From: rburnett
Date: July 21 2008 9:48pm
Subject: Connector/NET commit: r1346 - in branches/5.2: . MySql.Web/Providers/Properties MySql.Web/Providers/Source MySql.Web/Tests
List-Archive: http://lists.mysql.com/commits/50148
X-Bug: 38243
Message-Id: <200807212148.m6LLmNpg030241@bk-internal.mysql.com>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Modified:
   branches/5.2/CHANGES
   branches/5.2/MySql.Web/Providers/Properties/Resources.resx
   branches/5.2/MySql.Web/Providers/Source/RoleProvider.cs
   branches/5.2/MySql.Web/Tests/BaseTest.cs
   branches/5.2/MySql.Web/Tests/RoleManagement.cs
Log:
- fixed problem where adding a non-existent user to a role would not auto-create the 
  user record (bug #38243)

Modified: branches/5.2/CHANGES
===================================================================
--- branches/5.2/CHANGES	2008-07-18 20:51:08 UTC (rev 1345)
+++ branches/5.2/CHANGES	2008-07-21 21:48:23 UTC (rev 1346)
@@ -19,7 +19,9 @@
   to date (bug #37469)
 - Improved error reporting when a timeout occurs.  It no longer uses a message like 
   'reading from stream failed'.  (bug #38119)
-
+- fixed problem where adding a non-existent user to a role would not auto-create the 
+  user record (bug #38243)
+  
 Version 5.2.2 - 
 - Fixed profile provider that would throw an exception if you were updating
   a profile that already existed.

Modified: branches/5.2/MySql.Web/Providers/Properties/Resources.resx
===================================================================
--- branches/5.2/MySql.Web/Providers/Properties/Resources.resx	2008-07-18 20:51:08 UTC (rev 1345)
+++ branches/5.2/MySql.Web/Providers/Properties/Resources.resx	2008-07-21 21:48:23 UTC (rev 1346)
@@ -232,4 +232,10 @@
   <data name="schema4" type="System.Resources.ResXFileRef, System.Windows.Forms">
     <value>schema4.sql;System.String, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089;Windows-1252</value>
   </data>
+  <data name="IllegalRoleName" xml:space="preserve">
+    <value>Role names must not be null or empty.</value>
+  </data>
+  <data name="IllegalUserName" xml:space="preserve">
+    <value>User names must not be null or empty.</value>
+  </data>
 </root>
\ No newline at end of file

Modified: branches/5.2/MySql.Web/Providers/Source/RoleProvider.cs
===================================================================
--- branches/5.2/MySql.Web/Providers/Source/RoleProvider.cs	2008-07-18 20:51:08 UTC (rev 1345)
+++ branches/5.2/MySql.Web/Providers/Source/RoleProvider.cs	2008-07-21 21:48:23 UTC (rev 1346)
@@ -34,6 +34,7 @@
 using System.Collections.Generic;
 using MySql.Web.Common;
 using MySql.Web.Properties;
+using System.Web;
 
 namespace MySql.Web.Security
 {
@@ -161,12 +162,16 @@
         {
             foreach (string rolename in rolenames)
             {
-                if (!(RoleExists(rolename)))
+                if (String.IsNullOrEmpty(rolename))
+                    throw new ArgumentException(Resources.IllegalRoleName, "rolenames");
+                if (!RoleExists(rolename))
                     throw new ProviderException(Resources.RoleNameNotFound);
             }
 
             foreach (string username in usernames)
             {
+                if (String.IsNullOrEmpty(username))
+                    throw new ArgumentException(Resources.IllegalUserName, "usernames");
                 if (username.IndexOf(',') != -1)
                     throw new ArgumentException(Resources.InvalidCharactersInUserName);
 
@@ -190,7 +195,9 @@
                         cmd.Parameters.Add("@roleId", MySqlDbType.Int32);
                         foreach (string username in usernames)
                         {
-                            int userId = GetUserId(connection, username);
+                            // either create a new user or fetch the existing user id
+                            int userId = SchemaManager.CreateOrFetchUserId(connection,
+                                username, applicationId, true);
                             foreach (string rolename in rolenames)
                             {
                                 int roleId = GetRoleId(connection, rolename);
@@ -200,6 +207,7 @@
                             }
                         }
                     }
+                    ts.Complete();
                 }
             }
             catch (Exception ex)

Modified: branches/5.2/MySql.Web/Tests/BaseTest.cs
===================================================================
--- branches/5.2/MySql.Web/Tests/BaseTest.cs	2008-07-18 20:51:08 UTC (rev 1345)
+++ branches/5.2/MySql.Web/Tests/BaseTest.cs	2008-07-21 21:48:23 UTC (rev 1346)
@@ -72,10 +72,22 @@
 			ps.Parameters.Add("passwordStrengthRegularExpression", "");
 			ms.Providers.Add(ps);
 
+            RoleManagerSection rs = (RoleManagerSection)config.SectionGroups["system.web"].Sections["roleManager"];
+            rs.DefaultProvider = "MySQLRoleProvider";
+            rs.Enabled = true;
+            ps = new ProviderSettings();
+            ps.Name = "MySQLRoleProvider";
+            a = Assembly.GetAssembly(typeof(MySQLRoleProvider));
+            ps.Type = "MySql.Web.Security.MySQLRoleProvider, " + a.FullName;
+            ps.Parameters.Add("connectionStringName", "LocalMySqlServer");
+            ps.Parameters.Add("applicationName", "/");
+            rs.Providers.Add(ps);
+
 			config.Save();
 			ConfigurationManager.RefreshSection("connectionStrings");
 			ConfigurationManager.RefreshSection("system.web/membership");
-		}
+            ConfigurationManager.RefreshSection("system.web/roleManager");
+        }
 
         public override void Setup()
         {

Modified: branches/5.2/MySql.Web/Tests/RoleManagement.cs
===================================================================
--- branches/5.2/MySql.Web/Tests/RoleManagement.cs	2008-07-18 20:51:08 UTC (rev 1345)
+++ branches/5.2/MySql.Web/Tests/RoleManagement.cs	2008-07-21 21:48:23 UTC (rev 1346)
@@ -98,5 +98,64 @@
                 new string[] { "Administrator" });
             Assert.IsTrue(roleProvider.IsUserInRole("eve", "Administrator"));
         }
+
+        /// <summary>
+        /// Bug #38243 Not Handling non existing user when calling AddUsersToRoles method 
+        /// </summary>
+        [Test]
+        public void AddNonExistingUserToRole()
+        {
+            roleProvider = new MySQLRoleProvider();
+            NameValueCollection config = new NameValueCollection();
+            config.Add("connectionStringName", "LocalMySqlServer");
+            config.Add("applicationName", "/");
+            roleProvider.Initialize(null, config);
+
+            roleProvider.CreateRole("Administrator");
+            roleProvider.AddUsersToRoles(new string[] { "eve" },
+                new string[] { "Administrator" });
+            Assert.IsTrue(roleProvider.IsUserInRole("eve", "Administrator"));
+        }
+
+        private void AttemptToAddUserToRole(string username, string role)
+        {
+            try
+            {
+                roleProvider.AddUsersToRoles(new string[] { username },
+                    new string[] { role });
+            }
+            catch (ArgumentException)
+            {
+            }
+        }
+
+        [Test]
+        public void IllegalRoleAndUserNames()
+        {
+            roleProvider = new MySQLRoleProvider();
+            NameValueCollection config = new NameValueCollection();
+            config.Add("connectionStringName", "LocalMySqlServer");
+            config.Add("applicationName", "/");
+            roleProvider.Initialize(null, config);
+
+            AttemptToAddUserToRole("test", null);
+            AttemptToAddUserToRole("test", "");
+            roleProvider.CreateRole("Administrator");
+            AttemptToAddUserToRole(null, "Administrator");
+            AttemptToAddUserToRole("", "Administrator");
+        }
+
+        [Test]
+        public void AddUserToRoleWithRoleClass()
+        {
+            Roles.CreateRole("Administrator");
+            MembershipCreateStatus status;
+            Membership.CreateUser("eve", "eve1@eve", "eve@stripped", 
+                "question", "answer", true, null, out status);
+            Assert.AreEqual(MembershipCreateStatus.Success, status);
+
+            Roles.AddUserToRole("eve", "Administrator");
+            Assert.IsTrue(Roles.IsUserInRole("eve", "Administrator"));
+        }
     }
 }