Volian/SourceCode
8
0
Fork 0
Code Issues Pull Requests 1 Projects Releases Wiki Activity

C2017-003: Support SQL Server – don’t allow input of connection string if migration command line argument is not used or if user is not admin. Also check for valid connection before save

Browse Source
This commit is contained in:
Kathy Ruffing 2020-01-10 15:34:59 +00:00
parent c44181bc3f
commit 213e7b297e
1 changed files with 36 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
PROMS/VEPROMS User Interface/frmRODbProperties.cs
View File

@ -9,6 +9,7 @@ using System.Windows.Forms;
using System.IO; using System.IO;
using VEPROMS.CSLA.Library; using VEPROMS.CSLA.Library;
using DevComponents.DotNetBar; using DevComponents.DotNetBar;
using Volian.Base.Library;
namespace VEPROMS namespace VEPROMS
{ {
@ -70,9 +71,25 @@ namespace VEPROMS
_origFolderPath = (_roDbInfo == null) ? null : _roDbInfo.FolderPath; _origFolderPath = (_roDbInfo == null) ? null : _roDbInfo.FolderPath;
_origSQLConnect = (_roDbInfo == null) ? null : (_roDbInfo.DBConnectionString == null || _roDbInfo.DBConnectionString == "" || _roDbInfo.DBConnectionString == "cstring") ? null : _roDbInfo.DBConnectionString; _origSQLConnect = (_roDbInfo == null) ? null : (_roDbInfo.DBConnectionString == null || _roDbInfo.DBConnectionString == "" || _roDbInfo.DBConnectionString == "cstring") ? null : _roDbInfo.DBConnectionString;
// Disable the OK button when initialized. Enable it if the user makes changes // Disable the OK button when initialized. Enable it if the user makes changes
ppBtnTestSQL.Visible = ppBtnTestSQL.Enabled = CanMigrateRoAccessToSql(roDbInfo);
ppTxtSQL.Visible = ppTxtSQL.Enabled = CanMigrateRoAccessToSql(roDbInfo);
ppLblSQL.Visible = CanMigrateRoAccessToSql(roDbInfo);
ppBtnOk.Enabled = false; ppBtnOk.Enabled = false;
} }
private bool CanMigrateRoAccessToSql(RODbInfo rODbi)
{
// C2017-003: This method is used to determine whether the sql server version can be used & if there is data.
// A command line argument 'RoInSql'. For now, this argument must be used to allow code to run for ro->sql. Later
// this will be changed so that if argument is used, the program does NOT include test button & text box to allow
// entry of sql server connection string
if (!Volian.Base.Library.VlnSettings.GetCommandFlag("RoInSql")) return false;
// The following conditions must be true in order to migrate the set the connection string.
// 1) the user must be an admin
UserInfo ui = UserInfo.GetByUserID(VlnSettings.UserID);
if (!ui.IsAdministrator()) return false;
return true;
}
private void ppBtnFldrDlg_Click(object sender, EventArgs e) private void ppBtnFldrDlg_Click(object sender, EventArgs e)
{ {
FolderBrowserDialog dlgROFolder = new FolderBrowserDialog(); FolderBrowserDialog dlgROFolder = new FolderBrowserDialog();
@ -108,7 +125,25 @@ namespace VEPROMS
{ {
// C2017-003: ro in sql. 'cstring' in connection string represents using MS Access database // C2017-003: ro in sql. 'cstring' in connection string represents using MS Access database
// if connect string is null, set connect string to "cstring" otherwise, use what user typed in: // if connect string is null, set connect string to "cstring" otherwise, use what user typed in:
roDb.DBConnectionString = (ppTxtSQL.Text == null || ppTxtSQL.Text == "") ? "cstring" : ppTxtSQL.Text; // first check if connection can be made to what was entered:
bool canconnect = false;
try
{
using (SqlConnection connection = new SqlConnection(ppTxtSQL.Text))
{
try
{
connection.Open();
canconnect = (connection.State == ConnectionState.Open);
}
catch (SqlException) { }
}
}
catch (Exception ex) {}
if (canconnect)
roDb.DBConnectionString = (ppTxtSQL.Text == null || ppTxtSQL.Text == "") ? "cstring" : ppTxtSQL.Text;
else
MessageBox.Show("SQL Connection failed, connection string won't be saved.", "Cannot save connection data");
} }
if (_origFolderPath != ppTxtPath.Text) if (_origFolderPath != ppTxtPath.Text)
{ {