//////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////
public override bool RoleExists(string roleName)
{
try {
SecUtility.CheckParameter(ref roleName, true, true, true, 255, "roleName");
}
catch {
return(false);
}
AccessConnectionHolder holder = AccessConnectionHolder.GetConnection(_DatabaseFileName, true);
OleDbConnection connection = holder.Connection;
try {
try {
int appId = GetApplicationId(holder);
int roleId = GetRoleId(connection, appId, roleName);
return(roleId != 0);
}
catch (Exception e) {
throw AccessConnectionHolder.GetBetterException(e, holder);
}
finally {
holder.Close();
}
}
catch {
throw;
}
}
internal static void CheckArrayParameter(ref string[] param, bool checkForNull, bool checkIfEmpty, bool checkForCommas, int maxSize, string paramName)
{
if (param == null)
{
throw new ArgumentNullException(paramName);
}
if (param.Length < 1)
{
throw new ArgumentException("The array parameter '" + paramName + "' should not be empty.", paramName);
}
for (int i = param.Length - 1; i >= 0; i--)
{
SecUtility.CheckParameter(ref param[i],
checkForNull,
checkIfEmpty,
checkForCommas,
maxSize,
paramName + "[ " + i.ToString(CultureInfo.InvariantCulture) + " ]");
}
for (int i = param.Length - 1; i >= 0; i--)
{
for (int j = i - 1; j >= 0; j--)
{
if (param[i].Equals(param[j]))
{
throw new ArgumentException("The array '" + paramName + "' should not contain duplicate values.",
paramName);
}
}
}
}
/////////////////////////////////////////////////////////////////////////////
/////////////////////////////////////////////////////////////////////////////
/////////////////////////////////////////////////////////////////////////////
/////////////////////////////////////////////////////////////////////////////
// Mangement APIs from ProfileProvider class
public override int DeleteProfiles(ProfileInfoCollection profiles)
{
if (profiles == null)
{
throw new ArgumentNullException("profiles");
}
if (profiles.Count < 1)
{
throw new ArgumentException("Profiles collection is empty", "profiles");
}
foreach (ProfileInfo pi in profiles)
{
string username = pi.UserName;
SecUtility.CheckParameter(ref username, true, true, true, 255, "UserName");
}
try {
AccessConnectionHolder holder = AccessConnectionHolder.GetConnection(_DatabaseFileName, true);
bool fBeginTransCalled = false;
int numDeleted = 0;
try {
OleDbCommand cmd = new OleDbCommand("BEGIN TRANSACTION", holder.Connection);
cmd.ExecuteNonQuery();
fBeginTransCalled = true;
int appId = GetApplicationId(holder);
foreach (ProfileInfo profile in profiles)
{
if (DeleteProfile(holder, profile.UserName.Trim(), appId))
{
numDeleted++;
}
}
cmd = new OleDbCommand("COMMIT TRANSACTION", holder.Connection);
cmd.ExecuteNonQuery();
fBeginTransCalled = false;
}
catch (Exception e) {
throw AccessConnectionHolder.GetBetterException(e, holder);
}
finally {
if (fBeginTransCalled)
{
try {
OleDbCommand command = new OleDbCommand("ROLLBACK TRANSACTION", holder.Connection);
command.ExecuteNonQuery();
}
catch { }
}
holder.Close();
}
return(numDeleted);
}
catch {
throw;
}
}
////////////////////////////////////////////////////////////
// Public properties
public override void Initialize(string name, NameValueCollection config)
{
if (name == null || name.Length < 1)
{
name = "AccessProfileProvider";
}
if (string.IsNullOrEmpty(config["description"]))
{
config.Remove("description");
config.Add("description", "$safeprojectname$ Profile Provider");
}
base.Initialize(name, config);
if (config == null)
{
throw new ArgumentNullException("config");
}
_DatabaseFileName = config["connectionStringName"];
if (_DatabaseFileName == null || _DatabaseFileName.Length < 1)
{
throw new ProviderException("Connection name not specified");
}
string temp = AccessConnectionHolder.GetFileNameFromConnectionName(_DatabaseFileName, true);
if (temp == null || temp.Length < 1)
{
throw new ProviderException("Connection string not found" + _DatabaseFileName);
}
_DatabaseFileName = temp;
//HandlerBase.CheckAndReadRegistryValue(ref _DatabaseFileName, true);
AccessConnectionHolder.CheckConnectionString(_DatabaseFileName);
_AppName = config["applicationName"];
if (string.IsNullOrEmpty(_AppName))
{
_AppName = SecUtility.GetDefaultAppName();
}
if (_AppName.Length > 255)
{
throw new ProviderException("ApplicationName exceeded max length of " + 255);
}
//_Description = config["description"];
config.Remove("connectionStringName");
config.Remove("applicationName");
config.Remove("description");
if (config.Count > 0)
{
string attribUnrecognized = config.GetKey(0);
if (!String.IsNullOrEmpty(attribUnrecognized))
{
throw new ProviderException("Unrecognized attribute: " + attribUnrecognized);
}
}
}
//////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////
public override string[] GetRolesForUser(string username)
{
SecUtility.CheckParameter(ref username, true, false, true, 255, "username");
if (username.Length < 1)
{
return(new string[0]);
}
AccessConnectionHolder holder = AccessConnectionHolder.GetConnection(_DatabaseFileName, true);
OleDbConnection connection = holder.Connection;
OleDbDataReader reader = null;
try {
try {
int appId = GetApplicationId(holder);
int userId = AccessConnectionHelper.GetUserID(connection, appId, username, false);
if (userId == 0)
{
return(new string[0]);
}
OleDbCommand command;
StringCollection sc = new StringCollection();
String[] strReturn;
command = new OleDbCommand(@"SELECT RoleName FROM aspnet_UsersInRoles ur, aspnet_Roles r " +
@"WHERE ur.UserId = @UserId AND ur.RoleId = r.RoleId " +
@"ORDER BY RoleName",
connection);
command.Parameters.Add(new OleDbParameter("@UserId", userId));
reader = command.ExecuteReader(CommandBehavior.SequentialAccess);
while (reader.Read())
{
sc.Add(reader.GetString(0));
}
strReturn = new String[sc.Count];
sc.CopyTo(strReturn, 0);
return(strReturn);
}
catch (Exception e) {
throw AccessConnectionHolder.GetBetterException(e, holder);
}
finally {
if (reader != null)
{
reader.Close();
}
holder.Close();
}
}
catch {
throw;
}
}
//////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////
public override void CreateRole(string roleName)
{
SecUtility.CheckParameter(ref roleName, true, true, true, 255, "roleName");
AccessConnectionHolder holder = AccessConnectionHolder.GetConnection(_DatabaseFileName, true);
OleDbConnection connection = holder.Connection;
bool fBeginTransCalled = false;
try {
try {
int appId = GetApplicationId(holder);
OleDbCommand command;
int roleId = GetRoleId(connection, appId, roleName);
if (roleId != 0)
{
throw new ProviderException("Provider role already exists: " + roleName);
}
command = new OleDbCommand("BEGIN TRANSACTION", connection);
command.ExecuteNonQuery();
fBeginTransCalled = true;
command = new OleDbCommand(@"INSERT INTO aspnet_Roles (ApplicationId, RoleName) VALUES (@AppId, @RName)", connection);
command.Parameters.Add(new OleDbParameter("@AppId", appId));
command.Parameters.Add(new OleDbParameter("@RName", roleName));
int returnValue = command.ExecuteNonQuery();
command = new OleDbCommand("COMMIT TRANSACTION", connection);
command.ExecuteNonQuery();
fBeginTransCalled = false;
if (returnValue == 1)
{
return;
}
throw new ProviderException("Unknown provider failure");
}
catch (Exception e) {
if (fBeginTransCalled)
{
try {
OleDbCommand command = new OleDbCommand("ROLLBACK TRANSACTION", connection);
command.ExecuteNonQuery();
}
catch { }
}
throw AccessConnectionHolder.GetBetterException(e, holder);
}
finally {
holder.Close();
}
}
catch {
throw;
}
}
//////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////
public override string[] FindUsersInRole(string roleName, string usernameToMatch)
{
SecUtility.CheckParameter(ref roleName, true, true, true, 255, "roleName");
SecUtility.CheckParameter(ref usernameToMatch, true, true, false, 255, "usernameToMatch");
StringCollection sc = new StringCollection();
AccessConnectionHolder holder = AccessConnectionHolder.GetConnection(_DatabaseFileName, true);
OleDbDataReader reader = null;
OleDbConnection connection = holder.Connection;
try {
try {
int appId = GetApplicationId(holder);
int roleId = GetRoleId(connection, appId, roleName);
OleDbCommand command;
if (roleId == 0)
{
throw new ProviderException("Role not found " + roleName);
}
command = new OleDbCommand(@"SELECT UserName " +
@"FROM aspnet_UsersInRoles ur, aspnet_Users u " +
@"WHERE ur.RoleId = @RoleId AND ur.UserId = u.UserId AND u.UserName LIKE @UserNameToMatch " +
@"ORDER BY UserName", connection);
command.Parameters.Add(new OleDbParameter("@RoleId", roleId));
command.Parameters.Add(new OleDbParameter("@UserNameToMatch", usernameToMatch));
reader = command.ExecuteReader(CommandBehavior.SequentialAccess);
while (reader.Read())
{
sc.Add((string)reader.GetString(0));
}
}
catch (Exception e) {
throw AccessConnectionHolder.GetBetterException(e, holder);
}
finally {
if (reader != null)
{
reader.Close();
}
holder.Close();
}
}
catch {
throw;
}
string[] allUsers = new string[sc.Count];
sc.CopyTo(allUsers, 0);
return(allUsers);
}
//////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////
public override bool IsUserInRole(string username, string roleName)
{
SecUtility.CheckParameter(ref username, true, false, true, 255, "username");
if (username.Length < 1)
{
return(false);
}
SecUtility.CheckParameter(ref roleName, true, true, true, 255, "roleName");
AccessConnectionHolder holder = AccessConnectionHolder.GetConnection(_DatabaseFileName, true);
OleDbConnection connection = holder.Connection;
try {
try {
int appId = GetApplicationId(holder);
int userId = AccessConnectionHelper.GetUserID(connection, appId, username, false);
int roleId = GetRoleId(connection, appId, roleName);
OleDbCommand command;
if (userId == 0)
{
return(false);
}
if (roleId == 0)
{
return(false);
}
command = new OleDbCommand(@"SELECT UserId FROM aspnet_UsersInRoles WHERE UserId = @UserId AND RoleId = @RoleId", connection);
command.Parameters.Add(new OleDbParameter("@UserId", userId));
command.Parameters.Add(new OleDbParameter("@RoleId", roleId));
object result = command.ExecuteScalar();
if (result == null || !(result is int) || ((int)result) != userId)
{
return(false);
}
return(true);
}
catch (Exception e) {
throw AccessConnectionHolder.GetBetterException(e, holder);
}
finally {
holder.Close();
}
}
catch {
throw;
}
}
/////////////////////////////////////////////////////////////////////////////
/////////////////////////////////////////////////////////////////////////////
public override ProfileInfoCollection FindInactiveProfilesByUserName(ProfileAuthenticationOption authenticationOption, string usernameToMatch, DateTime userInactiveSinceDate, int pageIndex, int pageSize, out int totalRecords)
{
SecUtility.CheckParameter(ref usernameToMatch, true, true, false, 255, "usernameToMatch");
string sqlQuery = @"SELECT u.UserName, u.IsAnonymous, u.LastActivityDate, p.LastUpdatedDate, LEN(p.PropertyNames) + LEN(p.PropertyValuesString) " +
@"FROM aspnet_Users u, aspnet_Profile p " +
@"WHERE ApplicationId = @AppId AND u.UserId = p.UserId AND u.UserName like @UserName AND u.LastActivityDate <= @LastActivityDate" +
GetClauseForAuthenticationOptions(authenticationOption);
OleDbParameter[] args = new OleDbParameter[2];
args[0] = new OleDbParameter("@UserName", usernameToMatch);
args[1] = CreateDateTimeOleDbParameter("@LastActivityDate", userInactiveSinceDate);
return(GetProfilesForQuery(sqlQuery, args, pageIndex, pageSize, out totalRecords));
}
/////////////////////////////////////////////////////////////////////////////
/////////////////////////////////////////////////////////////////////////////
private bool DeleteProfile(AccessConnectionHolder holder, string username, int appId)
{
SecUtility.CheckParameter(ref username, true, true, true, 255, "username");
int userId = AccessConnectionHelper.GetUserID(holder.Connection, appId, username, false);
if (userId == 0)
{
return(false);
}
OleDbCommand cmd = new OleDbCommand(@"DELETE FROM aspnet_Profile WHERE UserId = @UserId", holder.Connection);
cmd.Parameters.Add(new OleDbParameter("@UserId", userId));
return(cmd.ExecuteNonQuery() != 0);
}
/////////////////////////////////////////////////////////////////////////////
/////////////////////////////////////////////////////////////////////////////
public override int DeleteProfiles(string[] usernames)
{
SecUtility.CheckArrayParameter(ref usernames,
true,
true,
true,
255,
"usernames");
try {
AccessConnectionHolder holder = AccessConnectionHolder.GetConnection(_DatabaseFileName, true);
int numDeleted = 0;
bool fBeginTransCalled = false;
try {
OleDbCommand cmd = new OleDbCommand("BEGIN TRANSACTION", holder.Connection);
cmd.ExecuteNonQuery();
fBeginTransCalled = true;
int appId = GetApplicationId(holder);
foreach (string username in usernames)
{
if (DeleteProfile(holder, username, appId))
{
numDeleted++;
}
}
cmd = new OleDbCommand("COMMIT TRANSACTION", holder.Connection);
cmd.ExecuteNonQuery();
fBeginTransCalled = false;
}
catch (Exception e) {
throw AccessConnectionHolder.GetBetterException(e, holder);
}
finally {
if (fBeginTransCalled)
{
try {
OleDbCommand command = new OleDbCommand("ROLLBACK TRANSACTION", holder.Connection);
command.ExecuteNonQuery();
}
catch { }
}
holder.Close();
}
return(numDeleted);
}
catch {
throw;
}
}
//////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////
public override void RemoveUsersFromRoles(string[] usernames, string[] roleNames)
{
SecUtility.CheckArrayParameter(ref roleNames, true, true, true, 255, "roleNames");
SecUtility.CheckArrayParameter(ref usernames, true, true, true, 255, "usernames");
AccessConnectionHolder holder = AccessConnectionHolder.GetConnection(_DatabaseFileName, true);
OleDbConnection connection = holder.Connection;
bool fBeginTransCalled = false;
try {
try {
int appId = GetApplicationId(holder);
int[] userIds = new int[usernames.Length];
int[] roleIds = new int[roleNames.Length];
OleDbCommand command;
command = new OleDbCommand("BEGIN TRANSACTION", connection);
command.ExecuteNonQuery();
fBeginTransCalled = true;
for (int iterU = 0; iterU < usernames.Length; iterU++)
{
userIds[iterU] = AccessConnectionHelper.GetUserID(connection, appId, usernames[iterU], false);
if (userIds[iterU] == 0)
{
throw new ProviderException("User not found: " + usernames[iterU]);
}
}
for (int iterR = 0; iterR < roleNames.Length; iterR++)
{
roleIds[iterR] = GetRoleId(connection, appId, roleNames[iterR]);
if (roleIds[iterR] == 0)
{
throw new ProviderException("Role not found: " + roleNames[iterR]);
}
}
for (int iterU = 0; iterU < usernames.Length; iterU++)
{
for (int iterR = 0; iterR < roleNames.Length; iterR++)
{
command = new OleDbCommand(@"SELECT UserId FROM aspnet_UsersInRoles WHERE UserId = @UserId AND RoleId = @RoleId",
connection);
command.Parameters.Add(new OleDbParameter("@UserId", userIds[iterU]));
command.Parameters.Add(new OleDbParameter("@RoleId", roleIds[iterR]));
object result = command.ExecuteScalar();
if (result == null || !(result is int) || ((int)result) != userIds[iterU]) // doesn't exist!
{
throw new ProviderException("The user " + usernames[iterU] + " is already not in role " + roleNames[iterR]);
}
}
}
for (int iterU = 0; iterU < usernames.Length; iterU++)
{
for (int iterR = 0; iterR < roleNames.Length; iterR++)
{
command = new OleDbCommand(@"DELETE FROM aspnet_UsersInRoles WHERE UserId = @UserId AND RoleId = @RoleId",
connection);
command.Parameters.Add(new OleDbParameter("@UserId", userIds[iterU]));
command.Parameters.Add(new OleDbParameter("@RoleId", roleIds[iterR]));
if (command.ExecuteNonQuery() != 1)
{
throw new ProviderException("Unknown failure");
}
}
}
command = new OleDbCommand("COMMIT TRANSACTION", connection);
command.ExecuteNonQuery();
}
catch (Exception e) {
try {
if (fBeginTransCalled)
{
OleDbCommand command = new OleDbCommand("ROLLBACK TRANSACTION", connection);
command.ExecuteNonQuery();
}
}
catch { }
throw AccessConnectionHolder.GetBetterException(e, holder);
}
finally {
holder.Close();
}
}
catch {
throw;
}
}
//////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////
public override bool DeleteRole(string roleName, bool throwOnPopulatedRole)
{
SecUtility.CheckParameter(ref roleName, true, true, true, 255, "roleName");
AccessConnectionHolder holder = AccessConnectionHolder.GetConnection(_DatabaseFileName, true);
OleDbConnection connection = holder.Connection;
bool fBeginTransCalled = false;
try {
try {
int appId = GetApplicationId(holder);
OleDbCommand command;
int roleId = GetRoleId(connection, appId, roleName);
if (roleId == 0)
{
return(false);
}
if (throwOnPopulatedRole)
{
command = new OleDbCommand(@"SELECT COUNT(*) " +
@"FROM aspnet_UsersInRoles ur, aspnet_Users u " +
@"WHERE ur.RoleId = @RoleId AND ur.UserId = u.UserId",
connection);
command.Parameters.Add(new OleDbParameter("@RoleId", roleId));
object num = command.ExecuteScalar();
if (!(num is int) || ((int)num) != 0)
{
throw new ProviderException("Role is not empty");
}
}
command = new OleDbCommand("BEGIN TRANSACTION", connection);
command.ExecuteNonQuery();
fBeginTransCalled = true;
command = new OleDbCommand(@"DELETE FROM aspnet_Roles WHERE RoleId = @RoleId", connection);
command.Parameters.Add(new OleDbParameter("@RoleId", roleId));
int returnValue = command.ExecuteNonQuery();
command = new OleDbCommand("COMMIT TRANSACTION", connection);
command.ExecuteNonQuery();
fBeginTransCalled = false;
return(returnValue == 1);
}
catch (Exception e) {
if (fBeginTransCalled)
{
try {
OleDbCommand command = new OleDbCommand("ROLLBACK TRANSACTION", connection);
command.ExecuteNonQuery();
}
catch { }
}
throw AccessConnectionHolder.GetBetterException(e, holder);
}
finally {
holder.Close();
}
}
catch {
throw;
}
}
