// Inherited from RoleProvider ==> Forwarded to previous provider if this provider hasn't been initialized public override string[] FindUsersInRole(string roleName, string usernameToMatch) { if (!InitializeCalled) { return(PreviousProvider.FindUsersInRole(roleName, usernameToMatch)); } using (var db = ConnectToDatabase()) { // REVIEW: Is there any way to directly get out a string[]? List <dynamic> userNames = db.Query(@"SELECT u." + SafeUserNameColumn + " FROM " + SafeUserTableName + " u, " + UsersInRoleTableName + " ur, " + RoleTableName + " r Where (r.RoleName = @0 and ur.RoleId = r.RoleId and ur.UserId = u." + SafeUserIdColumn + " and u." + SafeUserNameColumn + " LIKE @1)", new object[] { roleName, usernameToMatch }).ToList(); string[] users = new string[userNames.Count]; for (int i = 0; i < userNames.Count; i++) { users[i] = (string)userNames[i][0]; } return(users); } }
// Inherited from RoleProvider ==> Forwarded to previous provider if this provider hasn't been initialized public override string[] GetRolesForUser(string username) { if (!InitializeCalled) { return(PreviousProvider.GetRolesForUser(username)); } using (var db = ConnectToDatabase()) { int userId = SimpleMembershipProvider.GetUserId(db, SafeUserTableName, SafeUserNameColumn, SafeUserIdColumn, CasingBehavior, username); if (userId == -1) { throw new InvalidOperationException(String.Format(CultureInfo.CurrentCulture, WebDataResources.Security_NoUserFound, username)); } string query = @"SELECT r.RoleName FROM " + UsersInRoleTableName + " u, " + RoleTableName + " r Where (u.UserId = @0 and u.RoleId = r.RoleId) GROUP BY RoleName"; return(db.Query(query, new object[] { userId }).Select <dynamic, string>(d => (string)d[0]).ToArray()); } }
// Inherited from MembershipProvider ==> Forwarded to previous provider if this provider hasn't been initialized public override MembershipUser GetUser(string username, bool userIsOnline) { if (!InitializeCalled) { return(PreviousProvider.GetUser(username, userIsOnline)); } // Due to a bug in v1, GetUser allows passing null / empty values. using (var db = ConnectToDatabase()) { int userId = GetUserId(db, SafeUserTableName, SafeUserNameColumn, SafeUserIdColumn, username); if (userId == -1) { return(null); // User not found } return(new MembershipUser(Membership.Provider.Name, username, userId, null, null, null, true, false, DateTime.MinValue, DateTime.MinValue, DateTime.MinValue, DateTime.MinValue, DateTime.MinValue)); } }
/// <summary> /// Adds the specified user names to the specified roles for the configured applicationName. /// </summary> /// <remarks>Inherited from RoleProvider ==> Forwarded to previous provider if this provider hasn't been initialized</remarks> /// <param name="usernames">A string array of user names to be added to the specified roles.</param> /// <param name="roleNames">A string array of the role names to add the specified user names to.</param> /// <exception cref="System.InvalidOperationException"></exception> /// <exception cref="System.Configuration.Provider.ProviderException"></exception> public override void AddUsersToRoles(string[] usernames, string[] roleNames) { if (!InitializeCalled) { PreviousProvider.AddUsersToRoles(usernames, roleNames); } else { using (var db = NewMySqlSecurityDbContext) { int userCount = usernames.Length; int roleCount = roleNames.Length; List <int> userIds = GetUserIdsFromNames(db, usernames); List <int> roleIds = GetRoleIdsFromNames(db, roleNames); var affectedRow = 0; // Generate a INSERT INTO for each userid/rowid combination, where userIds are the first params, and roleIds follow for (int uId = 0; uId < userCount; uId++) { for (int rId = 0; rId < roleCount; rId++) { if (IsUserInRole(usernames[uId], roleNames[rId])) { throw new InvalidOperationException(String.Format(CultureInfo.CurrentCulture, Resources.SimpleRoleProvder_UserAlreadyInRole, usernames[uId], roleNames[rId])); } // REVIEW: is there a way to batch up these inserts? db.UsersInRoles.Add(new UsersInRoles { UserId = userIds[uId], RoleId = roleIds[rId], }); affectedRow++; } } if (db.SaveChanges() != affectedRow) { throw new ProviderException(Resources.Security_DbFailure); } } } }
// Inherited from MembershipProvider ==> Forwarded to previous provider if this provider hasn't been initialized public override MembershipUser GetUser(string username, bool userIsOnline) { if (!InitializeCalled) { return(PreviousProvider.GetUser(username, userIsOnline)); } if (username.IsEmpty()) { ExceptionHelper.CreateArgumentNullOrEmptyException("username"); } using (var db = ConnectToDatabase()) { int userId = GetUserId(db, SafeUserTableName, SafeUserNameColumn, SafeUserIdColumn, username); if (userId == -1) { return(null); // User not found } return(new MembershipUser(Membership.Provider.Name, username, userId, null, null, null, true, false, DateTime.MinValue, DateTime.MinValue, DateTime.MinValue, DateTime.MinValue, DateTime.MinValue)); } }
//internal void ValidateUserTable() //{ // using (var session = new MongoSession(_connectionString)) // { // // GetUser will fail with an exception if the user table isn't set up properly // try // { // GetUserId(db, SafeUserTableName, SafeUserNameColumn, SafeUserIdColumn, "z"); // } // catch (Exception e) // { // throw new InvalidOperationException(String.Format(CultureInfo.InvariantCulture, WebDataResources.Security_FailedToFindUserTable, UserTableName), e); // } // } //} // Inherited from MembershipProvider ==> Forwarded to previous provider if this provider hasn't been initialized public override bool ValidateUser(string username, string password) { if (!InitializeCalled) { return(PreviousProvider.ValidateUser(username, password)); } if (string.IsNullOrEmpty(username)) { throw new ArgumentException("Argument_Cannot_Be_Null_Or_Empty", "username"); } if (string.IsNullOrEmpty(password)) { throw new ArgumentException("Argument_Cannot_Be_Null_Or_Empty", "password"); } using (var session = new MongoSession(_connectionString)) { var user = VerifyUserNameHasConfirmedAccount(session, username, throwException: false); if (user == null) { return(false); } else { var result = CheckPassword(session, user.UserId, password); try { if (result) { user.LastLoginDate = DateTime.Now; } else { user.LastPasswordFailureDate = DateTime.Now; } session.Update(user); } catch (Exception ex) { } return(result); } } }
// Inherited from MembershipProvider ==> Forwarded to previous provider if this provider hasn't been initialized public override MembershipUser GetUser(string username, bool userIsOnline) { if (!InitializeCalled) { return(PreviousProvider.GetUser(username, userIsOnline)); } MembershipAccount user; try { user = GetUser(username); } catch (Exception ex) { return(null); } return(new MembershipUser(Membership.Provider.Name, username, user.UserId, null, null, null, true, false, DateTime.MinValue, user.LastLoginDate ?? DateTime.MinValue, DateTime.MinValue, DateTime.MinValue, DateTime.MinValue)); }
/// <summary> /// Gets a list of the roles that a specified user is in for the configured applicationName. /// </summary> /// <remarks>Inherited from RoleProvider ==> Forwarded to previous provider if this provider hasn't been initialized</remarks> /// <param name="username">The user to return a list of roles for.</param> /// <returns>A string array containing the names of all the roles that the specified user is in for the configured applicationName.</returns> /// <exception cref="System.InvalidOperationException"></exception> public override string[] GetRolesForUser(string username) { if (!InitializeCalled) { return(PreviousProvider.GetRolesForUser(username)); } using (var db = NewMySqlSecurityDbContext) { int userId = MySqlSimpleMembershipProvider.GetUserId(db, username); if (userId == -1) { throw new InvalidOperationException(String.Format(CultureInfo.CurrentCulture, Resources.Security_NoUserFound, username)); } var roleNames = db.UsersInRoles.Where(x => x.UserId == userId) .Select(x => x.Role.RoleName) .ToArray(); return(roleNames); } }
// Inherited from MembershipProvider ==> Forwarded to previous provider if this provider hasn't been initialized public override bool ChangePassword(string username, string oldPassword, string newPassword) { if (!InitializeCalled) { return(PreviousProvider.ChangePassword(username, oldPassword, newPassword)); } // REVIEW: are commas special in the password? if (string.IsNullOrEmpty(username)) { throw new ArgumentException("Argument_Cannot_Be_Null_Or_Empty", "username"); } if (string.IsNullOrEmpty(oldPassword)) { throw new ArgumentException("Argument_Cannot_Be_Null_Or_Empty", "oldPassword"); } if (string.IsNullOrEmpty(newPassword)) { throw new ArgumentException("Argument_Cannot_Be_Null_Or_Empty", "newPassword"); } MembershipAccount user; try { user = GetUser(username); } catch { return(false); } using (var session = new MongoSession(_connectionString)) { // First check that the old credentials match if (!CheckPassword(session, user.UserId, oldPassword)) { return(false); } return(SetPassword(session, user, newPassword)); } }
/// <summary> /// Removes a role from the data source for the configured applicationName. /// </summary> /// <remarks>Inherited from RoleProvider ==> Forwarded to previous provider if this provider hasn't been initialized</remarks> /// <param name="roleName">The name of the role to delete.</param> /// <param name="throwOnPopulatedRole">If true, throw an exception if <paramref name="roleName" /> has one or more members and do not delete <paramref name="roleName" />.</param> /// <returns>true if the role was successfully deleted; otherwise, false.</returns> /// <exception cref="System.InvalidOperationException"></exception> public override bool DeleteRole(string roleName, bool throwOnPopulatedRole) { if (!InitializeCalled) { return(PreviousProvider.DeleteRole(roleName, throwOnPopulatedRole)); } using (var db = NewMySqlMembershipContext) { var roleId = FindRoleId(db, roleName); if (roleId == -1) { return(false); } var usersInRoles = db.UsersInRoles.Where(x => x.RoleId == roleId); if (throwOnPopulatedRole) { if (usersInRoles.Any()) { throw new InvalidOperationException(String.Format(CultureInfo.InvariantCulture, Resources.Security.SimpleRoleProvder_RolePopulated, roleName)); } } else { // Delete any users in this role first foreach (var usersInRole in usersInRoles) { db.UsersInRoles.Remove(usersInRole); } } var role = db.Roles.SingleOrDefault(x => x.RoleId == roleId); db.Roles.Remove(role); return(db.SaveChanges() > 0); } }
// Inherited from MembershipProvider ==> Forwarded to previous provider if this provider hasn't been initialized public override bool ChangePassword(string username, string oldPassword, string newPassword) { if (!InitializeCalled) { return(PreviousProvider.ChangePassword(username, oldPassword, newPassword)); } // REVIEW: are commas special in the password? if (username.IsEmpty()) { throw new ArgumentException(CommonResources.Argument_Cannot_Be_Null_Or_Empty, "username"); } if (oldPassword.IsEmpty()) { throw new ArgumentException(CommonResources.Argument_Cannot_Be_Null_Or_Empty, "oldPassword"); } if (newPassword.IsEmpty()) { throw new ArgumentException(CommonResources.Argument_Cannot_Be_Null_Or_Empty, "newPassword"); } using (var db = ConnectToDatabase()) { int userId = GetUserId(db, SafeUserTableName, SafeUserNameColumn, SafeUserIdColumn, username); if (userId == -1) { return(false); // User not found } // First check that the old credentials match if (!CheckPassword(db, userId, oldPassword)) { return(false); } return(SetPassword(db, userId, newPassword)); } }
// Inherited from RoleProvider ==> Forwarded to previous provider if this provider hasn't been initialized public override void CreateRole(string roleName) { if (!InitializeCalled) { PreviousProvider.CreateRole(roleName); } else { using (var db = ConnectToDatabase()) { int roleId = FindRoleId(db, roleName); if (roleId != -1) { throw new InvalidOperationException(String.Format(CultureInfo.InvariantCulture, WebDataResources.SimpleRoleProvider_RoleExists, roleName)); } int rows = db.Execute("INSERT INTO " + RoleTableName + " (RoleName) VALUES (@0)", roleName); if (rows != 1) { throw new ProviderException(WebDataResources.Security_DbFailure); } } } }
// Inherited from MembershipProvider ==> Forwarded to previous provider if this provider hasn't been initialized public override bool DeleteUser(string username, bool deleteAllRelatedData) { if (!InitializeCalled) { return(PreviousProvider.DeleteUser(username, deleteAllRelatedData)); } MembershipAccount user; try { user = GetUser(username); } catch (Exception) { return(false); } using (var session = new MongoSession(_connectionString)) { user.CatchAll = null; bool returnValue = false; try { session.Save(user); returnValue = true; } catch (Exception) { } //if (deleteAllRelatedData) { // REVIEW: do we really want to delete from the user table? //} return(returnValue); } }
// Inherited from RoleProvider ==> Forwarded to previous provider if this provider hasn't been initialized public override void AddUsersToRoles(string[] usernames, string[] roleNames) { if (!InitializeCalled) { PreviousProvider.AddUsersToRoles(usernames, roleNames); } else { using (var db = ConnectToDatabase()) { int userCount = usernames.Length; int roleCount = roleNames.Length; List <int> userIds = GetUserIdsFromNames(db, usernames); List <int> roleIds = GetRoleIdsFromNames(db, roleNames); // Generate a INSERT INTO for each userid/rowid combination, where userIds are the first params, and roleIds follow for (int uId = 0; uId < userCount; uId++) { for (int rId = 0; rId < roleCount; rId++) { if (IsUserInRole(usernames[uId], roleNames[rId])) { throw new InvalidOperationException(String.Format(CultureInfo.CurrentCulture, WebDataResources.SimpleRoleProvder_UserAlreadyInRole, usernames[uId], roleNames[rId])); } // REVIEW: is there a way to batch up these inserts? int rows = db.Execute("INSERT INTO " + UsersInRoleTableName + " VALUES (" + userIds[uId] + "," + roleIds[rId] + "); "); if (rows != 1) { throw new ProviderException(WebDataResources.Security_DbFailure); } } } } } }
// Inherited from MembershipProvider ==> Forwarded to previous provider if this provider hasn't been initialized public override bool DeleteUser(string username, bool deleteAllRelatedData) { if (!InitializeCalled) { return(PreviousProvider.DeleteUser(username, deleteAllRelatedData)); } using (var db = ConnectToDatabase()) { int userId = GetUserId(db, SafeUserTableName, SafeUserNameColumn, SafeUserIdColumn, username); if (userId == -1) { return(false); // User not found } int deleted = db.Execute(@"DELETE FROM " + SafeUserTableName + " WHERE " + SafeUserIdColumn + " = @0", userId); bool returnValue = (deleted == 1); //if (deleteAllRelatedData) { // REVIEW: do we really want to delete from the user table? //} return(returnValue); } }
// Inherited from RoleProvider ==> Forwarded to previous provider if this provider hasn't been initialized public override void RemoveUsersFromRoles(string[] usernames, string[] roleNames) { if (!InitializeCalled) { PreviousProvider.RemoveUsersFromRoles(usernames, roleNames); } else { foreach (string rolename in roleNames) { if (!RoleExists(rolename)) { throw new InvalidOperationException( String.Format( CultureInfo.CurrentCulture, WebDataResources.SimpleRoleProvider_NoRoleFound, rolename ) ); } } foreach (string username in usernames) { foreach (string rolename in roleNames) { if (!IsUserInRole(username, rolename)) { throw new InvalidOperationException( String.Format( CultureInfo.CurrentCulture, WebDataResources.SimpleRoleProvder_UserNotInRole, username, rolename ) ); } } } using (var db = ConnectToDatabase()) { List <int> userIds = GetUserIdsFromNames(db, usernames); List <int> roleIds = GetRoleIdsFromNames(db, roleNames); foreach (int userId in userIds) { foreach (int roleId in roleIds) { // Review: Is there a way to do these all in one query? int rows = db.Execute( "DELETE FROM " + UsersInRoleTableName + " WHERE UserId = " + userId + " and RoleId = " + roleId ); if (rows != 1) { throw new ProviderException(WebDataResources.Security_DbFailure); } } } } } }