private static XmlNode GetAndRemoveNonEmptyStringAttributeInternal(XmlNode node, string attrib, bool fRequired, ref string val) { XmlNode andRemoveStringAttributeInternal = SecUtility.GetAndRemoveStringAttributeInternal(node, attrib, fRequired, ref val); if (andRemoveStringAttributeInternal != null && val.Length == 0) { throw new ConfigurationErrorsException(SR.GetString("The '{0}' attribute cannot be an empty string.", attrib), andRemoveStringAttributeInternal); } return(andRemoveStringAttributeInternal); }
private static XmlNode GetAndRemoveStringAttributeInternal(XmlNode node, string attrib, bool fRequired, ref string val) { XmlNode andRemoveAttribute = SecUtility.GetAndRemoveAttribute(node, attrib, fRequired); if (andRemoveAttribute != null) { val = andRemoveAttribute.Value; } return(andRemoveAttribute); }
public override void Initialize(string name, NameValueCollection config) { if (config == null) { throw new ArgumentNullException("config"); } if (string.IsNullOrEmpty(name)) { name = "SqlRoleProvider"; } if (string.IsNullOrEmpty(config["description"])) { config.Remove("description"); config.Add("description", SR.GetString("SQL role provider.")); } base.Initialize(name, config); this._CommandTimeout = SecUtility.GetIntValue(config, "commandTimeout", 30, true, 0); string text = config["connectionStringName"]; if (text == null || text.Length < 1) { throw new ProviderException(SR.GetString("The attribute 'connectionStringName' is missing or empty.")); } this._sqlConnectionString = SqlConnectionHelper.GetConnectionString(text, true, true); if (this._sqlConnectionString == null || this._sqlConnectionString.Length < 1) { throw new ProviderException(SR.GetString("The connection name '{0}' was not found in the applications configuration or the connection string is empty.", text)); } this._AppName = config["applicationName"]; if (string.IsNullOrEmpty(this._AppName)) { this._AppName = SecUtility.GetDefaultAppName(); } if (this._AppName.Length > 256) { throw new ProviderException(SR.GetString("The application name is too long.")); } config.Remove("connectionStringName"); config.Remove("applicationName"); config.Remove("commandTimeout"); if (config.Count > 0) { string key = config.GetKey(0); if (!string.IsNullOrEmpty(key)) { throw new ProviderException(SR.GetString("Attribute not recognized '{0}'", key)); } } }
public override bool RoleExists(string roleName) { SecUtility.CheckParameter(ref roleName, true, true, true, 256, "roleName"); bool result; try { SqlConnectionHolder sqlConnectionHolder = null; try { sqlConnectionHolder = SqlConnectionHelper.GetConnection(this._sqlConnectionString, true); SqlCommand sqlCommand = new SqlCommand("dbo.aspnet_Roles_RoleExists", sqlConnectionHolder.Connection); sqlCommand.CommandType = CommandType.StoredProcedure; sqlCommand.CommandTimeout = this.CommandTimeout; SqlParameter sqlParameter = new SqlParameter("@ReturnValue", SqlDbType.Int); sqlParameter.Direction = ParameterDirection.ReturnValue; sqlCommand.Parameters.Add(sqlParameter); sqlCommand.Parameters.Add(this.CreateInputParam("@RoleName", SqlDbType.NVarChar, roleName)); sqlCommand.ExecuteNonQuery(); switch (this.GetReturnValue(sqlCommand)) { case 0: result = false; break; case 1: result = true; break; default: throw new ProviderException(SR.GetString("Stored procedure call failed.")); } } finally { if (sqlConnectionHolder != null) { sqlConnectionHolder.Close(); sqlConnectionHolder = null; } } } catch { throw; } return(result); }
public override bool DeleteRole(string roleName, bool throwOnPopulatedRole) { SecUtility.CheckParameter(ref roleName, true, true, true, 256, "roleName"); bool result; try { SqlConnectionHolder sqlConnectionHolder = null; try { sqlConnectionHolder = SqlConnectionHelper.GetConnection(this._sqlConnectionString, true); SqlCommand sqlCommand = new SqlCommand("dbo.aspnet_Roles_DeleteRole", sqlConnectionHolder.Connection); sqlCommand.CommandType = CommandType.StoredProcedure; sqlCommand.CommandTimeout = this.CommandTimeout; SqlParameter sqlParameter = new SqlParameter("@ReturnValue", SqlDbType.Int); sqlParameter.Direction = ParameterDirection.ReturnValue; sqlCommand.Parameters.Add(sqlParameter); sqlCommand.Parameters.Add(this.CreateInputParam("@RoleName", SqlDbType.NVarChar, roleName)); sqlCommand.Parameters.Add(this.CreateInputParam("@DeleteOnlyIfRoleIsEmpty", SqlDbType.Bit, throwOnPopulatedRole ? 1 : 0)); sqlCommand.ExecuteNonQuery(); int returnValue = this.GetReturnValue(sqlCommand); if (returnValue == 2) { throw new ProviderException(SR.GetString("This role cannot be deleted because there are users present in it.")); } result = (returnValue == 0); } finally { if (sqlConnectionHolder != null) { sqlConnectionHolder.Close(); sqlConnectionHolder = null; } } } catch { throw; } return(result); }
private static XmlNode GetAndRemoveBooleanAttributeInternal(XmlNode node, string attrib, bool fRequired, ref bool val) { XmlNode andRemoveAttribute = SecUtility.GetAndRemoveAttribute(node, attrib, fRequired); if (andRemoveAttribute != null) { if (andRemoveAttribute.Value == "true") { val = true; } else { if (!(andRemoveAttribute.Value == "false")) { throw new ConfigurationErrorsException(SR.GetString("The '{0}' attribute must be set to 'true' or 'false'.", andRemoveAttribute.Name), andRemoveAttribute); } val = false; } } return(andRemoveAttribute); }
internal static void CheckArrayParameter(ref string[] param, bool checkForNull, bool checkIfEmpty, bool checkForCommas, int maxSize, string paramName) { if (param == null) { throw new ArgumentNullException(paramName); } if (param.Length < 1) { throw new ArgumentException(SR.GetString("The array parameter '{0}' should not be empty.", paramName), paramName); } Hashtable hashtable = new Hashtable(param.Length); for (int i = param.Length - 1; i >= 0; i--) { SecUtility.CheckParameter(ref param[i], checkForNull, checkIfEmpty, checkForCommas, maxSize, paramName + "[ " + i.ToString(CultureInfo.InvariantCulture) + " ]"); if (hashtable.Contains(param[i])) { throw new ArgumentException(SR.GetString("The array '{0}' should not contain duplicate values.", paramName), paramName); } hashtable.Add(param[i], param[i]); } }
internal static void GetAndRemovePositiveAttribute(NameValueCollection config, string attrib, string providerName, ref int val) { SecUtility.GetPositiveAttribute(config, attrib, providerName, ref val); config.Remove(attrib); }
internal static bool IsRelativeUrl(string virtualPath) { return(virtualPath.IndexOf(":", StringComparison.Ordinal) == -1 && !SecUtility.IsRooted(virtualPath)); }
internal static XmlNode GetAndRemoveStringAttribute(XmlNode node, string attrib, ref string val) { return(SecUtility.GetAndRemoveStringAttributeInternal(node, attrib, false, ref val)); }
internal static bool IsUncSharePath(string path) { return(path.Length > 2 && SecUtility.IsDirectorySeparatorChar(path[0]) && SecUtility.IsDirectorySeparatorChar(path[1])); }
internal static bool IsAbsolutePhysicalPath(string path) { return(path != null && path.Length >= 3 && ((path[1] == ':' && SecUtility.IsDirectorySeparatorChar(path[2])) || SecUtility.IsUncSharePath(path))); }
public override string[] FindUsersInRole(string roleName, string usernameToMatch) { SecUtility.CheckParameter(ref roleName, true, true, true, 256, "roleName"); SecUtility.CheckParameter(ref usernameToMatch, true, true, false, 256, "usernameToMatch"); string[] result; try { SqlConnectionHolder sqlConnectionHolder = null; try { sqlConnectionHolder = SqlConnectionHelper.GetConnection(this._sqlConnectionString, true); SqlCommand sqlCommand = new SqlCommand("dbo.aspnet_UsersInRoles_FindUsersInRole", sqlConnectionHolder.Connection); SqlDataReader sqlDataReader = null; SqlParameter sqlParameter = new SqlParameter("@ReturnValue", SqlDbType.Int); StringCollection stringCollection = new StringCollection(); sqlCommand.CommandType = CommandType.StoredProcedure; sqlCommand.CommandTimeout = this.CommandTimeout; sqlParameter.Direction = ParameterDirection.ReturnValue; sqlCommand.Parameters.Add(sqlParameter); sqlCommand.Parameters.Add(this.CreateInputParam("@RoleName", SqlDbType.NVarChar, roleName)); sqlCommand.Parameters.Add(this.CreateInputParam("@UserNameToMatch", SqlDbType.NVarChar, usernameToMatch)); try { sqlDataReader = sqlCommand.ExecuteReader(CommandBehavior.SequentialAccess); while (sqlDataReader.Read()) { stringCollection.Add(sqlDataReader.GetString(0)); } } catch { throw; } finally { if (sqlDataReader != null) { sqlDataReader.Close(); } } if (stringCollection.Count < 1) { switch (this.GetReturnValue(sqlCommand)) { case 0: result = new string[0]; break; case 1: throw new ProviderException(SR.GetString("The role '{0}' was not found.", roleName)); default: throw new ProviderException(SR.GetString("Stored procedure call failed.")); } } else { string[] array = new string[stringCollection.Count]; stringCollection.CopyTo(array, 0); result = array; } } finally { if (sqlConnectionHolder != null) { sqlConnectionHolder.Close(); sqlConnectionHolder = null; } } } catch { throw; } return(result); }
public override void RemoveUsersFromRoles(string[] usernames, string[] roleNames) { SecUtility.CheckArrayParameter(ref roleNames, true, true, true, 256, "roleNames"); SecUtility.CheckArrayParameter(ref usernames, true, true, true, 256, "usernames"); bool flag = false; try { SqlConnectionHolder sqlConnectionHolder = null; try { sqlConnectionHolder = SqlConnectionHelper.GetConnection(this._sqlConnectionString, true); int i = usernames.Length; while (i > 0) { string text = usernames[usernames.Length - i]; i--; int num = usernames.Length - i; while (num < usernames.Length && text.Length + usernames[num].Length + 1 < 4000) { text = text + "," + usernames[num]; i--; num++; } int j = roleNames.Length; while (j > 0) { string text2 = roleNames[roleNames.Length - j]; j--; num = roleNames.Length - j; while (num < roleNames.Length && text2.Length + roleNames[num].Length + 1 < 4000) { text2 = text2 + "," + roleNames[num]; j--; num++; } if (!flag && (i > 0 || j > 0)) { new SqlCommand("BEGIN TRANSACTION", sqlConnectionHolder.Connection).ExecuteNonQuery(); flag = true; } this.RemoveUsersFromRolesCore(sqlConnectionHolder.Connection, text, text2); } } if (flag) { new SqlCommand("COMMIT TRANSACTION", sqlConnectionHolder.Connection).ExecuteNonQuery(); flag = false; } } catch { if (flag) { new SqlCommand("ROLLBACK TRANSACTION", sqlConnectionHolder.Connection).ExecuteNonQuery(); flag = false; } throw; } finally { if (sqlConnectionHolder != null) { sqlConnectionHolder.Close(); sqlConnectionHolder = null; } } } catch { throw; } }