ansaurus

Question

Altering results prior to using SQLContext.Pipe.Send() in a .NET sproc

Answer 1

+1 A:

You can describe your own result set with SendResultStart, then send each row with SendResultsRow:

  using(SqlConnection connection = new SqlConnection("context connection=true")) 
  {
     // Create the record and specify the metadata for the columns.
     // This record describes a result with two columns:
     //  Name NVARCHAR(4000)
     //  URL VARCHAR(4000)
     //
     SqlDataRecord record = new SqlDataRecord(
       new SqlMetaData("Name", SqlDbType.NVarChar, 4000),
       new SqlMetaData("URL", SqlDbType.VarChar, 4000),
       ...);

     // Mark the begining of the result-set.
     SqlContext.Pipe.SendResultsStart(record);

     connection.Open();
     SqlCommand command = new SqlCommand("select Name, Picture from myTable", connection);
     using (SqlDataReader rdr = command.ExecuteReader())
     {
        while(rdr.Read ())
        {
            // Transform the current row from rdr into the target record
            string nameDb = rdr.GetString(0);
            string urlDb = rdr.GetString(1);

            // do the transformations:
            string nameResult = String.Format("<h2>{0}</h2>", nameDb);
            string awt = ComputeTheAWT(urlDb);
            string urlResult = FormatURL (urlDb, awt);

            // Assign the record properties
            record.SetString(0, nameResult);
            record.SetString(1, urlResult);

            // send the record
            SqlContext.Pipe.SendResultsRow(record);
        }
     }
     SqlContext.Pipe.SendResultsEnd ();
  }

Remus Rusanu 2010-10-15 19:09:02

Thank you I'm a little confused by the ellipsis... perhaps it's because I have select * in my code. I added some fake columns, where I'll wrap the name in "h2" tags, and the Url with img src="" tags

MakerOfThings7 2010-10-15 19:14:04

The kind of transformation you mention is much easier done straight in the query, as in `SELECT '<h2>' + Name + '</h2>'...`

Remus Rusanu 2010-10-15 20:37:08

Well, I was simplifying the example. In truth I'll be reading the string and appending an MD5 hash to the URL for access control purposes.

MakerOfThings7 2010-10-15 20:49:24

That's still no reason for CLR. use `HASHBYTES`: http://msdn.microsoft.com/en-us/library/ms174415.aspx

Remus Rusanu 2010-10-15 21:47:06

I was writing in the comments section so I kept it short. The resulting string will be URL + "?" + SWT (not really a hash), where SWT is the PKI encrypted 1) Expiration of the request + (2) Target URL from DB + (3) PKI signature of all 3 elements (as a hash). Very similar to Microsoft Azure ACS 'SWT' format. I may include a 4th element that contains the rights (Read, Write, Delete, etc) as claims

MakerOfThings7 2010-10-16 00:41:12

And if you're wondering why I'm implementing this in the Sproc, it's because Cognos doesn't give us many options in the scenario we are attempting

MakerOfThings7 2010-10-16 00:46:45

.. and to put the whole picture together, the client (passive web browser) will do a GET against a WCF service like this: http://stackoverflow.com/questions/3937766/reading-a-file-from-a-unc-path-and-setting-the-correct-mime-type-in-a-http-reques where I'll decrypt the SWT and validate access to the given file. If the signature is invalid, date is expired,or access type doesn't match then deny the request.

MakerOfThings7 2010-10-16 00:51:29

See my edit, perhaps now is more clear how the `SqlDataRecord` object is used.

Remus Rusanu 2010-10-16 15:51:02

Thanks Remus!!!

MakerOfThings7 2010-10-17 09:38:53

ansaurus

tags:

views:

answers:

Altering results prior to using SQLContext.Pipe.Send() in a .NET sproc

related questions