Пример #1
0
        /////////////////////////////////////////////////////////////////////////////////
        /////////////////////////////////////////////////////////////////////////////////
        /////////////////////////////////////////////////////////////////////////////////
        private void StoreRolesForCurrentUser()
        {
            if (_UsingFileSystemStore || _UsingIsolatedStore)
            {
                ClientData cd = ClientDataManager.GetUserClientData(_CurrentUser, _UsingIsolatedStore);
                cd.Roles = _Roles;
                cd.RolesCachedDateUtc = DateTime.UtcNow;
                cd.Save();
                return;
            }

            // if (MustAssertForSql)
            //     (new PermissionSet(PermissionState.Unrestricted)).Assert();
            RemoveRolesFromDB(); // Remove all old roles

            DbTransaction trans = null;

            using (DbConnection conn = SqlHelper.GetConnection(_CurrentUser, _ConnectionString, _ConnectionStringProvider)) {
                try {
                    trans = conn.BeginTransaction();

                    // Add the roles
                    DbCommand cmd = null;
                    foreach (string role in _Roles)
                    {
                        cmd             = conn.CreateCommand();
                        cmd.CommandText = "INSERT INTO Roles(UserName, RoleName) VALUES(@UserName, @RoleName)";
                        SqlHelper.AddParameter(conn, cmd, "@UserName", _CurrentUser);
                        SqlHelper.AddParameter(conn, cmd, "@RoleName", role);
                        cmd.Transaction = trans;
                        cmd.ExecuteNonQuery();
                    }
                    cmd             = conn.CreateCommand();
                    cmd.CommandText = "INSERT INTO UserProperties (PropertyName, PropertyValue) VALUES(@RolesCachedDate, @Date)";
                    SqlHelper.AddParameter(conn, cmd, "@RolesCachedDate", "RolesCachedDate_" + _CurrentUser);
                    SqlHelper.AddParameter(conn, cmd, "@Date", DateTime.UtcNow.ToFileTimeUtc().ToString(CultureInfo.InvariantCulture));
                    cmd.Transaction = trans;
                    cmd.ExecuteNonQuery();
                } catch {
                    if (trans != null)
                    {
                        trans.Rollback();
                        trans = null;
                    }
                    throw;
                } finally {
                    if (trans != null)
                    {
                        trans.Commit();
                    }
                }
            }
        }
        /////////////////////////////////////////////////////////////////////////////////
        /////////////////////////////////////////////////////////////////////////////////
        /////////////////////////////////////////////////////////////////////////////////
        private void StoreLastUserNameInOffileStore(string username)
        {
            if (_UsingFileSystemStore || _UsingIsolatedStore)
            {
                ClientData cd = ClientDataManager.GetAppClientData(_UsingIsolatedStore);
                cd.LastLoggedInUserName = username;
                cd.LastLoggedInDateUtc  = DateTime.UtcNow;
                cd.Save();
                return;
            }

            //if (MustAssertForSql)
            //    (new PermissionSet(PermissionState.Unrestricted)).Assert();
            using (DbConnection conn = SqlHelper.GetConnection(null, _ConnectionString, _ConnectionStringProvider)) {
                DbTransaction trans = null;
                try
                {
                    trans = conn.BeginTransaction();
                    DbCommand cmd = conn.CreateCommand();
                    cmd.Transaction = trans;
                    cmd.CommandText = "DELETE FROM ApplicationProperties WHERE PropertyName = N'LastLoggedInUserName'";
                    cmd.ExecuteNonQuery();
                    if (!string.IsNullOrEmpty(username))
                    {
                        cmd             = conn.CreateCommand();
                        cmd.Transaction = trans;
                        cmd.CommandText = "INSERT INTO ApplicationProperties(PropertyName, PropertyValue) VALUES (N'LastLoggedInUserName', @UserName)";
                        SqlHelper.AddParameter(conn, cmd, "@UserName", username);
                        cmd.ExecuteNonQuery();

                        cmd             = conn.CreateCommand();
                        cmd.Transaction = trans;
                        cmd.CommandText = "INSERT INTO ApplicationProperties(PropertyName, PropertyValue) VALUES (N'LastLoggedInDate', @Date)";
                        SqlHelper.AddParameter(conn, cmd, "@Date", DateTime.Now.ToFileTimeUtc().ToString(CultureInfo.InvariantCulture));
                        cmd.Transaction = trans;
                        cmd.ExecuteNonQuery();
                    }
                } catch {
                    if (trans != null)
                    {
                        trans.Rollback();
                        trans = null;
                    }
                    throw;
                } finally {
                    if (trans != null)
                    {
                        trans.Commit();
                    }
                }
            }
        }
Пример #3
0
 private void SetIsCacheMoreFresh(bool fSet)
 {
     if (_UsingFileSystemStore || _UsingIsolatedStore)
     {
         ClientData cd = ClientDataManager.GetUserClientData(Thread.CurrentPrincipal.Identity.Name, _UsingIsolatedStore);
         cd.SettingsCacheIsMoreFresh = fSet;
         cd.Save();
     }
     else
     {
         SetTagValue("IsCacheMoreFresh", fSet ? "1" : "0");
     }
 }
Пример #4
0
 private void SetNeedToReset(bool fSet)
 {
     if (_UsingFileSystemStore || _UsingIsolatedStore)
     {
         ClientData cd = ClientDataManager.GetUserClientData(Thread.CurrentPrincipal.Identity.Name, _UsingIsolatedStore);
         cd.SettingsNeedReset = fSet;
         cd.Save();
     }
     else
     {
         SetTagValue("NeeedToDoReset", fSet ? "1" : "0");
     }
 }
Пример #5
0
        internal static string StoreCookie(string username, string cookieName, string cookieValue, bool useIsolatedStore)
        {
            ClientData cd = GetUserClientData(username, useIsolatedStore);

            if (cd.CookieNames == null)
            {
                cd.CookieNames  = new string[0];
                cd.CookieValues = new string[0];
            }
            else
            {
                for (int iter = 0; iter < cd.CookieNames.Length; iter++)
                {
                    if (cd.CookieValues[iter].StartsWith(cookieName + "=", StringComparison.OrdinalIgnoreCase))
                    {
                        if (cd.CookieValues[iter] != cookieName + "=" + cookieValue)
                        {
                            cd.CookieValues[iter] = cookieName + "=" + cookieValue;
                            cd.Save();
                        }
                        return(cd.CookieNames[iter]);
                    }
                }
            }

            string name = Guid.NewGuid().ToString("N");

            string [] names = new string[cd.CookieNames.Length + 1];
            string [] vals  = new string[cd.CookieNames.Length + 1];
            cd.CookieNames.CopyTo(names, 0);
            cd.CookieValues.CopyTo(vals, 0);
            names[cd.CookieNames.Length] = name;
            vals[cd.CookieNames.Length]  = cookieName + "=" + cookieValue;

            cd.CookieNames  = names;
            cd.CookieValues = vals;
            cd.Save();
            return(name);
        }
Пример #6
0
        /////////////////////////////////////////////////////////////////////////////////
        /////////////////////////////////////////////////////////////////////////////////
        /////////////////////////////////////////////////////////////////////////////////
        private void RemoveRolesFromDB()
        {
            // if (MustAssertForSql)
            //     (new PermissionSet(PermissionState.Unrestricted)).Assert();
            if (string.IsNullOrEmpty(_CurrentUser))
            {
                return;
            }


            if (_UsingFileSystemStore || _UsingIsolatedStore)
            {
                ClientData cd = ClientDataManager.GetUserClientData(_CurrentUser, _UsingIsolatedStore);
                cd.Roles = null;
                cd.Save();
                return;
            }


            using (DbConnection conn = SqlHelper.GetConnection(_CurrentUser, _ConnectionString, _ConnectionStringProvider)) {
                DbTransaction trans = null;
                try {
                    trans = conn.BeginTransaction();
                    DbCommand cmd = conn.CreateCommand();
                    cmd.CommandText = "DELETE FROM Roles WHERE UserName = @UserName";
                    SqlHelper.AddParameter(conn, cmd, "@UserName", _CurrentUser);
                    cmd.Transaction = trans;
                    cmd.ExecuteNonQuery();

                    cmd             = conn.CreateCommand();
                    cmd.CommandText = "DELETE FROM UserProperties WHERE PropertyName = @RolesCachedDate";
                    SqlHelper.AddParameter(conn, cmd, "@RolesCachedDate", "RolesCachedDate_" + _CurrentUser);
                    cmd.Transaction = trans;
                    cmd.ExecuteNonQuery();
                } catch {
                    if (trans != null)
                    {
                        trans.Rollback();
                        trans = null;
                    }
                    throw;
                } finally {
                    if (trans != null)
                    {
                        trans.Commit();
                    }
                }
            }
        }
        /////////////////////////////////////////////////////////////////////////////////
        /////////////////////////////////////////////////////////////////////////////////
        /////////////////////////////////////////////////////////////////////////////////
        private void StoreHashedPasswordInDB(string username, string password)
        {
            if (!_SavePasswordHash)
            {
                return;
            }

            // if (MustAssertForSql)
            //    (new PermissionSet(PermissionState.Unrestricted)).Assert();
            byte[] buf = new byte[16];
            (new RNGCryptoServiceProvider()).GetBytes(buf);

            string passwordSalt = Convert.ToBase64String(buf);
            string passwordHash = EncodePassword(password, buf);

            if (_UsingFileSystemStore || _UsingIsolatedStore)
            {
                ClientData cd = ClientDataManager.GetUserClientData(username, _UsingIsolatedStore);
                cd.PasswordHash = passwordHash;
                cd.PasswordSalt = passwordSalt;
                cd.Save();
                return;
            }


            using (DbConnection conn = SqlHelper.GetConnection(username, _ConnectionString, _ConnectionStringProvider)) {
                DbTransaction trans = null;
                DbCommand     cmd   = null;
                try {
                    trans = conn.BeginTransaction();

                    cmd             = conn.CreateCommand();
                    cmd.CommandText = "DELETE FROM UserProperties WHERE PropertyName = @PasswordHashName";
                    SqlHelper.AddParameter(conn, cmd, "@PasswordHashName", "PasswordHash_" + username);
                    cmd.Transaction = trans;
                    cmd.ExecuteNonQuery();

                    cmd             = conn.CreateCommand();
                    cmd.CommandText = "DELETE FROM UserProperties WHERE PropertyName = @PasswordSaltName";
                    SqlHelper.AddParameter(conn, cmd, "@PasswordSaltName", "PasswordSalt_" + username);
                    cmd.Transaction = trans;
                    cmd.ExecuteNonQuery();


                    cmd             = conn.CreateCommand();
                    cmd.CommandText = "INSERT INTO UserProperties(PropertyName, PropertyValue) VALUES (@PasswordHashName, @PasswordHashValue)";
                    SqlHelper.AddParameter(conn, cmd, "@PasswordHashName", "PasswordHash_" + username);
                    SqlHelper.AddParameter(conn, cmd, "@PasswordHashValue", passwordHash);
                    cmd.Transaction = trans;
                    cmd.ExecuteNonQuery();

                    cmd             = conn.CreateCommand();
                    cmd.CommandText = "INSERT INTO UserProperties(PropertyName, PropertyValue) VALUES (@PasswordSaltName, @PasswordSaltValue)";
                    SqlHelper.AddParameter(conn, cmd, "@PasswordSaltName", "PasswordSalt_" + username);
                    SqlHelper.AddParameter(conn, cmd, "@PasswordSaltValue", passwordSalt);
                    cmd.Transaction = trans;
                    cmd.ExecuteNonQuery();
                } catch {
                    if (trans != null)
                    {
                        trans.Rollback();
                        trans = null;
                    }
                    throw;
                } finally {
                    if (trans != null)
                    {
                        trans.Commit();
                    }
                }
            }
        }
Пример #8
0
        /////////////////////////////////////////////////////////////////////////////
        /////////////////////////////////////////////////////////////////////////////
        /////////////////////////////////////////////////////////////////////////////
        private void SetPropertyValuesSQL(SettingsPropertyValueCollection values, bool updateSaveTime)
        {
            string username = Thread.CurrentPrincipal.Identity.Name;

            if (_UsingFileSystemStore || _UsingIsolatedStore)
            {
                ClientData cd = ClientDataManager.GetUserClientData(username, _UsingIsolatedStore);
                cd.SettingsNames    = new string[values.Count];
                cd.SettingsStoredAs = new string[values.Count];
                cd.SettingsValues   = new string[values.Count];

                int iter = 0;

                foreach (SettingsPropertyValue value in values)
                {
                    cd.SettingsNames[iter] = value.Property.Name;

                    object val = value.SerializedValue;
                    if (val == null)
                    {
                        cd.SettingsStoredAs[iter] = "N";
                    }
                    else if (val is string)
                    {
                        cd.SettingsStoredAs[iter] = "S";
                        cd.SettingsValues[iter]   = (string)val;
                    }
                    else
                    {
                        cd.SettingsStoredAs[iter] = "B";
                        cd.SettingsValues[iter]   = Convert.ToBase64String((byte[])val);
                    }

                    iter++;
                }
                if (updateSaveTime)
                {
                    cd.SettingsCacheIsMoreFresh = true;
                }
                cd.Save();
                return;
            }

            using (DbConnection conn = SqlHelper.GetConnection(username, GetConnectionString(), _ConnectionStringProvider)) {
                DbTransaction trans = null;
                try {
                    trans = conn.BeginTransaction();
                    foreach (SettingsPropertyValue value in values)
                    {
                        DbCommand cmd = conn.CreateCommand();
                        cmd.Transaction = trans;
                        cmd.CommandText = "DELETE FROM Settings WHERE PropertyName = @PropName";
                        SqlHelper.AddParameter(conn, cmd, "@PropName", value.Property.Name);
                        cmd.ExecuteNonQuery();

                        cmd             = conn.CreateCommand();
                        cmd.Transaction = trans;
                        object val = value.SerializedValue;
                        if (val == null)
                        {
                            cmd.CommandText = "INSERT INTO Settings (PropertyName, PropertyStoredAs, PropertyValue) VALUES (@PropName, 'N', '')";
                            SqlHelper.AddParameter(conn, cmd, "@PropName", value.Property.Name);
                        }
                        else if (val is string)
                        {
                            cmd.CommandText = "INSERT INTO Settings (PropertyName, PropertyStoredAs, PropertyValue) VALUES (@PropName, 'S', @PropVal)";
                            SqlHelper.AddParameter(conn, cmd, "@PropName", value.Property.Name);
                            SqlHelper.AddParameter(conn, cmd, "@PropVal", (string)val);
                        }
                        else
                        {
                            cmd.CommandText = "INSERT INTO Settings (PropertyName, PropertyStoredAs, PropertyValue) VALUES (@PropName, 'B', @PropVal)";
                            SqlHelper.AddParameter(conn, cmd, "@PropName", value.Property.Name);
                            SqlHelper.AddParameter(conn, cmd, "@PropVal", Convert.ToBase64String((byte[])val));
                        }
                        cmd.ExecuteNonQuery();
                    }
                } catch {
                    if (trans != null)
                    {
                        trans.Rollback();
                        trans = null;
                    }
                    throw;
                } finally {
                    if (trans != null)
                    {
                        trans.Commit();
                    }
                }
            }
            if (updateSaveTime)
            {
                SetIsCacheMoreFresh(true);
            }
        }