Exemple #1
0
        internal static void CheckArrayParameter(ref string[] param, bool checkForNull, bool checkIfEmpty, bool checkForCommas, int maxSize, string paramName)
        {
            if (param == null)
            {
                throw new ArgumentNullException(paramName);
            }

            if (param.Length < 1)
            {
                throw new ArgumentException(SM.GetString(SM.Parameter_array_empty, paramName), paramName);
            }

            Hashtable values = new Hashtable(param.Length);

            for (int i = param.Length - 1; i >= 0; i--)
            {
                SU.CheckParameter(ref param[i], checkForNull, checkIfEmpty, checkForCommas, maxSize,
                                  paramName + "[ " + i.ToString(CultureInfo.InvariantCulture) + " ]");
                if (values.Contains(param[i]))
                {
                    throw new ArgumentException(SM.GetString(SM.Parameter_duplicate_array_element, paramName), paramName);
                }
                else
                {
                    values.Add(param[i], param[i]);
                }
            }
        }
Exemple #2
0
        public override bool DeleteRole(string roleName, bool throwOnPopulatedRole)
        {
            SQLiteParameter[] parms =
            {
                SU.CreateInputParam("@ApplicationId",   DbType.String, ApplicationId),
                SU.CreateInputParam("@LoweredRoleName", DbType.String, roleName.ToLower())
            };
            int effect = 0;

            using (SQLiteConnection conn = SQLiteConnectionHelper.GetConnection(SqlConnectionString, true).Connection)
            {
                if (throwOnPopulatedRole)
                {
                    var obj = SQLiteHelper.ExecuteScalar(conn, CommandType.Text, Sql_IsExistUserInRole, parms);
                    if (obj != null)
                    {
                        throw new ProviderException(SM.GetString(SM.Role_is_not_empty));
                    }
                }
                effect = SQLiteHelper.ExecuteNonQuery(conn, CommandType.Text, Sql_Roles_Delete, parms);
                SQLiteHelper.ExecuteNonQuery(conn, CommandType.Text, Sql_DeleteUsersByRoleName, parms);
            }

            return(effect > 0);
        }
Exemple #3
0
        public override void CreateRole(string roleName)
        {
            SQLiteParameter[] isExistParms =
            {
                SU.CreateInputParam("@ApplicationId",   DbType.String, ApplicationId),
                SU.CreateInputParam("@LoweredRoleName", DbType.String, roleName.ToLower())
            };
            using (SQLiteConnection conn = SQLiteConnectionHelper.GetConnection(SqlConnectionString, true).Connection)
            {
                var obj = SQLiteHelper.ExecuteScalar(conn, CommandType.Text, Sql_Roles_IsExistName, isExistParms);
                if (obj != null)
                {
                    return;
                }

                SQLiteParameter[] parms =
                {
                    SU.CreateInputParam("@ApplicationId",   DbType.String, ApplicationId),
                    SU.CreateInputParam("@RoleId",          DbType.String, Guid.NewGuid().ToString("N")),
                    SU.CreateInputParam("@RoleName",        DbType.String, roleName),
                    SU.CreateInputParam("@LoweredRoleName", DbType.String, roleName.ToLower()),
                    SU.CreateInputParam("@Description",     DbType.String, string.Empty)
                };
                SQLiteHelper.ExecuteNonQuery(conn, CommandType.Text, Sql_Roles_Insert, parms);
            }
        }
Exemple #4
0
        public override void Initialize(string name, NameValueCollection config)
        {
            // Remove CAS from sample: HttpRuntime.CheckAspNetHostingPermission (AspNetHostingPermissionLevel.Low, SR.Feature_not_supported_at_this_level);
            if (config == null)
            {
                throw new ArgumentNullException("config");
            }

            if (String.IsNullOrEmpty(name))
            {
                name = "SQLiteRoleProvider";
            }
            if (string.IsNullOrEmpty(config["description"]))
            {
                config.Remove("description");
                config.Add("description", SM.GetString(SM.RoleSqlProvider_description));
            }
            base.Initialize(name, config);

            _schemaVersionCheck = 0;

            _commandTimeout = SU.GetIntValue(config, "commandTimeout", 30, true, 0);

            string temp = config["connectionStringName"];

            if (temp == null || temp.Length < 1)
            {
                throw new ProviderException(SM.GetString(SM.Connection_name_not_specified));
            }
            _sqlConnectionString = SQLiteConnectionHelper.GetConnectionString(temp, true, true);
            if (_sqlConnectionString == null || _sqlConnectionString.Length < 1)
            {
                throw new ProviderException(SM.GetString(SM.Connection_string_not_found, temp));
            }

            _applicationName = config["applicationName"];
            if (string.IsNullOrEmpty(_applicationName))
            {
                _applicationName = SU.GetDefaultAppName();
            }

            if (_applicationName.Length > 256)
            {
                throw new ProviderException(SM.GetString(SM.Provider_application_name_too_long));
            }

            config.Remove("connectionStringName");
            config.Remove("applicationName");
            config.Remove("commandTimeout");
            if (config.Count > 0)
            {
                string attribUnrecognized = config.GetKey(0);
                if (!String.IsNullOrEmpty(attribUnrecognized))
                {
                    throw new ProviderException(SM.GetString(SM.Provider_unrecognized_attribute, attribUnrecognized));
                }
            }
        }
Exemple #5
0
 private void RemoveUserFromRole(string username, string roleName)
 {
     SQLiteParameter[] parms =
     {
         SU.CreateInputParam("@ApplicationId",   DbType.String, ApplicationId),
         SU.CreateInputParam("@LoweredUserName", DbType.String, username.ToLower()),
         SU.CreateInputParam("@LoweredRoleName", DbType.String, roleName.ToLower())
     };
     SQLiteHelper.ExecuteScalar(SqlConnectionString, CommandType.Text, Sql_RemoveUserFromRole, parms);
 }
Exemple #6
0
        public override bool RoleExists(string roleName)
        {
            SQLiteParameter[] parms =
            {
                SU.CreateInputParam("@ApplicationId",   DbType.String, ApplicationId),
                SU.CreateInputParam("@LoweredRoleName", DbType.String, roleName.ToLower())
            };
            var obj = SQLiteHelper.ExecuteScalar(SqlConnectionString, CommandType.Text, Sql_Roles_IsExist, parms);

            return(obj != null);
        }
Exemple #7
0
        private void AddUserToRole(string username, string roleName)
        {
            SQLiteParameter[] parms =
            {
                SU.CreateInputParam("@ApplicationId",   DbType.String, ApplicationId),
                SU.CreateInputParam("@LoweredUserName", DbType.String, username.ToLower()),
                SU.CreateInputParam("@LoweredRoleName", DbType.String, roleName.ToLower())
            };

            var userId = string.Empty;
            var roleId = string.Empty;
            var effect = 0;

            using (SQLiteConnection conn = SQLiteConnectionHelper.GetConnection(SqlConnectionString, true).Connection)
            {
                using (SQLiteDataReader reader = SQLiteHelper.ExecuteReader(conn, CommandType.Text, SU.Sql_Users_SelectIdByName, parms))
                {
                    if (reader.Read())
                    {
                        userId = reader.GetString(0);
                    }
                }
                using (SQLiteDataReader reader = SQLiteHelper.ExecuteReader(conn, CommandType.Text, Sql_Roles_SelectId, parms))
                {
                    if (reader.Read())
                    {
                        roleId = reader.GetString(0);
                    }
                }

                if (string.IsNullOrEmpty(userId) || string.IsNullOrEmpty(roleId))
                {
                    return;
                }

                SQLiteParameter[] uirParms =
                {
                    SU.CreateInputParam("@UserId", DbType.String, userId),
                    SU.CreateInputParam("@RoleId", DbType.String, roleId)
                };

                effect = SQLiteHelper.ExecuteNonQuery(conn, CommandType.Text, SU.Sql_UsersInRoles_Insert, uirParms);
            }

            if (effect < 1)
            {
                throw new ProviderException(SM.Provider_unknown_failure);
            }
        }
Exemple #8
0
        public override string[] GetUsersInRole(string roleName)
        {
            var arr = new List <string>();

            SQLiteParameter[] parms =
            {
                SU.CreateInputParam("@ApplicationId",   DbType.String, ApplicationId),
                SU.CreateInputParam("@LoweredRoleName", DbType.String, roleName.ToLower())
            };

            using (SQLiteDataReader reader = SQLiteHelper.ExecuteReader(SqlConnectionString, CommandType.Text, Sql_SelectUsersInRole, parms))
            {
                while (reader.Read())
                {
                    arr.Add(reader.GetString(0));
                }
            }

            return(arr.ToArray());
        }
Exemple #9
0
        public override string[] GetAllRoles()
        {
            var arr = new List <string>();

            using (SQLiteDataReader reader = SQLiteHelper.ExecuteReader(SqlConnectionString, CommandType.Text, Sql_Roles_SelectAll, SU.CreateInputParam("@ApplicationId", DbType.String, ApplicationId)))
            {
                while (reader.Read())
                {
                    arr.Add(reader.GetString(0));
                }
            }

            return(arr.ToArray());
        }
        public override bool ValidateUser(string username, string password)
        {
            if (string.IsNullOrEmpty(username) || string.IsNullOrEmpty(password))
            {
                return(false);
            }

            string psw            = string.Empty;
            int    passwordFormat = 0;
            string passwordSalt   = string.Empty;

            using (SQLiteDataReader reader = SQLiteHelper.ExecuteReader(SqlConnectionString, CommandType.Text, Sql_Users_Mem_FindUserInfoByName, SU.CreateInputParam("@LoweredUserName", DbType.String, username)))
            {
                if (!reader.Read())
                {
                    return(false);
                }
                psw            = reader.GetString(0);
                passwordFormat = reader.GetInt32(1);
                passwordSalt   = reader.GetString(2);
            }
            if (EncodePassword(password, passwordFormat, passwordSalt) != psw)
            {
                return(false);
            }

            return(true);
        }
        public override void Initialize(string name, NameValueCollection config)
        {
            if (config == null)
            {
                throw new ArgumentNullException("config");
            }
            if (String.IsNullOrEmpty(name))
            {
                name = "SQLiteMembershipProvider";
            }
            if (string.IsNullOrEmpty(config["description"]))
            {
                config.Remove("description");
                config.Add("description", SM.GetString(SM.MembershipSqlProvider_description));
            }
            base.Initialize(name, config);

            _schemaVersionCheck = 0;

            _enablePasswordRetrieval              = SU.GetBooleanValue(config, "enablePasswordRetrieval", false);
            _enablePasswordReset                  = SU.GetBooleanValue(config, "enablePasswordReset", true);
            _requiresQuestionAndAnswer            = SU.GetBooleanValue(config, "requiresQuestionAndAnswer", true);
            _requiresUniqueEmail                  = SU.GetBooleanValue(config, "requiresUniqueEmail", true);
            _maxInvalidPasswordAttempts           = SU.GetIntValue(config, "maxInvalidPasswordAttempts", 5, false, 0);
            _passwordAttemptWindow                = SU.GetIntValue(config, "passwordAttemptWindow", 10, false, 0);
            _minRequiredPasswordLength            = SU.GetIntValue(config, "minRequiredPasswordLength", 7, false, 128);
            _minRequiredNonalphanumericCharacters = SU.GetIntValue(config, "minRequiredNonalphanumericCharacters", 1, true, 128);

            _passwordStrengthRegularExpression = config["passwordStrengthRegularExpression"];
            if (_passwordStrengthRegularExpression != null)
            {
                _passwordStrengthRegularExpression = _passwordStrengthRegularExpression.Trim();
                if (_passwordStrengthRegularExpression.Length != 0)
                {
                    try
                    {
                        Regex regex = new Regex(_passwordStrengthRegularExpression);
                    }
                    catch (ArgumentException e)
                    {
                        throw new ProviderException(e.Message, e);
                    }
                }
            }
            else
            {
                _passwordStrengthRegularExpression = string.Empty;
            }
            if (_minRequiredNonalphanumericCharacters > _minRequiredPasswordLength)
            {
                throw new HttpException(SM.GetString(SM.MinRequiredNonalphanumericCharacters_can_not_be_more_than_MinRequiredPasswordLength));
            }

            _commandTimeout  = SU.GetIntValue(config, "commandTimeout", 30, true, 0);
            _ApplicationName = config["applicationName"];
            if (string.IsNullOrEmpty(_ApplicationName))
            {
                _ApplicationName = SU.GetDefaultAppName();
            }

            if (_ApplicationName.Length > 256)
            {
                throw new ProviderException(SM.GetString(SM.Provider_application_name_too_long));
            }

            string strTemp = config["passwordFormat"];

            if (strTemp == null)
            {
                strTemp = "Hashed";
            }

            switch (strTemp)
            {
            case "Clear":
                _passwordFormat = MembershipPasswordFormat.Clear;
                break;

            case "Encrypted":
                _passwordFormat = MembershipPasswordFormat.Encrypted;
                break;

            case "Hashed":
                _passwordFormat = MembershipPasswordFormat.Hashed;
                break;

            default:
                throw new ProviderException(SM.GetString(SM.Provider_bad_password_format));
            }

            if (PasswordFormat == MembershipPasswordFormat.Hashed && EnablePasswordRetrieval)
            {
                throw new ProviderException(SM.GetString(SM.Provider_can_not_retrieve_hashed_password));
            }
            //if (_PasswordFormat == MembershipPasswordFormat.Encrypted && MachineKeySection.IsDecryptionKeyAutogenerated)
            //    throw new ProviderException(SM.GetString(SM.Can_not_use_encrypted_passwords_with_autogen_keys));

            string temp = config["connectionStringName"];

            if (temp == null || temp.Length < 1)
            {
                throw new ProviderException(SM.GetString(SM.Connection_name_not_specified));
            }
            _sqlConnectionString = SQLiteConnectionHelper.GetConnectionString(temp, true, true);
            if (_sqlConnectionString == null || _sqlConnectionString.Length < 1)
            {
                throw new ProviderException(SM.GetString(SM.Connection_string_not_found, temp));
            }

            config.Remove("connectionStringName");
            config.Remove("enablePasswordRetrieval");
            config.Remove("enablePasswordReset");
            config.Remove("requiresQuestionAndAnswer");
            config.Remove("applicationName");
            config.Remove("requiresUniqueEmail");
            config.Remove("maxInvalidPasswordAttempts");
            config.Remove("passwordAttemptWindow");
            config.Remove("commandTimeout");
            config.Remove("passwordFormat");
            config.Remove("name");
            config.Remove("minRequiredPasswordLength");
            config.Remove("minRequiredNonalphanumericCharacters");
            config.Remove("passwordStrengthRegularExpression");
            if (config.Count > 0)
            {
                string attribUnrecognized = config.GetKey(0);
                if (!String.IsNullOrEmpty(attribUnrecognized))
                {
                    throw new ProviderException(SM.GetString(SM.Provider_unrecognized_attribute, attribUnrecognized));
                }
            }
        }
        public override MembershipUser CreateUser(string username, string password, string email, string passwordQuestion, string passwordAnswer, bool isApproved, object providerUserKey, out MembershipCreateStatus status)
        {
            if (string.IsNullOrEmpty(username) || string.IsNullOrEmpty(password))
            {
                status = MembershipCreateStatus.UserRejected;
                return(null);
            }

            string salt = GenerateSalt();
            string psw  = EncodePassword(password, (int)PasswordFormat, salt);

            if (psw.Length > 128)
            {
                status = MembershipCreateStatus.InvalidPassword;
                return(null);
            }

            SQLiteParameter[] parms1 =
            {
                SU.CreateInputParam("@ApplicationId",   DbType.String, ApplicationId),
                SU.CreateInputParam("@LoweredUserName", DbType.String, username.ToLower())
            };
            var effect = SQLiteHelper.ExecuteScalar(SqlConnectionString, CommandType.Text, Sql_Users_CheckUserName, parms1);

            if (effect != null)
            {
                status = MembershipCreateStatus.DuplicateUserName;
                return(null);
            }
            Guid userId = Guid.Empty;

            if (providerUserKey != null)
            {
                Guid.TryParse(providerUserKey.ToString(), out userId);
            }
            else
            {
                userId = Guid.NewGuid();
            }

            DateTime dt = RoundToSeconds(DateTime.Now);

            SQLiteParameter[] usersParms =
            {
                SU.CreateInputParam("@ApplicationId",    DbType.String,   ApplicationId),
                SU.CreateInputParam("@UserId",           DbType.String,   userId.ToString("N")),
                SU.CreateInputParam("@UserName",         DbType.String,   username),
                SU.CreateInputParam("@LoweredUserName",  DbType.String,   username.ToLower()),
                SU.CreateInputParam("@MobileAlias",      DbType.String,   string.Empty),
                SU.CreateInputParam("@IsAnonymous",      DbType.Boolean,  IsAnonymous),
                SU.CreateInputParam("@LastActivityDate", DbType.DateTime, dt),
            };
            SQLiteParameter[] memberParms =
            {
                SU.CreateInputParam("@ApplicationId",                          DbType.String,   ApplicationId),
                SU.CreateInputParam("@UserId",                                 DbType.String,   userId.ToString("N")),
                SU.CreateInputParam("@Password",                               DbType.String,   psw),
                SU.CreateInputParam("@PasswordFormat",                         DbType.Int32,    (int)PasswordFormat),
                SU.CreateInputParam("@PasswordSalt",                           DbType.String,   salt),
                SU.CreateInputParam("@MobilePIN",                              DbType.String,   string.Empty),
                SU.CreateInputParam("@Email",                                  DbType.String,   email),
                SU.CreateInputParam("@LoweredEmail",                           DbType.String,   email.ToLower()),
                SU.CreateInputParam("@PasswordQuestion",                       DbType.String,   string.Empty),
                SU.CreateInputParam("@PasswordAnswer",                         DbType.String,   string.Empty),
                SU.CreateInputParam("@IsApproved",                             DbType.Boolean,  isApproved),
                SU.CreateInputParam("@IsLockedOut",                            DbType.Boolean,  false),
                SU.CreateInputParam("@CreateDate",                             DbType.DateTime, dt),
                SU.CreateInputParam("@LastLoginDate",                          DbType.DateTime, dt),
                SU.CreateInputParam("@LastPasswordChangedDate",                DbType.DateTime, dt),
                SU.CreateInputParam("@LastLockoutDate",                        DbType.DateTime, DateTime.MinValue),
                SU.CreateInputParam("@FailedPasswordAttemptCount",             DbType.Int32,                       0),
                SU.CreateInputParam("@FailedPasswordAttemptWindowStart",       DbType.DateTime, DateTime.MinValue),
                SU.CreateInputParam("@FailedPasswordAnswerAttemptCount",       DbType.Int32,                       0),
                SU.CreateInputParam("@FailedPasswordAnswerAttemptWindowStart", DbType.DateTime, DateTime.MinValue),
                SU.CreateInputParam("@Comment",                                DbType.String,   string.Empty)
            };

            int iStatus = SQLiteHelper.ExecuteNonQuery(SqlConnectionString, CommandType.Text, Sql_Users_Insert, usersParms);

            if (iStatus > 0)
            {
                SQLiteHelper.ExecuteNonQuery(SqlConnectionString, CommandType.Text, Sql_Membership_Insert, memberParms);
            }

            if (iStatus < 1)
            {
                status = MembershipCreateStatus.UserRejected;
                return(null);
            }
            status = MembershipCreateStatus.Success;

            return(new MembershipUser(this.Name,
                                      username,
                                      userId,
                                      email,
                                      string.Empty,
                                      null,
                                      isApproved,
                                      false,
                                      dt,
                                      dt,
                                      dt,
                                      dt,
                                      new DateTime(1754, 1, 1)));
        }