///////////////////////////////////////////////////////////////////////////// ///////////////////////////////////////////////////////////////////////////// public override int GetNumberOfInactiveProfiles(ProfileAuthenticationOption authenticationOption, DateTime userInactiveSinceDate) { try { AccessConnectionHolder holder = AccessConnectionHelper.GetConnection(_DatabaseFileName, true); try { string sqlQuery = @"SELECT COUNT(*) FROM aspnet_Users u, aspnet_Profile p " + @"WHERE ApplicationId = @AppId AND LastActivityDate <= @LastActivityDate AND u.UserId = p.UserId" + GetClauseForAuthenticationOptions(authenticationOption); OleDbCommand cmd = new OleDbCommand(sqlQuery, holder.Connection); cmd.Parameters.Add(new OleDbParameter("@AppId", GetApplicationId(holder))); cmd.Parameters.Add(CreateDateTimeOleDbParameter("@LastActivityDate", userInactiveSinceDate)); return((int)cmd.ExecuteScalar()); } catch (Exception e) { throw AccessConnectionHelper.GetBetterException(e, holder); } finally { holder.Close(); } } catch { throw; } }
///////////////////////////////////////////////////////////////////////////// ///////////////////////////////////////////////////////////////////////////// public override int DeleteInactiveProfiles(ProfileAuthenticationOption authenticationOption, DateTime userInactiveSinceDate) { try { AccessConnectionHolder holder = AccessConnectionHelper.GetConnection(_DatabaseFileName, true); try { string inClause = @"SELECT UserId FROM aspnet_Users " + @"WHERE ApplicationId = @AppId AND LastActivityDate <= @LastActivityDate " + GetClauseForAuthenticationOptions(authenticationOption); string sqlQuery = @"DELETE FROM aspnet_Profile WHERE UserId IN (" + inClause + ")"; OleDbCommand cmd = new OleDbCommand(sqlQuery, holder.Connection); cmd.Parameters.Add(new OleDbParameter("@AppId", GetApplicationId(holder))); cmd.Parameters.Add(CreateDateTimeOleDbParameter("@LastActivityDate", userInactiveSinceDate)); return(cmd.ExecuteNonQuery()); } catch (Exception e) { throw AccessConnectionHelper.GetBetterException(e, holder); } finally { holder.Close(); } } catch { throw; } }
//////////////////////////////////////////////////////////// //////////////////////////////////////////////////////////// private void GetPropertyValuesFromDatabase(string username, SettingsPropertyValueCollection svc) { try { AccessConnectionHolder holder = AccessConnectionHelper.GetConnection(_DatabaseFileName, true); string[] names = null; string values = null; OleDbDataReader reader = null; //////////////////////////////////////////////////////////// // Step 1: Get Values from DB try { int appId = GetApplicationId(holder); int userId = AccessConnectionHelper.GetUserID(holder.Connection, appId, username, false); if (userId != 0) { // User exists? OleDbCommand cmd = new OleDbCommand(@"SELECT PropertyNames, PropertyValuesString " + @"FROM aspnet_Profile " + @"WHERE UserId = @UserId", holder.Connection); cmd.Parameters.Add(new OleDbParameter("@UserId", userId)); reader = cmd.ExecuteReader(); if (reader.Read()) { names = reader.GetString(0).Split(':'); values = reader.GetString(1); } try { // Not a critical part -- don't throw exceptions here cmd = new OleDbCommand(@"UPDATE aspnet_Users SET LastActivityDate=@LastActivityDate WHERE UserId = @UserId", holder.Connection); cmd.Parameters.Add(CreateDateTimeOleDbParameter("@LastActivityDate", DateTime.Now)); cmd.Parameters.Add(new OleDbParameter("@UserId", userId)); cmd.ExecuteNonQuery(); } catch { } } } catch (Exception e) { throw AccessConnectionHelper.GetBetterException(e, holder); } finally { if (reader != null) { reader.Close(); } holder.Close(); } if (names != null && names.Length > 0) { ParseDataFromDB(names, values, new byte[0], svc); } } catch { throw; } }
public static string[] GetRolesForAuthorization(string authorizationname) { SecUtility.CheckParameter(ref authorizationname, true, false, true, 255, "authorizationname"); if (authorizationname.Length < 1) { return(new string[0]); } AccessConnectionHolder holder = AccessConnectionHelper.GetConnection(_DatabaseFileName, true); OleDbConnection connection = holder.Connection; OleDbDataReader reader = null; try { try { int appId = GetApplicationId(holder); int authorizationId = GetAuthorizationId(connection, appId, authorizationname); if (authorizationId == 0) { return(new string[0]); } OleDbCommand command; StringCollection sc = new StringCollection(); String[] strReturn; command = new OleDbCommand(@"SELECT RoleName FROM aspnet_AuthorizationsInRoles ar, aspnet_Roles r " + @"WHERE ar.AuthorizationId = @AuthorizationId AND ar.RoleId = r.RoleId " + @"ORDER BY RoleName", connection); command.Parameters.Add(new OleDbParameter("@AuthorizationId", authorizationId)); reader = command.ExecuteReader(CommandBehavior.SequentialAccess); while (reader.Read()) { sc.Add(reader.GetString(0)); } strReturn = new String[sc.Count]; sc.CopyTo(strReturn, 0); return(strReturn); } catch (Exception e) { throw AccessConnectionHelper.GetBetterException(e, holder); } finally { if (reader != null) { reader.Close(); } holder.Close(); } } catch { throw; } }
private OleDbParameter CreateDateTimeOleDbParameter(string parameterName, DateTime dt) { OleDbParameter p = new OleDbParameter(parameterName, OleDbType.DBTimeStamp); p.Direction = ParameterDirection.Input; p.Value = AccessConnectionHelper.RoundToSeconds(dt); return(p); }
public static bool IsRoleInAuthorization(string rolename, string authorizationName) { SecUtility.CheckParameter(ref rolename, true, false, true, 255, "rolename"); if (rolename.Length < 1) { return(false); } SecUtility.CheckParameter(ref authorizationName, true, true, true, 255, "authorizationName"); AccessConnectionHolder holder = AccessConnectionHelper.GetConnection(_DatabaseFileName, true); OleDbConnection connection = holder.Connection; try { try { int appId = GetApplicationId(holder); int roleId = GetRoleId(connection, appId, rolename); int authorizationId = GetAuthorizationId(connection, appId, authorizationName); OleDbCommand command; if (roleId == 0) { return(false); } if (authorizationId == 0) { return(false); } command = new OleDbCommand(@"SELECT UserId FROM aspnet_UsersInRoles WHERE RoleId = @RoleId AND AuthorizationId = @AuthorizationId", connection); command.Parameters.Add(new OleDbParameter("@RoleId", roleId)); command.Parameters.Add(new OleDbParameter("@AuthorizationId", authorizationId)); object result = command.ExecuteScalar(); if (result == null || !(result is int) || ((int)result) != roleId) { return(false); } return(true); } catch (Exception e) { throw AccessConnectionHelper.GetBetterException(e, holder); } finally { holder.Close(); } } catch { throw; } }
////////////////////////////////////////////////////////////////////// ////////////////////////////////////////////////////////////////////// ////////////////////////////////////////////////////////////////////// public static string[] FindAuthorizationsInRole(string roleName, string authorizationnameToMatch) { SecUtility.CheckParameter(ref roleName, true, true, true, 255, "roleName"); SecUtility.CheckParameter(ref authorizationnameToMatch, true, true, false, 255, "authorizationnameToMatch"); StringCollection sc = new StringCollection(); AccessConnectionHolder holder = AccessConnectionHelper.GetConnection(_DatabaseFileName, true); OleDbDataReader reader = null; OleDbConnection connection = holder.Connection; try { try { int appId = GetApplicationId(holder); int roleId = GetRoleId(connection, appId, roleName); OleDbCommand command; if (roleId == 0) { throw new ProviderException("Role not found " + roleName); } command = new OleDbCommand(@"SELECT AuthorizationName " + @"FROM aspnet_AuthorizationsInRoles ar, aspnet_Authorizations a " + @"WHERE ar.RoleId = @RoleId AND ar.AuthorizationId = a.AuthorizationId AND A.AuthorizationName LIKE '%'+@AuthorizationNameToMatch+'%' " + @"ORDER BY UserName", connection); command.Parameters.Add(new OleDbParameter("@RoleId", roleId)); command.Parameters.Add(new OleDbParameter("@AuthorizationNameToMatch", authorizationnameToMatch)); reader = command.ExecuteReader(CommandBehavior.SequentialAccess); while (reader.Read()) { sc.Add((string)reader.GetString(0)); } } catch (Exception e) { throw AccessConnectionHelper.GetBetterException(e, holder); } finally { if (reader != null) { reader.Close(); } holder.Close(); } } catch { throw; } string[] allUsers = new string[sc.Count]; sc.CopyTo(allUsers, 0); return(allUsers); }
//////////////////////////////////////////////////////////// // Public properties public override void Initialize(string name, NameValueCollection config) { if (name == null || name.Length < 1) { name = "AccessProfileProvider"; } if (string.IsNullOrEmpty(config["description"])) { config.Remove("description"); config.Add("description", "$safeprojectname$ Profile Provider"); } base.Initialize(name, config); if (config == null) { throw new ArgumentNullException("config"); } _DatabaseFileName = config["connectionStringName"]; if (_DatabaseFileName == null || _DatabaseFileName.Length < 1) { throw new ProviderException("Connection name not specified"); } string temp = AccessConnectionHelper.GetFileNameFromConnectionName(_DatabaseFileName, true); if (temp == null || temp.Length < 1) { throw new ProviderException("Connection string not found" + _DatabaseFileName); } _DatabaseFileName = temp; //HandlerBase.CheckAndReadRegistryValue(ref _DatabaseFileName, true); AccessConnectionHelper.CheckConnectionString(_DatabaseFileName); _AppName = config["applicationName"]; if (string.IsNullOrEmpty(_AppName)) { _AppName = SecUtility.GetDefaultAppName(); } if (_AppName.Length > 255) { throw new ProviderException("ApplicationName exceeded max length of " + 255); } //_Description = config["description"]; config.Remove("connectionStringName"); config.Remove("applicationName"); config.Remove("description"); if (config.Count > 0) { string attribUnrecognized = config.GetKey(0); if (!String.IsNullOrEmpty(attribUnrecognized)) { throw new ProviderException("Unrecognized attribute: " + attribUnrecognized); } } }
////////////////////////////////////////////////////////////////////// ////////////////////////////////////////////////////////////////////// ////////////////////////////////////////////////////////////////////// public override string[] GetUsersInRole(string roleName) { SecUtility.CheckParameter(ref roleName, true, true, true, 255, "roleName"); StringCollection sc = new StringCollection(); String[] strReturn; AccessConnectionHolder holder = AccessConnectionHelper.GetConnection(_DatabaseFileName, true); OleDbDataReader reader = null; OleDbConnection connection = holder.Connection; try { try { int appId = GetApplicationId(holder); int roleId = GetRoleId(connection, appId, roleName); OleDbCommand command; if (roleId == 0) { throw new ProviderException("Role not found: " + roleName); } command = new OleDbCommand(@"SELECT UserName " + @"FROM aspnet_UsersInRoles ur, aspnet_Users u " + @"WHERE ur.RoleId = @RoleId AND ur.UserId = u.UserId " + @"ORDER BY UserName", connection); command.Parameters.Add(new OleDbParameter("@RoleId", roleId)); reader = command.ExecuteReader(CommandBehavior.SequentialAccess); while (reader.Read()) { sc.Add(reader.GetString(0)); } } catch (Exception e) { throw AccessConnectionHelper.GetBetterException(e, holder); } finally { if (reader != null) { reader.Close(); } holder.Close(); } } catch { throw; } strReturn = new String[sc.Count]; sc.CopyTo(strReturn, 0); return(strReturn); }
protected override void LoadPersonalizationBlobs(WebPartManager webPartManager, string path, string userName, ref byte[] sharedDataBlob, ref byte[] userDataBlob) { sharedDataBlob = null; userDataBlob = null; AccessConnectionHolder connectionHolder = null; OleDbConnection connection = null; try { try { connectionHolder = GetConnectionHolder(); connection = connectionHolder.Connection; int applicationID = GetApplicationID(connectionHolder); if (applicationID != 0) { int pathID = AccessConnectionHelper.GetPathID(connection, applicationID, path); if (pathID != 0) { string sharedDataValue = LoadPersonalizationBlob(connection, pathID); sharedDataBlob = Deserialize(sharedDataValue); if (userName != null) { int userID = AccessConnectionHelper.GetUserID(connection, applicationID, userName); if (userID != 0) { string userDataValue = LoadPersonalizationBlob(connection, pathID, userID); userDataBlob = Deserialize(userDataValue); } } } } } finally { if (connectionHolder != null) { connectionHolder.Close(); connectionHolder = null; } } } catch { throw; } }
protected override void SavePersonalizationBlob(WebPartManager webPartManager, string path, string userName, byte[] dataBlob) { AccessConnectionHolder connectionHolder = null; OleDbConnection connection = null; try { try { string blobValue = Serialize(dataBlob); connectionHolder = GetConnectionHolder(); connection = connectionHolder.Connection; int applicationID = GetApplicationID(connectionHolder); if (applicationID != 0) { int pathID = AccessConnectionHelper.GetPathID(connection, applicationID, path, /* createIfNeeded */ true); if (pathID != 0) { if (String.IsNullOrEmpty(userName)) { SavePersonalizationBlob(connection, pathID, blobValue); } else { int userID = AccessConnectionHelper.GetUserID(connection, applicationID, userName, /* createIfNeeded */ true); if (userID != 0) { SavePersonalizationBlob(connection, pathID, userID, blobValue); } } } } } finally { if (connectionHolder != null) { connectionHolder.Close(); connectionHolder = null; } } } catch { throw; } }
protected override void ResetPersonalizationBlob(WebPartManager webPartManager, string path, string userName) { AccessConnectionHolder connectionHolder = null; OleDbConnection connection = null; try { try { connectionHolder = GetConnectionHolder(); connection = connectionHolder.Connection; int applicationID = GetApplicationID(connectionHolder); if (applicationID != 0) { int pathID = AccessConnectionHelper.GetPathID(connection, applicationID, path); if (pathID != 0) { if (String.IsNullOrEmpty(userName)) { ResetPersonalizationBlob(connection, pathID); } else { int userID = AccessConnectionHelper.GetUserID(connection, applicationID, userName); if (userID != 0) { ResetPersonalizationBlob(connection, pathID, userID); } } } } } finally { if (connectionHolder != null) { connectionHolder.Close(); connectionHolder = null; } } } catch { throw; } }
///////////////////////////////////////////////////////////////////////////// ///////////////////////////////////////////////////////////////////////////// public override int DeleteProfiles(string[] usernames) { SecUtility.CheckArrayParameter(ref usernames, true, true, true, 255, "usernames"); try { AccessConnectionHolder holder = AccessConnectionHelper.GetConnection(_DatabaseFileName, true); int numDeleted = 0; bool fBeginTransCalled = false; try { OleDbCommand cmd = new OleDbCommand("BEGIN TRANSACTION", holder.Connection); cmd.ExecuteNonQuery(); fBeginTransCalled = true; int appId = GetApplicationId(holder); foreach (string username in usernames) { if (DeleteProfile(holder, username, appId)) { numDeleted++; } } cmd = new OleDbCommand("COMMIT TRANSACTION", holder.Connection); cmd.ExecuteNonQuery(); fBeginTransCalled = false; } catch (Exception e) { throw AccessConnectionHelper.GetBetterException(e, holder); } finally { if (fBeginTransCalled) { try { OleDbCommand command = new OleDbCommand("ROLLBACK TRANSACTION", holder.Connection); command.ExecuteNonQuery(); } catch { } } holder.Close(); } return(numDeleted); } catch { throw; } }
///////////////////////////////////////////////////////////////////////////// ///////////////////////////////////////////////////////////////////////////// private bool DeleteProfile(AccessConnectionHolder holder, string username, int appId) { SecUtility.CheckParameter(ref username, true, true, true, 255, "username"); int userId = AccessConnectionHelper.GetUserID(holder.Connection, appId, username, false); if (userId == 0) { return(false); } OleDbCommand cmd = new OleDbCommand(@"DELETE FROM aspnet_Profile WHERE UserId = @UserId", holder.Connection); cmd.Parameters.Add(new OleDbParameter("@UserId", userId)); return(cmd.ExecuteNonQuery() != 0); }
private AccessConnectionHolder GetConnectionHolder() { OleDbConnection connection = null; AccessConnectionHolder connectionHolder = AccessConnectionHelper.GetConnection(_databaseFileName, true); if (connectionHolder != null) { connection = connectionHolder.Connection; } if (connection == null) { throw new ProviderException("PersonalizationProvider cannot access: " + Name); } return(connectionHolder); }
////////////////////////////////////////////////////////////////////// ////////////////////////////////////////////////////////////////////// ////////////////////////////////////////////////////////////////////// public static string[] GetAllAuthorizations() { AccessConnectionHolder holder = AccessConnectionHelper.GetConnection(_DatabaseFileName, true); OleDbConnection connection = holder.Connection; OleDbDataReader reader = null; try { try { int appId = GetApplicationId(holder); OleDbCommand command; StringCollection sc = new StringCollection(); String[] strReturn = null; command = new OleDbCommand(@"SELECT AuthorizationName FROM aspnet_Authorizations WHERE ApplicationId = @AppId ORDER BY RoleName", connection); command.Parameters.Add(new OleDbParameter("@AppId", appId)); reader = command.ExecuteReader(CommandBehavior.SequentialAccess); while (reader.Read()) { sc.Add(reader.GetString(0)); } strReturn = new String[sc.Count]; sc.CopyTo(strReturn, 0); return(strReturn); } catch (Exception e) { throw AccessConnectionHelper.GetBetterException(e, holder); } finally { if (reader != null) { reader.Close(); } holder.Close(); } } catch { throw; } }
private static int GetApplicationId(AccessConnectionHolder holder) { if (_ApplicationId != 0 && holder.CreateDate < _ApplicationIDCacheDate) // Already cached? { return(_ApplicationId); } string appName = _AppName; if (appName.Length > 255) { appName = appName.Substring(0, 255); } _ApplicationId = AccessConnectionHelper.GetApplicationID(holder.Connection, appName, true); _ApplicationIDCacheDate = DateTime.Now; if (_ApplicationId != 0) { return(_ApplicationId); } throw new ProviderException("Provider Error"); }
public override void Initialize(string name, NameValueCollection configSettings) { base.Initialize(name, configSettings); // If not available, the default value is set in the get accessor of ApplicationName _applicationName = configSettings["applicationName"]; if (_applicationName != null) { configSettings.Remove("applicationName"); if (_applicationName.Length > MaxStringLength) { throw new ProviderException("ApplicationName exceeded max length of " + MaxStringLength); } } string connectionStringName = configSettings["connectionStringName"]; if (String.IsNullOrEmpty(connectionStringName)) { throw new ProviderException("No connection string specified."); } configSettings.Remove("connectionStringName"); string databaseFileName = AccessConnectionHelper.GetFileNameFromConnectionName(connectionStringName, true); if (String.IsNullOrEmpty(databaseFileName)) { throw new ProviderException("Bad connection string: " + connectionStringName); } _databaseFileName = databaseFileName; if (configSettings.Count > 0) { string invalidAttributeName = configSettings.GetKey(0); throw new ProviderException("Unknown attribute: " + invalidAttributeName + name); } }
private int GetApplicationID(AccessConnectionHolder holder) { if (_applicationID != 0 && holder.CreateDate < _applicationIDCacheDate) { return(_applicationID); } string appName = ApplicationName; if (appName.Length > MaxStringLength) { appName = appName.Substring(0, MaxStringLength); } _applicationID = AccessConnectionHelper.GetApplicationID(holder.Connection, appName, true); _applicationIDCacheDate = DateTime.Now; if (_applicationID == 0) { throw new ProviderException("Failed to get ApplicationID"); } return(_applicationID); }
////////////////////////////////////////////////////////////////////// ////////////////////////////////////////////////////////////////////// ////////////////////////////////////////////////////////////////////// public static bool RoleExists(string authorizationName) { try { SecUtility.CheckParameter(ref authorizationName, true, true, true, 255, "authorizationName"); } catch { return(false); } AccessConnectionHolder holder = AccessConnectionHelper.GetConnection(_DatabaseFileName, true); OleDbConnection connection = holder.Connection; try { try { int appId = GetApplicationId(holder); int authorizationId = GetAuthorizationId(connection, appId, authorizationName); return(authorizationId != 0); } catch (Exception e) { throw AccessConnectionHelper.GetBetterException(e, holder); } finally { holder.Close(); } } catch { throw; } }
////////////////////////////////////////////////////////////////////// ////////////////////////////////////////////////////////////////////// ////////////////////////////////////////////////////////////////////// public override bool DeleteRole(string roleName, bool throwOnPopulatedRole) { SecUtility.CheckParameter(ref roleName, true, true, true, 255, "roleName"); AccessConnectionHolder holder = AccessConnectionHelper.GetConnection(_DatabaseFileName, true); OleDbConnection connection = holder.Connection; bool fBeginTransCalled = false; try { try { int appId = GetApplicationId(holder); OleDbCommand command; int roleId = GetRoleId(connection, appId, roleName); if (roleId == 0) { return(false); } if (throwOnPopulatedRole) { command = new OleDbCommand(@"SELECT COUNT(*) " + @"FROM aspnet_UsersInRoles ur, aspnet_Users u " + @"WHERE ur.RoleId = @RoleId AND ur.UserId = u.UserId", connection); command.Parameters.Add(new OleDbParameter("@RoleId", roleId)); object num = command.ExecuteScalar(); if (!(num is int) || ((int)num) != 0) { throw new ProviderException("Role is not empty"); } } command = new OleDbCommand("BEGIN TRANSACTION", connection); command.ExecuteNonQuery(); fBeginTransCalled = true; command = new OleDbCommand(@"DELETE FROM aspnet_Roles WHERE RoleId = @RoleId", connection); command.Parameters.Add(new OleDbParameter("@RoleId", roleId)); int returnValue = command.ExecuteNonQuery(); command = new OleDbCommand("COMMIT TRANSACTION", connection); command.ExecuteNonQuery(); fBeginTransCalled = false; return(returnValue == 1); } catch (Exception e) { if (fBeginTransCalled) { try { OleDbCommand command = new OleDbCommand("ROLLBACK TRANSACTION", connection); command.ExecuteNonQuery(); } catch { } } throw AccessConnectionHelper.GetBetterException(e, holder); } finally { holder.Close(); } } catch { throw; } }
//////////////////////////////////////////////////////////// //////////////////////////////////////////////////////////// //////////////////////////////////////////////////////////// public override void SetPropertyValues(SettingsContext sc, SettingsPropertyValueCollection properties) { try { string username = (string)sc["UserName"]; bool userIsAuthenticated = (bool)sc["IsAuthenticated"]; if (username == null || username.Length < 1 || properties.Count < 1) { return; } string names = String.Empty; string values = String.Empty; byte[] buf = null; PrepareDataForSaving(ref names, ref values, ref buf, false, properties, userIsAuthenticated); if (names.Length == 0) { return; } //////////////////////////////////////////////////////////// // Step 2: Store strings in DB AccessConnectionHolder holder = AccessConnectionHelper.GetConnection(_DatabaseFileName, true); bool fBeginTransCalled = false; try { OleDbCommand cmd = new OleDbCommand("BEGIN TRANSACTION", holder.Connection); cmd.ExecuteNonQuery(); fBeginTransCalled = true; int appId = GetApplicationId(holder); int userId = AccessConnectionHelper.GetUserID(holder.Connection, appId, username, true, !userIsAuthenticated); if (userId == 0) { // User not creatable return; } cmd = new OleDbCommand(@"SELECT UserId FROM aspnet_Profile WHERE UserId = @UserId", holder.Connection); cmd.Parameters.Add(new OleDbParameter("@UserId", userId)); object result = cmd.ExecuteScalar(); if (result != null && (result is int) && ((int)result) == userId) { cmd = new OleDbCommand(@"UPDATE aspnet_Profile SET PropertyNames = @PropertyNames, PropertyValuesString = @PropertyValuesString, LastUpdatedDate = @LastUpdatedDate WHERE UserId = @UserId", holder.Connection); cmd.Parameters.Add(new OleDbParameter("@PropertyNames", names)); cmd.Parameters.Add(new OleDbParameter("@PropertyValuesString", values)); cmd.Parameters.Add(CreateDateTimeOleDbParameter("@LastUpdatedDate", DateTime.Now)); cmd.Parameters.Add(new OleDbParameter("@UserId", userId)); } else { cmd = new OleDbCommand(@"INSERT INTO aspnet_Profile (UserId, PropertyNames, PropertyValuesString, LastUpdatedDate) VALUES (@UserId, @PropertyNames, @PropertyValuesString, @LastUpdatedDate)", holder.Connection); cmd.Parameters.Add(new OleDbParameter("@UserId", userId)); cmd.Parameters.Add(new OleDbParameter("@PropertyNames", names)); cmd.Parameters.Add(new OleDbParameter("@PropertyValuesString", values)); cmd.Parameters.Add(CreateDateTimeOleDbParameter("@LastUpdatedDate", DateTime.Now)); } cmd.ExecuteNonQuery(); try { // Not a critical part -- don't throw exceptions here cmd = new OleDbCommand(@"UPDATE aspnet_Users SET LastActivityDate=@LastActivityDate WHERE UserId = @UserId", holder.Connection); cmd.Parameters.Add(CreateDateTimeOleDbParameter("@LastActivityDate", DateTime.Now)); cmd.Parameters.Add(new OleDbParameter("@UserId", userId)); cmd.ExecuteNonQuery(); } catch { } cmd = new OleDbCommand("COMMIT TRANSACTION", holder.Connection); cmd.ExecuteNonQuery(); fBeginTransCalled = false; } catch (Exception e) { throw AccessConnectionHelper.GetBetterException(e, holder); } finally { if (fBeginTransCalled) { try { OleDbCommand command = new OleDbCommand("ROLLBACK TRANSACTION", holder.Connection); command.ExecuteNonQuery(); } catch { } } holder.Close(); } } catch { throw; } }
///////////////////////////////////////////////////////////////////////////// ///////////////////////////////////////////////////////////////////////////// ///////////////////////////////////////////////////////////////////////////// ///////////////////////////////////////////////////////////////////////////// // Mangement APIs from ProfileProvider class public override int DeleteProfiles(ProfileInfoCollection profiles) { if (profiles == null) { throw new ArgumentNullException("profiles"); } if (profiles.Count < 1) { throw new ArgumentException("Profiles collection is empty", "profiles"); } foreach (ProfileInfo pi in profiles) { string username = pi.UserName; SecUtility.CheckParameter(ref username, true, true, true, 255, "UserName"); } try { AccessConnectionHolder holder = AccessConnectionHelper.GetConnection(_DatabaseFileName, true); bool fBeginTransCalled = false; int numDeleted = 0; try { OleDbCommand cmd = new OleDbCommand("BEGIN TRANSACTION", holder.Connection); cmd.ExecuteNonQuery(); fBeginTransCalled = true; int appId = GetApplicationId(holder); foreach (ProfileInfo profile in profiles) { if (DeleteProfile(holder, profile.UserName.Trim(), appId)) { numDeleted++; } } cmd = new OleDbCommand("COMMIT TRANSACTION", holder.Connection); cmd.ExecuteNonQuery(); fBeginTransCalled = false; } catch (Exception e) { throw AccessConnectionHelper.GetBetterException(e, holder); } finally { if (fBeginTransCalled) { try { OleDbCommand command = new OleDbCommand("ROLLBACK TRANSACTION", holder.Connection); command.ExecuteNonQuery(); } catch { } } holder.Close(); } return(numDeleted); } catch { throw; } }
///////////////////////////////////////////////////////////////////////////// ///////////////////////////////////////////////////////////////////////////// // Private methods ///////////////////////////////////////////////////////////////////////////// ///////////////////////////////////////////////////////////////////////////// private ProfileInfoCollection GetProfilesForQuery(string sqlQuery, OleDbParameter[] args, int pageIndex, int pageSize, out int totalRecords) { if (pageIndex < 0) { throw new ArgumentException("Page index must be non-negative", "pageIndex"); } if (pageSize < 1) { throw new ArgumentException("Page size must be positive", "pageSize"); } long lBound = (long)pageIndex * pageSize; long uBound = lBound + pageSize - 1; if (uBound > System.Int32.MaxValue) { throw new ArgumentException("pageIndex*pageSize too large"); } try { AccessConnectionHolder holder = AccessConnectionHelper.GetConnection(_DatabaseFileName, true); ProfileInfoCollection profiles = new ProfileInfoCollection(); OleDbDataReader reader = null; try { OleDbCommand cmd = new OleDbCommand(sqlQuery, holder.Connection); cmd.Parameters.Add(new OleDbParameter("@AppId", GetApplicationId(holder))); int len = args.Length; for (int iter = 0; iter < len; iter++) { cmd.Parameters.Add(args[iter]); } reader = cmd.ExecuteReader(CommandBehavior.SequentialAccess); totalRecords = 0; while (reader.Read()) { totalRecords++; if (totalRecords - 1 < lBound || totalRecords - 1 > uBound) { continue; } string username; DateTime dtLastActivity, dtLastUpdated; bool isAnon; username = reader.GetString(0); isAnon = reader.GetBoolean(1); dtLastActivity = reader.GetDateTime(2); dtLastUpdated = reader.GetDateTime(3); int size = reader.GetInt32(4); profiles.Add(new ProfileInfo(username, isAnon, dtLastActivity, dtLastUpdated, size)); } return(profiles); } catch (Exception e) { throw AccessConnectionHelper.GetBetterException(e, holder); } finally { if (reader != null) { reader.Close(); } holder.Close(); } } catch { throw; } }
////////////////////////////////////////////////////////////////////// ////////////////////////////////////////////////////////////////////// ////////////////////////////////////////////////////////////////////// public static void RemoveAuthorizationsFromRoles(string[] authorizationnames, string[] roleNames) { SecUtility.CheckArrayParameter(ref roleNames, true, true, true, 255, "roleNames"); SecUtility.CheckArrayParameter(ref authorizationnames, true, true, true, 255, "authorizationnames"); AccessConnectionHolder holder = AccessConnectionHelper.GetConnection(_DatabaseFileName, true); OleDbConnection connection = holder.Connection; bool fBeginTransCalled = false; try { try { int appId = GetApplicationId(holder); int[] authorizationIds = new int[authorizationnames.Length]; int[] roleIds = new int[roleNames.Length]; OleDbCommand command; command = new OleDbCommand("BEGIN TRANSACTION", connection); command.ExecuteNonQuery(); fBeginTransCalled = true; for (int iterA = 0; iterA < authorizationnames.Length; iterA++) { authorizationIds[iterA] = GetAuthorizationId(connection, appId, authorizationnames[iterA]); if (authorizationIds[iterA] == 0) { throw new ProviderException("Authorization not found: " + authorizationnames[iterA]); } } for (int iterR = 0; iterR < roleNames.Length; iterR++) { roleIds[iterR] = GetRoleId(connection, appId, roleNames[iterR]); if (roleIds[iterR] == 0) { throw new ProviderException("Role not found: " + roleNames[iterR]); } } for (int iterA = 0; iterA < authorizationnames.Length; iterA++) { for (int iterR = 0; iterR < roleNames.Length; iterR++) { command = new OleDbCommand(@"SELECT AuthorizationId FROM aspnet_AuthorizationsInRoles WHERE AuthorizationId = @AuthorizationId AND RoleId = @RoleId", connection); command.Parameters.Add(new OleDbParameter("@AuthorizationId", authorizationIds[iterA])); command.Parameters.Add(new OleDbParameter("@RoleId", roleIds[iterR])); object result = command.ExecuteScalar(); if (result == null || !(result is int) || ((int)result) != authorizationIds[iterA]) { // doesn't exist! throw new ProviderException("The Authorization " + authorizationnames[iterA] + " is already not in role " + roleNames[iterR]); } } } for (int iterA = 0; iterA < authorizationnames.Length; iterA++) { for (int iterR = 0; iterR < roleNames.Length; iterR++) { command = new OleDbCommand(@"DELETE FROM aspnet_AuthorizationsInRoles WHERE AuthorizationId = @AuthorizationId AND RoleId = @RoleId", connection); command.Parameters.Add(new OleDbParameter("@AuthorizationId", authorizationIds[iterA])); command.Parameters.Add(new OleDbParameter("@RoleId", roleIds[iterR])); if (command.ExecuteNonQuery() != 1) { throw new ProviderException("Unknown failure"); } } } command = new OleDbCommand("COMMIT TRANSACTION", connection); command.ExecuteNonQuery(); } catch (Exception e) { try { if (fBeginTransCalled) { OleDbCommand command = new OleDbCommand("ROLLBACK TRANSACTION", connection); command.ExecuteNonQuery(); } } catch { } throw AccessConnectionHelper.GetBetterException(e, holder); } finally { holder.Close(); } } catch { throw; } }
////////////////////////////////////////////////////////////////////// ////////////////////////////////////////////////////////////////////// ////////////////////////////////////////////////////////////////////// public static bool DeleteRole(string authorizationName, bool throwOnPopulatedAuthorization) { SecUtility.CheckParameter(ref authorizationName, true, true, true, 255, "authorizationName"); AccessConnectionHolder holder = AccessConnectionHelper.GetConnection(_DatabaseFileName, true); OleDbConnection connection = holder.Connection; bool fBeginTransCalled = false; try { try { int appId = GetApplicationId(holder); OleDbCommand command; int authorizationId = GetAuthorizationId(connection, appId, authorizationName); if (authorizationId == 0) { return(false); } if (throwOnPopulatedAuthorization) { command = new OleDbCommand(@"SELECT COUNT(*) " + @"FROM aspnet_AuthorizationsInRoles ar, aspnet_Authorizations a " + @"WHERE ar.AuthorizationId = @AuthorizationId AND ar.AuthorizationId = a.AuthorizationId", connection); command.Parameters.Add(new OleDbParameter("@AuthorizationId", authorizationId)); object num = command.ExecuteScalar(); if (!(num is int) || ((int)num) != 0) { throw new ProviderException("Authorization is not empty"); } } else { command = new OleDbCommand("BEGIN TRANSACTION", connection); command.ExecuteNonQuery(); fBeginTransCalled = true; command = new OleDbCommand(@"DELETE FROM aspnet_AuthorizationsInRoles WHERE AuthorizationId = @AuthorizationId", connection); command.Parameters.Add(new OleDbParameter("@AuthorizationId", authorizationId)); /*int returnValue =*/ command.ExecuteNonQuery(); command = new OleDbCommand("COMMIT TRANSACTION", connection); command.ExecuteNonQuery(); fBeginTransCalled = false; } command = new OleDbCommand("BEGIN TRANSACTION", connection); command.ExecuteNonQuery(); fBeginTransCalled = true; command = new OleDbCommand(@"DELETE FROM aspnet_Authorizations WHERE AuthorizationId = @AuthorizationId", connection); command.Parameters.Add(new OleDbParameter("@AuthorizationId", authorizationId)); int returnValue = command.ExecuteNonQuery(); command = new OleDbCommand("COMMIT TRANSACTION", connection); command.ExecuteNonQuery(); fBeginTransCalled = false; return(returnValue == 1); } catch (Exception e) { if (fBeginTransCalled) { try { OleDbCommand command = new OleDbCommand("ROLLBACK TRANSACTION", connection); command.ExecuteNonQuery(); } catch { } } throw AccessConnectionHelper.GetBetterException(e, holder); } finally { holder.Close(); } } catch { throw; } }
////////////////////////////////////////////////////////////////////// ////////////////////////////////////////////////////////////////////// ////////////////////////////////////////////////////////////////////// public override void AddUsersToRoles(string[] usernames, string[] roleNames) { SecUtility.CheckArrayParameter(ref roleNames, true, true, true, 255, "roleNames"); SecUtility.CheckArrayParameter(ref usernames, true, true, true, 255, "usernames"); AccessConnectionHolder holder = AccessConnectionHelper.GetConnection(_DatabaseFileName, true); OleDbConnection connection = holder.Connection; bool fBeginTransCalled = false; try { try { int appId = GetApplicationId(holder); int[] userIds = new int[usernames.Length]; int[] roleIds = new int[roleNames.Length]; OleDbCommand command; for (int iterR = 0; iterR < roleNames.Length; iterR++) { roleIds[iterR] = GetRoleId(connection, appId, roleNames[iterR]); if (roleIds[iterR] == 0) { throw new ProviderException("Provider role not found: " + roleNames[iterR]); } } for (int iterU = 0; iterU < usernames.Length; iterU++) { userIds[iterU] = AccessConnectionHelper.GetUserID(connection, appId, usernames[iterU], false); } command = new OleDbCommand("BEGIN TRANSACTION", connection); command.ExecuteNonQuery(); fBeginTransCalled = true; for (int iterU = 0; iterU < usernames.Length; iterU++) { if (userIds[iterU] == 0) { continue; } for (int iterR = 0; iterR < roleNames.Length; iterR++) { command = new OleDbCommand(@"SELECT UserId FROM aspnet_UsersInRoles WHERE UserId = @UserId AND RoleId = @RoleId", connection); command.Parameters.Add(new OleDbParameter("@UserId", userIds[iterU])); command.Parameters.Add(new OleDbParameter("@RoleId", roleIds[iterR])); object result = command.ExecuteScalar(); if (result != null && (result is int) && ((int)result) == userIds[iterU]) { // Exists! throw new ProviderException("The user " + usernames[iterU] + " is already in role " + roleNames[iterR]); } } } for (int iterU = 0; iterU < usernames.Length; iterU++) { if (userIds[iterU] == 0) { userIds[iterU] = AccessConnectionHelper.GetUserID(connection, appId, usernames[iterU], true); } if (userIds[iterU] == 0) { throw new ProviderException("User not found: " + usernames[iterU]); } } for (int iterU = 0; iterU < usernames.Length; iterU++) { for (int iterR = 0; iterR < roleNames.Length; iterR++) { command = new OleDbCommand(@"INSERT INTO aspnet_UsersInRoles (UserId, RoleId) VALUES(@UserId, @RoleId)", connection); command.Parameters.Add(new OleDbParameter("@UserId", userIds[iterU])); command.Parameters.Add(new OleDbParameter("@RoleId", roleIds[iterR])); if (command.ExecuteNonQuery() != 1) { throw new ProviderException("Unknown provider failure"); } } } command = new OleDbCommand("COMMIT TRANSACTION", connection); command.ExecuteNonQuery(); } catch (Exception e) { try { if (fBeginTransCalled) { OleDbCommand command = new OleDbCommand("ROLLBACK TRANSACTION", connection); command.ExecuteNonQuery(); } } catch { } throw AccessConnectionHelper.GetBetterException(e, holder); } finally { holder.Close(); } } catch { throw; } }
public static void CreateRole(string authorizationName) { SecUtility.CheckParameter(ref authorizationName, true, true, true, 255, "authorizationName"); AccessConnectionHolder holder = AccessConnectionHelper.GetConnection(_DatabaseFileName, true); OleDbConnection connection = holder.Connection; bool fBeginTransCalled = false; try { try { int appId = GetApplicationId(holder); OleDbCommand command; int authorizationId = GetAuthorizationId(connection, appId, authorizationName); if (authorizationId != 0) { throw new ProviderException("Provider role already exists: " + authorizationName); } command = new OleDbCommand("BEGIN TRANSACTION", connection); command.ExecuteNonQuery(); fBeginTransCalled = true; command = new OleDbCommand(@"INSERT INTO aspnet_Authorizations (ApplicationId, AuthorizationName) VALUES (@AppId, @AName)", connection); command.Parameters.Add(new OleDbParameter("@AppId", appId)); command.Parameters.Add(new OleDbParameter("@AName", authorizationName)); int returnValue = command.ExecuteNonQuery(); command = new OleDbCommand("COMMIT TRANSACTION", connection); command.ExecuteNonQuery(); fBeginTransCalled = false; if (returnValue == 1) { return; } throw new ProviderException("Unknown provider failure"); } catch (Exception e) { if (fBeginTransCalled) { try { OleDbCommand command = new OleDbCommand("ROLLBACK TRANSACTION", connection); command.ExecuteNonQuery(); } catch { } } throw AccessConnectionHelper.GetBetterException(e, holder); } finally { holder.Close(); } } catch { throw; } }
private int ResetUserStatePerUsers(string path, string[] usernames) { int count = 0; AccessConnectionHolder connectionHolder = null; OleDbConnection connection = null; bool beginTransCalled = false; try { try { connectionHolder = GetConnectionHolder(); connection = connectionHolder.Connection; int applicationID = GetApplicationID(connectionHolder); if (applicationID != 0) { OleDbCommand command = new OleDbCommand(null, connection); OleDbParameter userIdParam = command.Parameters.Add(new OleDbParameter("@UserId", OleDbType.Integer)); string fromAndWhereClause = " FROM aspnet_PagePersonalizationPerUser WHERE UserId = @UserId"; if (!String.IsNullOrEmpty(path)) { int pathId = AccessConnectionHelper.GetPathID(connection, applicationID, path); fromAndWhereClause += " AND PathId = @PathId"; command.Parameters.Add(new OleDbParameter("@PathId", pathId)); } string selectCommandText = "SELECT COUNT(*)" + fromAndWhereClause; string deleteCommandText = "DELETE" + fromAndWhereClause; OleDbCommand transCommand = new OleDbCommand("BEGIN TRANSACTION", connection); transCommand.ExecuteNonQuery(); beginTransCalled = true; foreach (string username in usernames) { command.CommandText = selectCommandText; userIdParam.Value = AccessConnectionHelper.GetUserID(connection, applicationID, username); int numOfRecords = (int)command.ExecuteScalar(); if (numOfRecords > 0) { command.CommandText = deleteCommandText; command.ExecuteNonQuery(); count += numOfRecords; } } transCommand.CommandText = "COMMIT TRANSACTION"; transCommand.ExecuteNonQuery(); } } catch { try { if (beginTransCalled) { OleDbCommand rollbackCommand = new OleDbCommand("ROLLBACK TRANSACTION", connection); rollbackCommand.ExecuteNonQuery(); } } catch { } throw; } finally { if (connectionHolder != null) { connectionHolder.Close(); connectionHolder = null; } } } catch { throw; } return(count); }
private int ResetStatePerPaths(string tableName, string[] paths) { if (paths == null || paths.Length == 0) { return(0); } int count = 0; AccessConnectionHolder connectionHolder = null; OleDbConnection connection = null; bool beginTransCalled = false; try { try { connectionHolder = GetConnectionHolder(); connection = connectionHolder.Connection; int applicationID = GetApplicationID(connectionHolder); if (applicationID != 0) { string fromAndWhereClause = " FROM " + tableName + " WHERE PathId = @PathId"; string selectCommandText = "SELECT COUNT(*)" + fromAndWhereClause; string deleteCommandText = "DELETE" + fromAndWhereClause; OleDbCommand command = new OleDbCommand(null, connection); OleDbParameter pathParam = command.Parameters.Add(new OleDbParameter("@PathId", OleDbType.Integer)); OleDbCommand transCommand = new OleDbCommand("BEGIN TRANSACTION", connection); transCommand.ExecuteNonQuery(); beginTransCalled = true; foreach (string path in paths) { command.CommandText = selectCommandText; pathParam.Value = AccessConnectionHelper.GetPathID(connection, applicationID, path); int numOfRecords = (int)command.ExecuteScalar(); if (numOfRecords > 0) { command.CommandText = deleteCommandText; command.ExecuteNonQuery(); count += numOfRecords; } } transCommand.CommandText = "COMMIT TRANSACTION"; transCommand.ExecuteNonQuery(); } } catch { try { if (beginTransCalled) { OleDbCommand rollbackCommand = new OleDbCommand("ROLLBACK TRANSACTION", connection); rollbackCommand.ExecuteNonQuery(); } } catch { } throw; } finally { if (connectionHolder != null) { connectionHolder.Close(); connectionHolder = null; } } } catch { throw; } return(count); }