| private ReplacePasswordPwd ( string &constr, bool fakePassword ) : NameValuePair | ||
| constr | string | |
| fakePassword | bool | |
| Результат | NameValuePair | |
internal NameValuePair ReplacePasswordPwd(out string constr, bool fakePassword)
{
bool expanded = false;
int copyPosition = 0;
NameValuePair head = null, tail = null, next = null;
StringBuilder builder = new StringBuilder(_usersConnectionString.Length);
for (NameValuePair current = _keyChain; null != current; current = current.Next)
{
if ((KEY.Password != current.Name) && (SYNONYM.Pwd != current.Name))
{
builder.Append(_usersConnectionString, copyPosition, current.Length);
if (fakePassword)
{
next = new NameValuePair(current.Name, current.Value, current.Length);
}
}
else if (fakePassword)
{
// replace user password/pwd value with *
const string equalstar = "=*;";
builder.Append(current.Name).Append(equalstar);
next = new NameValuePair(current.Name, "*", current.Name.Length + equalstar.Length);
expanded = true;
}
else
{
// drop the password/pwd completely in returning for user
expanded = true;
}
if (fakePassword)
{
if (null != tail)
{
tail = tail.Next = next;
}
else
{
tail = head = next;
}
}
copyPosition += current.Length;
}
Debug.Assert(expanded, "password/pwd was not removed");
constr = builder.ToString();
return head;
}
private DBConnectionString(DbConnectionOptions connectionOptions, string restrictions, KeyRestrictionBehavior behavior, Hashtable synonyms, bool mustCloneDictionary) // used by DBDataPermission
{
Debug.Assert(null != connectionOptions, "null connectionOptions");
switch (behavior)
{
case KeyRestrictionBehavior.PreventUsage:
case KeyRestrictionBehavior.AllowOnly:
_behavior = behavior;
break;
default:
throw ADP.InvalidKeyRestrictionBehavior(behavior);
}
// grab all the parsed details from DbConnectionOptions
_encryptedUsersConnectionString = connectionOptions.UsersConnectionString(false);
_hasPassword = connectionOptions.HasPasswordKeyword;
_parsetable = connectionOptions.Parsetable;
_keychain = connectionOptions._keyChain;
// we do not want to serialize out user password unless directed so by "persist security info=true"
// otherwise all instances of user's password will be replaced with "*"
if (_hasPassword && !connectionOptions.HasPersistablePassword)
{
if (mustCloneDictionary)
{
// clone the hashtable to replace user's password/pwd value with "*"
// we only need to clone if coming from DbConnectionOptions and password exists
_parsetable = (Hashtable)_parsetable.Clone();
}
// different than Everett in that instead of removing password/pwd from
// the hashtable, we replace the value with '*'. This is okay since we
// serialize out with '*' so already knows what we do. Better this way
// than to treat password specially later on which causes problems.
const string star = "*";
if (_parsetable.ContainsKey(KEY.Password))
{
_parsetable[KEY.Password] = star;
}
if (_parsetable.ContainsKey(KEY.Pwd))
{
_parsetable[KEY.Pwd] = star;
}
// replace user's password/pwd value with "*" in the linked list and build a new string
_keychain = connectionOptions.ReplacePasswordPwd(out _encryptedUsersConnectionString, true);
}
if (!ADP.IsEmpty(restrictions))
{
_restrictionValues = ParseRestrictions(restrictions, synonyms);
_restrictions = restrictions;
}
}