAccess);
while (reader.Read())
{
sc.Add((string)reader.GetString(0));
}
}
catch (Exception e)
{
throw AccessConnectionHelper.GetBetterException(e, holder);
}
finally
{
if (reader != null)
{
reader.Close();
}
holder.Close();
}
}
catch
{
throw;
}
string[] allUsers = new string[sc.Count];
sc.CopyTo(allUsers, 0);
return(allUsers);
}
////////////////////////////////////////////////////////////
// Public properties
public override void Initialize(string name, NameValueCollection config)
{
if (name == null || name.Length < 1)
{
name = "AccessProfileProvider";
}
if (string.IsNullOrEmpty(config["description"]))
{
config.Remove("description");
config.Add("description", "$safeprojectname$ Profile Provider");
}
base.Initialize(name, config);
if (config == null)
{
throw new ArgumentNullException("config");
}
_DatabaseFileName = config["connectionStringName"];
if (_DatabaseFileName == null || _DatabaseFileName.Length < 1)
{
throw new ProviderException("Connection name not specified");
}
string temp = AccessConnectionHelper.GetFileNameFromConnectionName(_DatabaseFileName, true);
if (temp == null || temp.Length < 1)
{
throw new ProviderException("Connection string not found" + _DatabaseFileName);
}
_DatabaseFileName = temp;
//HandlerBase.CheckAndReadRegistryValue(ref _DatabaseFileName, true);
AccessConnectionHelper.CheckConnectionString(_DatabaseFileName);
_AppName = config["applicationName"];
if (string.IsNullOrEmpty(_AppName))
{
_AppName = SecUtility.GetDefaultAppName();
}
if (_AppName.Length > 255)
{
throw new ProviderException("ApplicationName exceeded max length of " + 255);
}
//_Description = config["description"];
config.Remove("connectionStringName");
config.Remove("applicationName");
config.Remove("description");
if (config.Count > 0)
{
string attribUnrecognized = config.GetKey(0);
if (!String.IsNullOrEmpty(attribUnrecognized))
{
throw new ProviderException("Unrecognized attribute: " + attribUnrecognized);
}
}
}
//////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////
public override string[] GetUsersInRole(string roleName)
{
SecUtility.CheckParameter(ref roleName, true, true, true, 255, "roleName");
StringCollection sc = new StringCollection();
String[] strReturn;
AccessConnectionHolder holder = AccessConnectionHelper.GetConnection(_DatabaseFileName, true);
OleDbDataReader reader = null;
OleDbConnection connection = holder.Connection;
try
{
try
{
int appId = GetApplicationId(holder);
int roleId = GetRoleId(connection, appId, roleName);
OleDbCommand command;
if (roleId == 0)
{
throw new ProviderException("Role not found: " + roleName);
}
command = new OleDbCommand(@"SELECT UserName " +
@"FROM aspnet_UsersInRoles ur, aspnet_Users u " +
@"WHERE ur.RoleId = @RoleId AND ur.UserId = u.UserId " +
@"ORDER BY UserName", connection);
command.Parameters.Add(new OleDbParameter("@RoleId", roleId));
reader = command.ExecuteReader(CommandBehavior.SequentialAccess);
while (reader.Read())
{
sc.Add(reader.GetString(0));
}
}
catch (Exception e)
{
throw AccessConnectionHelper.GetBetterException(e, holder);
}
finally
{
if (reader != null)
{
reader.Close();
}
holder.Close();
}
}
catch
{
throw;
}
strReturn = new String[sc.Count];
sc.CopyTo(strReturn, 0);
return(strReturn);
}
protected override void LoadPersonalizationBlobs(WebPartManager webPartManager, string path, string userName, ref byte[] sharedDataBlob, ref byte[] userDataBlob)
{
sharedDataBlob = null;
userDataBlob = null;
AccessConnectionHolder connectionHolder = null;
OleDbConnection connection = null;
try
{
try
{
connectionHolder = GetConnectionHolder();
connection = connectionHolder.Connection;
int applicationID = GetApplicationID(connectionHolder);
if (applicationID != 0)
{
int pathID = AccessConnectionHelper.GetPathID(connection, applicationID, path);
if (pathID != 0)
{
string sharedDataValue = LoadPersonalizationBlob(connection, pathID);
sharedDataBlob = Deserialize(sharedDataValue);
if (userName != null)
{
int userID = AccessConnectionHelper.GetUserID(connection, applicationID, userName);
if (userID != 0)
{
string userDataValue = LoadPersonalizationBlob(connection, pathID, userID);
userDataBlob = Deserialize(userDataValue);
}
}
}
}
}
finally
{
if (connectionHolder != null)
{
connectionHolder.Close();
connectionHolder = null;
}
}
}
catch
{
throw;
}
}
protected override void SavePersonalizationBlob(WebPartManager webPartManager, string path, string userName, byte[] dataBlob)
{
AccessConnectionHolder connectionHolder = null;
OleDbConnection connection = null;
try
{
try
{
string blobValue = Serialize(dataBlob);
connectionHolder = GetConnectionHolder();
connection = connectionHolder.Connection;
int applicationID = GetApplicationID(connectionHolder);
if (applicationID != 0)
{
int pathID = AccessConnectionHelper.GetPathID(connection, applicationID, path, /* createIfNeeded */ true);
if (pathID != 0)
{
if (String.IsNullOrEmpty(userName))
{
SavePersonalizationBlob(connection, pathID, blobValue);
}
else
{
int userID = AccessConnectionHelper.GetUserID(connection, applicationID, userName, /* createIfNeeded */ true);
if (userID != 0)
{
SavePersonalizationBlob(connection, pathID, userID, blobValue);
}
}
}
}
}
finally
{
if (connectionHolder != null)
{
connectionHolder.Close();
connectionHolder = null;
}
}
}
catch
{
throw;
}
}
protected override void ResetPersonalizationBlob(WebPartManager webPartManager, string path, string userName)
{
AccessConnectionHolder connectionHolder = null;
OleDbConnection connection = null;
try
{
try
{
connectionHolder = GetConnectionHolder();
connection = connectionHolder.Connection;
int applicationID = GetApplicationID(connectionHolder);
if (applicationID != 0)
{
int pathID = AccessConnectionHelper.GetPathID(connection, applicationID, path);
if (pathID != 0)
{
if (String.IsNullOrEmpty(userName))
{
ResetPersonalizationBlob(connection, pathID);
}
else
{
int userID = AccessConnectionHelper.GetUserID(connection, applicationID, userName);
if (userID != 0)
{
ResetPersonalizationBlob(connection, pathID, userID);
}
}
}
}
}
finally
{
if (connectionHolder != null)
{
connectionHolder.Close();
connectionHolder = null;
}
}
}
catch
{
throw;
}
}
/////////////////////////////////////////////////////////////////////////////
/////////////////////////////////////////////////////////////////////////////
public override int DeleteProfiles(string[] usernames)
{
SecUtility.CheckArrayParameter(ref usernames, true, true, true, 255, "usernames");
try
{
AccessConnectionHolder holder = AccessConnectionHelper.GetConnection(_DatabaseFileName, true);
int numDeleted = 0;
bool fBeginTransCalled = false;
try
{
OleDbCommand cmd = new OleDbCommand("BEGIN TRANSACTION", holder.Connection);
cmd.ExecuteNonQuery();
fBeginTransCalled = true;
int appId = GetApplicationId(holder);
foreach (string username in usernames)
{
if (DeleteProfile(holder, username, appId))
{
numDeleted++;
}
}
cmd = new OleDbCommand("COMMIT TRANSACTION", holder.Connection);
cmd.ExecuteNonQuery();
fBeginTransCalled = false;
}
catch (Exception e)
{
throw AccessConnectionHelper.GetBetterException(e, holder);
}
finally
{
if (fBeginTransCalled)
{
try
{
OleDbCommand command = new OleDbCommand("ROLLBACK TRANSACTION", holder.Connection);
command.ExecuteNonQuery();
}
catch { }
}
holder.Close();
}
return(numDeleted);
}
catch
{
throw;
}
}
/////////////////////////////////////////////////////////////////////////////
/////////////////////////////////////////////////////////////////////////////
private bool DeleteProfile(AccessConnectionHolder holder, string username, int appId)
{
SecUtility.CheckParameter(ref username, true, true, true, 255, "username");
int userId = AccessConnectionHelper.GetUserID(holder.Connection, appId, username, false);
if (userId == 0)
{
return(false);
}
OleDbCommand cmd = new OleDbCommand(@"DELETE FROM aspnet_Profile WHERE UserId = @UserId", holder.Connection);
cmd.Parameters.Add(new OleDbParameter("@UserId", userId));
return(cmd.ExecuteNonQuery() != 0);
}
private AccessConnectionHolder GetConnectionHolder()
{
OleDbConnection connection = null;
AccessConnectionHolder connectionHolder = AccessConnectionHelper.GetConnection(_databaseFileName, true);
if (connectionHolder != null)
{
connection = connectionHolder.Connection;
}
if (connection == null)
{
throw new ProviderException("PersonalizationProvider cannot access: " + Name);
}
return(connectionHolder);
}
//////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////
public static string[] GetAllAuthorizations()
{
AccessConnectionHolder holder = AccessConnectionHelper.GetConnection(_DatabaseFileName, true);
OleDbConnection connection = holder.Connection;
OleDbDataReader reader = null;
try
{
try
{
int appId = GetApplicationId(holder);
OleDbCommand command;
StringCollection sc = new StringCollection();
String[] strReturn = null;
command = new OleDbCommand(@"SELECT AuthorizationName FROM aspnet_Authorizations WHERE ApplicationId = @AppId ORDER BY RoleName", connection);
command.Parameters.Add(new OleDbParameter("@AppId", appId));
reader = command.ExecuteReader(CommandBehavior.SequentialAccess);
while (reader.Read())
{
sc.Add(reader.GetString(0));
}
strReturn = new String[sc.Count];
sc.CopyTo(strReturn, 0);
return(strReturn);
}
catch (Exception e)
{
throw AccessConnectionHelper.GetBetterException(e, holder);
}
finally
{
if (reader != null)
{
reader.Close();
}
holder.Close();
}
}
catch
{
throw;
}
}
private static int GetApplicationId(AccessConnectionHolder holder)
{
if (_ApplicationId != 0 && holder.CreateDate < _ApplicationIDCacheDate) // Already cached?
{
return(_ApplicationId);
}
string appName = _AppName;
if (appName.Length > 255)
{
appName = appName.Substring(0, 255);
}
_ApplicationId = AccessConnectionHelper.GetApplicationID(holder.Connection, appName, true);
_ApplicationIDCacheDate = DateTime.Now;
if (_ApplicationId != 0)
{
return(_ApplicationId);
}
throw new ProviderException("Provider Error");
}
public override void Initialize(string name, NameValueCollection configSettings)
{
base.Initialize(name, configSettings);
// If not available, the default value is set in the get accessor of ApplicationName
_applicationName = configSettings["applicationName"];
if (_applicationName != null)
{
configSettings.Remove("applicationName");
if (_applicationName.Length > MaxStringLength)
{
throw new ProviderException("ApplicationName exceeded max length of " + MaxStringLength);
}
}
string connectionStringName = configSettings["connectionStringName"];
if (String.IsNullOrEmpty(connectionStringName))
{
throw new ProviderException("No connection string specified.");
}
configSettings.Remove("connectionStringName");
string databaseFileName = AccessConnectionHelper.GetFileNameFromConnectionName(connectionStringName, true);
if (String.IsNullOrEmpty(databaseFileName))
{
throw new ProviderException("Bad connection string: " + connectionStringName);
}
_databaseFileName = databaseFileName;
if (configSettings.Count > 0)
{
string invalidAttributeName = configSettings.GetKey(0);
throw new ProviderException("Unknown attribute: " + invalidAttributeName + name);
}
}
private int GetApplicationID(AccessConnectionHolder holder)
{
if (_applicationID != 0 && holder.CreateDate < _applicationIDCacheDate)
{
return(_applicationID);
}
string appName = ApplicationName;
if (appName.Length > MaxStringLength)
{
appName = appName.Substring(0, MaxStringLength);
}
_applicationID = AccessConnectionHelper.GetApplicationID(holder.Connection, appName, true);
_applicationIDCacheDate = DateTime.Now;
if (_applicationID == 0)
{
throw new ProviderException("Failed to get ApplicationID");
}
return(_applicationID);
}
//////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////
public static bool RoleExists(string authorizationName)
{
try
{
SecUtility.CheckParameter(ref authorizationName, true, true, true, 255, "authorizationName");
}
catch
{
return(false);
}
AccessConnectionHolder holder = AccessConnectionHelper.GetConnection(_DatabaseFileName, true);
OleDbConnection connection = holder.Connection;
try
{
try
{
int appId = GetApplicationId(holder);
int authorizationId = GetAuthorizationId(connection, appId, authorizationName);
return(authorizationId != 0);
}
catch (Exception e)
{
throw AccessConnectionHelper.GetBetterException(e, holder);
}
finally
{
holder.Close();
}
}
catch
{
throw;
}
}
//////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////
public override bool DeleteRole(string roleName, bool throwOnPopulatedRole)
{
SecUtility.CheckParameter(ref roleName, true, true, true, 255, "roleName");
AccessConnectionHolder holder = AccessConnectionHelper.GetConnection(_DatabaseFileName, true);
OleDbConnection connection = holder.Connection;
bool fBeginTransCalled = false;
try
{
try
{
int appId = GetApplicationId(holder);
OleDbCommand command;
int roleId = GetRoleId(connection, appId, roleName);
if (roleId == 0)
{
return(false);
}
if (throwOnPopulatedRole)
{
command = new OleDbCommand(@"SELECT COUNT(*) " +
@"FROM aspnet_UsersInRoles ur, aspnet_Users u " +
@"WHERE ur.RoleId = @RoleId AND ur.UserId = u.UserId", connection);
command.Parameters.Add(new OleDbParameter("@RoleId", roleId));
object num = command.ExecuteScalar();
if (!(num is int) || ((int)num) != 0)
{
throw new ProviderException("Role is not empty");
}
}
command = new OleDbCommand("BEGIN TRANSACTION", connection);
command.ExecuteNonQuery();
fBeginTransCalled = true;
command = new OleDbCommand(@"DELETE FROM aspnet_Roles WHERE RoleId = @RoleId", connection);
command.Parameters.Add(new OleDbParameter("@RoleId", roleId));
int returnValue = command.ExecuteNonQuery();
command = new OleDbCommand("COMMIT TRANSACTION", connection);
command.ExecuteNonQuery();
fBeginTransCalled = false;
return(returnValue == 1);
}
catch (Exception e)
{
if (fBeginTransCalled)
{
try
{
OleDbCommand command = new OleDbCommand("ROLLBACK TRANSACTION", connection);
command.ExecuteNonQuery();
}
catch { }
}
throw AccessConnectionHelper.GetBetterException(e, holder);
}
finally
{
holder.Close();
}
}
catch
{
throw;
}
}
////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////
public override void SetPropertyValues(SettingsContext sc, SettingsPropertyValueCollection properties)
{
try
{
string username = (string)sc["UserName"];
bool userIsAuthenticated = (bool)sc["IsAuthenticated"];
if (username == null || username.Length < 1 || properties.Count < 1)
{
return;
}
string names = String.Empty;
string values = String.Empty;
byte[] buf = null;
PrepareDataForSaving(ref names, ref values, ref buf, false, properties, userIsAuthenticated);
if (names.Length == 0)
{
return;
}
////////////////////////////////////////////////////////////
// Step 2: Store strings in DB
AccessConnectionHolder holder = AccessConnectionHelper.GetConnection(_DatabaseFileName, true);
bool fBeginTransCalled = false;
try
{
OleDbCommand cmd = new OleDbCommand("BEGIN TRANSACTION", holder.Connection);
cmd.ExecuteNonQuery();
fBeginTransCalled = true;
int appId = GetApplicationId(holder);
int userId = AccessConnectionHelper.GetUserID(holder.Connection, appId, username, true, !userIsAuthenticated);
if (userId == 0)
{ // User not creatable
return;
}
cmd = new OleDbCommand(@"SELECT UserId FROM aspnet_Profile WHERE UserId = @UserId", holder.Connection);
cmd.Parameters.Add(new OleDbParameter("@UserId", userId));
object result = cmd.ExecuteScalar();
if (result != null && (result is int) && ((int)result) == userId)
{
cmd = new OleDbCommand(@"UPDATE aspnet_Profile SET PropertyNames = @PropertyNames, PropertyValuesString = @PropertyValuesString, LastUpdatedDate = @LastUpdatedDate WHERE UserId = @UserId", holder.Connection);
cmd.Parameters.Add(new OleDbParameter("@PropertyNames", names));
cmd.Parameters.Add(new OleDbParameter("@PropertyValuesString", values));
cmd.Parameters.Add(CreateDateTimeOleDbParameter("@LastUpdatedDate", DateTime.Now));
cmd.Parameters.Add(new OleDbParameter("@UserId", userId));
}
else
{
cmd = new OleDbCommand(@"INSERT INTO aspnet_Profile (UserId, PropertyNames, PropertyValuesString, LastUpdatedDate) VALUES (@UserId, @PropertyNames, @PropertyValuesString, @LastUpdatedDate)", holder.Connection);
cmd.Parameters.Add(new OleDbParameter("@UserId", userId));
cmd.Parameters.Add(new OleDbParameter("@PropertyNames", names));
cmd.Parameters.Add(new OleDbParameter("@PropertyValuesString", values));
cmd.Parameters.Add(CreateDateTimeOleDbParameter("@LastUpdatedDate", DateTime.Now));
}
cmd.ExecuteNonQuery();
try
{ // Not a critical part -- don't throw exceptions here
cmd = new OleDbCommand(@"UPDATE aspnet_Users SET LastActivityDate=@LastActivityDate WHERE UserId = @UserId", holder.Connection);
cmd.Parameters.Add(CreateDateTimeOleDbParameter("@LastActivityDate", DateTime.Now));
cmd.Parameters.Add(new OleDbParameter("@UserId", userId));
cmd.ExecuteNonQuery();
}
catch { }
cmd = new OleDbCommand("COMMIT TRANSACTION", holder.Connection);
cmd.ExecuteNonQuery();
fBeginTransCalled = false;
}
catch (Exception e)
{
throw AccessConnectionHelper.GetBetterException(e, holder);
}
finally
{
if (fBeginTransCalled)
{
try
{
OleDbCommand command = new OleDbCommand("ROLLBACK TRANSACTION", holder.Connection);
command.ExecuteNonQuery();
}
catch { }
}
holder.Close();
}
}
catch
{
throw;
}
}
/////////////////////////////////////////////////////////////////////////////
/////////////////////////////////////////////////////////////////////////////
/////////////////////////////////////////////////////////////////////////////
/////////////////////////////////////////////////////////////////////////////
// Mangement APIs from ProfileProvider class
public override int DeleteProfiles(ProfileInfoCollection profiles)
{
if (profiles == null)
{
throw new ArgumentNullException("profiles");
}
if (profiles.Count < 1)
{
throw new ArgumentException("Profiles collection is empty", "profiles");
}
foreach (ProfileInfo pi in profiles)
{
string username = pi.UserName;
SecUtility.CheckParameter(ref username, true, true, true, 255, "UserName");
}
try
{
AccessConnectionHolder holder = AccessConnectionHelper.GetConnection(_DatabaseFileName, true);
bool fBeginTransCalled = false;
int numDeleted = 0;
try
{
OleDbCommand cmd = new OleDbCommand("BEGIN TRANSACTION", holder.Connection);
cmd.ExecuteNonQuery();
fBeginTransCalled = true;
int appId = GetApplicationId(holder);
foreach (ProfileInfo profile in profiles)
{
if (DeleteProfile(holder, profile.UserName.Trim(), appId))
{
numDeleted++;
}
}
cmd = new OleDbCommand("COMMIT TRANSACTION", holder.Connection);
cmd.ExecuteNonQuery();
fBeginTransCalled = false;
}
catch (Exception e)
{
throw AccessConnectionHelper.GetBetterException(e, holder);
}
finally
{
if (fBeginTransCalled)
{
try
{
OleDbCommand command = new OleDbCommand("ROLLBACK TRANSACTION", holder.Connection);
command.ExecuteNonQuery();
}
catch { }
}
holder.Close();
}
return(numDeleted);
}
catch
{
throw;
}
}
/////////////////////////////////////////////////////////////////////////////
/////////////////////////////////////////////////////////////////////////////
// Private methods
/////////////////////////////////////////////////////////////////////////////
/////////////////////////////////////////////////////////////////////////////
private ProfileInfoCollection GetProfilesForQuery(string sqlQuery, OleDbParameter[] args, int pageIndex, int pageSize, out int totalRecords)
{
if (pageIndex < 0)
{
throw new ArgumentException("Page index must be non-negative", "pageIndex");
}
if (pageSize < 1)
{
throw new ArgumentException("Page size must be positive", "pageSize");
}
long lBound = (long)pageIndex * pageSize;
long uBound = lBound + pageSize - 1;
if (uBound > System.Int32.MaxValue)
{
throw new ArgumentException("pageIndex*pageSize too large");
}
try
{
AccessConnectionHolder holder = AccessConnectionHelper.GetConnection(_DatabaseFileName, true);
ProfileInfoCollection profiles = new ProfileInfoCollection();
OleDbDataReader reader = null;
try
{
OleDbCommand cmd = new OleDbCommand(sqlQuery, holder.Connection);
cmd.Parameters.Add(new OleDbParameter("@AppId", GetApplicationId(holder)));
int len = args.Length;
for (int iter = 0; iter < len; iter++)
{
cmd.Parameters.Add(args[iter]);
}
reader = cmd.ExecuteReader(CommandBehavior.SequentialAccess);
totalRecords = 0;
while (reader.Read())
{
totalRecords++;
if (totalRecords - 1 < lBound || totalRecords - 1 > uBound)
{
continue;
}
string username;
DateTime dtLastActivity, dtLastUpdated;
bool isAnon;
username = reader.GetString(0);
isAnon = reader.GetBoolean(1);
dtLastActivity = reader.GetDateTime(2);
dtLastUpdated = reader.GetDateTime(3);
int size = reader.GetInt32(4);
profiles.Add(new ProfileInfo(username, isAnon, dtLastActivity, dtLastUpdated, size));
}
return(profiles);
}
catch (Exception e)
{
throw AccessConnectionHelper.GetBetterException(e, holder);
}
finally
{
if (reader != null)
{
reader.Close();
}
holder.Close();
}
}
catch
{
throw;
}
}
//////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////
public static void RemoveAuthorizationsFromRoles(string[] authorizationnames, string[] roleNames)
{
SecUtility.CheckArrayParameter(ref roleNames, true, true, true, 255, "roleNames");
SecUtility.CheckArrayParameter(ref authorizationnames, true, true, true, 255, "authorizationnames");
AccessConnectionHolder holder = AccessConnectionHelper.GetConnection(_DatabaseFileName, true);
OleDbConnection connection = holder.Connection;
bool fBeginTransCalled = false;
try
{
try
{
int appId = GetApplicationId(holder);
int[] authorizationIds = new int[authorizationnames.Length];
int[] roleIds = new int[roleNames.Length];
OleDbCommand command;
command = new OleDbCommand("BEGIN TRANSACTION", connection);
command.ExecuteNonQuery();
fBeginTransCalled = true;
for (int iterA = 0; iterA < authorizationnames.Length; iterA++)
{
authorizationIds[iterA] = GetAuthorizationId(connection, appId, authorizationnames[iterA]);
if (authorizationIds[iterA] == 0)
{
throw new ProviderException("Authorization not found: " + authorizationnames[iterA]);
}
}
for (int iterR = 0; iterR < roleNames.Length; iterR++)
{
roleIds[iterR] = GetRoleId(connection, appId, roleNames[iterR]);
if (roleIds[iterR] == 0)
{
throw new ProviderException("Role not found: " + roleNames[iterR]);
}
}
for (int iterA = 0; iterA < authorizationnames.Length; iterA++)
{
for (int iterR = 0; iterR < roleNames.Length; iterR++)
{
command = new OleDbCommand(@"SELECT AuthorizationId FROM aspnet_AuthorizationsInRoles WHERE AuthorizationId = @AuthorizationId AND RoleId = @RoleId", connection);
command.Parameters.Add(new OleDbParameter("@AuthorizationId", authorizationIds[iterA]));
command.Parameters.Add(new OleDbParameter("@RoleId", roleIds[iterR]));
object result = command.ExecuteScalar();
if (result == null || !(result is int) || ((int)result) != authorizationIds[iterA])
{ // doesn't exist!
throw new ProviderException("The Authorization " + authorizationnames[iterA] + " is already not in role " + roleNames[iterR]);
}
}
}
for (int iterA = 0; iterA < authorizationnames.Length; iterA++)
{
for (int iterR = 0; iterR < roleNames.Length; iterR++)
{
command = new OleDbCommand(@"DELETE FROM aspnet_AuthorizationsInRoles WHERE AuthorizationId = @AuthorizationId AND RoleId = @RoleId", connection);
command.Parameters.Add(new OleDbParameter("@AuthorizationId", authorizationIds[iterA]));
command.Parameters.Add(new OleDbParameter("@RoleId", roleIds[iterR]));
if (command.ExecuteNonQuery() != 1)
{
throw new ProviderException("Unknown failure");
}
}
}
command = new OleDbCommand("COMMIT TRANSACTION", connection);
command.ExecuteNonQuery();
}
catch (Exception e)
{
try
{
if (fBeginTransCalled)
{
OleDbCommand command = new OleDbCommand("ROLLBACK TRANSACTION", connection);
command.ExecuteNonQuery();
}
}
catch { }
throw AccessConnectionHelper.GetBetterException(e, holder);
}
finally
{
holder.Close();
}
}
catch
{
throw;
}
}
//////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////
public static bool DeleteRole(string authorizationName, bool throwOnPopulatedAuthorization)
{
SecUtility.CheckParameter(ref authorizationName, true, true, true, 255, "authorizationName");
AccessConnectionHolder holder = AccessConnectionHelper.GetConnection(_DatabaseFileName, true);
OleDbConnection connection = holder.Connection;
bool fBeginTransCalled = false;
try
{
try
{
int appId = GetApplicationId(holder);
OleDbCommand command;
int authorizationId = GetAuthorizationId(connection, appId, authorizationName);
if (authorizationId == 0)
{
return(false);
}
if (throwOnPopulatedAuthorization)
{
command = new OleDbCommand(@"SELECT COUNT(*) " +
@"FROM aspnet_AuthorizationsInRoles ar, aspnet_Authorizations a " +
@"WHERE ar.AuthorizationId = @AuthorizationId AND ar.AuthorizationId = a.AuthorizationId", connection);
command.Parameters.Add(new OleDbParameter("@AuthorizationId", authorizationId));
object num = command.ExecuteScalar();
if (!(num is int) || ((int)num) != 0)
{
throw new ProviderException("Authorization is not empty");
}
}
else
{
command = new OleDbCommand("BEGIN TRANSACTION", connection);
command.ExecuteNonQuery();
fBeginTransCalled = true;
command = new OleDbCommand(@"DELETE FROM aspnet_AuthorizationsInRoles WHERE AuthorizationId = @AuthorizationId", connection);
command.Parameters.Add(new OleDbParameter("@AuthorizationId", authorizationId));
/*int returnValue =*/ command.ExecuteNonQuery();
command = new OleDbCommand("COMMIT TRANSACTION", connection);
command.ExecuteNonQuery();
fBeginTransCalled = false;
}
command = new OleDbCommand("BEGIN TRANSACTION", connection);
command.ExecuteNonQuery();
fBeginTransCalled = true;
command = new OleDbCommand(@"DELETE FROM aspnet_Authorizations WHERE AuthorizationId = @AuthorizationId", connection);
command.Parameters.Add(new OleDbParameter("@AuthorizationId", authorizationId));
int returnValue = command.ExecuteNonQuery();
command = new OleDbCommand("COMMIT TRANSACTION", connection);
command.ExecuteNonQuery();
fBeginTransCalled = false;
return(returnValue == 1);
}
catch (Exception e)
{
if (fBeginTransCalled)
{
try
{
OleDbCommand command = new OleDbCommand("ROLLBACK TRANSACTION", connection);
command.ExecuteNonQuery();
}
catch { }
}
throw AccessConnectionHelper.GetBetterException(e, holder);
}
finally
{
holder.Close();
}
}
catch
{
throw;
}
}
//////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////
public override void AddUsersToRoles(string[] usernames, string[] roleNames)
{
SecUtility.CheckArrayParameter(ref roleNames, true, true, true, 255, "roleNames");
SecUtility.CheckArrayParameter(ref usernames, true, true, true, 255, "usernames");
AccessConnectionHolder holder = AccessConnectionHelper.GetConnection(_DatabaseFileName, true);
OleDbConnection connection = holder.Connection;
bool fBeginTransCalled = false;
try
{
try
{
int appId = GetApplicationId(holder);
int[] userIds = new int[usernames.Length];
int[] roleIds = new int[roleNames.Length];
OleDbCommand command;
for (int iterR = 0; iterR < roleNames.Length; iterR++)
{
roleIds[iterR] = GetRoleId(connection, appId, roleNames[iterR]);
if (roleIds[iterR] == 0)
{
throw new ProviderException("Provider role not found: " + roleNames[iterR]);
}
}
for (int iterU = 0; iterU < usernames.Length; iterU++)
{
userIds[iterU] = AccessConnectionHelper.GetUserID(connection, appId, usernames[iterU], false);
}
command = new OleDbCommand("BEGIN TRANSACTION", connection);
command.ExecuteNonQuery();
fBeginTransCalled = true;
for (int iterU = 0; iterU < usernames.Length; iterU++)
{
if (userIds[iterU] == 0)
{
continue;
}
for (int iterR = 0; iterR < roleNames.Length; iterR++)
{
command = new OleDbCommand(@"SELECT UserId FROM aspnet_UsersInRoles WHERE UserId = @UserId AND RoleId = @RoleId", connection);
command.Parameters.Add(new OleDbParameter("@UserId", userIds[iterU]));
command.Parameters.Add(new OleDbParameter("@RoleId", roleIds[iterR]));
object result = command.ExecuteScalar();
if (result != null && (result is int) && ((int)result) == userIds[iterU])
{ // Exists!
throw new ProviderException("The user " + usernames[iterU] + " is already in role " + roleNames[iterR]);
}
}
}
for (int iterU = 0; iterU < usernames.Length; iterU++)
{
if (userIds[iterU] == 0)
{
userIds[iterU] = AccessConnectionHelper.GetUserID(connection, appId, usernames[iterU], true);
}
if (userIds[iterU] == 0)
{
throw new ProviderException("User not found: " + usernames[iterU]);
}
}
for (int iterU = 0; iterU < usernames.Length; iterU++)
{
for (int iterR = 0; iterR < roleNames.Length; iterR++)
{
command = new OleDbCommand(@"INSERT INTO aspnet_UsersInRoles (UserId, RoleId) VALUES(@UserId, @RoleId)", connection);
command.Parameters.Add(new OleDbParameter("@UserId", userIds[iterU]));
command.Parameters.Add(new OleDbParameter("@RoleId", roleIds[iterR]));
if (command.ExecuteNonQuery() != 1)
{
throw new ProviderException("Unknown provider failure");
}
}
}
command = new OleDbCommand("COMMIT TRANSACTION", connection);
command.ExecuteNonQuery();
}
catch (Exception e)
{
try
{
if (fBeginTransCalled)
{
OleDbCommand command = new OleDbCommand("ROLLBACK TRANSACTION", connection);
command.ExecuteNonQuery();
}
}
catch { }
throw AccessConnectionHelper.GetBetterException(e, holder);
}
finally
{
holder.Close();
}
}
catch
{
throw;
}
}
public static void CreateRole(string authorizationName)
{
SecUtility.CheckParameter(ref authorizationName, true, true, true, 255, "authorizationName");
AccessConnectionHolder holder = AccessConnectionHelper.GetConnection(_DatabaseFileName, true);
OleDbConnection connection = holder.Connection;
bool fBeginTransCalled = false;
try
{
try
{
int appId = GetApplicationId(holder);
OleDbCommand command;
int authorizationId = GetAuthorizationId(connection, appId, authorizationName);
if (authorizationId != 0)
{
throw new ProviderException("Provider role already exists: " + authorizationName);
}
command = new OleDbCommand("BEGIN TRANSACTION", connection);
command.ExecuteNonQuery();
fBeginTransCalled = true;
command = new OleDbCommand(@"INSERT INTO aspnet_Authorizations (ApplicationId, AuthorizationName) VALUES (@AppId, @AName)", connection);
command.Parameters.Add(new OleDbParameter("@AppId", appId));
command.Parameters.Add(new OleDbParameter("@AName", authorizationName));
int returnValue = command.ExecuteNonQuery();
command = new OleDbCommand("COMMIT TRANSACTION", connection);
command.ExecuteNonQuery();
fBeginTransCalled = false;
if (returnValue == 1)
{
return;
}
throw new ProviderException("Unknown provider failure");
}
catch (Exception e)
{
if (fBeginTransCalled)
{
try
{
OleDbCommand command = new OleDbCommand("ROLLBACK TRANSACTION", connection);
command.ExecuteNonQuery();
}
catch { }
}
throw AccessConnectionHelper.GetBetterException(e, holder);
}
finally
{
holder.Close();
}
}
catch
{
throw;
}
}
private int ResetUserStatePerUsers(string path, string[] usernames)
{
int count = 0;
AccessConnectionHolder connectionHolder = null;
OleDbConnection connection = null;
bool beginTransCalled = false;
try
{
try
{
connectionHolder = GetConnectionHolder();
connection = connectionHolder.Connection;
int applicationID = GetApplicationID(connectionHolder);
if (applicationID != 0)
{
OleDbCommand command = new OleDbCommand(null, connection);
OleDbParameter userIdParam = command.Parameters.Add(new OleDbParameter("@UserId", OleDbType.Integer));
string fromAndWhereClause = " FROM aspnet_PagePersonalizationPerUser WHERE UserId = @UserId";
if (!String.IsNullOrEmpty(path))
{
int pathId = AccessConnectionHelper.GetPathID(connection, applicationID, path);
fromAndWhereClause += " AND PathId = @PathId";
command.Parameters.Add(new OleDbParameter("@PathId", pathId));
}
string selectCommandText = "SELECT COUNT(*)" + fromAndWhereClause;
string deleteCommandText = "DELETE" + fromAndWhereClause;
OleDbCommand transCommand = new OleDbCommand("BEGIN TRANSACTION", connection);
transCommand.ExecuteNonQuery();
beginTransCalled = true;
foreach (string username in usernames)
{
command.CommandText = selectCommandText;
userIdParam.Value = AccessConnectionHelper.GetUserID(connection, applicationID, username);
int numOfRecords = (int)command.ExecuteScalar();
if (numOfRecords > 0)
{
command.CommandText = deleteCommandText;
command.ExecuteNonQuery();
count += numOfRecords;
}
}
transCommand.CommandText = "COMMIT TRANSACTION";
transCommand.ExecuteNonQuery();
}
}
catch
{
try
{
if (beginTransCalled)
{
OleDbCommand rollbackCommand = new OleDbCommand("ROLLBACK TRANSACTION", connection);
rollbackCommand.ExecuteNonQuery();
}
}
catch
{
}
throw;
}
finally
{
if (connectionHolder != null)
{
connectionHolder.Close();
connectionHolder = null;
}
}
}
catch
{
throw;
}
return(count);
}
private int ResetStatePerPaths(string tableName, string[] paths)
{
if (paths == null || paths.Length == 0)
{
return(0);
}
int count = 0;
AccessConnectionHolder connectionHolder = null;
OleDbConnection connection = null;
bool beginTransCalled = false;
try
{
try
{
connectionHolder = GetConnectionHolder();
connection = connectionHolder.Connection;
int applicationID = GetApplicationID(connectionHolder);
if (applicationID != 0)
{
string fromAndWhereClause = " FROM " + tableName + " WHERE PathId = @PathId";
string selectCommandText = "SELECT COUNT(*)" + fromAndWhereClause;
string deleteCommandText = "DELETE" + fromAndWhereClause;
OleDbCommand command = new OleDbCommand(null, connection);
OleDbParameter pathParam = command.Parameters.Add(new OleDbParameter("@PathId", OleDbType.Integer));
OleDbCommand transCommand = new OleDbCommand("BEGIN TRANSACTION", connection);
transCommand.ExecuteNonQuery();
beginTransCalled = true;
foreach (string path in paths)
{
command.CommandText = selectCommandText;
pathParam.Value = AccessConnectionHelper.GetPathID(connection, applicationID, path);
int numOfRecords = (int)command.ExecuteScalar();
if (numOfRecords > 0)
{
command.CommandText = deleteCommandText;
command.ExecuteNonQuery();
count += numOfRecords;
}
}
transCommand.CommandText = "COMMIT TRANSACTION";
transCommand.ExecuteNonQuery();
}
}
catch
{
try
{
if (beginTransCalled)
{
OleDbCommand rollbackCommand = new OleDbCommand("ROLLBACK TRANSACTION", connection);
rollbackCommand.ExecuteNonQuery();
}
}
catch
{
}
throw;
}
finally
{
if (connectionHolder != null)
{
connectionHolder.Close();
connectionHolder = null;
}
}
}
catch
{
throw;
}
return(count);
}
