New Post: Creaing a wrapper around NetSqlAzman

To my knowledge, there is not a "Get All Info" script.  Everything is on a "per call" basis.  Take what I say with a grain of salt, it's been a year since I looked at this library.

I wrote a custom query to "Get All".  Maybe it can help your "cause".

Sql Server TSQL script below.

Note, the "Create Schema 'NetSqlAzManAdapterSchema'" tsql is not included.

PS

Be super sure you want to do Role based security.  It's very non-maintainable, IMHO.

http://granadacoder.wordpress.com/2010/12/01/rant-hard-coded-security-roles/

/*

--SqlCmd Notes:

--Remove comments and space between ":" and "setvar" to run in sqlcmd mode.

--!!! Checked in code MUST *recomment out* the setvars below !!! (Putting a space between the ":" and the "setvar" is sufficient)
-- (This is not preferred behavior, the issue has been reported at http://connect.microsoft.com/SQLServer/feedback/details/382007/in-sqlcmd-scripts-setvar-should-have-a-lower-precedence-than-command-line-variable-assignments )


: setvar ErrorOutputFileFromCommandLine "c:\wuwutemp\sqlcommmanderrorfile.txt"
: setvar NETSQLAZMANDBNAME "NetSqlAzManDeploymentViaSqlCmdDB"
: setvar NETSQLAZMANDBNAME "NetSqlAzManStorage"
: setvar DBUSERNAME "public"

*/



Use [$(NETSQLAZMANDBNAME)]
GO


:Error $(ErrorOutputFileFromCommandLine)


IF EXISTS
(
SELECT * FROM INFORMATION_SCHEMA.ROUTINES
WHERE ROUTINE_TYPE = N'PROCEDURE' and ROUTINE_SCHEMA = N'NetSqlAzManAdapterSchema' and ROUTINE_NAME = N'uspIPrincipalAdapterDataGetByStoreNameAndUserName'
)
BEGIN
DROP PROCEDURE [NetSqlAzManAdapterSchema].[uspIPrincipalAdapterDataGetByStoreNameAndUserName]
END

GO

/*

Exec [NetSqlAzManAdapterSchema].[uspIPrincipalAdapterDataGetByStoreNameAndUserName]
'DoesNotExist' , 'UserName23'

Exec [NetSqlAzManAdapterSchema].[uspIPrincipalAdapterDataGetByStoreNameAndUserName]
'LocalQualityAssuranceNetSqlAzManStoreName1' , 'DoesNotExist'

Exec [NetSqlAzManAdapterSchema].[uspIPrincipalAdapterDataGetByStoreNameAndUserName]
'LocalDeveloperNetSqlAzManStoreName1' , 'UserName23'



Exec [NetSqlAzManAdapterSchema].[uspIPrincipalAdapterDataGetByStoreNameAndUserName]
'LocalDeveloperNetSqlAzManStoreName1' , 'diotrephes'




*/


CREATE PROCEDURE [NetSqlAzManAdapterSchema].[uspIPrincipalAdapterDataGetByStoreNameAndUserName]

(@StoreName nvarchar(255), @DBUserName nvarchar(255), @ApplicationName nvarchar(255) = NULL, @DBUserSidStubbed VARBINARY(85) = NULL)

AS

BEGIN

SET NOCOUNT ON

/*START CONSTANTS*/

declare @IAzManItem_ROLE int
declare @IAzManItem_TASK int
declare @IAzManItem_OPERATION int

select @IAzManItem_ROLE = 0
select @IAzManItem_TASK = 1
select @IAzManItem_OPERATION = 2

/*END CONSTANTS*/


declare @ErrorMsg varchar(256)

declare @FoundStoreId int
declare @FoundDBUserSid VARBINARY(85)
select @FoundStoreId = NULL
select @FoundDBUserSid = NULL



/* Find the StoreKey based on the Name */
select @FoundStoreId = (select StoreId from dbo.netsqlazman_StoresTable where Name = @StoreName )

print '/@FoundStoreId/'
print @FoundStoreId
print ''


/* The Store(Id) was not found in the table. Raise an Error. */
if (@FoundStoreId IS NULL)
BEGIN
select @ErrorMsg = 'Could not find row in dbo.netsqlazman_StoresTable using @StoreName = "'+COALESCE(@StoreName,'')+'"'
RAISERROR (@ErrorMsg, 16, 10)
RETURN
END


declare @SecurityFrameworkSuperApplicationName varchar(128)
select @SecurityFrameworkSuperApplicationName = (select NetSqlAzManAdapterSchema.udfSecurityFrameworkSuperApplicationNameGetter() )
/* print @SecurityFrameworkSuperApplicationName */


/* Locate the User from the Table-UDF */
select @FoundDBUserSid = (select DBUserSid from dbo.[netsqlazman_GetDBUsers] (@StoreName, @SecurityFrameworkSuperApplicationName, @DBUserSidStubbed, @DBUserName) where DBUserName = @DBUserName )

print '/@FoundDBUserSid/'
print @FoundDBUserSid
print ''

/* The User was not found in the UDF. Raise an Error. */
if (@FoundDBUserSid IS NULL)
BEGIN
select @ErrorMsg = 'Could not find row in dbo.[netsqlazman_GetDBUsers] using @StoreName = "'+COALESCE(@StoreName,'')+ '" and @DBUserName = "'+COALESCE(@DBUserName,'')+'"'
RAISERROR (@ErrorMsg, 16, 10)
RETURN
END


/* This table will hold the applications to which the user has access. This will eleviate redundant calls for this data. */
Declare @ApplicationsHolder table (
[ApplicationId] [int]NOT NULL,
[StoreId] [int] NOT NULL,
[Name] [nvarchar](255) NOT NULL,
[Description] [nvarchar](1024) NOT NULL
)



/* Populate the Application(s) to a variable table (@ApplicationsHolder). Look at the Authorizations table to find matches for this specific user. */
Insert into @ApplicationsHolder ( ApplicationId , StoreId , Name , [Description] )

SELECT DISTINCT
apps.ApplicationId
, apps.StoreId
, apps.Name
, apps.[Description]
FROM
dbo.netsqlazman_ApplicationsTable apps
join
( select innerItems.ItemId,innerItems.ApplicationId,innerItems.Name,innerItems.[Description],innerItems.ItemType,innerItems.BizRuleId
, authors.[objectSid]
from dbo.[netsqlazman_ItemsTable] innerItems join
-- select * from
[dbo].[netsqlazman_AuthorizationsTable] authors on innerItems.ItemId = authors.ItemId )
derived1

on apps.ApplicationId = derived1.ApplicationId

Where
derived1.[objectSid] = @FoundDBUserSid


/* RESULT SET #0, UserInfo */
/* Return a ResultSet with information about the User. */
print '/UserInfo/'

select
DBUserSid
, DBUserName
, FullName
, OtherFields
from
dbo.[netsqlazman_GetDBUsers] (@StoreName, @SecurityFrameworkSuperApplicationName, @DBUserSidStubbed, @DBUserName)
where
DBUserName = @DBUserName



/* RESULT SET #1, Application(s) */
/* Return the list of Applications. This data is already in the @ApplicationsHolder table. So a re-lookup is unnecessary. */
print '/Applications/'


SELECT
appHolder.ApplicationId
, appHolder.StoreId
, appHolder.Name
, appHolder.[Description]
FROM
@ApplicationsHolder appHolder


/* RESULT SET #2, Roles */
/* Find any roles associated with this user and return as resultset. */
print '/Roles/'

SELECT
azManItems.ItemId
, azManItems.ApplicationId
, azManItems.Name
, azManItems.[Description]
, azManItems.ItemType
, azManItems.BizRuleId
from
dbo.[netsqlazman_ItemsTable] azManItems
join
-- select * from
[dbo].[netsqlazman_AuthorizationsTable] authors on azManItems.ItemId = authors.ItemId

Where
authors.[objectSid] = @FoundDBUserSid
and
exists ( select null from @ApplicationsHolder innerAppHolder where innerAppHolder.ApplicationId = azManItems.ApplicationId )
and
azManItems.ItemType = @IAzManItem_ROLE


/* RESULT SET #3, Tasks */
/* Find any tasks associated with this user and return as resultset. At the time of writing, Tasks were not used. But stubbed for the future. */
print '/Tasks/'


SELECT
azManItems.ItemId
, azManItems.ApplicationId
, azManItems.Name
, azManItems.[Description]
, azManItems.ItemType
, azManItems.BizRuleId
from
dbo.[netsqlazman_ItemsTable] azManItems
join
-- select * from
[dbo].[netsqlazman_AuthorizationsTable] authors on azManItems.ItemId = authors.ItemId

Where
authors.[objectSid] = @FoundDBUserSid
and
exists ( select null from @ApplicationsHolder innerAppHolder where innerAppHolder.ApplicationId = azManItems.ApplicationId )
and
azManItems.ItemType = @IAzManItem_TASK


/* RESULT SET #4, Operations */
/* Find any rights (operations) (by role) associated with this user and return as resultset. */
print '/Operations By Roles (Under this User)/'


SELECT
DISTINCT
operationItems.ItemId
, operationItems.ApplicationId
, operationItems.Name
, operationItems.[Description]
, operationItems.ItemType
, operationItems.BizRuleId

from
[dbo].[netsqlazman_ItemsHierarchyTable] hier

join dbo.[netsqlazman_ItemsTable] operationItems
on hier.ItemId = operationItems.ItemId

join
(
SELECT
azManItemsAsRoles.ItemId
, azManItemsAsRoles.ApplicationId
, azManItemsAsRoles.Name
, azManItemsAsRoles.[Description]
, azManItemsAsRoles.ItemType
, azManItemsAsRoles.BizRuleId
from
dbo.[netsqlazman_ItemsTable] azManItemsAsRoles
join
-- select * from
[dbo].[netsqlazman_AuthorizationsTable] authors on azManItemsAsRoles.ItemId = authors.ItemId

Where
authors.[objectSid] = @FoundDBUserSid
and
exists ( select null from @ApplicationsHolder innerAppHolder where innerAppHolder.ApplicationId = azManItemsAsRoles.ApplicationId )
and
azManItemsAsRoles.ItemType = @IAzManItem_ROLE
)
as derivedRoles on hier.MemberOfItemId = derivedRoles.ItemId
Where
exists ( select null from @ApplicationsHolder innerAppHolder where innerAppHolder.ApplicationId = operationItems.ApplicationId )
and
operationItems.ItemType = @IAzManItem_OPERATION






------------------------------------------------------

/* RESULT SET #5, Operations */
/* Find any rights (operations) at the user-level that are associated with this user and return as resultset. */
print '/Operations By Individual User/'


SELECT
azManItems.ItemId
, azManItems.ApplicationId
, azManItems.Name
, azManItems.[Description]
, azManItems.ItemType
, azManItems.BizRuleId
from
dbo.[netsqlazman_ItemsTable] azManItems
join
-- select * from
[dbo].[netsqlazman_AuthorizationsTable] authors on azManItems.ItemId = authors.ItemId
Where
authors.[objectSid] = @FoundDBUserSid
and
exists ( select null from @ApplicationsHolder innerAppHolder where innerAppHolder.ApplicationId = azManItems.ApplicationId )
and
azManItems.ItemType = @IAzManItem_OPERATION



SET NOCOUNT OFF


END

GO


GRANT EXECUTE ON [NetSqlAzManAdapterSchema].[uspIPrincipalAdapterDataGetByStoreNameAndUserName] TO [$(DBUSERNAME)]
GO