/// <summary> /// Initializes a new instance of the <see cref="SqlServerStreamConfig"/> class. /// </summary> /// <param name="name">Name of the stream.</param> /// <param name="accessKinds">Access the stream has.</param> /// <param name="defaultConnectionTimeout">Default timeout to use when connecting to SQL Server.</param> /// <param name="defaultCommandTimeout">Default timeout to use when running a command on SQL Server.</param> /// <param name="defaultSerializerRepresentation">Default <see cref="SerializerRepresentation"/> to use (used for identifier serialization).</param> /// <param name="defaultSerializationFormat">Default <see cref="SerializationFormat"/> to use.</param> /// <param name="allLocators">All <see cref="ISqlServerLocator"/>'s.</param> public SqlServerStreamConfig( string name, StreamAccessKinds accessKinds, TimeSpan defaultConnectionTimeout, TimeSpan defaultCommandTimeout, SerializerRepresentation defaultSerializerRepresentation, SerializationFormat defaultSerializationFormat, IReadOnlyCollection <ISqlServerLocator> allLocators) { name.MustForArg(nameof(name)).NotBeNullNorWhiteSpace(); accessKinds.MustForArg(nameof(accessKinds)).NotBeEqualTo(StreamAccessKinds.None); defaultConnectionTimeout.TotalMilliseconds.MustForArg(Invariant($"{nameof(defaultConnectionTimeout)}.{nameof(TimeSpan.TotalMilliseconds)}")).BeGreaterThanOrEqualTo(0d); defaultCommandTimeout.TotalMilliseconds.MustForArg(Invariant($"{nameof(defaultCommandTimeout)}.{nameof(TimeSpan.TotalMilliseconds)}")).BeGreaterThanOrEqualTo(0d); defaultSerializerRepresentation.MustForArg(nameof(defaultSerializerRepresentation)).NotBeNull(); defaultSerializationFormat.MustForArg(nameof(defaultSerializationFormat)).NotBeEqualTo(SerializationFormat.Invalid); allLocators.MustForArg(nameof(allLocators)).NotBeNullNorEmptyEnumerableNorContainAnyNulls(); this.Name = name; this.AccessKinds = accessKinds; this.DefaultConnectionTimeout = defaultConnectionTimeout; this.DefaultCommandTimeout = defaultCommandTimeout; this.DefaultSerializerRepresentation = defaultSerializerRepresentation; this.DefaultSerializationFormat = defaultSerializationFormat; this.AllLocators = allLocators; }
public CreateStreamUserOp DeepCloneWithStreamAccessKinds(StreamAccessKinds streamAccessKinds) { var result = new CreateStreamUserOp( this.LoginName?.DeepClone(), this.UserName?.DeepClone(), this.ClearTextPassword?.DeepClone(), streamAccessKinds, this.ShouldCreateLogin.DeepClone()); return(result); }
public SqlServerStreamConfig DeepCloneWithAccessKinds(StreamAccessKinds accessKinds) { var result = new SqlServerStreamConfig( this.Name?.DeepClone(), accessKinds, this.DefaultConnectionTimeout.DeepClone(), this.DefaultCommandTimeout.DeepClone(), this.DefaultSerializerRepresentation?.DeepClone(), this.DefaultSerializationFormat.DeepClone(), this.AllLocators?.DeepClone()); return(result); }
/// <summary> /// Gets the role name from the <see cref="StreamAccessKinds"/> and the stream name. /// </summary> /// <param name="singleStreamAccessKind">Single <see cref="StreamAccessKinds"/>.</param> /// <param name="streamName">Name of the stream.</param> /// <returns>Name of role.</returns> public static string GetRoleNameFromStreamAccessKind( StreamAccessKinds singleStreamAccessKind, string streamName) { var streamAccessKindsIndividualItems = singleStreamAccessKind.GetIndividualFlags(); streamAccessKindsIndividualItems.Count.MustForArg(nameof(streamAccessKindsIndividualItems)).BeEqualTo(1, "Can only convert a single flag to a role name."); var roleName = streamAccessKindsIndividualItems.Single().ToString(); var result = Invariant($@"{streamName}-{roleName}"); return(result); }
/// <summary> /// Initializes a new instance of the <see cref="CreateStreamUserOp"/> class. /// </summary> /// <param name="loginName">The login name of the user.</param> /// <param name="userName">The username of the user.</param> /// <param name="clearTextPassword">The clear text password.</param> /// <param name="streamAccessKinds"><see cref="Database.Domain.StreamAccessKinds"/> to grant access for.</param> /// <param name="shouldCreateLogin">A value indicating whether or not to create the login or look it up.</param> public CreateStreamUserOp( string loginName, string userName, string clearTextPassword, StreamAccessKinds streamAccessKinds, bool shouldCreateLogin) { userName.MustForArg(nameof(userName)).NotBeNullNorWhiteSpace().And().BeAlphanumeric(new[] { '-' }); streamAccessKinds.MustForArg(nameof(streamAccessKinds)).NotBeEqualTo(Database.Domain.StreamAccessKinds.None); if (shouldCreateLogin) { clearTextPassword.MustForArg(nameof(clearTextPassword)).NotBeNullNorWhiteSpace(); } else { loginName.MustForArg(nameof(loginName)).NotBeNullNorWhiteSpace(); } if (!string.IsNullOrWhiteSpace(loginName)) { loginName.MustForArg(nameof(loginName)).BeAlphanumeric(new[] { '-' }); } var individualStreamAccessKinds = streamAccessKinds.GetIndividualFlags <StreamAccessKinds>(); if (individualStreamAccessKinds.Except(CreateStreamUserOp.SupportedStreamAccessKinds).Any()) { var supportedValuesString = SupportedStreamAccessKinds.Select(_ => _.ToString()).ToDelimitedString(","); var providedValuesString = individualStreamAccessKinds.Select(_ => _.ToString()).ToDelimitedString(","); throw new ArgumentException(Invariant($"Unsupported access type provided; supported: '{supportedValuesString}', provided: '{providedValuesString}'."), nameof(streamAccessKinds)); } this.LoginName = loginName; this.UserName = userName; this.ClearTextPassword = clearTextPassword; this.StreamAccessKinds = streamAccessKinds; this.ShouldCreateLogin = shouldCreateLogin; }
public static string BuildGrantScriptByStreamAccessKind( StreamAccessKinds singleStreamAccessKind, string streamName) { var result = new StringBuilder(); var roleName = GetRoleNameFromStreamAccessKind(singleStreamAccessKind, streamName); string BuildGrant(string resourceName, string permission) { var fullName = Invariant($"[{streamName}].[{resourceName}]"); var grantExec = Invariant($"GRANT {permission} ON {fullName} TO [{roleName}]"); return(grantExec); } var execute = "EXECUTE"; var read = "SELECT"; var readWrite = "SELECT,INSERT"; // Base permissions for all roles. result.AppendLine(BuildGrant(Funcs.GetTagsTableVariableFromTagsXml.Name, read)); result.AppendLine(BuildGrant(Sprocs.GetIdAddIfNecessarySerializerRepresentation.Name, execute)); result.AppendLine(BuildGrant(Sprocs.GetIdAddIfNecessaryTypeWithoutVersion.Name, execute)); result.AppendLine(BuildGrant(Sprocs.GetIdAddIfNecessaryTypeWithVersion.Name, execute)); result.AppendLine(BuildGrant(Sprocs.GetIdsAddIfNecessaryTagSet.Name, execute)); result.AppendLine(BuildGrant(Sprocs.GetSerializerRepresentationFromId.Name, execute)); result.AppendLine(BuildGrant(Sprocs.GetTypeFromId.Name, execute)); result.AppendLine(BuildGrant(Sprocs.GetTagSetFromIds.Name, execute)); result.AppendLine(BuildGrant(Tables.SerializerRepresentation.Table.Name, readWrite)); result.AppendLine(BuildGrant(Tables.TypeWithoutVersion.Table.Name, readWrite)); result.AppendLine(BuildGrant(Tables.TypeWithVersion.Table.Name, readWrite)); result.AppendLine(BuildGrant(Tables.Tag.Table.Name, readWrite)); if (singleStreamAccessKind == StreamAccessKinds.Read) { result.AppendLine(BuildGrant(Sprocs.GetLatestRecord.Name, execute)); result.AppendLine(BuildGrant(Sprocs.GetDistinctStringSerializedIds.Name, execute)); result.AppendLine(BuildGrant(Sprocs.GetLatestStringSerializedObject.Name, execute)); result.AppendLine(BuildGrant(Sprocs.GetInternalRecordIds.Name, execute)); result.AppendLine(BuildGrant(Tables.Record.Table.Name, read)); result.AppendLine(BuildGrant(Tables.RecordTag.Table.Name, read)); } else if (singleStreamAccessKind == StreamAccessKinds.Write) { result.AppendLine(BuildGrant(Sprocs.PutRecord.Name, execute)); result.AppendLine(BuildGrant(Sprocs.GetNextUniqueLong.Name, execute)); result.AppendLine(BuildGrant(Tables.NextUniqueLong.Table.Name, readWrite)); result.AppendLine(BuildGrant(Tables.Record.Table.Name, readWrite)); result.AppendLine(BuildGrant(Tables.RecordTag.Table.Name, readWrite)); } else if (singleStreamAccessKind == StreamAccessKinds.Handle) { result.AppendLine(BuildGrant(Sprocs.TryHandleRecord.Name, execute)); result.AppendLine(BuildGrant(Sprocs.PutHandling.Name, execute)); result.AppendLine(BuildGrant(Tables.Record.Table.Name, read)); result.AppendLine(BuildGrant(Tables.RecordTag.Table.Name, read)); result.AppendLine(BuildGrant(Tables.Handling.Table.Name, readWrite)); result.AppendLine(BuildGrant(Tables.HandlingTag.Table.Name, readWrite)); } else if (singleStreamAccessKind == StreamAccessKinds.Manage) { result.AppendLine(BuildGrant(Sprocs.CreateStreamUser.Name, execute)); } else { throw new NotSupportedException(Invariant($"{nameof(StreamAccessKinds)} {singleStreamAccessKind} is not supported for granting table/sproc/function access.")); } return(result.ToString()); }