Exemplo n.º 1
0
        internal static void CheckArrayParameter(ref string[] param, bool checkForNull, bool checkIfEmpty, bool checkForCommas, int maxSize, string paramName)
        {
            if (param == null)
            {
                throw new ArgumentNullException(paramName);
            }

            if (param.Length < 1)
            {
                throw new ArgumentException(SecurityMessage.GetString(SecurityMessage.Parameter_array_empty, paramName), paramName);
            }

            Hashtable values = new Hashtable(param.Length);

            for (int i = param.Length - 1; i >= 0; i--)
            {
                SecurityUtility.CheckParameter(ref param[i], checkForNull, checkIfEmpty, checkForCommas, maxSize,
                                               paramName + "[ " + i.ToString(CultureInfo.InvariantCulture) + " ]");
                if (values.Contains(param[i]))
                {
                    throw new ArgumentException(SecurityMessage.GetString(SecurityMessage.Parameter_duplicate_array_element, paramName), paramName);
                }
                else
                {
                    values.Add(param[i], param[i]);
                }
            }
        }
Exemplo n.º 2
0
        public override bool RoleExists(string roleName)
        {
            SecurityUtility.CheckParameter(ref roleName, true, true, true, 256, "roleName");

            string cmdText = "dbo.Aspnet_Roles_RoleExists";

            SqlParameter[] parms =
            {
                new SqlParameter("@ReturnValue",     SqlDbType.Int),
                CreateInputParam("@ApplicationName", SqlDbType.NVarChar,ApplicationName),
                CreateInputParam("@RoleName",        SqlDbType.NVarChar,roleName)
            };
            parms[0].Direction = ParameterDirection.ReturnValue;

            SqlHelper.ExecuteNonQuery(SqlHelper.SqlProviderConnString, CommandType.StoredProcedure, cmdText, parms);
            int returnValue = (int)parms[0].Value;

            switch (returnValue)
            {
            case 0:
                return(false);

            case 1:
                return(true);
            }
            throw new ProviderException(SecurityMessage.GetString(SecurityMessage.Provider_unknown_failure));
        }
Exemplo n.º 3
0
        public override bool DeleteRole(string roleName, bool throwOnPopulatedRole)
        {
            SecurityUtility.CheckParameter(ref roleName, true, true, true, 256, "roleName");

            string cmdText = "dbo.Aspnet_Roles_DeleteRole";

            SqlParameter[] parms =
            {
                CreateInputParam("@ApplicationName",         SqlDbType.NVarChar, ApplicationName),
                CreateInputParam("@RoleName",                SqlDbType.NVarChar, roleName),
                CreateInputParam("@DeleteOnlyIfRoleIsEmpty", SqlDbType.Bit,      throwOnPopulatedRole ? 1 : 0),
                new SqlParameter("@ReturnValue",             SqlDbType.Int)
            };
            parms[3].Direction = ParameterDirection.ReturnValue;

            SqlHelper.ExecuteNonQuery(SqlHelper.SqlProviderConnString, CommandType.StoredProcedure, cmdText, parms);

            int returnValue = (int)parms[3].Value;

            if (returnValue == 2)
            {
                throw new ProviderException(SecurityMessage.GetString(SecurityMessage.Role_is_not_empty));
            }

            return(returnValue == 0);
        }
Exemplo n.º 4
0
        public override string[] GetRolesForUser(string username)
        {
            SecurityUtility.CheckParameter(ref username, true, false, true, 256, "username");

            string cmdText = "dbo.Aspnet_UsersInRoles_GetRolesForUser";

            SqlParameter[] parms =
            {
                CreateInputParam("@ApplicationName", SqlDbType.NVarChar, ApplicationName),
                CreateInputParam("@UserName",        SqlDbType.NVarChar, username),
                new SqlParameter("@ReturnValue",     SqlDbType.Int)
            };
            parms[0].Value     = ApplicationName;
            parms[1].Value     = username;
            parms[2].Direction = ParameterDirection.ReturnValue;

            StringCollection sc = new StringCollection();

            using (SqlDataReader reader = SqlHelper.ExecuteReader(SqlHelper.SqlProviderConnString, CommandType.StoredProcedure, cmdText, parms))
            {
                if (reader != null && reader.HasRows)
                {
                    while (reader.Read())
                    {
                        sc.Add(reader.GetString(0));
                    }
                }
            }

            if (sc.Count > 0)
            {
                String[] strReturn = new String[sc.Count];
                sc.CopyTo(strReturn, 0);
                return(strReturn);
            }

            int returnValue = (int)parms[2].Value;

            switch (returnValue)
            {
            case 0:
                return(new string[0]);

            case 1:
                return(new string[0]);

            //throw new ProviderException(SR.GetString(SR.Provider_user_not_found));
            default:
                throw new ProviderException(SecurityMessage.GetString(SecurityMessage.Provider_unknown_failure));
            }
        }
Exemplo n.º 5
0
        public override bool IsUserInRole(string username, string roleName)
        {
            SecurityUtility.CheckParameter(ref roleName, true, true, true, 256, "roleName");
            SecurityUtility.CheckParameter(ref username, true, false, true, 256, "username");
            if (username.Length < 1)
            {
                return(false);
            }

            string cmdText = "dbo.Aspnet_UsersInRoles_IsUserInRole";

            SqlParameter[] parms =
            {
                new SqlParameter("@ReturnValue",     SqlDbType.Int),
                CreateInputParam("@ApplicationName", SqlDbType.NVarChar,ApplicationName),
                CreateInputParam("@UserName",        SqlDbType.NVarChar,username),
                CreateInputParam("@RoleName",        SqlDbType.NVarChar,roleName)
            };
            parms[0].Direction = ParameterDirection.ReturnValue;
            SqlHelper.ExecuteNonQuery(SqlHelper.SqlProviderConnString, CommandType.StoredProcedure, cmdText, parms);
            int iStatus = (int)parms[0].Value;

            switch (iStatus)
            {
            case 0:
                return(false);

            case 1:
                return(true);

            case 2:
                return(false);

            // throw new ProviderException(SR.GetString(SR.Provider_user_not_found));
            case 3:
                return(false);    // throw new ProviderException(SR.GetString(SR.Provider_role_not_found, roleName));
            }
            throw new ProviderException(SecurityMessage.GetString(SecurityMessage.Provider_unknown_failure));
        }