462 lines
16 KiB
C#
462 lines
16 KiB
C#
using System;
|
|
using System.Web.Security;
|
|
using System.Configuration.Provider;
|
|
using System.Configuration;
|
|
using Npgsql;
|
|
using System.Collections.Generic;
|
|
|
|
/*
|
|
*
|
|
CREATE TABLE roles
|
|
(
|
|
rolename character varying(255) NOT NULL,
|
|
applicationname character varying(255) NOT NULL,
|
|
comment character varying(255) NOT NULL,
|
|
CONSTRAINT roles_pkey PRIMARY KEY (rolename , applicationname )
|
|
)
|
|
WITH (
|
|
OIDS=FALSE
|
|
);
|
|
|
|
CREATE TABLE usersroles
|
|
(
|
|
applicationname character varying(255) NOT NULL,
|
|
rolename character varying(255) NOT NULL,
|
|
username character varying(255) NOT NULL,
|
|
CONSTRAINT attrroles_pkey PRIMARY KEY (applicationname , rolename , username ),
|
|
CONSTRAINT usersroles_fk_role FOREIGN KEY (applicationname, rolename)
|
|
REFERENCES roles (applicationname, rolename) MATCH SIMPLE
|
|
ON UPDATE CASCADE ON DELETE CASCADE,
|
|
CONSTRAINT usersroles_fk_user FOREIGN KEY (applicationname, username)
|
|
REFERENCES users (applicationname, username) MATCH SIMPLE
|
|
ON UPDATE CASCADE ON DELETE CASCADE
|
|
)
|
|
WITH (
|
|
OIDS=FALSE
|
|
);
|
|
|
|
*/
|
|
using System.Linq;
|
|
|
|
|
|
namespace Npgsql.Web
|
|
{
|
|
/// <summary>
|
|
/// Npgsql role provider.
|
|
/// </summary>
|
|
public class NpgsqlRoleProvider: RoleProvider
|
|
{
|
|
/// <summary>
|
|
/// The name.
|
|
/// </summary>
|
|
protected string name = "NpgsqlRoleProvider";
|
|
/// <summary>
|
|
/// The name of the connection string.
|
|
/// </summary>
|
|
protected string connectionStringName = "pgProvider";
|
|
/// <summary>
|
|
/// The name of the application.
|
|
/// </summary>
|
|
protected string applicationName = "/";
|
|
/// <summary>
|
|
/// The connection string.
|
|
/// </summary>
|
|
protected string connectionString = string.Empty;
|
|
|
|
/// <summary>
|
|
/// Initialize the specified iname and config.
|
|
/// </summary>
|
|
/// <param name="iname">Iname.</param>
|
|
/// <param name="config">Config.</param>
|
|
public override void Initialize (string iname, System.Collections.Specialized.NameValueCollection config)
|
|
{
|
|
try {
|
|
|
|
name = iname ?? config ["name"];
|
|
|
|
connectionStringName = config ["connectionStringName"] ?? connectionStringName;
|
|
|
|
applicationName = config ["applicationName"] ?? applicationName;
|
|
|
|
if (applicationName.Length > 250)
|
|
throw new ProviderException ("The maximum length for an application name is 250 characters.");
|
|
|
|
var cs = ConfigurationManager.ConnectionStrings [connectionStringName];
|
|
if (cs == null || string.IsNullOrEmpty (cs.ConnectionString)) {
|
|
throw new ProviderException (
|
|
string.Format ("The role provider connection string, '{0}', is not defined.", connectionStringName));
|
|
}
|
|
|
|
connectionString = ConfigurationManager.ConnectionStrings [connectionStringName].ConnectionString;
|
|
if (string.IsNullOrEmpty (connectionString))
|
|
throw new ConfigurationErrorsException (
|
|
string.Format (
|
|
"The connection string for the given name ({0})" +
|
|
"must be specified in the <connectionStrings>" +
|
|
"configuration bloc. Aborting.", connectionStringName)
|
|
);
|
|
|
|
} catch (Exception ex) {
|
|
var message = "Error initializing the role configuration settings";
|
|
throw new ProviderException (message, ex);
|
|
}
|
|
}
|
|
|
|
/// <Docs>To be added.</Docs>
|
|
/// <summary>
|
|
/// Adds the users to roles.
|
|
/// </summary>
|
|
/// <param name="usernames">Usernames.</param>
|
|
/// <param name="roleNames">Role names.</param>
|
|
public override void AddUsersToRoles (string[] usernames, string[] roleNames)
|
|
{
|
|
if (usernames.Any (x => x == null) || roleNames.Any (x => x == null)) {
|
|
throw new ArgumentNullException ();
|
|
}
|
|
if (usernames.Any (x => x.Trim () == string.Empty) || (roleNames.Any (x => x.Trim () == string.Empty))) {
|
|
throw new ArgumentException ("One or more of the supplied usernames or role names are empty.");
|
|
}
|
|
|
|
|
|
using (var conn = new NpgsqlConnection(connectionString)) {
|
|
conn.Open ();
|
|
using (var comm = conn.CreateCommand()) {
|
|
comm.CommandType = System.Data.CommandType.Text;
|
|
comm.CommandText = "insert into usersroles (applicationname, username, rolename) values (@appname,@user,@role)";
|
|
comm.Parameters.Add ("appname", NpgsqlTypes.NpgsqlDbType.Varchar, 250).Value = applicationName;
|
|
NpgsqlParameter pu = comm.Parameters.Add ("user", NpgsqlTypes.NpgsqlDbType.Varchar, 250);
|
|
NpgsqlParameter pr = comm.Parameters.Add ("role", NpgsqlTypes.NpgsqlDbType.Varchar, 250);
|
|
foreach (string u in usernames) {
|
|
pu.Value = u;
|
|
foreach (string r in roleNames) {
|
|
pr.Value = r;
|
|
comm.ExecuteNonQuery ();
|
|
}
|
|
}
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
/// <summary>
|
|
/// Gets or sets the name of the application.
|
|
/// </summary>
|
|
/// <value>The name of the application.</value>
|
|
public override string ApplicationName {
|
|
get {
|
|
return applicationName;
|
|
}
|
|
set {
|
|
applicationName = value;
|
|
}
|
|
}
|
|
|
|
/// <Docs>To be added.</Docs>
|
|
/// <summary>
|
|
/// Creates the role.
|
|
/// </summary>
|
|
/// <param name="roleName">Role name.</param>
|
|
public override void CreateRole (string roleName)
|
|
{
|
|
if (roleName == null)
|
|
throw new ArgumentNullException ();
|
|
if (roleName.Trim () == string.Empty)
|
|
throw new ArgumentException ("A role name cannot be empty.");
|
|
if (roleName.Contains (","))
|
|
throw new ArgumentException ("A role name cannot contain commas. Blame Microsoft for that rule!");
|
|
if (roleName.Length > 250)
|
|
throw new ArgumentException ("The maximum length for a Role name is 250 characters.");
|
|
|
|
|
|
using (var conn = new NpgsqlConnection(connectionString)) {
|
|
conn.Open ();
|
|
using (var comm = conn.CreateCommand()) {
|
|
comm.CommandType = System.Data.CommandType.Text;
|
|
comm.CommandText = "insert into roles (rolename, applicationname, comment) values (@rolename, @appname, @comment)";
|
|
comm.Parameters.Add ("@rolename", NpgsqlTypes.NpgsqlDbType.Varchar, 250).Value = roleName;
|
|
comm.Parameters.Add ("@appname", NpgsqlTypes.NpgsqlDbType.Varchar, 250).Value = applicationName;
|
|
comm.Parameters.Add ("@comment", NpgsqlTypes.NpgsqlDbType.Varchar, 250).Value = roleName;
|
|
comm.ExecuteNonQuery ();
|
|
}
|
|
}
|
|
|
|
}
|
|
|
|
/// <Docs>To be added.</Docs>
|
|
/// <summary>
|
|
/// Deletes the role.
|
|
/// </summary>
|
|
/// <returns><c>true</c>, if role was deleted, <c>false</c> otherwise.</returns>
|
|
/// <param name="roleName">Role name.</param>
|
|
/// <param name="throwOnPopulatedRole">If set to <c>true</c> throw on populated role.</param>
|
|
public override bool DeleteRole (string roleName, bool throwOnPopulatedRole)
|
|
{
|
|
if (roleName == null)
|
|
throw new ArgumentNullException ();
|
|
if (roleName.Trim () == string.Empty)
|
|
throw new ArgumentException ("The specified role name cannot be empty.");
|
|
if (throwOnPopulatedRole)
|
|
if (FindUsersInRole (roleName, "").Count () > 0)
|
|
throw new ProviderException (
|
|
string.Format ("The role {0} is populated, we cannot delete it.", roleName));
|
|
|
|
using (var conn = new NpgsqlConnection(connectionString)) {
|
|
conn.Open ();
|
|
using (var comm = conn.CreateCommand()) {
|
|
comm.CommandType = System.Data.CommandType.Text;
|
|
comm.CommandText = "delete from roles where rolename = @rolename and applicationname = @appname";
|
|
comm.Parameters.Add ("@rolename", NpgsqlTypes.NpgsqlDbType.Varchar, 250).Value = roleName;
|
|
comm.Parameters.Add ("@appname", NpgsqlTypes.NpgsqlDbType.Varchar, 250).Value = applicationName;
|
|
comm.Parameters.Add ("@comment", NpgsqlTypes.NpgsqlDbType.Varchar, 250).Value = roleName;
|
|
comm.ExecuteNonQuery ();
|
|
}
|
|
}
|
|
return true;
|
|
}
|
|
|
|
/// <summary>
|
|
/// Finds the users in role.
|
|
/// </summary>
|
|
/// <returns>The users in role.</returns>
|
|
/// <param name="roleName">Role name.</param>
|
|
/// <param name="usernameToMatch">Username to match.</param>
|
|
public override string[] FindUsersInRole (string roleName, string usernameToMatch)
|
|
{
|
|
return GetUsersInRole (roleName, usernameToMatch);
|
|
}
|
|
|
|
/// <summary>
|
|
/// Gets the users in role.
|
|
/// </summary>
|
|
/// <returns>The users in role.</returns>
|
|
/// <param name="rolename">Rolename.</param>
|
|
/// <param name="usernameToMatch">Username to match.</param>
|
|
protected string[] GetUsersInRole (string rolename, string usernameToMatch)
|
|
{
|
|
if (rolename == null)
|
|
throw new ArgumentNullException ();
|
|
if (rolename == string.Empty)
|
|
throw new ProviderException ("Cannot look for blank role names.");
|
|
usernameToMatch = usernameToMatch ?? string.Empty;
|
|
using (var conn = new NpgsqlConnection(connectionString)) {
|
|
conn.Open ();
|
|
using (var comm = conn.CreateCommand()) {
|
|
comm.CommandType = System.Data.CommandType.Text;
|
|
comm.CommandText = "select username from usersroles where applicationname = @appname " +
|
|
"and rolename = @rolename and username like @username";
|
|
comm.Parameters.Add ("@rolename", NpgsqlTypes.NpgsqlDbType.Varchar, 250).Value = rolename;
|
|
comm.Parameters.Add ("@appname", NpgsqlTypes.NpgsqlDbType.Varchar, 250).Value = applicationName;
|
|
comm.Parameters.Add ("@username", NpgsqlTypes.NpgsqlDbType.Varchar, 250).Value = usernameToMatch;
|
|
using (var reader = comm.ExecuteReader()) {
|
|
var r = new List<string> ();
|
|
var usernameColumn = reader.GetOrdinal ("username");
|
|
while (reader.Read()) {
|
|
r.Add (reader.GetString (usernameColumn));
|
|
}
|
|
return r.ToArray ();
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
/// <summary>
|
|
/// Gets all roles.
|
|
/// </summary>
|
|
/// <returns>The all roles.</returns>
|
|
public override string[] GetAllRoles ()
|
|
{
|
|
using (var conn = new NpgsqlConnection(connectionString)) {
|
|
conn.Open ();
|
|
using (var comm = conn.CreateCommand()) {
|
|
|
|
comm.CommandType = System.Data.CommandType.Text;
|
|
comm.CommandText = "select rolename from roles where applicationname = @appname";
|
|
comm.Parameters.Add ("@appname", NpgsqlTypes.NpgsqlDbType.Varchar, 250).Value = applicationName;
|
|
using (var reader = comm.ExecuteReader()) {
|
|
var r = new List<string> ();
|
|
var rolenameColumn = reader.GetOrdinal ("rolename");
|
|
while (reader.Read()) {
|
|
r.Add (reader.GetString (rolenameColumn));
|
|
}
|
|
return r.ToArray ();
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
/// <summary>
|
|
/// Gets the roles for user.
|
|
/// </summary>
|
|
/// <returns>The roles for user.</returns>
|
|
/// <param name="username">Username.</param>
|
|
public override string[] GetRolesForUser (string username)
|
|
{
|
|
if (username == null)
|
|
throw new ArgumentNullException ();
|
|
if (username.Trim () == string.Empty)
|
|
throw new ArgumentException ("The specified username cannot be blank.");
|
|
using (var conn = new NpgsqlConnection(connectionString)) {
|
|
conn.Open ();
|
|
using (var comm = conn.CreateCommand()) {
|
|
comm.CommandType = System.Data.CommandType.Text;
|
|
comm.CommandText = "select rolename from usersroles where applicationname = @appname and username = @username";
|
|
comm.Parameters.Add ("@username", NpgsqlTypes.NpgsqlDbType.Varchar, 250).Value = username;
|
|
comm.Parameters.Add ("@appname", NpgsqlTypes.NpgsqlDbType.Varchar, 250).Value = applicationName;
|
|
using (var reader = comm.ExecuteReader()) {
|
|
var r = new List<string> ();
|
|
var rolenameColumn = reader.GetOrdinal ("rolename");
|
|
while (reader.Read()) {
|
|
r.Add (reader.GetString (rolenameColumn));
|
|
}
|
|
return r.ToArray ();
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
|
|
/// <Docs>To be added.</Docs>
|
|
/// <summary>
|
|
/// Gets the users in role.
|
|
/// </summary>
|
|
/// <returns>The users in role.</returns>
|
|
/// <param name="roleName">Role name.</param>
|
|
public override string[] GetUsersInRole (string roleName)
|
|
{
|
|
if (string.IsNullOrEmpty (roleName))
|
|
throw new ArgumentException ("The specified role name cannot be blank or null");
|
|
using (var conn = new NpgsqlConnection(connectionString)) {
|
|
conn.Open ();
|
|
using (var comm = conn.CreateCommand()) {
|
|
//
|
|
comm.CommandType = System.Data.CommandType.Text;
|
|
comm.CommandText = "select username from usersroles where applicationname = @appname " +
|
|
"and rolename = @rolename";
|
|
comm.Parameters.Add ("@rolename", NpgsqlTypes.NpgsqlDbType.Varchar, 255).Value = roleName;
|
|
comm.Parameters.Add ("@appname", NpgsqlTypes.NpgsqlDbType.Varchar, 255).Value = applicationName;
|
|
using (var reader = comm.ExecuteReader()) {
|
|
var r = new List<string> ();
|
|
var usernameColumn = reader.GetOrdinal ("username");
|
|
while (reader.Read()) {
|
|
r.Add (reader.GetString (usernameColumn));
|
|
}
|
|
return r.ToArray ();
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
/// <Docs>To be added.</Docs>
|
|
/// <summary>
|
|
/// Determines whether this instance is user in role the specified username roleName.
|
|
/// </summary>
|
|
/// <returns><c>true</c> if this instance is user in role the specified username roleName; otherwise, <c>false</c>.</returns>
|
|
/// <param name="username">Username.</param>
|
|
/// <param name="roleName">Role name.</param>
|
|
public override bool IsUserInRole (string username, string roleName)
|
|
{
|
|
if (username == null || roleName == null)
|
|
throw new ArgumentNullException ();
|
|
if (username.Trim () == string.Empty)
|
|
throw new ArgumentException ("The specified username cannot be blank.");
|
|
if (roleName.Trim () == string.Empty)
|
|
throw new ArgumentException ("The specified role name cannot be blank.");
|
|
|
|
using (var conn = new NpgsqlConnection(connectionString)) {
|
|
conn.Open ();
|
|
using (var comm = conn.CreateCommand()) {
|
|
//
|
|
comm.CommandType = System.Data.CommandType.Text;
|
|
comm.CommandText = "select count(*)>0 from usersroles where applicationname = @appname " +
|
|
"and username = @username and rolename = @rolename";
|
|
comm.Parameters.Add ("@username", username);
|
|
comm.Parameters.Add ("@rolename", roleName);
|
|
comm.Parameters.Add ("@appname", applicationName);
|
|
var retval = (bool)comm.ExecuteScalar ();
|
|
return retval;
|
|
}
|
|
}
|
|
|
|
}
|
|
|
|
/// <Docs>To be added.</Docs>
|
|
/// <summary>
|
|
/// Removes the users from roles.
|
|
/// </summary>
|
|
/// <param name="usernames">Usernames.</param>
|
|
/// <param name="roleNames">Role names.</param>
|
|
public override void RemoveUsersFromRoles (string[] usernames, string[] roleNames)
|
|
{
|
|
if (usernames.Any (x => x == null) || roleNames.Any (x => x == null)) {
|
|
throw new ArgumentNullException ();
|
|
}
|
|
if (usernames.Any (x => x.Trim () == string.Empty) || (roleNames.Any (x => x.Trim () == string.Empty))) {
|
|
throw new ArgumentException ("One or more of the supplied usernames or role names are empty.");
|
|
}
|
|
|
|
using (var conn = new NpgsqlConnection(connectionString)) {
|
|
conn.Open ();
|
|
using (var comm = conn.CreateCommand()) {
|
|
comm.CommandType = System.Data.CommandType.Text;
|
|
comm.CommandText = "delete from usersroles where applicationname = @appname and " +
|
|
"username = @username and rolename = @rolename";
|
|
NpgsqlParameter pu = comm.Parameters.Add ("@username", NpgsqlTypes.NpgsqlDbType.Varchar, 250);
|
|
NpgsqlParameter pr = comm.Parameters.Add ("@rolename", NpgsqlTypes.NpgsqlDbType.Varchar, 250);
|
|
comm.Parameters.Add ("@appname", NpgsqlTypes.NpgsqlDbType.Varchar, 250).Value = applicationName;
|
|
foreach (string rolename in roleNames) {
|
|
pr.Value = rolename;
|
|
foreach (string username in usernames) {
|
|
pu.Value = username;
|
|
comm.ExecuteNonQuery ();
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
}
|
|
|
|
/// <Docs>Tests if a given role name exists.</Docs>
|
|
/// <summary>
|
|
/// Tests if a given role name exists.
|
|
/// </summary>
|
|
/// <returns><c>true</c>, if exists was roled, <c>false</c> otherwise.</returns>
|
|
/// <param name="roleName">Role name.</param>
|
|
public override bool RoleExists (string roleName)
|
|
{
|
|
using (var conn = new NpgsqlConnection(connectionString)) {
|
|
conn.Open ();
|
|
using (var comm = new NpgsqlCommand("role_exists", conn)) {
|
|
comm.CommandType = System.Data.CommandType.Text;
|
|
comm.CommandText = "select Count(*)>0 from roles where applicationname = @applicationname and rolename = @rolename";
|
|
comm.Parameters.Add ("@rolename", NpgsqlTypes.NpgsqlDbType.Varchar, 250).Value = roleName;
|
|
comm.Parameters.Add ("@applicationname", NpgsqlTypes.NpgsqlDbType.Varchar, 250).Value = applicationName;
|
|
var retval = (bool)comm.ExecuteScalar ();
|
|
return retval;
|
|
}
|
|
}
|
|
}
|
|
/// <summary>
|
|
/// Gets the name of this provider,
|
|
/// should correspond to the item key
|
|
/// in the configuration collection of providers.
|
|
/// </summary>
|
|
/// <value>The name.</value>
|
|
public override string Name {
|
|
get {
|
|
return name;
|
|
}
|
|
}
|
|
/// <summary>
|
|
/// Gets the description for this provider.
|
|
/// </summary>
|
|
/// <value>The description.</value>
|
|
public override string Description {
|
|
get {
|
|
return "PostgreSQL ASP.Net Role Provider class";
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|