From: Date: June 21 2007 7:49pm Subject: Connector/NET commit: r772 - in trunk: . MySql.Web/Providers/Source MySql.Web/Tests List-Archive: http://lists.mysql.com/commits/29329 X-Bug: 29236, 29236 Message-Id: <200706211749.l5LHn7nQ014381@bk-internal.mysql.com> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Modified: trunk/CHANGES trunk/MySql.Web/Providers/Source/MembershipProvider.cs trunk/MySql.Web/Tests/UserManagement.cs Log: Bug #29236 Using Manage role in web admin backoffice results thrown an exception Fixed problem with selecting users for roles in the web admin tool. The problem was that we had a simple syntax error in our database lookup code. (Bug #29236) Modified: trunk/CHANGES =================================================================== --- trunk/CHANGES 2007-06-21 17:13:24 UTC (rev 771) +++ trunk/CHANGES 2007-06-21 17:49:06 UTC (rev 772) @@ -4,7 +4,9 @@ - Fixed problem with creating users using hashed passwords when machineKey is set to AutoGenerate. We now correctly throw an exception if you are requesting encrypted passwords but it works ok for hashed passwords. (Bug #29235) - + - Fixed problem with selecting users for roles in the web admin tool. The problem was that + we had a simple syntax error in our database lookup code. (Bug #29236) + Version 5.1.2 - 6/12/2007 - Fixed integration with the Website Administration Tool. Before this fix, the test link was visible but did not work and user management did not work. Modified: trunk/MySql.Web/Providers/Source/MembershipProvider.cs =================================================================== --- trunk/MySql.Web/Providers/Source/MembershipProvider.cs 2007-06-21 17:13:24 UTC (rev 771) +++ trunk/MySql.Web/Providers/Source/MembershipProvider.cs 2007-06-21 17:49:06 UTC (rev 772) @@ -1245,83 +1245,62 @@ throw new ProviderException("Unsupported password format."); } - private static byte[] HexToByte(string hexString) - { - byte[] ReturnBytes = new byte[(hexString.Length/2) - 1]; - for (int i = 0; i <= ReturnBytes.Length - 1; i++) - { - ReturnBytes[i] = Convert.ToByte(hexString.Substring(i*2, 2), 16); - } - return ReturnBytes; - } - public override MembershipUserCollection FindUsersByName(string usernameToMatch, int pageIndex, int pageSize, out int totalRecords) { - MySqlConnection conn = new MySqlConnection(connectionString); - MySqlCommand cmd = - new MySqlCommand( - @"SELECT Count(*) FROM mysql_Membership - WHERE Username LIKE ?UsernameSearch AND ApplicationName = ?ApplicationName", - conn); - cmd.Parameters.Add("?UsernameSearch", MySqlDbType.VarChar, 255).Value = usernameToMatch; - cmd.Parameters.Add("?ApplicationName", MySqlDbType.VarChar, 255).Value = pApplicationName; MembershipUserCollection users = new MembershipUserCollection(); - MySqlDataReader reader = null; - try + + using (MySqlConnection conn = new MySqlConnection(connectionString)) { - conn.Open(); - totalRecords = Convert.ToInt32(cmd.ExecuteScalar()); - if (totalRecords <= 0) + MySqlCommand cmd = new MySqlCommand(@"SELECT Count(*) FROM mysql_Membership + WHERE Username LIKE ?UsernameSearch AND ApplicationName = ?ApplicationName", conn); + cmd.Parameters.AddWithValue("?UsernameSearch", usernameToMatch); + cmd.Parameters.AddWithValue("?ApplicationName", pApplicationName); + + try { - return users; - } - cmd.CommandText = - @"SELECT PKID, Username, Email, PasswordQuestion, Comment, - IsApproved, IsLockedOut, CreationDate, LastLoginDate, LastActivityDate, - LastPasswordChangedDate, LastLockedOutDate FROM mysql_Membership - WHERE Username LIKE ?UsernameSearch AND ApplicationName = ?ApplicationName - ORDER BY Username Asc"; - cmd.Parameters.Add("?UsernameSearch", MySqlDbType.VarChar, 255).Value = usernameToMatch; - cmd.Parameters.Add("?ApplicationName", MySqlDbType.VarChar, 255).Value = pApplicationName; - reader = cmd.ExecuteReader(); - int counter = 0; - int startIndex = pageSize*pageIndex; - int endIndex = startIndex + pageSize - 1; - while (reader.Read()) - { - if (counter >= startIndex) + conn.Open(); + totalRecords = Convert.ToInt32(cmd.ExecuteScalar()); + if (totalRecords <= 0) + return users; + + cmd.CommandText = + @"SELECT PKID, Username, Email, PasswordQuestion, Comment, + IsApproved, IsLockedOut, CreationDate, LastLoginDate, LastActivityDate, + LastPasswordChangedDate, LastLockedOutDate FROM mysql_Membership + WHERE Username LIKE ?UsernameSearch AND ApplicationName = ?ApplicationName + ORDER BY Username Asc"; + cmd.Parameters["?UsernameSearch"].Value = usernameToMatch; + cmd.Parameters["?ApplicationName"].Value = pApplicationName; + using (MySqlDataReader reader = cmd.ExecuteReader()) { - MembershipUser u = GetUserFromReader(reader); - users.Add(u); + int counter = 0; + int startIndex = pageSize * pageIndex; + int endIndex = startIndex + pageSize - 1; + while (reader.Read()) + { + if (counter >= startIndex) + { + MembershipUser u = GetUserFromReader(reader); + users.Add(u); + } + if (counter >= endIndex) + cmd.Cancel(); + + counter += 1; + } } - if (counter >= endIndex) - { - cmd.Cancel(); - } - counter += 1; } - } - catch (MySqlException e) - { - if (WriteExceptionsToEventLog) + catch (MySqlException e) { - WriteToEventLog(e, "FindUsersByName"); - throw new ProviderException(exceptionMessage); - } - else - { + if (WriteExceptionsToEventLog) + { + WriteToEventLog(e, "FindUsersByName"); + throw new ProviderException(exceptionMessage); + } throw; } } - finally - { - if (!(reader == null)) - { - reader.Close(); - } - conn.Close(); - } return users; } Modified: trunk/MySql.Web/Tests/UserManagement.cs =================================================================== --- trunk/MySql.Web/Tests/UserManagement.cs 2007-06-21 17:13:24 UTC (rev 771) +++ trunk/MySql.Web/Tests/UserManagement.cs 2007-06-21 17:49:06 UTC (rev 772) @@ -27,6 +27,7 @@ using System.Collections.Specialized; using System.Data; using System; +using System.Configuration.Provider; namespace MySql.Web.Security.Tests { @@ -41,13 +42,13 @@ execSQL("TRUNCATE TABLE mysql_Membership"); } - [Test] - public void CreateUserWithHashedPassword() + private void CreateUserWithFormat(MembershipPasswordFormat format) { provider = new MySQLMembershipProvider(); NameValueCollection config = new NameValueCollection(); config.Add("connectionStringName", "LocalMySqlServer"); config.Add("applicationName", "/"); + config.Add("passwordFormat", format.ToString()); provider.Initialize(null, config); // create the user @@ -57,12 +58,64 @@ // verify that the password format is hashed. DataTable table = GetMembers(); - MembershipPasswordFormat format = + MembershipPasswordFormat rowFormat = (MembershipPasswordFormat)Convert.ToInt32(table.Rows[0]["PasswordFormat"]); - Assert.AreEqual(MembershipPasswordFormat.Hashed, format); + Assert.AreEqual(format, rowFormat); // then attempt to verify the user provider.ValidateUser("foo", "bar"); } + + [Test] + public void CreateUserWithHashedPassword() + { + CreateUserWithFormat(MembershipPasswordFormat.Hashed); + } + + [Test] + public void CreateUserWithEncryptedPasswordWithAutoGenKeys() + { + try + { + CreateUserWithFormat(MembershipPasswordFormat.Encrypted); + } + catch (ProviderException) + { + } + } + + [Test] + public void CreateUserWithClearPassword() + { + CreateUserWithFormat(MembershipPasswordFormat.Clear); + } + + [Test] + public void ChangePassword() + { + CreateUserWithHashedPassword(); + provider.ChangePassword("foo", "bar", "bar2"); + provider.ValidateUser("foo", "bar2"); + } + + [Test] + public void DeleteUser() + { + CreateUserWithHashedPassword(); + provider.DeleteUser("foo", true); + DataTable table = GetMembers(); + Assert.AreEqual(0, table.Rows.Count); + } + + [Test] + public void FindUsersByName() + { + CreateUserWithHashedPassword(); + + int records; + MembershipUserCollection users = provider.FindUsersByName("F%", 0, 10, out records); + Assert.AreEqual(1, records); + Assert.AreEqual("foo", users["foo"].UserName); + } } }