Exemplo n.º 1
0
        public LavaResult AddNewFile(LavaUser user, out string Path, out int fileId)
        {
            LavaResult result = new LavaResult();
            fileId = 0;

            SqlConnection conn = new SqlConnection(connectionString);

            SqlCommand cmdNewCustomer = new SqlCommand("Volcano.uspNewFile", conn);
            cmdNewCustomer.CommandType = CommandType.StoredProcedure;

            cmdNewCustomer.Parameters.Add(new SqlParameter("@UserName", SqlDbType.NChar, 32));
            cmdNewCustomer.Parameters["@UserName"].Value = user.UserName;

            Path = DateTime.Now.ToString("yyyyMMddHHmmssfff") + "_" + Guid.NewGuid().ToString();
            cmdNewCustomer.Parameters.Add(new SqlParameter("@Path", SqlDbType.VarChar));
            cmdNewCustomer.Parameters["@Path"].Value = Path;

            cmdNewCustomer.Parameters.Add(new SqlParameter("@FileID", SqlDbType.Int));
            cmdNewCustomer.Parameters["@FileID"].Direction = ParameterDirection.Output;

            try
            {
                conn.Open();
                cmdNewCustomer.ExecuteNonQuery();
                fileId = (int)cmdNewCustomer.Parameters["@FileID"].Value;
            }
            catch (SqlException sqlEx)
            {
                if (sqlEx.Errors.Count > 0) // Assume the interesting stuff is in the first error
                {
                    switch (sqlEx.Errors[0].Number)
                    {
                        case 2627: // Foreign Key violation
                            result.Result = LAVA_ERROR_CODE.FILE_ALREADY_EXIST;
                            result.Message = "File already exist. " + sqlEx.Message;
                            break;
                        default:
                            result.Result = LAVA_ERROR_CODE.UNKNOWH_ERROR;
                            result.Message = "Customer ID was not returned. Account could not be created. " + sqlEx.Errors[0].Number + sqlEx.Message;
                            break;
                    }
                }
            }
            catch (Exception ex)
            {
                result.Result = LAVA_ERROR_CODE.UNKNOWH_ERROR;
                result.Message = "Customer ID was not returned. Account could not be created. " + ex.Message;
            }
            finally
            {
                conn.Close();
            }

            return result;
        }
Exemplo n.º 2
0
        public LavaResult AddNewUser(LavaUser user)
        {
            LavaResult result = new LavaResult();

            SqlConnection conn = new SqlConnection(connectionString);

            SqlCommand cmdNewCustomer = new SqlCommand("Volcano.uspNewUser", conn);
            cmdNewCustomer.CommandType = CommandType.StoredProcedure;

            cmdNewCustomer.Parameters.Add(new SqlParameter("@UserName", SqlDbType.NChar, 32));
            cmdNewCustomer.Parameters["@UserName"].Value = user.UserName;

            byte[] password = Utility.StringToByteArray(user.Password);
            Gost3411Digest digest = new Gost3411Digest();
            SecureRandom random = new SecureRandom();
            byte[] salt = random.GenerateSeed(16);
            digest.BlockUpdate(password, 0, password.Length);
            digest.BlockUpdate(salt, 0, 16);
            byte[] hash = new byte[digest.GetDigestSize()];
            digest.DoFinal(hash, 0);

            cmdNewCustomer.Parameters.AddWithValue("@Password", hash);
            cmdNewCustomer.Parameters.AddWithValue("@Salt", salt);

            cmdNewCustomer.Parameters.Add(new SqlParameter("@UserID", SqlDbType.Int));
            cmdNewCustomer.Parameters["@UserID"].Direction = ParameterDirection.Output;

            try
            {
                conn.Open();
                cmdNewCustomer.ExecuteNonQuery();
                user.UserID = (int)cmdNewCustomer.Parameters["@UserID"].Value;
            }
            catch (SqlException sqlEx)
            {
                if (sqlEx.Errors.Count > 0) // Assume the interesting stuff is in the first error
                {
                    switch (sqlEx.Errors[0].Number)
                    {
                        case 2627: // Foreign Key violation
                            result.Result = LAVA_ERROR_CODE.USER_ALREADY_EXIST;
                            result.Message = "UserName already exist. " + sqlEx.Message;
                            break;
                        default:
                            result.Result = LAVA_ERROR_CODE.UNKNOWH_ERROR;
                            result.Message = "Customer ID was not returned. Account could not be created. " + sqlEx.Errors[0].Number + sqlEx.Message;
                            break;
                    }
                }
            }
            catch (Exception ex)
            {
                result.Result = LAVA_ERROR_CODE.UNKNOWH_ERROR;
                result.Message = "Customer ID was not returned. Account could not be created. " + ex.Message;
            }
            finally
            {
                conn.Close();
            }

            return result;
        }
Exemplo n.º 3
0
        public LavaResult GetUserByUserName(string userName, out LavaUser user)
        {
            LavaResult result = new LavaResult();

            user = new LavaUser();
            SqlConnection conn = new SqlConnection(connectionString);

            string sql = "select * from Volcano.UserTable where UserName = @UserName";

            SqlCommand cmdGetUser = new SqlCommand(sql, conn);

            cmdGetUser.Parameters.Add(new SqlParameter("@UserName", SqlDbType.NChar, 32));
            cmdGetUser.Parameters["@UserName"].Value = userName;

            try
            {
                conn.Open();

                SqlDataReader rdr = cmdGetUser.ExecuteReader();

                DataTable dataTable = new DataTable();
                dataTable.Load(rdr);

                foreach (DataRow row in dataTable.Rows)
                {
                    user = new LavaUser(row["UserName"].ToString(),
                                        (byte[])row["Password"],
                                        (byte[])row["Salt"]);
                    user.UserID = (int)row["UserID"];
                    user.MasterKey = DBNull.Value.Equals(row["KeyContainer"]) ? null : (byte[])row["KeyContainer"];
                }

                rdr.Close();
            }
            catch (Exception e)
            {
                result.Result = LAVA_ERROR_CODE.USER_NOT_FOUND;
                result.Message = "The requested order could not be loaded into the form. " + e.Message;
            }
            finally
            {
                conn.Close();
            }

            return result;
        }