internal static ClientData GetUserClientData(string username, bool useIsolatedStore)
{
if (username != _curUserName) {
_curUserName = username;
_userClientData = ClientData.Load(username, useIsolatedStore);
}
return _userClientData;
}
internal static ClientData GetAppClientData(bool useIsolatedStore)
{
if (_applicationClientData == null)
_applicationClientData = ClientData.Load(null, useIsolatedStore);
return _applicationClientData;
}
internal static ClientData Load(string username, bool useIsolatedStorage)
{
ClientData cd = null;
string fileName = null;
if (useIsolatedStorage) {
fileName = _IsolatedDir + "\\" + SqlHelper.GetPartialDBFileName(username, ".clientdata");
try {
using(IsolatedStorageFile f = IsolatedStorageFile.GetUserStoreForAssembly()) {
using(IsolatedStorageFileStream fs = new IsolatedStorageFileStream(fileName, FileMode.Open, f)) {
using (XmlReader xr = XmlReader.Create(fs)) {
cd = new ClientData(xr);
}
}
}
} catch {} // ignore exceptions
} else {
fileName = SqlHelper.GetFullDBFileName(username, ".clientdata");
try {
if (File.Exists(fileName)) {
using (FileStream fs = new FileStream(fileName, FileMode.Open, FileAccess.Read)) {
using (XmlReader xr = XmlReader.Create(fs)) {
cd = new ClientData(xr);
}
}
}
} catch {} // ignore exceptions
}
if (cd == null)
cd = new ClientData();
cd.UsingIsolatedStorage = useIsolatedStorage;
cd.FileName = fileName;
return cd;
}
/////////////////////////////////////////////////////////////////////////////////
/////////////////////////////////////////////////////////////////////////////////
/////////////////////////////////////////////////////////////////////////////////
private bool GetRolesFromDBForUser(string username)
{
_Roles = null;
_CacheExpiryDate = DateTime.UtcNow;
_CurrentUser = username;
// if (MustAssertForSql)
// (new PermissionSet(PermissionState.Unrestricted)).Assert();
if (_UsingFileSystemStore || _UsingIsolatedStore)
{
ClientData cd = ClientDataManager.GetUserClientData(username, _UsingIsolatedStore);
if (cd.Roles == null)
{
return(false);
}
_Roles = cd.Roles;
_CacheExpiryDate = cd.RolesCachedDateUtc.AddMinutes(_CacheTimeout);
if (!ConnectivityStatus.IsOffline && _CacheExpiryDate < DateTime.UtcNow) // expired roles
{
return(false);
}
return(true);
}
using (DbConnection conn = SqlHelper.GetConnection(_CurrentUser, _ConnectionString, _ConnectionStringProvider)) {
DbTransaction trans = null;
try {
trans = conn.BeginTransaction();
DbCommand cmd = conn.CreateCommand();
cmd.Transaction = trans;
cmd.CommandText = "SELECT PropertyValue FROM UserProperties WHERE PropertyName = @RolesCachedDate";
SqlHelper.AddParameter(conn, cmd, "@RolesCachedDate", "RolesCachedDate_" + _CurrentUser);
string date = cmd.ExecuteScalar() as string;
if (date == null) // not cached
{
return(false);
}
long filetime = long.Parse(date, CultureInfo.InvariantCulture);
_CacheExpiryDate = DateTime.FromFileTimeUtc(filetime).AddMinutes(_CacheTimeout);
if (!ConnectivityStatus.IsOffline && _CacheExpiryDate < DateTime.UtcNow) // expired roles
{
return(false);
}
cmd = conn.CreateCommand();
cmd.Transaction = trans;
cmd.CommandText = "SELECT RoleName FROM Roles WHERE UserName = @UserName ORDER BY RoleName";
SqlHelper.AddParameter(conn, cmd, "@UserName", _CurrentUser);
ArrayList al = new ArrayList();
using (DbDataReader reader = cmd.ExecuteReader()) {
while (reader.Read())
{
al.Add(reader.GetString(0));
}
}
_Roles = new string[al.Count];
for (int iter = 0; iter < al.Count; iter++)
{
_Roles[iter] = (string)al[iter];
}
return(true);
} catch {
if (trans != null)
{
trans.Rollback();
trans = null;
}
throw;
} finally {
if (trans != null)
{
trans.Commit();
}
}
}
}
/////////////////////////////////////////////////////////////////////////////////
/////////////////////////////////////////////////////////////////////////////////
/////////////////////////////////////////////////////////////////////////////////
private void StoreHashedPasswordInDB(string username, string password)
{
if (!_SavePasswordHash)
{
return;
}
// if (MustAssertForSql)
// (new PermissionSet(PermissionState.Unrestricted)).Assert();
byte[] buf = new byte[16];
(new RNGCryptoServiceProvider()).GetBytes(buf);
string passwordSalt = Convert.ToBase64String(buf);
string passwordHash = EncodePassword(password, buf);
if (_UsingFileSystemStore || _UsingIsolatedStore)
{
ClientData cd = ClientDataManager.GetUserClientData(username, _UsingIsolatedStore);
cd.PasswordHash = passwordHash;
cd.PasswordSalt = passwordSalt;
cd.Save();
return;
}
using (DbConnection conn = SqlHelper.GetConnection(username, _ConnectionString, _ConnectionStringProvider)) {
DbTransaction trans = null;
DbCommand cmd = null;
try {
trans = conn.BeginTransaction();
cmd = conn.CreateCommand();
cmd.CommandText = "DELETE FROM UserProperties WHERE PropertyName = @PasswordHashName";
SqlHelper.AddParameter(conn, cmd, "@PasswordHashName", "PasswordHash_" + username);
cmd.Transaction = trans;
cmd.ExecuteNonQuery();
cmd = conn.CreateCommand();
cmd.CommandText = "DELETE FROM UserProperties WHERE PropertyName = @PasswordSaltName";
SqlHelper.AddParameter(conn, cmd, "@PasswordSaltName", "PasswordSalt_" + username);
cmd.Transaction = trans;
cmd.ExecuteNonQuery();
cmd = conn.CreateCommand();
cmd.CommandText = "INSERT INTO UserProperties(PropertyName, PropertyValue) VALUES (@PasswordHashName, @PasswordHashValue)";
SqlHelper.AddParameter(conn, cmd, "@PasswordHashName", "PasswordHash_" + username);
SqlHelper.AddParameter(conn, cmd, "@PasswordHashValue", passwordHash);
cmd.Transaction = trans;
cmd.ExecuteNonQuery();
cmd = conn.CreateCommand();
cmd.CommandText = "INSERT INTO UserProperties(PropertyName, PropertyValue) VALUES (@PasswordSaltName, @PasswordSaltValue)";
SqlHelper.AddParameter(conn, cmd, "@PasswordSaltName", "PasswordSalt_" + username);
SqlHelper.AddParameter(conn, cmd, "@PasswordSaltValue", passwordSalt);
cmd.Transaction = trans;
cmd.ExecuteNonQuery();
} catch {
if (trans != null)
{
trans.Rollback();
trans = null;
}
throw;
} finally {
if (trans != null)
{
trans.Commit();
}
}
}
}
/////////////////////////////////////////////////////////////////////////////
/////////////////////////////////////////////////////////////////////////////
/////////////////////////////////////////////////////////////////////////////
private void SetPropertyValuesSQL(SettingsPropertyValueCollection values, bool updateSaveTime)
{
string username = Thread.CurrentPrincipal.Identity.Name;
if (_UsingFileSystemStore || _UsingIsolatedStore)
{
ClientData cd = ClientDataManager.GetUserClientData(username, _UsingIsolatedStore);
cd.SettingsNames = new string[values.Count];
cd.SettingsStoredAs = new string[values.Count];
cd.SettingsValues = new string[values.Count];
int iter = 0;
foreach (SettingsPropertyValue value in values)
{
cd.SettingsNames[iter] = value.Property.Name;
object val = value.SerializedValue;
if (val == null)
{
cd.SettingsStoredAs[iter] = "N";
}
else if (val is string)
{
cd.SettingsStoredAs[iter] = "S";
cd.SettingsValues[iter] = (string)val;
}
else
{
cd.SettingsStoredAs[iter] = "B";
cd.SettingsValues[iter] = Convert.ToBase64String((byte[])val);
}
iter++;
}
if (updateSaveTime)
{
cd.SettingsCacheIsMoreFresh = true;
}
cd.Save();
return;
}
using (DbConnection conn = SqlHelper.GetConnection(username, GetConnectionString(), _ConnectionStringProvider)) {
DbTransaction trans = null;
try {
trans = conn.BeginTransaction();
foreach (SettingsPropertyValue value in values)
{
DbCommand cmd = conn.CreateCommand();
cmd.Transaction = trans;
cmd.CommandText = "DELETE FROM Settings WHERE PropertyName = @PropName";
SqlHelper.AddParameter(conn, cmd, "@PropName", value.Property.Name);
cmd.ExecuteNonQuery();
cmd = conn.CreateCommand();
cmd.Transaction = trans;
object val = value.SerializedValue;
if (val == null)
{
cmd.CommandText = "INSERT INTO Settings (PropertyName, PropertyStoredAs, PropertyValue) VALUES (@PropName, 'N', '')";
SqlHelper.AddParameter(conn, cmd, "@PropName", value.Property.Name);
}
else if (val is string)
{
cmd.CommandText = "INSERT INTO Settings (PropertyName, PropertyStoredAs, PropertyValue) VALUES (@PropName, 'S', @PropVal)";
SqlHelper.AddParameter(conn, cmd, "@PropName", value.Property.Name);
SqlHelper.AddParameter(conn, cmd, "@PropVal", (string)val);
}
else
{
cmd.CommandText = "INSERT INTO Settings (PropertyName, PropertyStoredAs, PropertyValue) VALUES (@PropName, 'B', @PropVal)";
SqlHelper.AddParameter(conn, cmd, "@PropName", value.Property.Name);
SqlHelper.AddParameter(conn, cmd, "@PropVal", Convert.ToBase64String((byte[])val));
}
cmd.ExecuteNonQuery();
}
} catch {
if (trans != null)
{
trans.Rollback();
trans = null;
}
throw;
} finally {
if (trans != null)
{
trans.Commit();
}
}
}
if (updateSaveTime)
{
SetIsCacheMoreFresh(true);
}
}
