/// <devdoc>
/// </devdoc>
internal static SqlConnectionHolder GetConnection(string connectionString, bool revertImpersonation)
{
string strTempConnection = connectionString.ToUpperInvariant();
//Commented out for source code release.
//if (strTempConnection.Contains(s_strUpperDataDirWithToken))
// EnsureSqlExpressDBFile( connectionString );
SqlConnectionHolder holder = new SqlConnectionHolder(connectionString);
bool closeConn = true;
try
{
try
{
holder.Open(null, revertImpersonation);
closeConn = false;
}
finally
{
if (closeConn)
{
holder.Close();
holder = null;
}
}
}
catch
{
throw;
}
return(holder);
}
//////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////
public override bool IsUserInRole(string username, string roleName)
{
SecUtility.CheckParameter(ref roleName, true, true, true, 256, "roleName");
SecUtility.CheckParameter(ref username, true, false, true, 256, "username");
if (username.Length < 1)
{
return(false);
}
try {
SqlConnectionHolder holder = null;
try {
holder = SqlConnectionHelper.GetConnection(_sqlConnectionString, true);
CheckSchemaVersion(holder.Connection);
SqlCommand cmd = new SqlCommand("dbo.aspnet_UsersInRoles_IsUserInRole", holder.Connection);
cmd.CommandType = CommandType.StoredProcedure;
cmd.CommandTimeout = CommandTimeout;
SqlParameter p = new SqlParameter("@ReturnValue", SqlDbType.Int);
p.Direction = ParameterDirection.ReturnValue;
cmd.Parameters.Add(p);
cmd.Parameters.Add(CreateInputParam("@ApplicationName", SqlDbType.NVarChar, ApplicationName));
cmd.Parameters.Add(CreateInputParam("@UserName", SqlDbType.NVarChar, username));
cmd.Parameters.Add(CreateInputParam("@RoleName", SqlDbType.NVarChar, roleName));
cmd.ExecuteNonQuery();
int iStatus = GetReturnValue(cmd);
switch (iStatus)
{
case 0:
return(false);
case 1:
return(true);
case 2:
return(false);
// throw new ProviderException(SR.GetString(SR.Provider_user_not_found));
case 3:
return(false); // throw new ProviderException(SR.GetString(SR.Provider_role_not_found, roleName));
}
throw new ProviderException(SR.GetString(SR.Provider_unknown_failure));
}
finally
{
if (holder != null)
{
holder.Close();
holder = null;
}
}
}
catch
{
throw;
}
}
//////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////
public override string [] GetAllRoles()
{
try {
SqlConnectionHolder holder = null;
try {
holder = SqlConnectionHelper.GetConnection(_sqlConnectionString, true);
CheckSchemaVersion(holder.Connection);
SqlCommand cmd = new SqlCommand("dbo.aspnet_Roles_GetAllRoles", holder.Connection);
StringCollection sc = new StringCollection();
SqlParameter p = new SqlParameter("@ReturnValue", SqlDbType.Int);
SqlDataReader reader = null;
cmd.CommandType = CommandType.StoredProcedure;
cmd.CommandTimeout = CommandTimeout;
p.Direction = ParameterDirection.ReturnValue;
cmd.Parameters.Add(p);
cmd.Parameters.Add(CreateInputParam("@ApplicationName", SqlDbType.NVarChar, ApplicationName));
try {
reader = cmd.ExecuteReader(CommandBehavior.SequentialAccess);
while (reader.Read())
{
sc.Add(reader.GetString(0));
}
}
catch
{
throw;
}
finally
{
if (reader != null)
{
reader.Close();
}
}
String [] strReturn = new String [sc.Count];
sc.CopyTo(strReturn, 0);
return(strReturn);
}
finally
{
if (holder != null)
{
holder.Close();
holder = null;
}
}
}
catch
{
throw;
}
}
//////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////
public override void CreateRole(string roleName)
{
SecUtility.CheckParameter(ref roleName, true, true, true, 256, "roleName");
try {
SqlConnectionHolder holder = null;
try {
holder = SqlConnectionHelper.GetConnection(_sqlConnectionString, true);
CheckSchemaVersion(holder.Connection);
SqlCommand cmd = new SqlCommand("dbo.aspnet_Roles_CreateRole", holder.Connection);
cmd.CommandType = CommandType.StoredProcedure;
cmd.CommandTimeout = CommandTimeout;
SqlParameter p = new SqlParameter("@ReturnValue", SqlDbType.Int);
p.Direction = ParameterDirection.ReturnValue;
cmd.Parameters.Add(p);
cmd.Parameters.Add(CreateInputParam("@ApplicationName", SqlDbType.NVarChar, ApplicationName));
cmd.Parameters.Add(CreateInputParam("@RoleName", SqlDbType.NVarChar, roleName));
cmd.ExecuteNonQuery();
int returnValue = GetReturnValue(cmd);
switch (returnValue)
{
case 0:
return;
case 1:
throw new ProviderException(SR.GetString(SR.Provider_role_already_exists, roleName));
default:
throw new ProviderException(SR.GetString(SR.Provider_unknown_failure));
}
}
finally
{
if (holder != null)
{
holder.Close();
holder = null;
}
}
}
catch
{
throw;
}
}
//////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////
public override bool DeleteRole(string roleName, bool throwOnPopulatedRole)
{
SecUtility.CheckParameter(ref roleName, true, true, true, 256, "roleName");
try {
SqlConnectionHolder holder = null;
try {
holder = SqlConnectionHelper.GetConnection(_sqlConnectionString, true);
CheckSchemaVersion(holder.Connection);
SqlCommand cmd = new SqlCommand("dbo.aspnet_Roles_DeleteRole", holder.Connection);
cmd.CommandType = CommandType.StoredProcedure;
cmd.CommandTimeout = CommandTimeout;
SqlParameter p = new SqlParameter("@ReturnValue", SqlDbType.Int);
p.Direction = ParameterDirection.ReturnValue;
cmd.Parameters.Add(p);
cmd.Parameters.Add(CreateInputParam("@ApplicationName", SqlDbType.NVarChar, ApplicationName));
cmd.Parameters.Add(CreateInputParam("@RoleName", SqlDbType.NVarChar, roleName));
cmd.Parameters.Add(CreateInputParam("@DeleteOnlyIfRoleIsEmpty", SqlDbType.Bit, throwOnPopulatedRole ? 1 : 0));
cmd.ExecuteNonQuery();
int returnValue = GetReturnValue(cmd);
if (returnValue == 2)
{
throw new ProviderException(SR.GetString(SR.Role_is_not_empty));
}
return(returnValue == 0);
}
finally
{
if (holder != null)
{
holder.Close();
holder = null;
}
}
}
catch
{
throw;
}
}
//////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////
public override string[] FindUsersInRole(string roleName, string usernameToMatch)
{
SecUtility.CheckParameter(ref roleName, true, true, true, 256, "roleName");
SecUtility.CheckParameter(ref usernameToMatch, true, true, false, 256, "usernameToMatch");
try {
SqlConnectionHolder holder = null;
try {
holder = SqlConnectionHelper.GetConnection(_sqlConnectionString, true);
CheckSchemaVersion(holder.Connection);
SqlCommand cmd = new SqlCommand("dbo.aspnet_UsersInRoles_FindUsersInRole", holder.Connection);
SqlDataReader reader = null;
SqlParameter p = new SqlParameter("@ReturnValue", SqlDbType.Int);
StringCollection sc = new StringCollection();
cmd.CommandType = CommandType.StoredProcedure;
cmd.CommandTimeout = CommandTimeout;
p.Direction = ParameterDirection.ReturnValue;
cmd.Parameters.Add(p);
cmd.Parameters.Add(CreateInputParam("@ApplicationName", SqlDbType.NVarChar, ApplicationName));
cmd.Parameters.Add(CreateInputParam("@RoleName", SqlDbType.NVarChar, roleName));
cmd.Parameters.Add(CreateInputParam("@UserNameToMatch", SqlDbType.NVarChar, usernameToMatch));
try {
reader = cmd.ExecuteReader(CommandBehavior.SequentialAccess);
while (reader.Read())
{
sc.Add(reader.GetString(0));
}
}
catch
{
throw;
}
finally
{
if (reader != null)
{
reader.Close();
}
}
if (sc.Count < 1)
{
switch (GetReturnValue(cmd))
{
case 0:
return(new string[0]);
case 1:
throw new ProviderException(SR.GetString(SR.Provider_role_not_found, roleName));
default:
throw new ProviderException(SR.GetString(SR.Provider_unknown_failure));
}
}
String[] strReturn = new String[sc.Count];
sc.CopyTo(strReturn, 0);
return(strReturn);
}
finally
{
if (holder != null)
{
holder.Close();
holder = null;
}
}
}
catch
{
throw;
}
}
//////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////
public override void RemoveUsersFromRoles(string[] usernames, string[] roleNames)
{
SecUtility.CheckArrayParameter(ref roleNames, true, true, true, 256, "roleNames");
SecUtility.CheckArrayParameter(ref usernames, true, true, true, 256, "usernames");
bool beginTranCalled = false;
try {
SqlConnectionHolder holder = null;
try
{
holder = SqlConnectionHelper.GetConnection(_sqlConnectionString, true);
CheckSchemaVersion(holder.Connection);
int numUsersRemaing = usernames.Length;
while (numUsersRemaing > 0)
{
int iter;
string allUsers = usernames[usernames.Length - numUsersRemaing];
numUsersRemaing--;
for (iter = usernames.Length - numUsersRemaing; iter < usernames.Length; iter++)
{
if (allUsers.Length + usernames[iter].Length + 1 >= 4000)
{
break;
}
allUsers += "," + usernames[iter];
numUsersRemaing--;
}
int numRolesRemaining = roleNames.Length;
while (numRolesRemaining > 0)
{
string allRoles = roleNames[roleNames.Length - numRolesRemaining];
numRolesRemaining--;
for (iter = roleNames.Length - numRolesRemaining; iter < roleNames.Length; iter++)
{
if (allRoles.Length + roleNames[iter].Length + 1 >= 4000)
{
break;
}
allRoles += "," + roleNames[iter];
numRolesRemaining--;
}
//
// Note: ADO.NET 2.0 introduced the TransactionScope class - in your own code you should use TransactionScope
// rather than explicitly managing transactions with the TSQL BEGIN/COMMIT/ROLLBACK statements.
//
if (!beginTranCalled && (numUsersRemaing > 0 || numRolesRemaining > 0))
{
(new SqlCommand("BEGIN TRANSACTION", holder.Connection)).ExecuteNonQuery();
beginTranCalled = true;
}
RemoveUsersFromRolesCore(holder.Connection, allUsers, allRoles);
}
}
if (beginTranCalled)
{
(new SqlCommand("COMMIT TRANSACTION", holder.Connection)).ExecuteNonQuery();
beginTranCalled = false;
}
} catch {
if (beginTranCalled)
{
(new SqlCommand("ROLLBACK TRANSACTION", holder.Connection)).ExecuteNonQuery();
beginTranCalled = false;
}
throw;
} finally {
if (holder != null)
{
holder.Close();
holder = null;
}
}
} catch {
throw;
}
}