////////////////////////////////////////////////////////////////////// ////////////////////////////////////////////////////////////////////// ////////////////////////////////////////////////////////////////////// public override string[] FindUsersInRole(string roleName, string usernameToMatch) { SecUtility.CheckParameter(ref roleName, true, true, true, 256, "roleName"); SecUtility.CheckParameter(ref usernameToMatch, true, true, false, 256, "usernameToMatch"); try { SqlConnectionHolder holder = null; try { holder = SqlConnectionHelper.GetConnection(_sqlConnectionString, true); CheckSchemaVersion(holder.Connection); SqlCommand cmd = new SqlCommand("dbo.aspnet_UsersInRoles_FindUsersInRole", holder.Connection); SqlDataReader reader = null; SqlParameter p = new SqlParameter("@ReturnValue", SqlDbType.Int); StringCollection sc = new StringCollection(); cmd.CommandType = CommandType.StoredProcedure; cmd.CommandTimeout = CommandTimeout; p.Direction = ParameterDirection.ReturnValue; cmd.Parameters.Add(p); cmd.Parameters.Add(CreateInputParam("@ApplicationName", SqlDbType.NVarChar, ApplicationName)); cmd.Parameters.Add(CreateInputParam("@RoleName", SqlDbType.NVarChar, roleName)); cmd.Parameters.Add(CreateInputParam("@UserNameToMatch", SqlDbType.NVarChar, usernameToMatch)); try { reader = cmd.ExecuteReader(CommandBehavior.SequentialAccess); while (reader.Read()) { sc.Add(reader.GetString(0)); } } catch { throw; } finally { if (reader != null) { reader.Close(); } } if (sc.Count < 1) { switch (GetReturnValue(cmd)) { case 0: return(new string[0]); case 1: throw new ProviderException(SR.GetString(SR.Provider_role_not_found, roleName)); default: throw new ProviderException(SR.GetString(SR.Provider_unknown_failure)); } } String[] strReturn = new String[sc.Count]; sc.CopyTo(strReturn, 0); return(strReturn); } finally { if (holder != null) { holder.Close(); holder = null; } } } catch { throw; } }
////////////////////////////////////////////////////////////////////// ////////////////////////////////////////////////////////////////////// ////////////////////////////////////////////////////////////////////// public override void RemoveUsersFromRoles(string[] usernames, string[] roleNames) { SecUtility.CheckArrayParameter(ref roleNames, true, true, true, 256, "roleNames"); SecUtility.CheckArrayParameter(ref usernames, true, true, true, 256, "usernames"); bool beginTranCalled = false; try { SqlConnectionHolder holder = null; try { holder = SqlConnectionHelper.GetConnection(_sqlConnectionString, true); CheckSchemaVersion(holder.Connection); int numUsersRemaing = usernames.Length; while (numUsersRemaing > 0) { int iter; string allUsers = usernames[usernames.Length - numUsersRemaing]; numUsersRemaing--; for (iter = usernames.Length - numUsersRemaing; iter < usernames.Length; iter++) { if (allUsers.Length + usernames[iter].Length + 1 >= 4000) { break; } allUsers += "," + usernames[iter]; numUsersRemaing--; } int numRolesRemaining = roleNames.Length; while (numRolesRemaining > 0) { string allRoles = roleNames[roleNames.Length - numRolesRemaining]; numRolesRemaining--; for (iter = roleNames.Length - numRolesRemaining; iter < roleNames.Length; iter++) { if (allRoles.Length + roleNames[iter].Length + 1 >= 4000) { break; } allRoles += "," + roleNames[iter]; numRolesRemaining--; } // // Note: ADO.NET 2.0 introduced the TransactionScope class - in your own code you should use TransactionScope // rather than explicitly managing transactions with the TSQL BEGIN/COMMIT/ROLLBACK statements. // if (!beginTranCalled && (numUsersRemaing > 0 || numRolesRemaining > 0)) { (new SqlCommand("BEGIN TRANSACTION", holder.Connection)).ExecuteNonQuery(); beginTranCalled = true; } RemoveUsersFromRolesCore(holder.Connection, allUsers, allRoles); } } if (beginTranCalled) { (new SqlCommand("COMMIT TRANSACTION", holder.Connection)).ExecuteNonQuery(); beginTranCalled = false; } } catch { if (beginTranCalled) { (new SqlCommand("ROLLBACK TRANSACTION", holder.Connection)).ExecuteNonQuery(); beginTranCalled = false; } throw; } finally { if (holder != null) { holder.Close(); holder = null; } } } catch { throw; } }