如何使用Dapper ORM调用aspnet_UsersInRoles_IsUserInRole存储过程

时间:2016-07-22 10:44:05

标签: stored-procedures authorization asp.net-membership dapper

我需要从Aspnet Membership调用aspnet_UsersInRoles_IsUserInRole。我这样做了一个短小精悍的调用:

public int CheckIfUserIsInRole(IsUserInRole userInRole)
    {
        using (var connection = new SqlConnection(ConfigurationSettings.GetConnectionString()))
        {
            DynamicParameters param = new DynamicParameters();
            param.Add("@UserName", userInRole.UserName);
            param.Add("@ApplicationName", userInRole.ApplicationName);
            param.Add("@RoleName", userInRole.RoleName);

         return    connection.Query("aspnet_UsersInRoles_IsUserInRole", param, commandType: CommandType.StoredProcedure).FirstOrDefault();               
        }
    }

在控制器中我添加:

    public int IsUserInRole(IsUserInRole isUserInRole)
    {            
        var model = _userRepository.CheckIfUserIsInRole(new IsUserInRole()
        {
            UserName = "testuser",
            RoleName = "user",
            ApplicationName = "USERMANAGEMENT"
        });

        return model;
    }

用户存在且具有正确的角色,但每次返回0。 以下是AspNet成员的存储过程:

ALTER PROCEDURE [dbo].[aspnet_UsersInRoles_IsUserInRole]
@ApplicationName  nvarchar(256),
@UserName         nvarchar(256),
@RoleName         nvarchar(256)

AS 开始     DECLARE @ApplicationId uniqueidentifier     SELECT @ApplicationId = NULL     SELECT @ApplicationId = ApplicationId FROM aspnet_Applications WHERE LOWER(@ApplicationName)= LoweredApplicationName     IF(@ApplicationId为NULL)         RETURN(2)     DECLARE @UserId uniqueidentifier     SELECT @UserId = NULL     DECLARE @RoleId uniqueidentifier     SELECT @RoleId = NULL 

SELECT  @UserId = UserId
FROM    dbo.aspnet_Users
WHERE   LoweredUserName = LOWER(@UserName) AND ApplicationId = @ApplicationId

IF (@UserId IS NULL)
    RETURN(2)

SELECT  @RoleId = RoleId
FROM    dbo.aspnet_Roles
WHERE   LoweredRoleName = LOWER(@RoleName) AND ApplicationId = @ApplicationId

IF (@RoleId IS NULL)
    RETURN(3)

IF (EXISTS( SELECT * FROM dbo.aspnet_UsersInRoles WHERE  UserId = @UserId AND RoleId = @RoleId))
    RETURN(1)
ELSE
    RETURN(0)

END

我在哪里错了? 有任何建议如何修复它?

我需要这个存储过程来检查用户是否处于该角色,以便我可以将它用于[AuthorizeRoles(" RoleTest")]

1 个答案:

答案 0 :(得分:0)

该存储过程不返回任何记录;它使用返回值代替。这需要作为参数处理:

public int CheckIfUserIsInRole(IsUserInRole userInRole)
{
    using (var connection = new SqlConnection(ConfigurationSettings.GetConnectionString()))
    {
        DynamicParameters param = new DynamicParameters();
        param.Add("@UserName", userInRole.UserName);
        param.Add("@ApplicationName", userInRole.ApplicationName);
        param.Add("@RoleName", userInRole.RoleName);
        param.Add("@ReturnValue", dbType: DbType.Int32, direction: ParameterDirection.ReturnValue);

        connection.Execute("aspnet_UsersInRoles_IsUserInRole", param, commandType: CommandType.StoredProcedure);

        return param.Get<int>("@ReturnValue");
    }
}

https://github.com/StackExchange/dapper-dot-net#stored-procedures

(也发布到your copy of this question on CodeProject。)

相关问题
最新问题