/// <summary> /// Saves <see cref="SecurityGroup"/> information to database. /// </summary> /// <param name="database"><see cref="AdoDataConnection"/> to connection to database.</param> /// <param name="securityGroup">Information about <see cref="SecurityGroup"/>.</param> /// <returns>String, for display use, indicating success.</returns> public static string Save(AdoDataConnection database, SecurityGroup securityGroup) { const string ErrorMessage = "Group name already exists."; bool createdConnection = false; string query; string groupSID; int existing; try { createdConnection = CreateConnection(ref database); groupSID = UserInfo.GroupNameToSID(securityGroup.Name); if (!UserInfo.IsGroupSID(groupSID)) { groupSID = securityGroup.Name; } if (securityGroup.ID == Guid.Empty) { existing = Convert.ToInt32(database.Connection.ExecuteScalar(database.ParameterizedQueryString("SELECT COUNT(*) FROM SecurityGroup WHERE Name = {0}", "name"), DefaultTimeout, groupSID)); if (existing > 0) { throw new InvalidOperationException(ErrorMessage); } query = database.ParameterizedQueryString("INSERT INTO SecurityGroup (Name, Description, UpdatedBy, UpdatedOn, CreatedBy, CreatedOn) VALUES ({0}, {1}, " + "{2}, {3}, {4}, {5})", "name", "description", "updatedBy", "updatedOn", "createdBy", "createdOn"); database.Connection.ExecuteNonQuery(query, DefaultTimeout, groupSID, securityGroup.Description.ToNotNull(), CommonFunctions.CurrentUser, database.UtcNow, CommonFunctions.CurrentUser, database.UtcNow); CommonFunctions.LogEvent(string.Format("Security group \"{0}\" created successfully by user \"{1}\".", securityGroup.Name, CommonFunctions.CurrentUser), 6); } else { existing = Convert.ToInt32(database.Connection.ExecuteScalar(database.ParameterizedQueryString("SELECT COUNT(*) FROM SecurityGroup WHERE Name = {0} AND ID <> {1}", "name", "id"), DefaultTimeout, groupSID, securityGroup.ID)); if (existing > 0) { throw new InvalidOperationException(ErrorMessage); } query = database.ParameterizedQueryString("UPDATE SecurityGroup SET Name = {0}, Description = {1}, UpdatedBy = {2}, UpdatedOn = {3} " + "WHERE ID = {4}", "name", "description", "updatedBy", "updatedOn", "id"); database.Connection.ExecuteNonQuery(query, DefaultTimeout, groupSID, securityGroup.Description.ToNotNull(), CommonFunctions.CurrentUser, database.UtcNow, database.Guid(securityGroup.ID)); CommonFunctions.LogEvent(string.Format("Information about security group \"{0}\" updated successfully by user \"{1}\".", securityGroup.Name, CommonFunctions.CurrentUser), 7); } return("Security group information saved successfully"); } finally { if (createdConnection && database != null) { database.Dispose(); } } }
/// <summary> /// Saves <see cref="SecurityGroup"/> information to database. /// </summary> /// <param name="database"><see cref="AdoDataConnection"/> to connection to database.</param> /// <param name="securityGroup">Information about <see cref="SecurityGroup"/>.</param> /// <returns>String, for display use, indicating success.</returns> public static string Save(AdoDataConnection database, SecurityGroup securityGroup) { const string ErrorMessage = "Group name already exists."; bool createdConnection = false; string query; string groupSID; int existing; try { createdConnection = CreateConnection(ref database); groupSID = UserInfo.GroupNameToSID(securityGroup.Name); if (!UserInfo.IsGroupSID(groupSID)) groupSID = securityGroup.Name; if (securityGroup.ID == Guid.Empty) { existing = Convert.ToInt32(database.Connection.ExecuteScalar(database.ParameterizedQueryString("SELECT COUNT(*) FROM SecurityGroup WHERE Name = {0}", "name"), DefaultTimeout, groupSID)); if (existing > 0) throw new InvalidOperationException(ErrorMessage); query = database.ParameterizedQueryString("INSERT INTO SecurityGroup (Name, Description, UpdatedBy, UpdatedOn, CreatedBy, CreatedOn) VALUES ({0}, {1}, " + "{2}, {3}, {4}, {5})", "name", "description", "updatedBy", "updatedOn", "createdBy", "createdOn"); database.Connection.ExecuteNonQuery(query, DefaultTimeout, groupSID, securityGroup.Description.ToNotNull(), CommonFunctions.CurrentUser, database.UtcNow, CommonFunctions.CurrentUser, database.UtcNow); CommonFunctions.LogEvent(string.Format("Security group \"{0}\" created successfully by user \"{1}\".", securityGroup.Name, CommonFunctions.CurrentUser), 6); } else { existing = Convert.ToInt32(database.Connection.ExecuteScalar(database.ParameterizedQueryString("SELECT COUNT(*) FROM SecurityGroup WHERE Name = {0} AND ID <> {1}", "name", "id"), DefaultTimeout, groupSID, securityGroup.ID)); if (existing > 0) throw new InvalidOperationException(ErrorMessage); query = database.ParameterizedQueryString("UPDATE SecurityGroup SET Name = {0}, Description = {1}, UpdatedBy = {2}, UpdatedOn = {3} " + "WHERE ID = {4}", "name", "description", "updatedBy", "updatedOn", "id"); database.Connection.ExecuteNonQuery(query, DefaultTimeout, groupSID, securityGroup.Description.ToNotNull(), CommonFunctions.CurrentUser, database.UtcNow, database.Guid(securityGroup.ID)); CommonFunctions.LogEvent(string.Format("Information about security group \"{0}\" updated successfully by user \"{1}\".", securityGroup.Name, CommonFunctions.CurrentUser), 7); } return "Security group information saved successfully"; } finally { if (createdConnection && database != null) database.Dispose(); } }