public override bool IsUserInRole(string username, string roleName)
{
SecUtility.CheckParameter(ref roleName, true, true, true, 0x100, "roleName");
SecUtility.CheckParameter(ref username, true, false, true, 0x100, "username");
if (username.Length < 1)
{
return(false);
}
try
{
SqlConnectionHolder connection = null;
try
{
connection = SqlConnectionHelper.GetConnection(_sqlConnectionString, true);
SqlCommand cmd = new SqlCommand("dbo.aspnet_UsersInRoles_IsUserInRole", connection.Connection)
{
CommandType = CommandType.StoredProcedure,
CommandTimeout = CommandTimeout
};
SqlParameter parameter = new SqlParameter("@ReturnValue", SqlDbType.Int)
{
Direction = ParameterDirection.ReturnValue
};
cmd.Parameters.Add(parameter);
cmd.Parameters.Add(CreateInputParam("@UserName", SqlDbType.NVarChar, username));
cmd.Parameters.Add(CreateInputParam("@RoleName", SqlDbType.NVarChar, roleName));
cmd.ExecuteNonQuery();
switch (GetReturnValue(cmd))
{
case 0:
return(false);
case 1:
return(true);
case 2:
return(false);
case 3:
return(false);
}
throw new ProviderException(Hidistro.Membership.ASPNETProvider.SR.GetString("Stored procedure call failed."));
}
finally
{
if (connection != null)
{
connection.Close();
connection = null;
}
}
}
catch
{
throw;
}
//return flag;
}
public override string[] GetUsersInRole(string roleName)
{
string[] userInRole;
SecUtility.CheckParameter(ref roleName, true, true, true, 0x100, "roleName");
try
{
SqlConnectionHolder connection = null;
try
{
connection = SqlConnectionHelper.GetConnection(_sqlConnectionString, true);
SqlCommand cmd = new SqlCommand("dbo.aspnet_UsersInRoles_GetUsersInRoles", connection.Connection);
SqlParameter parameter = new SqlParameter("@ReturnValue", SqlDbType.Int);
StringCollection strings = new StringCollection();
cmd.CommandType = CommandType.StoredProcedure;
cmd.CommandTimeout = CommandTimeout;
parameter.Direction = ParameterDirection.ReturnValue;
cmd.Parameters.Add(parameter);
cmd.Parameters.Add(CreateInputParam("@RoleName", SqlDbType.NVarChar, roleName));
using (SqlDataReader reader = cmd.ExecuteReader(CommandBehavior.SequentialAccess))
{
while (null != reader && reader.Read())
{
strings.Add(reader.GetString(0));
}
}
if (strings.Count < 1)
{
switch (GetReturnValue(cmd))
{
case 0:
return(new string[0]);
case 1:
throw new ProviderException(Hidistro.Membership.ASPNETProvider.SR.GetString("The role '{0}' was not found.", roleName));
}
throw new ProviderException(Hidistro.Membership.ASPNETProvider.SR.GetString("Stored procedure call failed."));
}
userInRole = new string[strings.Count];
strings.CopyTo(userInRole, 0);
}
finally
{
if (connection != null)
{
connection.Close();
connection = null;
}
}
}
catch
{
throw;
}
return(userInRole);
}
private static XmlNode GetAndRemoveNonEmptyStringAttributeInternal(XmlNode node, string attrib, bool fRequired, ref string string_0)
{
XmlNode andRemoveStringAttributeInternal = SecUtility.GetAndRemoveStringAttributeInternal(node, attrib, fRequired, ref string_0);
if (andRemoveStringAttributeInternal != null && string_0.Length == 0)
{
throw new ConfigurationErrorsException(SR.GetString("The '{0}' attribute cannot be an empty string.", attrib), andRemoveStringAttributeInternal);
}
return(andRemoveStringAttributeInternal);
}
private static XmlNode GetAndRemoveStringAttributeInternal(XmlNode node, string attrib, bool fRequired, ref string string_0)
{
XmlNode andRemoveAttribute = SecUtility.GetAndRemoveAttribute(node, attrib, fRequired);
if (andRemoveAttribute != null)
{
string_0 = andRemoveAttribute.Value;
}
return(andRemoveAttribute);
}
public override void Initialize(string name, NameValueCollection config)
{
if (config == null)
{
throw new ArgumentNullException("config");
}
if (string.IsNullOrEmpty(name))
{
name = "SqlRoleProvider";
}
if (string.IsNullOrEmpty(config["description"]))
{
config.Remove("description");
config.Add("description", Hidistro.Membership.ASPNETProvider.SR.GetString("SQL role provider."));
}
base.Initialize(name, config);
this._CommandTimeout = SecUtility.GetIntValue(config, "commandTimeout", 30, true, 0);
string specifiedConnectionString = config["connectionStringName"];
if ((specifiedConnectionString == null) || (specifiedConnectionString.Length < 1))
{
throw new ProviderException(Hidistro.Membership.ASPNETProvider.SR.GetString("The attribute 'connectionStringName' is missing or empty."));
}
this._sqlConnectionString = SqlConnectionHelper.GetConnectionString(specifiedConnectionString, true, true);
if ((this._sqlConnectionString == null) || (this._sqlConnectionString.Length < 1))
{
throw new ProviderException(Hidistro.Membership.ASPNETProvider.SR.GetString("The connection name '{0}' was not found in the applications configuration or the connection string is empty.", specifiedConnectionString));
}
this._AppName = config["applicationName"];
if (string.IsNullOrEmpty(this._AppName))
{
this._AppName = SecUtility.GetDefaultAppName();
}
if (this._AppName.Length > 0x100)
{
throw new ProviderException(Hidistro.Membership.ASPNETProvider.SR.GetString("The application name is too long."));
}
config.Remove("connectionStringName");
config.Remove("applicationName");
config.Remove("commandTimeout");
if (config.Count > 0)
{
string key = config.GetKey(0);
if (!string.IsNullOrEmpty(key))
{
throw new ProviderException(Hidistro.Membership.ASPNETProvider.SR.GetString("Attribute not recognized '{0}'", key));
}
}
}
public override bool RoleExists(string roleName)
{
SecUtility.CheckParameter(ref roleName, true, true, true, 256, "roleName");
bool result;
try
{
SqlConnectionHolder sqlConnectionHolder = null;
try
{
sqlConnectionHolder = SqlConnectionHelper.GetConnection(this._sqlConnectionString, true);
SqlCommand sqlCommand = new SqlCommand("dbo.aspnet_Roles_RoleExists", sqlConnectionHolder.Connection);
sqlCommand.CommandType = CommandType.StoredProcedure;
sqlCommand.CommandTimeout = this.CommandTimeout;
SqlParameter sqlParameter = new SqlParameter("@ReturnValue", SqlDbType.Int);
sqlParameter.Direction = ParameterDirection.ReturnValue;
sqlCommand.Parameters.Add(sqlParameter);
sqlCommand.Parameters.Add(this.CreateInputParam("@RoleName", SqlDbType.NVarChar, roleName));
sqlCommand.ExecuteNonQuery();
switch (this.GetReturnValue(sqlCommand))
{
case 0:
result = false;
break;
case 1:
result = true;
break;
default:
throw new ProviderException(SR.GetString("Stored procedure call failed."));
}
}
finally
{
if (sqlConnectionHolder != null)
{
sqlConnectionHolder.Close();
sqlConnectionHolder = null;
}
}
}
catch
{
throw;
}
return(result);
}
public override bool DeleteRole(string roleName, bool throwOnPopulatedRole)
{
bool flag;
SecUtility.CheckParameter(ref roleName, true, true, true, 0x100, "roleName");
try
{
SqlConnectionHolder connection = null;
try
{
connection = SqlConnectionHelper.GetConnection(_sqlConnectionString, true);
SqlCommand cmd = new SqlCommand("dbo.aspnet_Roles_DeleteRole", connection.Connection)
{
CommandType = CommandType.StoredProcedure,
CommandTimeout = CommandTimeout
};
SqlParameter parameter = new SqlParameter("@ReturnValue", SqlDbType.Int)
{
Direction = ParameterDirection.ReturnValue
};
cmd.Parameters.Add(parameter);
cmd.Parameters.Add(CreateInputParam("@RoleName", SqlDbType.NVarChar, roleName));
cmd.Parameters.Add(CreateInputParam("@DeleteOnlyIfRoleIsEmpty", SqlDbType.Bit, throwOnPopulatedRole ? 1 : 0));
cmd.ExecuteNonQuery();
int returnValue = GetReturnValue(cmd);
if (returnValue == 2)
{
throw new ProviderException(Hidistro.Membership.ASPNETProvider.SR.GetString("This role cannot be deleted because there are users present in it."));
}
flag = returnValue == 0;
}
finally
{
if (connection != null)
{
connection.Close();
connection = null;
}
}
}
catch
{
throw;
}
return(flag);
}
public override void CreateRole(string roleName)
{
SecUtility.CheckParameter(ref roleName, true, true, true, 0x100, "roleName");
try
{
SqlConnectionHolder connection = null;
try
{
connection = SqlConnectionHelper.GetConnection(_sqlConnectionString, true);
SqlCommand cmd = new SqlCommand("dbo.aspnet_Roles_CreateRole", connection.Connection)
{
CommandType = CommandType.StoredProcedure,
CommandTimeout = CommandTimeout
};
SqlParameter parameter = new SqlParameter("@ReturnValue", SqlDbType.Int)
{
Direction = ParameterDirection.ReturnValue
};
cmd.Parameters.Add(parameter);
cmd.Parameters.Add(CreateInputParam("@RoleName", SqlDbType.NVarChar, roleName));
cmd.ExecuteNonQuery();
switch (GetReturnValue(cmd))
{
case 0:
return;
case 1:
throw new ProviderException(Hidistro.Membership.ASPNETProvider.SR.GetString("The role '{0}' already exists.", roleName));
}
throw new ProviderException(Hidistro.Membership.ASPNETProvider.SR.GetString("Stored procedure call failed."));
}
finally
{
if (connection != null)
{
connection.Close();
connection = null;
}
}
}
catch
{
throw;
}
}
public override bool RoleExists(string roleName)
{
bool flag;
SecUtility.CheckParameter(ref roleName, true, true, true, 0x100, "roleName");
try
{
SqlConnectionHolder connection = null;
try
{
connection = SqlConnectionHelper.GetConnection(this._sqlConnectionString, true);
SqlCommand cmd = new SqlCommand("dbo.aspnet_Roles_RoleExists", connection.Connection);
cmd.CommandType = CommandType.StoredProcedure;
cmd.CommandTimeout = this.CommandTimeout;
SqlParameter parameter = new SqlParameter("@ReturnValue", SqlDbType.Int);
parameter.Direction = ParameterDirection.ReturnValue;
cmd.Parameters.Add(parameter);
cmd.Parameters.Add(this.CreateInputParam("@RoleName", SqlDbType.NVarChar, roleName));
cmd.ExecuteNonQuery();
switch (this.GetReturnValue(cmd))
{
case 0:
return(false);
case 1:
return(true);
}
throw new ProviderException(Hidistro.Membership.ASPNETProvider.SR.GetString("Stored procedure call failed."));
}
finally
{
if (connection != null)
{
connection.Close();
connection = null;
}
}
}
catch
{
throw;
}
return(flag);
}
public override bool DeleteRole(string roleName, bool throwOnPopulatedRole)
{
SecUtility.CheckParameter(ref roleName, true, true, true, 256, "roleName");
bool result;
try
{
SqlConnectionHolder sqlConnectionHolder = null;
try
{
sqlConnectionHolder = SqlConnectionHelper.GetConnection(this._sqlConnectionString, true);
SqlCommand sqlCommand = new SqlCommand("dbo.aspnet_Roles_DeleteRole", sqlConnectionHolder.Connection);
sqlCommand.CommandType = CommandType.StoredProcedure;
sqlCommand.CommandTimeout = this.CommandTimeout;
SqlParameter sqlParameter = new SqlParameter("@ReturnValue", SqlDbType.Int);
sqlParameter.Direction = ParameterDirection.ReturnValue;
sqlCommand.Parameters.Add(sqlParameter);
sqlCommand.Parameters.Add(this.CreateInputParam("@RoleName", SqlDbType.NVarChar, roleName));
sqlCommand.Parameters.Add(this.CreateInputParam("@DeleteOnlyIfRoleIsEmpty", SqlDbType.Bit, throwOnPopulatedRole ? 1 : 0));
sqlCommand.ExecuteNonQuery();
int returnValue = this.GetReturnValue(sqlCommand);
if (returnValue == 2)
{
throw new ProviderException(SR.GetString("This role cannot be deleted because there are users present in it."));
}
result = (returnValue == 0);
}
finally
{
if (sqlConnectionHolder != null)
{
sqlConnectionHolder.Close();
sqlConnectionHolder = null;
}
}
}
catch
{
throw;
}
return(result);
}
private static XmlNode GetAndRemoveBooleanAttributeInternal(XmlNode node, string attrib, bool fRequired, ref bool bool_0)
{
XmlNode andRemoveAttribute = SecUtility.GetAndRemoveAttribute(node, attrib, fRequired);
if (andRemoveAttribute != null)
{
if (andRemoveAttribute.Value == "true")
{
bool_0 = true;
}
else
{
if (!(andRemoveAttribute.Value == "false"))
{
throw new ConfigurationErrorsException(SR.GetString("The '{0}' attribute must be set to 'true' or 'false'.", andRemoveAttribute.Name), andRemoveAttribute);
}
bool_0 = false;
}
}
return(andRemoveAttribute);
}
internal static void CheckArrayParameter(ref string[] param, bool checkForNull, bool checkIfEmpty, bool checkForCommas, int maxSize, string paramName)
{
if (param == null)
{
throw new ArgumentNullException(paramName);
}
if (param.Length < 1)
{
throw new ArgumentException(SR.GetString("The array parameter '{0}' should not be empty.", paramName), paramName);
}
Hashtable hashtable = new Hashtable(param.Length);
for (int i = param.Length - 1; i >= 0; i--)
{
SecUtility.CheckParameter(ref param[i], checkForNull, checkIfEmpty, checkForCommas, maxSize, paramName + "[ " + i.ToString(CultureInfo.InvariantCulture) + " ]");
if (hashtable.Contains(param[i]))
{
throw new ArgumentException(SR.GetString("The array '{0}' should not contain duplicate values.", paramName), paramName);
}
hashtable.Add(param[i], param[i]);
}
}
internal static XmlNode GetAndRemoveBooleanAttribute(XmlNode node, string attrib, ref bool bool_0)
{
return(SecUtility.GetAndRemoveBooleanAttributeInternal(node, attrib, false, ref bool_0));
}
public override void RemoveUsersFromRoles(string[] usernames, string[] roleNames)
{
SecUtility.CheckArrayParameter(ref roleNames, true, true, true, 0x100, "roleNames");
SecUtility.CheckArrayParameter(ref usernames, true, true, true, 0x100, "usernames");
bool flag = false;
try
{
SqlConnectionHolder connection = null;
try
{
connection = SqlConnectionHelper.GetConnection(this._sqlConnectionString, true);
int length = usernames.Length;
while (length > 0)
{
string str = usernames[usernames.Length - length];
length--;
int index = usernames.Length - length;
while (index < usernames.Length)
{
if (((str.Length + usernames[index].Length) + 1) >= 0xfa0)
{
break;
}
str = str + "," + usernames[index];
length--;
index++;
}
int num3 = roleNames.Length;
while (num3 > 0)
{
string str2 = roleNames[roleNames.Length - num3];
num3--;
for (index = roleNames.Length - num3; index < roleNames.Length; index++)
{
if (((str2.Length + roleNames[index].Length) + 1) >= 0xfa0)
{
break;
}
str2 = str2 + "," + roleNames[index];
num3--;
}
if (!flag && ((length > 0) || (num3 > 0)))
{
new SqlCommand("BEGIN TRANSACTION", connection.Connection).ExecuteNonQuery();
flag = true;
}
this.RemoveUsersFromRolesCore(connection.Connection, str, str2);
}
}
if (flag)
{
new SqlCommand("COMMIT TRANSACTION", connection.Connection).ExecuteNonQuery();
flag = false;
}
}
catch
{
if (flag)
{
new SqlCommand("ROLLBACK TRANSACTION", connection.Connection).ExecuteNonQuery();
flag = false;
}
throw;
}
finally
{
if (connection != null)
{
connection.Close();
connection = null;
}
}
}
catch
{
throw;
}
}
public override void RemoveUsersFromRoles(string[] usernames, string[] roleNames)
{
SecUtility.CheckArrayParameter(ref roleNames, true, true, true, 256, "roleNames");
SecUtility.CheckArrayParameter(ref usernames, true, true, true, 256, "usernames");
bool flag = false;
try
{
SqlConnectionHolder sqlConnectionHolder = null;
try
{
sqlConnectionHolder = SqlConnectionHelper.GetConnection(this._sqlConnectionString, true);
int i = usernames.Length;
while (i > 0)
{
string text = usernames[usernames.Length - i];
i--;
int num = usernames.Length - i;
while (num < usernames.Length && text.Length + usernames[num].Length + 1 < 4000)
{
text = text + "," + usernames[num];
i--;
num++;
}
int j = roleNames.Length;
while (j > 0)
{
string text2 = roleNames[roleNames.Length - j];
j--;
num = roleNames.Length - j;
while (num < roleNames.Length && text2.Length + roleNames[num].Length + 1 < 4000)
{
text2 = text2 + "," + roleNames[num];
j--;
num++;
}
if (!flag && (i > 0 || j > 0))
{
new SqlCommand("BEGIN TRANSACTION", sqlConnectionHolder.Connection).ExecuteNonQuery();
flag = true;
}
this.RemoveUsersFromRolesCore(sqlConnectionHolder.Connection, text, text2);
}
}
if (flag)
{
new SqlCommand("COMMIT TRANSACTION", sqlConnectionHolder.Connection).ExecuteNonQuery();
flag = false;
}
}
catch
{
if (flag)
{
new SqlCommand("ROLLBACK TRANSACTION", sqlConnectionHolder.Connection).ExecuteNonQuery();
flag = false;
}
throw;
}
finally
{
if (sqlConnectionHolder != null)
{
sqlConnectionHolder.Close();
sqlConnectionHolder = null;
}
}
}
catch
{
throw;
}
}
public override string[] GetRolesForUser(string username)
{
string[] strArray2;
SecUtility.CheckParameter(ref username, true, false, true, 0x100, "username");
if (username.Length < 1)
{
return(new string[0]);
}
try
{
SqlConnectionHolder connection = null;
try
{
connection = SqlConnectionHelper.GetConnection(this._sqlConnectionString, true);
SqlCommand cmd = new SqlCommand("dbo.aspnet_UsersInRoles_GetRolesForUser", connection.Connection);
SqlParameter parameter = new SqlParameter("@ReturnValue", SqlDbType.Int);
SqlDataReader reader = null;
StringCollection strings = new StringCollection();
cmd.CommandType = CommandType.StoredProcedure;
cmd.CommandTimeout = this.CommandTimeout;
parameter.Direction = ParameterDirection.ReturnValue;
cmd.Parameters.Add(parameter);
cmd.Parameters.Add(this.CreateInputParam("@UserName", SqlDbType.NVarChar, username));
try
{
reader = cmd.ExecuteReader(CommandBehavior.SequentialAccess);
while (reader.Read())
{
strings.Add(reader.GetString(0));
}
}
catch
{
throw;
}
finally
{
if (reader != null)
{
reader.Close();
}
}
if (strings.Count > 0)
{
string[] array = new string[strings.Count];
strings.CopyTo(array, 0);
return(array);
}
switch (this.GetReturnValue(cmd))
{
case 0:
return(new string[0]);
case 1:
return(new string[0]);
}
throw new ProviderException(Hidistro.Membership.ASPNETProvider.SR.GetString("Stored procedure call failed."));
}
finally
{
if (connection != null)
{
connection.Close();
connection = null;
}
}
}
catch
{
throw;
}
return(strArray2);
}
internal static void GetAndRemovePositiveAttribute(NameValueCollection config, string attrib, string providerName, ref int int_0)
{
SecUtility.GetPositiveAttribute(config, attrib, providerName, ref int_0);
config.Remove(attrib);
}
internal static bool IsRelativeUrl(string virtualPath)
{
return(virtualPath.IndexOf(":", StringComparison.Ordinal) == -1 && !SecUtility.IsRooted(virtualPath));
}
internal static XmlNode GetAndRemoveStringAttribute(XmlNode node, string attrib, ref string string_0)
{
return(SecUtility.GetAndRemoveStringAttributeInternal(node, attrib, false, ref string_0));
}
public override string[] FindUsersInRole(string roleName, string usernameToMatch)
{
SecUtility.CheckParameter(ref roleName, true, true, true, 256, "roleName");
SecUtility.CheckParameter(ref usernameToMatch, true, true, false, 256, "usernameToMatch");
string[] result;
try
{
SqlConnectionHolder sqlConnectionHolder = null;
try
{
sqlConnectionHolder = SqlConnectionHelper.GetConnection(this._sqlConnectionString, true);
SqlCommand sqlCommand = new SqlCommand("dbo.aspnet_UsersInRoles_FindUsersInRole", sqlConnectionHolder.Connection);
SqlDataReader sqlDataReader = null;
SqlParameter sqlParameter = new SqlParameter("@ReturnValue", SqlDbType.Int);
StringCollection stringCollection = new StringCollection();
sqlCommand.CommandType = CommandType.StoredProcedure;
sqlCommand.CommandTimeout = this.CommandTimeout;
sqlParameter.Direction = ParameterDirection.ReturnValue;
sqlCommand.Parameters.Add(sqlParameter);
sqlCommand.Parameters.Add(this.CreateInputParam("@RoleName", SqlDbType.NVarChar, roleName));
sqlCommand.Parameters.Add(this.CreateInputParam("@UserNameToMatch", SqlDbType.NVarChar, usernameToMatch));
try
{
sqlDataReader = sqlCommand.ExecuteReader(CommandBehavior.SequentialAccess);
while (sqlDataReader.Read())
{
stringCollection.Add(sqlDataReader.GetString(0));
}
}
catch
{
throw;
}
finally
{
if (sqlDataReader != null)
{
sqlDataReader.Close();
}
}
if (stringCollection.Count < 1)
{
switch (this.GetReturnValue(sqlCommand))
{
case 0:
result = new string[0];
break;
case 1:
throw new ProviderException(SR.GetString("The role '{0}' was not found.", roleName));
default:
throw new ProviderException(SR.GetString("Stored procedure call failed."));
}
}
else
{
string[] array = new string[stringCollection.Count];
stringCollection.CopyTo(array, 0);
result = array;
}
}
finally
{
if (sqlConnectionHolder != null)
{
sqlConnectionHolder.Close();
sqlConnectionHolder = null;
}
}
}
catch
{
throw;
}
return(result);
}
internal static bool IsAbsolutePhysicalPath(string path)
{
return(path != null && path.Length >= 3 && ((path[1] == ':' && SecUtility.IsDirectorySeparatorChar(path[2])) || SecUtility.IsUncSharePath(path)));
}
internal static bool IsUncSharePath(string path)
{
return(path.Length > 2 && SecUtility.IsDirectorySeparatorChar(path[0]) && SecUtility.IsDirectorySeparatorChar(path[1]));
}