Exemplo n.º 1
0
        //////////////////////////////////////////////////////////////////////
        //////////////////////////////////////////////////////////////////////
        //////////////////////////////////////////////////////////////////////

        public override string[] GetRolesForUser(string username)
        {
            SecUtility.CheckParameter(ref username, true, false, true, 255, "username");
            if (username.Length < 1)
            {
                return(new string[0]);
            }

            AccessConnectionHolder holder     = AccessConnectionHolder.GetConnection(_DatabaseFileName, true);
            OleDbConnection        connection = holder.Connection;
            OleDbDataReader        reader     = null;

            try {
                try {
                    int appId  = GetApplicationId(holder);
                    int userId = AccessConnectionHelper.GetUserID(connection, appId, username, false);

                    if (userId == 0)
                    {
                        return(new string[0]);
                    }

                    OleDbCommand     command;
                    StringCollection sc = new StringCollection();
                    String[]         strReturn;


                    command = new OleDbCommand(@"SELECT RoleName FROM aspnet_UsersInRoles ur, aspnet_Roles r " +
                                               @"WHERE ur.UserId = @UserId AND ur.RoleId = r.RoleId " +
                                               @"ORDER BY RoleName",
                                               connection);
                    command.Parameters.Add(new OleDbParameter("@UserId", userId));
                    reader = command.ExecuteReader(CommandBehavior.SequentialAccess);
                    while (reader.Read())
                    {
                        sc.Add(reader.GetString(0));
                    }
                    strReturn = new String[sc.Count];
                    sc.CopyTo(strReturn, 0);
                    return(strReturn);
                }
                catch (Exception e) {
                    throw AccessConnectionHolder.GetBetterException(e, holder);
                }
                finally {
                    if (reader != null)
                    {
                        reader.Close();
                    }
                    holder.Close();
                }
            }
            catch {
                throw;
            }
        }
Exemplo n.º 2
0
        ////////////////////////////////////////////////////////////
        ////////////////////////////////////////////////////////////
        private void GetPropertyValuesFromDatabase(string username, SettingsPropertyValueCollection svc)
        {
            try {
                AccessConnectionHolder holder = AccessConnectionHolder.GetConnection(_DatabaseFileName, true);
                string[]        names         = null;
                string          values        = null;
                OleDbDataReader reader        = null;
                ////////////////////////////////////////////////////////////
                // Step 1: Get Values from DB
                try {
                    int appId  = GetApplicationId(holder);
                    int userId = AccessConnectionHelper.GetUserID(holder.Connection, appId, username, false);

                    if (userId != 0)   // User exists?
                    {
                        OleDbCommand cmd = new OleDbCommand(@"SELECT PropertyNames, PropertyValuesString " +
                                                            @"FROM aspnet_Profile " +
                                                            @"WHERE UserId = @UserId",
                                                            holder.Connection);
                        cmd.Parameters.Add(new OleDbParameter("@UserId", userId));
                        reader = cmd.ExecuteReader();
                        if (reader.Read())
                        {
                            names  = reader.GetString(0).Split(':');
                            values = reader.GetString(1);
                        }
                        try { // Not a critical part -- don't throw exceptions here
                            cmd = new OleDbCommand(@"UPDATE aspnet_Users SET LastActivityDate=@LastActivityDate WHERE UserId = @UserId", holder.Connection);
                            cmd.Parameters.Add(CreateDateTimeOleDbParameter("@LastActivityDate", DateTime.Now));
                            cmd.Parameters.Add(new OleDbParameter("@UserId", userId));
                            cmd.ExecuteNonQuery();
                        }
                        catch { }
                    }
                }
                catch (Exception e) {
                    throw AccessConnectionHolder.GetBetterException(e, holder);
                }
                finally {
                    if (reader != null)
                    {
                        reader.Close();
                    }
                    holder.Close();
                }
                if (names != null && names.Length > 0)
                {
                    ParseDataFromDB(names, values, new byte[0], svc);
                }
            }
            catch {
                throw;
            }
        }
Exemplo n.º 3
0
        //////////////////////////////////////////////////////////////////////
        //////////////////////////////////////////////////////////////////////
        //////////////////////////////////////////////////////////////////////

        public override bool IsUserInRole(string username, string roleName)
        {
            SecUtility.CheckParameter(ref username, true, false, true, 255, "username");
            if (username.Length < 1)
            {
                return(false);
            }
            SecUtility.CheckParameter(ref roleName, true, true, true, 255, "roleName");

            AccessConnectionHolder holder     = AccessConnectionHolder.GetConnection(_DatabaseFileName, true);
            OleDbConnection        connection = holder.Connection;

            try {
                try {
                    int appId  = GetApplicationId(holder);
                    int userId = AccessConnectionHelper.GetUserID(connection, appId, username, false);
                    int roleId = GetRoleId(connection, appId, roleName);

                    OleDbCommand command;

                    if (userId == 0)
                    {
                        return(false);
                    }

                    if (roleId == 0)
                    {
                        return(false);
                    }

                    command = new OleDbCommand(@"SELECT UserId FROM aspnet_UsersInRoles WHERE UserId = @UserId AND RoleId = @RoleId", connection);
                    command.Parameters.Add(new OleDbParameter("@UserId", userId));
                    command.Parameters.Add(new OleDbParameter("@RoleId", roleId));

                    object result = command.ExecuteScalar();

                    if (result == null || !(result is int) || ((int)result) != userId)
                    {
                        return(false);
                    }
                    return(true);
                }
                catch (Exception e) {
                    throw AccessConnectionHolder.GetBetterException(e, holder);
                }
                finally {
                    holder.Close();
                }
            }
            catch {
                throw;
            }
        }
Exemplo n.º 4
0
        /////////////////////////////////////////////////////////////////////////////
        /////////////////////////////////////////////////////////////////////////////
        private bool DeleteProfile(AccessConnectionHolder holder, string username, int appId)
        {
            SecUtility.CheckParameter(ref username, true, true, true, 255, "username");

            int userId = AccessConnectionHelper.GetUserID(holder.Connection, appId, username, false);

            if (userId == 0)
            {
                return(false);
            }
            OleDbCommand cmd = new OleDbCommand(@"DELETE FROM aspnet_Profile WHERE UserId = @UserId", holder.Connection);

            cmd.Parameters.Add(new OleDbParameter("@UserId", userId));
            return(cmd.ExecuteNonQuery() != 0);
        }
Exemplo n.º 5
0
        protected override void LoadPersonalizationBlobs(WebPartManager webPartManager, string path, string userName, ref byte[] sharedDataBlob, ref byte[] userDataBlob)
        {
            sharedDataBlob = null;
            userDataBlob   = null;

            AccessConnectionHolder connectionHolder = null;
            OleDbConnection        connection       = null;


            try {
                try {
                    connectionHolder = GetConnectionHolder();
                    connection       = connectionHolder.Connection;

                    int applicationID = GetApplicationID(connectionHolder);
                    if (applicationID != 0)
                    {
                        int pathID = AccessConnectionHelper.GetPathID(connection, applicationID, path);
                        if (pathID != 0)
                        {
                            string sharedDataValue = LoadPersonalizationBlob(connection, pathID);
                            sharedDataBlob = Deserialize(sharedDataValue);

                            if (userName != null)
                            {
                                int userID = AccessConnectionHelper.GetUserID(connection, applicationID, userName);
                                if (userID != 0)
                                {
                                    string userDataValue = LoadPersonalizationBlob(connection, pathID, userID);
                                    userDataBlob = Deserialize(userDataValue);
                                }
                            }
                        }
                    }
                }
                finally {
                    if (connectionHolder != null)
                    {
                        connectionHolder.Close();
                        connectionHolder = null;
                    }
                }
            }
            catch {
                throw;
            }
        }
Exemplo n.º 6
0
        protected override void SavePersonalizationBlob(WebPartManager webPartManager, string path, string userName, byte[] dataBlob)
        {
            AccessConnectionHolder connectionHolder = null;
            OleDbConnection        connection       = null;


            try {
                try {
                    string blobValue = Serialize(dataBlob);

                    connectionHolder = GetConnectionHolder();
                    connection       = connectionHolder.Connection;

                    int applicationID = GetApplicationID(connectionHolder);
                    if (applicationID != 0)
                    {
                        int pathID = AccessConnectionHelper.GetPathID(connection, applicationID, path, /* createIfNeeded */ true);

                        if (pathID != 0)
                        {
                            if (String.IsNullOrEmpty(userName))
                            {
                                SavePersonalizationBlob(connection, pathID, blobValue);
                            }
                            else
                            {
                                int userID = AccessConnectionHelper.GetUserID(connection, applicationID, userName, /* createIfNeeded */ true);
                                if (userID != 0)
                                {
                                    SavePersonalizationBlob(connection, pathID, userID, blobValue);
                                }
                            }
                        }
                    }
                }
                finally {
                    if (connectionHolder != null)
                    {
                        connectionHolder.Close();
                        connectionHolder = null;
                    }
                }
            }
            catch {
                throw;
            }
        }
Exemplo n.º 7
0
        protected override void ResetPersonalizationBlob(WebPartManager webPartManager, string path, string userName)
        {
            AccessConnectionHolder connectionHolder = null;
            OleDbConnection        connection       = null;


            try {
                try {
                    connectionHolder = GetConnectionHolder();
                    connection       = connectionHolder.Connection;

                    int applicationID = GetApplicationID(connectionHolder);
                    if (applicationID != 0)
                    {
                        int pathID = AccessConnectionHelper.GetPathID(connection, applicationID, path);

                        if (pathID != 0)
                        {
                            if (String.IsNullOrEmpty(userName))
                            {
                                ResetPersonalizationBlob(connection, pathID);
                            }
                            else
                            {
                                int userID = AccessConnectionHelper.GetUserID(connection, applicationID, userName);
                                if (userID != 0)
                                {
                                    ResetPersonalizationBlob(connection, pathID, userID);
                                }
                            }
                        }
                    }
                }
                finally {
                    if (connectionHolder != null)
                    {
                        connectionHolder.Close();
                        connectionHolder = null;
                    }
                }
            }
            catch {
                throw;
            }
        }
Exemplo n.º 8
0
        /////////////////////////////////////////////////////////////////////////////
        /////////////////////////////////////////////////////////////////////////////
        /////////////////////////////////////////////////////////////////////////////

        private int GetApplicationId(AccessConnectionHolder holder)
        {
            if (_ApplicationId != 0 && holder.CreateDate < _ApplicationIDCacheDate) // Already cached?
            {
                return(_ApplicationId);
            }
            string appName = _AppName;

            if (appName.Length > 255)
            {
                appName = appName.Substring(0, 255);
            }
            _ApplicationId          = AccessConnectionHelper.GetApplicationID(holder.Connection, appName, true);
            _ApplicationIDCacheDate = DateTime.Now;
            if (_ApplicationId != 0)
            {
                return(_ApplicationId);
            }
            throw new ProviderException("Provider Error");
        }
Exemplo n.º 9
0
        private int GetApplicationID(AccessConnectionHolder holder)
        {
            if (_applicationID != 0 && holder.CreateDate < _applicationIDCacheDate)
            {
                return(_applicationID);
            }

            string appName = ApplicationName;

            if (appName.Length > MaxStringLength)
            {
                appName = appName.Substring(0, MaxStringLength);
            }

            _applicationID          = AccessConnectionHelper.GetApplicationID(holder.Connection, appName, true);
            _applicationIDCacheDate = DateTime.Now;

            if (_applicationID == 0)
            {
                throw new ProviderException("Failed to get ApplicationID");
            }

            return(_applicationID);
        }
Exemplo n.º 10
0
        private int ResetUserStatePerUsers(string path, string [] usernames)
        {
            int count = 0;
            AccessConnectionHolder connectionHolder = null;
            OleDbConnection        connection       = null;
            bool beginTransCalled = false;

            try {
                try {
                    connectionHolder = GetConnectionHolder();
                    connection       = connectionHolder.Connection;

                    int applicationID = GetApplicationID(connectionHolder);
                    if (applicationID != 0)
                    {
                        OleDbCommand   command            = new OleDbCommand(null, connection);
                        OleDbParameter userIdParam        = command.Parameters.Add(new OleDbParameter("@UserId", OleDbType.Integer));
                        string         fromAndWhereClause = " FROM aspnet_PagePersonalizationPerUser WHERE UserId = @UserId";
                        if (!String.IsNullOrEmpty(path))
                        {
                            int pathId = AccessConnectionHelper.GetPathID(connection, applicationID, path);
                            fromAndWhereClause += " AND PathId = @PathId";
                            command.Parameters.Add(new OleDbParameter("@PathId", pathId));
                        }

                        string selectCommandText = "SELECT COUNT(*)" + fromAndWhereClause;
                        string deleteCommandText = "DELETE" + fromAndWhereClause;

                        OleDbCommand transCommand = new OleDbCommand("BEGIN TRANSACTION", connection);
                        transCommand.ExecuteNonQuery();
                        beginTransCalled = true;

                        foreach (string username in usernames)
                        {
                            command.CommandText = selectCommandText;
                            userIdParam.Value   = AccessConnectionHelper.GetUserID(connection, applicationID, username);
                            int numOfRecords = (int)command.ExecuteScalar();
                            if (numOfRecords > 0)
                            {
                                command.CommandText = deleteCommandText;
                                command.ExecuteNonQuery();
                                count += numOfRecords;
                            }
                        }

                        transCommand.CommandText = "COMMIT TRANSACTION";
                        transCommand.ExecuteNonQuery();
                    }
                }
                catch {
                    try {
                        if (beginTransCalled)
                        {
                            OleDbCommand rollbackCommand = new OleDbCommand("ROLLBACK TRANSACTION", connection);
                            rollbackCommand.ExecuteNonQuery();
                        }
                    }
                    catch {
                    }
                    throw;
                }
                finally {
                    if (connectionHolder != null)
                    {
                        connectionHolder.Close();
                        connectionHolder = null;
                    }
                }
            }
            catch {
                throw;
            }

            return(count);
        }
Exemplo n.º 11
0
        private int ResetStatePerPaths(string tableName, string [] paths)
        {
            if (paths == null || paths.Length == 0)
            {
                return(0);
            }

            int count = 0;
            AccessConnectionHolder connectionHolder = null;
            OleDbConnection        connection       = null;
            bool beginTransCalled = false;

            try {
                try {
                    connectionHolder = GetConnectionHolder();
                    connection       = connectionHolder.Connection;

                    int applicationID = GetApplicationID(connectionHolder);
                    if (applicationID != 0)
                    {
                        string         fromAndWhereClause = " FROM " + tableName + " WHERE PathId = @PathId";
                        string         selectCommandText  = "SELECT COUNT(*)" + fromAndWhereClause;
                        string         deleteCommandText  = "DELETE" + fromAndWhereClause;
                        OleDbCommand   command            = new OleDbCommand(null, connection);
                        OleDbParameter pathParam          = command.Parameters.Add(new OleDbParameter("@PathId", OleDbType.Integer));

                        OleDbCommand transCommand = new OleDbCommand("BEGIN TRANSACTION", connection);
                        transCommand.ExecuteNonQuery();
                        beginTransCalled = true;

                        foreach (string path in paths)
                        {
                            command.CommandText = selectCommandText;
                            pathParam.Value     = AccessConnectionHelper.GetPathID(connection, applicationID, path);
                            int numOfRecords = (int)command.ExecuteScalar();
                            if (numOfRecords > 0)
                            {
                                command.CommandText = deleteCommandText;
                                command.ExecuteNonQuery();
                                count += numOfRecords;
                            }
                        }

                        transCommand.CommandText = "COMMIT TRANSACTION";
                        transCommand.ExecuteNonQuery();
                    }
                }
                catch {
                    try {
                        if (beginTransCalled)
                        {
                            OleDbCommand rollbackCommand = new OleDbCommand("ROLLBACK TRANSACTION", connection);
                            rollbackCommand.ExecuteNonQuery();
                        }
                    }
                    catch {
                    }
                    throw;
                }
                finally {
                    if (connectionHolder != null)
                    {
                        connectionHolder.Close();
                        connectionHolder = null;
                    }
                }
            }
            catch {
                throw;
            }

            return(count);
        }
Exemplo n.º 12
0
        //////////////////////////////////////////////////////////////////////
        //////////////////////////////////////////////////////////////////////
        //////////////////////////////////////////////////////////////////////

        public override void RemoveUsersFromRoles(string[] usernames, string[] roleNames)
        {
            SecUtility.CheckArrayParameter(ref roleNames, true, true, true, 255, "roleNames");
            SecUtility.CheckArrayParameter(ref usernames, true, true, true, 255, "usernames");

            AccessConnectionHolder holder     = AccessConnectionHolder.GetConnection(_DatabaseFileName, true);
            OleDbConnection        connection = holder.Connection;
            bool fBeginTransCalled            = false;

            try {
                try {
                    int   appId   = GetApplicationId(holder);
                    int[] userIds = new int[usernames.Length];
                    int[] roleIds = new int[roleNames.Length];

                    OleDbCommand command;
                    command = new OleDbCommand("BEGIN TRANSACTION", connection);
                    command.ExecuteNonQuery();
                    fBeginTransCalled = true;


                    for (int iterU = 0; iterU < usernames.Length; iterU++)
                    {
                        userIds[iterU] = AccessConnectionHelper.GetUserID(connection, appId, usernames[iterU], false);
                        if (userIds[iterU] == 0)
                        {
                            throw new ProviderException("User not found: " + usernames[iterU]);
                        }
                    }
                    for (int iterR = 0; iterR < roleNames.Length; iterR++)
                    {
                        roleIds[iterR] = GetRoleId(connection, appId, roleNames[iterR]);
                        if (roleIds[iterR] == 0)
                        {
                            throw new ProviderException("Role not found: " + roleNames[iterR]);
                        }
                    }
                    for (int iterU = 0; iterU < usernames.Length; iterU++)
                    {
                        for (int iterR = 0; iterR < roleNames.Length; iterR++)
                        {
                            command = new OleDbCommand(@"SELECT UserId FROM aspnet_UsersInRoles WHERE UserId = @UserId AND RoleId = @RoleId",
                                                       connection);
                            command.Parameters.Add(new OleDbParameter("@UserId", userIds[iterU]));
                            command.Parameters.Add(new OleDbParameter("@RoleId", roleIds[iterR]));

                            object result = command.ExecuteScalar();
                            if (result == null || !(result is int) || ((int)result) != userIds[iterU])   // doesn't exist!

                            {
                                throw new ProviderException("The user " + usernames[iterU] + " is already not in role " + roleNames[iterR]);
                            }
                        }
                    }

                    for (int iterU = 0; iterU < usernames.Length; iterU++)
                    {
                        for (int iterR = 0; iterR < roleNames.Length; iterR++)
                        {
                            command = new OleDbCommand(@"DELETE FROM aspnet_UsersInRoles WHERE UserId = @UserId AND RoleId = @RoleId",
                                                       connection);
                            command.Parameters.Add(new OleDbParameter("@UserId", userIds[iterU]));
                            command.Parameters.Add(new OleDbParameter("@RoleId", roleIds[iterR]));
                            if (command.ExecuteNonQuery() != 1)
                            {
                                throw new ProviderException("Unknown failure");
                            }
                        }
                    }
                    command = new OleDbCommand("COMMIT TRANSACTION", connection);
                    command.ExecuteNonQuery();
                }
                catch (Exception e) {
                    try {
                        if (fBeginTransCalled)
                        {
                            OleDbCommand command = new OleDbCommand("ROLLBACK TRANSACTION", connection);
                            command.ExecuteNonQuery();
                        }
                    }
                    catch { }
                    throw AccessConnectionHolder.GetBetterException(e, holder);
                }
                finally {
                    holder.Close();
                }
            }
            catch {
                throw;
            }
        }
Exemplo n.º 13
0
        ////////////////////////////////////////////////////////////
        ////////////////////////////////////////////////////////////
        ////////////////////////////////////////////////////////////

        public override void SetPropertyValues(SettingsContext sc, SettingsPropertyValueCollection properties)
        {
            try {
                string username            = (string)sc["UserName"];
                bool   userIsAuthenticated = (bool)sc["IsAuthenticated"];
                if (username == null || username.Length < 1 || properties.Count < 1)
                {
                    return;
                }

                string names  = String.Empty;
                string values = String.Empty;
                byte[] buf    = null;
                PrepareDataForSaving(ref names, ref values, ref buf, false, properties, userIsAuthenticated);
                if (names.Length == 0)
                {
                    return;
                }

                ////////////////////////////////////////////////////////////
                // Step 2: Store strings in DB
                AccessConnectionHolder holder = AccessConnectionHolder.GetConnection(_DatabaseFileName, true);
                bool fBeginTransCalled        = false;
                try {
                    OleDbCommand cmd = new OleDbCommand("BEGIN TRANSACTION", holder.Connection);
                    cmd.ExecuteNonQuery();
                    fBeginTransCalled = true;

                    int appId  = GetApplicationId(holder);
                    int userId = AccessConnectionHelper.GetUserID(holder.Connection, appId, username, true, !userIsAuthenticated);

                    if (userId == 0)   // User not creatable
                    {
                        return;
                    }
                    cmd = new OleDbCommand(@"SELECT UserId FROM aspnet_Profile WHERE UserId = @UserId", holder.Connection);
                    cmd.Parameters.Add(new OleDbParameter("@UserId", userId));
                    object result = cmd.ExecuteScalar();
                    if (result != null && (result is int) && ((int)result) == userId)
                    {
                        cmd = new OleDbCommand(@"UPDATE aspnet_Profile SET PropertyNames = @PropertyNames, PropertyValuesString = @PropertyValuesString, LastUpdatedDate = @LastUpdatedDate WHERE UserId = @UserId", holder.Connection);
                        cmd.Parameters.Add(new OleDbParameter("@PropertyNames", names));
                        cmd.Parameters.Add(new OleDbParameter("@PropertyValuesString", values));
                        cmd.Parameters.Add(CreateDateTimeOleDbParameter("@LastUpdatedDate", DateTime.Now));
                        cmd.Parameters.Add(new OleDbParameter("@UserId", userId));
                    }
                    else
                    {
                        cmd = new OleDbCommand(@"INSERT INTO aspnet_Profile (UserId, PropertyNames, PropertyValuesString, LastUpdatedDate) VALUES (@UserId, @PropertyNames, @PropertyValuesString, @LastUpdatedDate)", holder.Connection);
                        cmd.Parameters.Add(new OleDbParameter("@UserId", userId));
                        cmd.Parameters.Add(new OleDbParameter("@PropertyNames", names));
                        cmd.Parameters.Add(new OleDbParameter("@PropertyValuesString", values));
                        cmd.Parameters.Add(CreateDateTimeOleDbParameter("@LastUpdatedDate", DateTime.Now));
                    }
                    cmd.ExecuteNonQuery();
                    try { // Not a critical part -- don't throw exceptions here
                        cmd = new OleDbCommand(@"UPDATE aspnet_Users SET LastActivityDate=@LastActivityDate WHERE UserId = @UserId", holder.Connection);
                        cmd.Parameters.Add(CreateDateTimeOleDbParameter("@LastActivityDate", DateTime.Now));
                        cmd.Parameters.Add(new OleDbParameter("@UserId", userId));
                        cmd.ExecuteNonQuery();
                    }
                    catch { }
                    cmd = new OleDbCommand("COMMIT TRANSACTION", holder.Connection);
                    cmd.ExecuteNonQuery();
                    fBeginTransCalled = false;
                }
                catch (Exception e) {
                    throw AccessConnectionHolder.GetBetterException(e, holder);
                }
                finally {
                    if (fBeginTransCalled)
                    {
                        try {
                            OleDbCommand command = new OleDbCommand("ROLLBACK TRANSACTION", holder.Connection);
                            command.ExecuteNonQuery();
                        }
                        catch { }
                    }
                    holder.Close();
                }
            }
            catch {
                throw;
            }
        }