/// <summary> /// 创建一个数据库连接对象 /// </summary> /// <param name="connectionString"></param> internal SqlConnectionHolder(string connectionString) { try { _Connection = new SqlConnection(connectionString); } catch (ArgumentException e) { throw new ArgumentException(SecurityMessage.GetString(SecurityMessage.SqlError_Connection_String), "connectionString", e); } }
internal static void CheckUnrecognizedAttributes(NameValueCollection config, string providerName) { if (config.Count > 0) { string attribUnrecognized = config.GetKey(0); if (!String.IsNullOrEmpty(attribUnrecognized)) { throw new ConfigurationErrorsException( SecurityMessage.GetString(SecurityMessage.Unexpected_provider_attribute, attribUnrecognized, providerName)); } } }
internal static void CheckForNonCommentChildNodes(XmlNode node) { foreach (XmlNode childNode in node.ChildNodes) { if (childNode.NodeType != XmlNodeType.Comment) { throw new ConfigurationErrorsException( SecurityMessage.GetString(SecurityMessage.Config_base_no_child_nodes), childNode); } } }
private void RemoveUsersFromRolesCore(SqlConnection conn, string usernames, string roleNames) { SqlCommand cmd = new SqlCommand("dbo.Aspnet_UsersInRoles_RemoveUsersFromRoles", conn); SqlDataReader reader = null; SqlParameter p = new SqlParameter("@ReturnValue", SqlDbType.Int); string s1 = String.Empty, s2 = String.Empty; cmd.CommandType = CommandType.StoredProcedure; cmd.CommandTimeout = CommandTimeout; p.Direction = ParameterDirection.ReturnValue; cmd.Parameters.Add(p); cmd.Parameters.Add(CreateInputParam("@ApplicationName", SqlDbType.NVarChar, ApplicationName)); cmd.Parameters.Add(CreateInputParam("@UserNames", SqlDbType.NVarChar, usernames)); cmd.Parameters.Add(CreateInputParam("@RoleNames", SqlDbType.NVarChar, roleNames)); try { reader = cmd.ExecuteReader(CommandBehavior.SingleRow); if (reader.Read()) { if (reader.FieldCount > 0) { s1 = reader.GetString(0); } if (reader.FieldCount > 1) { s2 = reader.GetString(1); } } } finally { if (reader != null) { reader.Close(); } } switch (GetReturnValue(cmd)) { case 0: return; case 1: throw new ProviderException(SecurityMessage.GetString(SecurityMessage.Provider_this_user_not_found, s1)); case 2: throw new ProviderException(SecurityMessage.GetString(SecurityMessage.Provider_role_not_found, s2)); case 3: throw new ProviderException(SecurityMessage.GetString(SecurityMessage.Provider_this_user_already_not_in_role, s1, s2)); } throw new ProviderException(SecurityMessage.GetString(SecurityMessage.Provider_unknown_failure)); }
private static XmlNode GetAndRemoveNonEmptyStringAttributeInternal(XmlNode node, string attrib, bool fRequired, ref string val) { XmlNode a = GetAndRemoveStringAttributeInternal(node, attrib, fRequired, ref val); if (a != null && val.Length == 0) { throw new ConfigurationErrorsException( SecurityMessage.GetString(SecurityMessage.Empty_attribute, attrib), a); } return(a); }
public override string[] GetRolesForUser(string username) { SecurityUtility.CheckParameter(ref username, true, false, true, 256, "username"); string cmdText = "dbo.Aspnet_UsersInRoles_GetRolesForUser"; SqlParameter[] parms = { CreateInputParam("@ApplicationName", SqlDbType.NVarChar, ApplicationName), CreateInputParam("@UserName", SqlDbType.NVarChar, username), new SqlParameter("@ReturnValue", SqlDbType.Int) }; parms[0].Value = ApplicationName; parms[1].Value = username; parms[2].Direction = ParameterDirection.ReturnValue; StringCollection sc = new StringCollection(); using (SqlDataReader reader = SqlHelper.ExecuteReader(SqlHelper.SqlProviderConnString, CommandType.StoredProcedure, cmdText, parms)) { if (reader != null && reader.HasRows) { while (reader.Read()) { sc.Add(reader.GetString(0)); } } } if (sc.Count > 0) { String[] strReturn = new String[sc.Count]; sc.CopyTo(strReturn, 0); return(strReturn); } int returnValue = (int)parms[2].Value; switch (returnValue) { case 0: return(new string[0]); case 1: return(new string[0]); //throw new ProviderException(SR.GetString(SR.Provider_user_not_found)); default: throw new ProviderException(SecurityMessage.GetString(SecurityMessage.Provider_unknown_failure)); } }
private static XmlNode GetAndRemoveAttribute(XmlNode node, string attrib, bool fRequired) { XmlNode a = node.Attributes.RemoveNamedItem(attrib); // If the attribute is required and was not present, throw if (fRequired && a == null) { throw new ConfigurationErrorsException( SecurityMessage.GetString(SecurityMessage.Missing_required_attribute, attrib, node.Name), node); } return(a); }
// We don't trim the param before checking with password parameters internal static void CheckPasswordParameter(ref string param, int maxSize, string paramName) { if (param == null) { throw new ArgumentNullException(paramName); } if (param.Length < 1) { throw new ArgumentException(SecurityMessage.GetString(SecurityMessage.Parameter_can_not_be_empty, paramName), paramName); } if (maxSize > 0 && param.Length > maxSize) { throw new ArgumentException(SecurityMessage.GetString(SecurityMessage.Parameter_too_long, paramName, maxSize.ToString(CultureInfo.InvariantCulture)), paramName); } }
public override string[] GetUsersInRole(string roleName) { string cmdText = "Aspnet_UsersInRoles_GetUsersInRoles"; SqlParameter[] parms = { CreateInputParam("@ApplicationName", SqlDbType.NVarChar, ApplicationName), CreateInputParam("@RoleName", SqlDbType.NVarChar, roleName), new SqlParameter("@ReturnValue", SqlDbType.Int) }; parms[2].Direction = ParameterDirection.ReturnValue; StringCollection sc = new StringCollection(); using (SqlDataReader reader = SqlHelper.ExecuteReader(SqlHelper.SqlProviderConnString, CommandType.StoredProcedure, cmdText, parms)) { if (reader != null && reader.HasRows) { while (reader.Read()) { sc.Add(reader.GetString(0)); } } } if (sc.Count < 1) { int returnValue = (int)parms[2].Value; switch (returnValue) { case 0: return(new string[0]); case 1: throw new ProviderException(SecurityMessage.GetString(SecurityMessage.Provider_role_not_found, roleName)); } throw new ProviderException(SecurityMessage.GetString(SecurityMessage.Provider_unknown_failure)); } String[] strReturn = new String[sc.Count]; sc.CopyTo(strReturn, 0); return(strReturn); }
internal static void GetPositiveOrInfiniteAttribute(NameValueCollection config, string attrib, string providerName, ref int val) { string s = config.Get(attrib); int t; if (s == null) { return; } if (s == "Infinite") { t = Infinite; } else { try { t = Convert.ToInt32(s, CultureInfo.InvariantCulture); } catch (Exception e) { if (e is ArgumentException || e is FormatException || e is OverflowException) { throw new ConfigurationErrorsException( SecurityMessage.GetString(SecurityMessage.Invalid_provider_positive_attributes, attrib, providerName)); } else { throw; } } if (t < 0) { throw new ConfigurationErrorsException( SecurityMessage.GetString(SecurityMessage.Invalid_provider_positive_attributes, attrib, providerName)); } } val = t; }
internal static bool GetBooleanValue(NameValueCollection config, string valueName, bool defaultValue) { string sValue = config[valueName]; if (sValue == null) { return(defaultValue); } bool result; if (bool.TryParse(sValue, out result)) { return(result); } else { throw new ProviderException(SecurityMessage.GetString(SecurityMessage.Value_must_be_boolean, valueName)); } }
public override bool IsUserInRole(string username, string roleName) { SecurityUtility.CheckParameter(ref roleName, true, true, true, 256, "roleName"); SecurityUtility.CheckParameter(ref username, true, false, true, 256, "username"); if (username.Length < 1) { return(false); } string cmdText = "dbo.Aspnet_UsersInRoles_IsUserInRole"; SqlParameter[] parms = { new SqlParameter("@ReturnValue", SqlDbType.Int), CreateInputParam("@ApplicationName", SqlDbType.NVarChar,ApplicationName), CreateInputParam("@UserName", SqlDbType.NVarChar,username), CreateInputParam("@RoleName", SqlDbType.NVarChar,roleName) }; parms[0].Direction = ParameterDirection.ReturnValue; SqlHelper.ExecuteNonQuery(SqlHelper.SqlProviderConnString, CommandType.StoredProcedure, cmdText, parms); int iStatus = (int)parms[0].Value; switch (iStatus) { case 0: return(false); case 1: return(true); case 2: return(false); // throw new ProviderException(SR.GetString(SR.Provider_user_not_found)); case 3: return(false); // throw new ProviderException(SR.GetString(SR.Provider_role_not_found, roleName)); } throw new ProviderException(SecurityMessage.GetString(SecurityMessage.Provider_unknown_failure)); }
internal static int GetIntValue(NameValueCollection config, string valueName, int defaultValue, bool zeroAllowed, int maxValueAllowed) { string sValue = config[valueName]; if (sValue == null) { return(defaultValue); } int iValue; if (!Int32.TryParse(sValue, out iValue)) { if (zeroAllowed) { throw new ProviderException(SecurityMessage.GetString(SecurityMessage.Value_must_be_non_negative_integer, valueName)); } throw new ProviderException(SecurityMessage.GetString(SecurityMessage.Value_must_be_positive_integer, valueName)); } if (zeroAllowed && iValue < 0) { throw new ProviderException(SecurityMessage.GetString(SecurityMessage.Value_must_be_non_negative_integer, valueName)); } if (!zeroAllowed && iValue <= 0) { throw new ProviderException(SecurityMessage.GetString(SecurityMessage.Value_must_be_positive_integer, valueName)); } if (maxValueAllowed > 0 && iValue > maxValueAllowed) { throw new ProviderException(SecurityMessage.GetString(SecurityMessage.Value_too_big, valueName, maxValueAllowed.ToString(CultureInfo.InvariantCulture))); } return(iValue); }
// input.Xml cursor must be at a true/false XML attribute private static XmlNode GetAndRemoveBooleanAttributeInternal(XmlNode node, string attrib, bool fRequired, ref bool val) { XmlNode a = GetAndRemoveAttribute(node, attrib, fRequired); if (a != null) { if (a.Value == "true") { val = true; } else if (a.Value == "false") { val = false; } else { throw new ConfigurationErrorsException( SecurityMessage.GetString(SecurityMessage.Invalid_boolean_attribute, a.Name), a); } } return(a); }
private ProfileInfoCollection GetProfilesForQuery(SqlParameter[] args, ProfileAuthenticationOption authenticationOption, int pageIndex, int pageSize, out int totalRecords) { if (pageIndex < 0) { throw new ArgumentException(SecurityMessage.GetString(SecurityMessage.PageIndex_bad), "pageIndex"); } if (pageSize < 1) { throw new ArgumentException(SecurityMessage.GetString(SecurityMessage.PageSize_bad), "pageSize"); } long upperBound = (long)pageIndex * pageSize + pageSize - 1; if (upperBound > Int32.MaxValue) { throw new ArgumentException(SecurityMessage.GetString(SecurityMessage.PageIndex_PageSize_bad), "pageIndex and pageSize"); } ParamsHelper parms = new ParamsHelper(); parms.Add(CreateInputParam("@ApplicationName", SqlDbType.NVarChar, ApplicationName)); parms.Add(CreateInputParam("@ProfileAuthOptions", SqlDbType.Int, (int)authenticationOption)); parms.Add(CreateInputParam("@PageIndex", SqlDbType.Int, pageIndex)); parms.Add(CreateInputParam("@PageSize", SqlDbType.Int, pageSize)); foreach (SqlParameter arg in args) { parms.Add(arg); } ProfileInfoCollection profiles = new ProfileInfoCollection(); totalRecords = 0; using (SqlDataReader reader = SqlHelper.ExecuteReader(SqlHelper.SqlProviderConnString, CommandType.StoredProcedure, "dbo.Aspnet_Profile_GetProfiles", parms.ToArray())) { if (reader != null) { while (reader.Read()) { string username; DateTime dtLastActivity, dtLastUpdated; bool isAnon; username = reader.GetString(0); isAnon = reader.GetBoolean(1); dtLastActivity = DateTime.SpecifyKind(reader.GetDateTime(2), DateTimeKind.Local); dtLastUpdated = DateTime.SpecifyKind(reader.GetDateTime(3), DateTimeKind.Local); int size = reader.GetInt32(4); profiles.Add(new ProfileInfo(username, isAnon, dtLastActivity, dtLastUpdated, size)); } totalRecords = profiles.Count; if (reader.NextResult()) { if (reader.Read()) { totalRecords = reader.GetInt32(0); } } } } return(profiles); }
internal static void CheckSchemaVersion(ProviderBase provider, SqlConnection connection, string[] features, string version, ref int schemaVersionCheck) { if (connection == null) { throw new ArgumentNullException("connection"); } if (features == null) { throw new ArgumentNullException("features"); } if (version == null) { throw new ArgumentNullException("version"); } if (schemaVersionCheck == -1) { throw new ProviderException(SecurityMessage.GetString(SecurityMessage.Provider_Schema_Version_Not_Match, provider.ToString(), version)); } else if (schemaVersionCheck == 0) { lock (provider) { if (schemaVersionCheck == -1) { throw new ProviderException(SecurityMessage.GetString(SecurityMessage.Provider_Schema_Version_Not_Match, provider.ToString(), version)); } else if (schemaVersionCheck == 0) { int iStatus = 0; SqlCommand cmd = null; SqlParameter p = null; foreach (string feature in features) { cmd = new SqlCommand("dbo.aspnet_CheckSchemaVersion", connection); cmd.CommandType = CommandType.StoredProcedure; p = new SqlParameter("@Feature", feature); cmd.Parameters.Add(p); p = new SqlParameter("@CompatibleSchemaVersion", version); cmd.Parameters.Add(p); p = new SqlParameter("@ReturnValue", SqlDbType.Int); p.Direction = ParameterDirection.ReturnValue; cmd.Parameters.Add(p); cmd.ExecuteNonQuery(); iStatus = ((p.Value != null) ? ((int)p.Value) : -1); if (iStatus != 0) { schemaVersionCheck = -1; throw new ProviderException(SecurityMessage.GetString(SecurityMessage.Provider_Schema_Version_Not_Match, provider.ToString(), version)); } } schemaVersionCheck = 1; } } } }