using System.Configuration.Provider;
using System.Web.Configuration;
-namespace System.Web.Security {
+namespace System.Web.Security
+{
- public class SqlRoleProvider: RoleProvider {
+ public class SqlRoleProvider : RoleProvider
+ {
string applicationName;
- int commandTimeout;
- string providerName;
+ bool schemaIsOk = false;
ConnectionStringSettings connectionString;
DbProviderFactory factory;
- DbConnection connection;
- void InitConnection ()
+ DbConnection CreateConnection ()
{
- if (factory == null)
- factory = ProvidersHelper.GetDbProviderFactory (connectionString.ProviderName);
- if (connection == null) {
- connection = factory.CreateConnection();
- connection.ConnectionString = connectionString.ConnectionString;
- }
+ if (!schemaIsOk && !(schemaIsOk = AspNetDBSchemaChecker.CheckMembershipSchemaVersion (factory, connectionString.ConnectionString, "role manager", "1")))
+ throw new ProviderException ("Incorrect ASP.NET DB Schema Version.");
+
+ DbConnection connection = factory.CreateConnection ();
+ connection.ConnectionString = connectionString.ConnectionString;
+
+ connection.Open ();
+ return connection;
+ }
+
+ static void AddParameter (DbCommand command, string parameterName, object parameterValue)
+ {
+ AddParameter (command, parameterName, ParameterDirection.Input, parameterValue);
+ }
+
+ static DbParameter AddParameter (DbCommand command, string parameterName, ParameterDirection direction, object parameterValue)
+ {
+ DbParameter dbp = command.CreateParameter ();
+ dbp.ParameterName = parameterName;
+ dbp.Value = parameterValue;
+ dbp.Direction = direction;
+ command.Parameters.Add (dbp);
+ return dbp;
}
- void AddParameter (DbCommand command, string parameterName, string parameterValue)
+ static DbParameter AddParameter (DbCommand command, string parameterName, ParameterDirection direction, DbType type, object parameterValue)
{
DbParameter dbp = command.CreateParameter ();
dbp.ParameterName = parameterName;
dbp.Value = parameterValue;
- dbp.Direction = ParameterDirection.Input;
+ dbp.Direction = direction;
+ dbp.DbType = type;
command.Parameters.Add (dbp);
+ return dbp;
}
public override void AddUsersToRoles (string [] usernames, string [] rolenames)
{
- string commandText = @"
-INSERT INTO dbo.aspnet_UsersInRoles (UserId, RoleId)
- SELECT dbo.aspnet_Users.UserId, dbo.aspnet_Roles.RoleId
- FROM dbo.aspnet_Users, dbo.aspnet_Roles, dbo.aspnet_Applications
- WHERE dbo.aspnet_Users.ApplicationId = dbo.aspnet_Applications.ApplicationId
- AND dbo.aspnet_Roles.ApplicationId = dbo.aspnet_Applications.ApplicationId
- AND dbo.aspnet_Applications.LoweredApplicationName = LOWER(@ApplicationName)
- AND dbo.aspnet_Users.LoweredUserName = LOWER(@UserName)
- AND dbo.aspnet_Roles.LoweredRoleName = LOWER(@RoleName)
-";
-
- Hashtable h;
-
- h = new Hashtable();
+ Hashtable h = new Hashtable ();
+
foreach (string u in usernames) {
if (u == null)
throw new ArgumentNullException ("null element in usernames array");
if (h.ContainsKey (u))
throw new ArgumentException ("duplicate element in usernames array");
- if (u.Length == 0 || u.Length > 256 || u.IndexOf (",") != -1)
+ if (u.Length == 0 || u.Length > 256 || u.IndexOf (',') != -1)
throw new ArgumentException ("element in usernames array in illegal format");
h.Add (u, u);
}
- h = new Hashtable();
- foreach (string r in usernames) {
+ h = new Hashtable ();
+ foreach (string r in rolenames) {
if (r == null)
- throw new ArgumentNullException ("null element in usernames array");
+ throw new ArgumentNullException ("null element in rolenames array");
if (h.ContainsKey (r))
- throw new ArgumentException ("duplicate element in usernames array");
- if (r.Length == 0 || r.Length > 256 || r.IndexOf (",") != -1)
- throw new ArgumentException ("element in usernames array in illegal format");
+ throw new ArgumentException ("duplicate element in rolenames array");
+ if (r.Length == 0 || r.Length > 256 || r.IndexOf (',') != -1)
+ throw new ArgumentException ("element in rolenames array in illegal format");
h.Add (r, r);
- }
-
- InitConnection();
-
- bool closed = connection.State == ConnectionState.Closed;
- if (closed)
- connection.Open();
-
- DbTransaction trans = connection.BeginTransaction ();
-
- try {
- foreach (string username in usernames) {
+ }
+
+ using (DbConnection connection = CreateConnection ()) {
+ /* add the user/role combination to dbo.aspnet_UsersInRoles */
+ DbCommand command = factory.CreateCommand ();
+ command.CommandText = @"dbo.aspnet_UsersInRoles_AddUsersToRoles";
+ command.Connection = connection;
+ command.CommandType = CommandType.StoredProcedure;
- foreach (string rolename in rolenames) {
+ AddParameter (command, "@RoleNames", String.Join (",", rolenames));
+ AddParameter (command, "@UserNames", String.Join (",", usernames));
+ AddParameter (command, "@ApplicationName", ApplicationName);
+ AddParameter (command, "@CurrentTimeUtc", DateTime.UtcNow);
+ DbParameter dbpr = AddParameter (command, "@ReturnVal", ParameterDirection.ReturnValue, DbType.Int32, null);
- /* add the user/role combination to dbo.aspnet_UsersInRoles */
- DbCommand command = factory.CreateCommand ();
- command.Transaction = trans;
- command.CommandText = commandText;
- command.Connection = connection;
- command.CommandType = CommandType.Text;
- AddParameter (command, "RoleName", rolename);
- AddParameter (command, "UserName", username);
- AddParameter (command, "ApplicationName", ApplicationName);
+ command.ExecuteNonQuery ();
- if (command.ExecuteNonQuery() != 1)
- throw new ProviderException ("failed to create new user/role association.");
- }
- }
-
- trans.Commit ();
- }
- catch (Exception e) {
- trans.Rollback ();
- if (e is ProviderException)
- throw e;
+ int returnValue = (int) dbpr.Value;
+ if (returnValue == 0)
+ return;
+ else if (returnValue == 2)
+ throw new ProviderException ("One or more of the specified user/role names was not found.");
+ else if (returnValue == 3)
+ throw new ProviderException ("One or more of the specified user names is already associated with one or more of the specified role names.");
else
- throw new ProviderException ("", e);
- }
- finally {
- if (closed)
- connection.Close ();
+ throw new ProviderException ("Failed to create new user/role association.");
}
}
-
+
public override void CreateRole (string rolename)
{
- string commandText = @"
-INSERT INTO dbo.aspnet_Roles
- (ApplicationId, RoleName, LoweredRoleName)
- VALUES ((SELECT ApplicationId FROM dbo.aspnet_Applications WHERE LoweredApplicationName = LOWER(@ApplicationName)), @RoleName, LOWER(@RoleName))
-";
if (rolename == null)
throw new ArgumentNullException ("rolename");
- if (rolename.Length == 0 || rolename.Length > 256 || rolename.IndexOf (",") != -1)
+ if (rolename.Length == 0 || rolename.Length > 256 || rolename.IndexOf (',') != -1)
throw new ArgumentException ("rolename is in invalid format");
- InitConnection();
- bool closed = connection.State == ConnectionState.Closed;
- if (closed)
- connection.Open();
-
- DbCommand command = factory.CreateCommand ();
- command.CommandText = commandText;
- command.Connection = connection;
- command.CommandType = CommandType.Text;
- AddParameter (command, "ApplicationName", ApplicationName);
- AddParameter (command, "RoleName", rolename);
+ using (DbConnection connection = CreateConnection ()) {
+ DbCommand command = factory.CreateCommand ();
+ command.CommandText = @"dbo.aspnet_Roles_CreateRole";
+ command.Connection = connection;
+ command.CommandType = CommandType.StoredProcedure;
+
+ AddParameter (command, "@ApplicationName", ApplicationName);
+ AddParameter (command, "@RoleName", rolename);
+ DbParameter dbpr = AddParameter (command, "@ReturnVal", ParameterDirection.ReturnValue, DbType.Int32, null);
- if (command.ExecuteNonQuery() != 1)
- throw new ProviderException ("failed to create new role.");
+ command.ExecuteNonQuery ();
+ int returnValue = (int) dbpr.Value;
- if (closed)
- connection.Close ();
+ if (returnValue == 1)
+ throw new ProviderException (rolename + " already exists in the database");
+ else
+ return;
+ }
}
-
- [MonoTODO]
+
public override bool DeleteRole (string rolename, bool throwOnPopulatedRole)
{
if (rolename == null)
throw new ArgumentNullException ("rolename");
- if (rolename.Length == 0 || rolename.Length > 256 || rolename.IndexOf (",") != -1)
+ if (rolename.Length == 0 || rolename.Length > 256 || rolename.IndexOf (',') != -1)
throw new ArgumentException ("rolename is in invalid format");
- InitConnection();
- bool closed = connection.State == ConnectionState.Closed;
- if (closed)
- connection.Open();
-
- DbCommand command;
- if (throwOnPopulatedRole) {
- command = factory.CreateCommand ();
- command.CommandText = @"
-SELECT COUNT(*)
- FROM dbo.aspnet_UsersInRoles, dbo.aspnet_Roles, dbo.aspnet_Users, dbo.aspnet_Applications
- WHERE dbo.aspnet_Roles.ApplicationId = dbo.aspnet_Applications.ApplicationId
- AND dbo.aspnet_UsersInRoles.RoleId = dbo.aspnet_Roles.RoleId
- AND dbo.aspnet_Applications.LoweredApplicationName = LOWER(@ApplicationName)
- AND dbo.aspnet_Roles.LoweredRoleName = LOWER(@RoleName)";
- command.Connection = connection;
- command.CommandType = CommandType.Text;
- AddParameter (command, "ApplicationName", ApplicationName);
- AddParameter (command, "RoleName", rolename);
+ using (DbConnection connection = CreateConnection ()) {
- int count = (int)command.ExecuteScalar ();
- if (count != 0)
- throw new ProviderException (String.Format ("The role '{0}' has users in it and can't be deleted", rolename));
- }
- else {
- /* XXX are we really supposed to delete all the user/role associations in this case? */
- command = factory.CreateCommand ();
- command.CommandText = @"
-DELETE dbo.aspnet_UsersInRoles FROM dbo.aspnet_UsersInRoles, dbo.aspnet_Roles, dbo.aspnet_Applications
- WHERE dbo.aspnet_UsersInRoles.RoleId = dbo.aspnet_Roles.RoleId
- AND dbo.aspnet_Roles.ApplicationId = dbo.aspnet_Applications.ApplicationId
- AND dbo.aspnet_Roles.LoweredRoleName = LOWER(@RoleName)
- AND dbo.aspnet_Applications.LoweredApplicationName = LOWER(@ApplicationName)";
+ DbCommand command = factory.CreateCommand ();
+ command.CommandText = @"dbo.aspnet_Roles_DeleteRole";
command.Connection = connection;
- command.CommandType = CommandType.Text;
- AddParameter (command, "RoleName", rolename);
- AddParameter (command, "ApplicationName", ApplicationName);
+ command.CommandType = CommandType.StoredProcedure;
+ AddParameter (command, "@ApplicationName", ApplicationName);
+ AddParameter (command, "@RoleName", rolename);
+ AddParameter (command, "@DeleteOnlyIfRoleIsEmpty", throwOnPopulatedRole);
+ DbParameter dbpr = AddParameter (command, "@ReturnVal", ParameterDirection.ReturnValue, DbType.Int32, null);
command.ExecuteNonQuery ();
+ int returnValue = (int)dbpr.Value;
+
+ if (returnValue == 0)
+ return true;
+ if (returnValue == 1)
+ return false; //role does not exists
+ else if (returnValue == 2 && throwOnPopulatedRole)
+ throw new ProviderException (rolename + " is not empty");
+ else
+ return false;
}
-
- command = factory.CreateCommand ();
- command.CommandText = @"
-DELETE dbo.aspnet_Roles FROM dbo.aspnet_Roles, dbo.aspnet_Applications
- WHERE dbo.aspnet_Roles.ApplicationId = dbo.aspnet_Applications.ApplicationId
- AND dbo.aspnet_Applications.LoweredApplicationName = LOWER(@ApplicationName)
- AND dbo.aspnet_Roles.LoweredRoleName = LOWER(@RoleName)";
- command.Connection = connection;
- command.CommandType = CommandType.Text;
- AddParameter (command, "ApplicationName", ApplicationName);
- AddParameter (command, "RoleName", rolename);
-
- bool rv = command.ExecuteNonQuery() == 1;
-
- if (closed)
- connection.Close ();
-
- return rv;
}
-
- public override string[] FindUsersInRole (string roleName, string usernameToMatch)
+
+ public override string [] FindUsersInRole (string roleName, string usernameToMatch)
{
- string commandTextFormat = @"
-SELECT dbo.aspnet_Users.UserName
- FROM dbo.aspnet_Users, dbo.aspnet_Roles, dbo.aspnet_UsersInRoles, dbo.aspnet_Applications
- WHERE dbo.aspnet_Roles.ApplicationId = dbo.aspnet_Applications.ApplicationId
- AND dbo.aspnet_Users.ApplicationId = dbo.aspnet_Applications.ApplicationId
- AND dbo.aspnet_UsersInRoles.UserId = dbo.aspnet_Users.UserId
- AND dbo.aspnet_UsersInRoles.RoleId = dbo.aspnet_Roles.RoleId
- AND dbo.aspnet_Roles.LoweredRoleName = LOWER(@RoleName)
- AND dbo.aspnet_Applications.LoweredApplicationName = LOWER(@ApplicationName)
- AND dbo.aspnet_Users.UserName {0} @UsernameToMatch
-";
if (roleName == null)
throw new ArgumentNullException ("roleName");
if (usernameToMatch == null)
throw new ArgumentNullException ("usernameToMatch");
-
- if (roleName.Length == 0 || roleName.Length > 256 || roleName.IndexOf (",") != -1)
+ if (roleName.Length == 0 || roleName.Length > 256 || roleName.IndexOf (',') != -1)
throw new ArgumentException ("roleName is in invalid format");
if (usernameToMatch.Length == 0 || usernameToMatch.Length > 256)
throw new ArgumentException ("usernameToMatch is in invalid format");
- InitConnection();
+ using (DbConnection connection = CreateConnection ()) {
+ DbCommand command = factory.CreateCommand ();
+ command.Connection = connection;
+ command.CommandText = @"dbo.aspnet_UsersInRoles_FindUsersInRole";
+ command.CommandType = CommandType.StoredProcedure;
- bool useLike = usernameToMatch.IndexOf ("%") != -1;
- DbCommand command = factory.CreateCommand ();
- command.CommandText = String.Format(commandTextFormat, useLike ? "LIKE" : "=");
- command.Connection = connection;
- command.CommandType = CommandType.Text;
- AddParameter (command, "ApplicationName", ApplicationName);
- AddParameter (command, "RoleName", roleName);
- AddParameter (command, "UsernameToMatch", usernameToMatch);
+ AddParameter (command, "@ApplicationName", ApplicationName);
+ AddParameter (command, "@RoleName", roleName);
+ AddParameter (command, "@UsernameToMatch", usernameToMatch);
- DbDataReader reader = command.ExecuteReader ();
- ArrayList userList = new ArrayList();
- while (reader.Read())
- userList.Add (reader.GetString(0));
- reader.Close();
+ DbDataReader reader = command.ExecuteReader ();
+ ArrayList userList = new ArrayList ();
+ while (reader.Read ())
+ userList.Add (reader.GetString (0));
+ reader.Close ();
- return (string[])userList.ToArray(typeof (string));
+ return (string []) userList.ToArray (typeof (string));
+ }
}
public override string [] GetAllRoles ()
{
- string commandText = @"
-SELECT dbo.aspnet_Roles.RoleName
- FROM dbo.aspnet_Roles, dbo.aspnet_Applications
- WHERE dbo.aspnet_Roles.ApplicationId = dbo.aspnet_Applications.ApplicationId
- AND dbo.aspnet_Applications.LoweredApplicationName = LOWER(@ApplicationName)
-";
- InitConnection();
- bool closed = connection.State == ConnectionState.Closed;
- if (closed)
- connection.Open();
-
- DbCommand command = factory.CreateCommand ();
- command.CommandText = commandText;
- command.Connection = connection;
- command.CommandType = CommandType.Text;
- AddParameter (command, "ApplicationName", ApplicationName);
-
- DbDataReader reader = command.ExecuteReader ();
- ArrayList roleList = new ArrayList();
- while (reader.Read())
- roleList.Add (reader.GetString(0));
- reader.Close();
-
- if (closed)
- connection.Close ();
-
- return (string[])roleList.ToArray(typeof (string));
+ using (DbConnection connection = CreateConnection ()) {
+ DbCommand command = factory.CreateCommand ();
+ command.CommandText = @"dbo.aspnet_Roles_GetAllRoles";
+ command.Connection = connection;
+
+ command.CommandType = CommandType.StoredProcedure;
+ AddParameter (command, "@ApplicationName", ApplicationName);
+
+ DbDataReader reader = command.ExecuteReader ();
+ ArrayList roleList = new ArrayList ();
+ while (reader.Read ())
+ roleList.Add (reader.GetString (0));
+ reader.Close ();
+
+ return (string []) roleList.ToArray (typeof (string));
+ }
}
-
+
public override string [] GetRolesForUser (string username)
{
- string commandText = @"
-SELECT dbo.aspnet_Roles.RoleName
- FROM dbo.aspnet_Roles, dbo.aspnet_UsersInRoles, dbo.aspnet_Users, dbo.aspnet_Applications
-WHERE dbo.aspnet_Roles.RoleId = dbo.aspnet_UsersInRoles.RoleId
- AND dbo.aspnet_Roles.ApplicationId = dbo.aspnet_Applications.ApplicationId
- AND dbo.aspnet_UsersInRoles.UserId = dbo.aspnet_Users.UserId
- AND dbo.aspnet_Users.LoweredUserName = LOWER(@UserName)
- AND dbo.aspnet_Users.ApplicationId = dbo.aspnet_Applications.ApplicationId
- AND dbo.aspnet_Applications.LoweredApplicationName = LOWER(@ApplicationName)
-";
-
- InitConnection();
- bool closed = connection.State == ConnectionState.Closed;
- if (closed)
- connection.Open();
-
- DbCommand command = factory.CreateCommand ();
- command.CommandText = commandText;
- command.Connection = connection;
- command.CommandType = CommandType.Text;
- AddParameter (command, "UserName", username);
- AddParameter (command, "ApplicationName", ApplicationName);
-
- DbDataReader reader = command.ExecuteReader ();
- ArrayList roleList = new ArrayList();
- while (reader.Read())
- roleList.Add (reader.GetString(0));
- reader.Close();
-
- if (closed)
- connection.Close ();
-
- return (string[])roleList.ToArray(typeof (string));
+ using (DbConnection connection = CreateConnection ()) {
+ DbCommand command = factory.CreateCommand ();
+ command.CommandText = @"dbo.aspnet_UsersInRoles_GetRolesForUser";
+ command.Connection = connection;
+
+ command.CommandType = CommandType.StoredProcedure;
+ AddParameter (command, "@UserName", username);
+ AddParameter (command, "@ApplicationName", ApplicationName);
+
+ DbDataReader reader = command.ExecuteReader ();
+ ArrayList roleList = new ArrayList ();
+ while (reader.Read ())
+ roleList.Add (reader.GetString (0));
+ reader.Close ();
+
+ return (string []) roleList.ToArray (typeof (string));
+ }
}
-
+
public override string [] GetUsersInRole (string rolename)
{
- string commandText = @"
-SELECT dbo.aspnet_Users.UserName
- FROM dbo.aspnet_Roles, dbo.aspnet_UsersInRoles, dbo.aspnet_Users, dbo.aspnet_Applications
-WHERE dbo.aspnet_Roles.RoleId = dbo.aspnet_UsersInRoles.RoleId
- AND dbo.aspnet_Roles.ApplicationId = dbo.aspnet_Applications.ApplicationId
- AND dbo.aspnet_UsersInRoles.UserId = dbo.aspnet_Users.UserId
- AND dbo.aspnet_Roles.LoweredRoleName = LOWER(@RoleName)
- AND dbo.aspnet_Users.ApplicationId = dbo.aspnet_Applications.ApplicationId
- AND dbo.aspnet_Applications.LoweredApplicationName = LOWER(@ApplicationName)
-";
-
- InitConnection();
- bool closed = connection.State == ConnectionState.Closed;
- if (closed)
- connection.Open();
-
- DbCommand command = factory.CreateCommand ();
- command.CommandText = commandText;
- command.Connection = connection;
- command.CommandType = CommandType.Text;
- AddParameter (command, "RoleName", rolename);
- AddParameter (command, "ApplicationName", ApplicationName);
-
- DbDataReader reader = command.ExecuteReader ();
- ArrayList userList = new ArrayList();
- while (reader.Read())
- userList.Add (reader.GetString(0));
- reader.Close();
-
- if (closed)
- connection.Close ();
-
- return (string[])userList.ToArray(typeof (string));
+ using (DbConnection connection = CreateConnection ()) {
+ DbCommand command = factory.CreateCommand ();
+ command.CommandText = @"dbo.aspnet_UsersInRoles_GetUsersInRoles";
+ command.Connection = connection;
+
+ command.CommandType = CommandType.StoredProcedure;
+ AddParameter (command, "@RoleName", rolename);
+ AddParameter (command, "@ApplicationName", ApplicationName);
+
+ DbDataReader reader = command.ExecuteReader ();
+ ArrayList userList = new ArrayList ();
+ while (reader.Read ())
+ userList.Add (reader.GetString (0));
+ reader.Close ();
+
+ return (string []) userList.ToArray (typeof (string));
+ }
+ }
+
+ string GetStringConfigValue (NameValueCollection config, string name, string def)
+ {
+ string rv = def;
+ string val = config [name];
+ if (val != null)
+ rv = val;
+ return rv;
}
-
- [MonoTODO]
+
public override void Initialize (string name, NameValueCollection config)
{
if (config == null)
base.Initialize (name, config);
-#if false
- ApplicationName = config["applicationName"];
-#else
- ApplicationName = "/";
-#endif
- string connectionStringName = config["connectionStringName"];
- string commandTimeout = config["commandTimeout"];
+ applicationName = GetStringConfigValue (config, "applicationName", "/");
+ string connectionStringName = config ["connectionStringName"];
if (applicationName.Length > 256)
throw new ProviderException ("The ApplicationName attribute must be 256 characters long or less.");
// XXX check connectionStringName and commandTimeout
- connectionString = WebConfigurationManager.ConnectionStrings[connectionStringName];
+ connectionString = WebConfigurationManager.ConnectionStrings [connectionStringName];
+ if (connectionString == null)
+ throw new ProviderException (String.Format("The connection name '{0}' was not found in the applications configuration or the connection string is empty.", connectionStringName));
+ factory = String.IsNullOrEmpty (connectionString.ProviderName) ?
+ System.Data.SqlClient.SqlClientFactory.Instance :
+ ProvidersHelper.GetDbProviderFactory (connectionString.ProviderName);
}
-
+
public override bool IsUserInRole (string username, string rolename)
{
- string commandText = @"
-SELECT COUNT(*)
- FROM dbo.aspnet_Users, dbo.aspnet_UsersInRoles, dbo.aspnet_Roles, dbo.aspnet_Applications
- WHERE dbo.aspnet_Roles.ApplicationId = dbo.aspnet_Applications.ApplicationId
- AND dbo.aspnet_Users.ApplicationId = dbo.aspnet_Applications.ApplicationId
- AND dbo.aspnet_UsersInRoles.RoleId = dbo.aspnet_Roles.RoleId
- AND dbo.aspnet_UsersInRoles.UserId = dbo.aspnet_Users.UserId
- AND dbo.aspnet_Applications.LoweredApplicationName = LOWER(@ApplicationName)
- AND dbo.aspnet_Roles.LoweredRoleName = LOWER(@RoleName)
- AND dbo.aspnet_Users.LoweredUserName = LOWER(@UserName)
-";
-
- InitConnection();
- bool closed = connection.State == ConnectionState.Closed;
- if (closed)
- connection.Open();
-
- DbCommand command = factory.CreateCommand ();
- command.CommandText = commandText;
- command.Connection = connection;
- command.CommandType = CommandType.Text;
- AddParameter (command, "RoleName", rolename);
- AddParameter (command, "UserName", username);
- AddParameter (command, "ApplicationName", ApplicationName);
-
- bool rv = ((int)command.ExecuteScalar ()) != 0;
-
- if (closed)
- connection.Close ();
+ using (DbConnection connection = CreateConnection ()) {
+ DbCommand command = factory.CreateCommand ();
+ command.CommandText = @"dbo.aspnet_UsersInRoles_IsUserInRole";
+ command.Connection = connection;
- return rv;
+ command.CommandType = CommandType.StoredProcedure;
+ AddParameter (command, "@RoleName", rolename);
+ AddParameter (command, "@UserName", username);
+ AddParameter (command, "@ApplicationName", ApplicationName);
+ DbParameter dbpr = AddParameter (command, "@ReturnVal", ParameterDirection.ReturnValue, DbType.Int32, null);
+
+ command.ExecuteNonQuery ();
+ int returnValue = (int) dbpr.Value;
+
+ if (returnValue == 1)
+ return true;
+
+ return false;
+ }
}
-
+
public override void RemoveUsersFromRoles (string [] usernames, string [] rolenames)
{
- string commandText = @"
-DELETE dbo.aspnet_UsersInRoles
- FROM dbo.aspnet_UsersInRoles, dbo.aspnet_Users, dbo.aspnet_Roles, dbo.aspnet_Applications
- WHERE dbo.aspnet_UsersInRoles.UserId = dbo.aspnet_Users.UserId
- AND dbo.aspnet_UsersInRoles.RoleId = dbo.aspnet_Roles.RoleId
- AND dbo.aspnet_Roles.ApplicationId = dbo.aspnet_Applications.ApplicationId
- AND dbo.aspnet_Users.ApplicationId = dbo.aspnet_Applications.ApplicationId
- AND dbo.aspnet_Users.LoweredUserName = LOWER(@UserName)
- AND dbo.aspnet_Roles.LoweredRoleName = LOWER(@RoleName)
- AND dbo.aspnet_Applications.LoweredApplicationName = LOWER(@ApplicationName)";
-
- Hashtable h;
-
- h = new Hashtable();
+ Hashtable h = new Hashtable ();
+
foreach (string u in usernames) {
if (u == null)
throw new ArgumentNullException ("null element in usernames array");
if (h.ContainsKey (u))
throw new ArgumentException ("duplicate element in usernames array");
- if (u.Length == 0 || u.Length > 256 || u.IndexOf (",") != -1)
+ if (u.Length == 0 || u.Length > 256 || u.IndexOf (',') != -1)
throw new ArgumentException ("element in usernames array in illegal format");
h.Add (u, u);
}
- h = new Hashtable();
- foreach (string r in usernames) {
+ h = new Hashtable ();
+ foreach (string r in rolenames) {
if (r == null)
- throw new ArgumentNullException ("null element in usernames array");
+ throw new ArgumentNullException ("null element in rolenames array");
if (h.ContainsKey (r))
- throw new ArgumentException ("duplicate element in usernames array");
- if (r.Length == 0 || r.Length > 256 || r.IndexOf (",") != -1)
- throw new ArgumentException ("element in usernames array in illegal format");
+ throw new ArgumentException ("duplicate element in rolenames array");
+ if (r.Length == 0 || r.Length > 256 || r.IndexOf (',') != -1)
+ throw new ArgumentException ("element in rolenames array in illegal format");
h.Add (r, r);
- }
+ }
- InitConnection();
-
- bool closed = connection.State == ConnectionState.Closed;
- if (closed)
- connection.Open();
-
- DbTransaction trans = connection.BeginTransaction ();
-
- try {
- foreach (string username in usernames) {
- foreach (string rolename in rolenames) {
- DbCommand command = factory.CreateCommand ();
- command.Transaction = trans;
- command.CommandText = commandText;
- command.Connection = connection;
- command.CommandType = CommandType.Text;
- AddParameter (command, "UserName", username);
- AddParameter (command, "RoleName", rolename);
- AddParameter (command, "ApplicationName", ApplicationName);
-
- if (command.ExecuteNonQuery() != 1)
- throw new ProviderException (String.Format ("failed to remove users from role '{0}'.", rolename));
- }
- }
-
- trans.Commit ();
- }
- catch (Exception e) {
- trans.Rollback ();
- if (e is ProviderException)
- throw e;
+ using (DbConnection connection = CreateConnection ()) {
+ DbCommand command = factory.CreateCommand ();
+ command.CommandText = @"dbo.aspnet_UsersInRoles_RemoveUsersFromRoles";
+ command.Connection = connection;
+ command.CommandType = CommandType.StoredProcedure;
+
+ AddParameter (command, "@UserNames", String.Join (",", usernames));
+ AddParameter (command, "@RoleNames", String.Join (",", rolenames));
+ AddParameter (command, "@ApplicationName", ApplicationName);
+ DbParameter dbpr = AddParameter (command, "@ReturnVal", ParameterDirection.ReturnValue, DbType.Int32, null);
+
+ command.ExecuteNonQuery ();
+ int returnValue = (int) dbpr.Value;
+
+ if (returnValue == 0)
+ return;
+ else if (returnValue == 1)
+ throw new ProviderException ("One or more of the specified user names was not found.");
+ else if (returnValue == 2)
+ throw new ProviderException ("One or more of the specified role names was not found.");
+ else if (returnValue == 3)
+ throw new ProviderException ("One or more of the specified user names is not associated with one or more of the specified role names.");
else
- throw new ProviderException ("", e);
- }
- finally {
- if (closed)
- connection.Close ();
+ throw new ProviderException ("Failed to remove users from roles");
}
}
-
+
public override bool RoleExists (string rolename)
{
- string commandText = @"
-SELECT COUNT(*)
- FROM dbo.aspnet_Roles, dbo.aspnet_Applications
- WHERE dbo.aspnet_Roles.ApplicationId = dbo.aspnet_Applications.ApplicationId
- AND dbo.aspnet_Applications.LoweredApplicationName = LOWER(@ApplicationName)
- AND dbo.aspnet_Roles.LoweredRoleName = LOWER(@RoleName)
-";
-
- InitConnection();
- bool closed = connection.State == ConnectionState.Closed;
- if (closed)
- connection.Open();
-
- DbCommand command = factory.CreateCommand ();
- command.CommandText = commandText;
- command.Connection = connection;
- command.CommandType = CommandType.Text;
- AddParameter (command, "ApplicationName", ApplicationName);
- AddParameter (command, "RoleName", rolename);
-
- bool rv = ((int)command.ExecuteScalar ()) != 0;
-
- if (closed)
- connection.Close ();
+ using (DbConnection connection = CreateConnection ()) {
- return rv;
+ DbCommand command = factory.CreateCommand ();
+ command.CommandText = @"dbo.aspnet_Roles_RoleExists";
+ command.Connection = connection;
+ command.CommandType = CommandType.StoredProcedure;
+
+ AddParameter (command, "@ApplicationName", ApplicationName);
+ AddParameter (command, "@RoleName", rolename);
+ DbParameter dbpr = AddParameter (command, "@ReturnVal", ParameterDirection.ReturnValue, DbType.Int32, null);
+
+ command.ExecuteNonQuery ();
+ int returnValue = (int) dbpr.Value;
+
+ if (returnValue == 1)
+ return true;
+
+ return false;
+ }
}
-
- [MonoTODO]
- public override string ApplicationName {
+
+ public override string ApplicationName
+ {
get { return applicationName; }
- set {
+ set
+ {
applicationName = value;
}
}