an ASP.NET Open Source CMS & eCommerce platform
Search:
Skip Navigation LinksHome > DotShoppingCart Forums > Support > Installation > Permission Settings in Open Source Edition V2
Last Post 4/12/2008 9:33:38 PM By lukezy. 5 replies.
4/2/2008 3:27:12 AM
danros
Posts: 4
Joined: 4/23/2008
Permission Settings in Open Source Edition V2

I have just upgraded from Beta 2 to Version 2 of the open source edition of dotShoppingCart.

I am hitting a DB permission issue when loggin in as an administrator and depressing the "Enter Store Admin" Button.

This is because in this version, some of the stored procedures generate SQL dynamically and then they call "EXEC <dynamic statement>".

For the above to work, the DSC account should have db_ownership privileges rather than the standard public ones.

Could somebody please let me know what's the right way for configuring the permission levels.

Is anybody else having similar issues?

Kind regards,

Daniel

 

4/2/2008 5:20:04 AM
lukezy
Posts: 2109
Joined: 6/12/2007
Location:WA, US
Re: Permission Settings in Open Source Edition V2

You could check CreateDB.sql to see how it solves this. If you use InstDSC.exe you should not see this issue.

<p class="MsoNormal" style="margin: 0in 0in 0pt; mso-layout-grid-align: none"><span style="font-size: 10pt; color: green; font-family: 'Courier New'; mso-no-proof: yes">-- Workaround Dynamic SQL permission issue<o:p></o:p></span>

<p class="MsoNormal" style="margin: 0in 0in 0pt; mso-layout-grid-align: none"><span style="font-size: 10pt; color: blue; font-family: 'Courier New'; mso-no-proof: yes">CREATE </span><span style="font-size: 10pt; font-family: 'Courier New'; mso-no-proof: yes">CERTIFICATE dynamicCert<o:p></o:p></span>

<p class="MsoNormal" style="margin: 0in 0in 0pt; mso-layout-grid-align: none"><span style="font-size: 10pt; font-family: 'Courier New'; mso-no-proof: yes"><span style="mso-spacerun: yes">    </span><span style="color: blue">ENCRYPTION BY </span>PASSWORD = <span style="color: #a31515">'dsc dyn@mic2007'<o:p></o:p></span></span>

<p class="MsoNormal" style="margin: 0in 0in 0pt; mso-layout-grid-align: none"><span style="font-size: 10pt; font-family: 'Courier New'; mso-no-proof: yes"><span style="mso-spacerun: yes">    </span><span style="color: blue">WITH </span>SUBJECT = <span style="color: #a31515">'Certificate for Dynamic SQL'</span>,<o:p></o:p></span>

<p class="MsoNormal" style="margin: 0in 0in 0pt; mso-layout-grid-align: none"><span style="font-size: 10pt; font-family: 'Courier New'; mso-no-proof: yes"><span style="mso-spacerun: yes">    </span>START_DATE = <span style="color: #a31515">'20070101'</span>, EXPIRY_DATE = <span style="color: #a31515">'21000101'<o:p></o:p></span></span>

<p class="MsoNormal" style="margin: 0in 0in 0pt; mso-layout-grid-align: none"><span style="font-size: 10pt; font-family: 'Courier New'; mso-no-proof: yes">GO<o:p></o:p></span>

<p class="MsoNormal" style="margin: 0in 0in 0pt; mso-layout-grid-align: none"><span style="font-size: 10pt; color: blue; font-family: 'Courier New'; mso-no-proof: yes">CREATE USER </span><span style="font-size: 10pt; font-family: 'Courier New'; mso-no-proof: yes">dynamicCertUser <span style="color: blue">FROM </span>CERTIFICATE dynamicCert<o:p></o:p></span>

<p class="MsoNormal" style="margin: 0in 0in 0pt; mso-layout-grid-align: none"><span style="font-size: 10pt; font-family: 'Courier New'; mso-no-proof: yes">GO<o:p></o:p></span>

<p class="MsoNormal" style="margin: 0in 0in 0pt; mso-layout-grid-align: none"><span style="font-size: 10pt; font-family: 'Courier New'; mso-no-proof: yes"><o:p> </o:p></span>

<p class="MsoNormal" style="margin: 0in 0in 0pt; mso-layout-grid-align: none"><span style="font-size: 10pt; color: blue; font-family: 'Courier New'; mso-no-proof: yes">GRANT SELECT ON </span><span style="font-size: 10pt; font-family: 'Courier New'; mso-no-proof: yes">dbo.DSC_User <span style="color: blue">TO </span>dynamicCertUser<o:p></o:p></span>

<p class="MsoNormal" style="margin: 0in 0in 0pt; mso-layout-grid-align: none"><span style="font-size: 10pt; color: blue; font-family: 'Courier New'; mso-no-proof: yes">GRANT SELECT ON </span><span style="font-size: 10pt; font-family: 'Courier New'; mso-no-proof: yes">dbo.DSC_Address <span style="color: blue">TO </span>dynamicCertUser<o:p></o:p></span>

<p class="MsoNormal" style="margin: 0in 0in 0pt; mso-layout-grid-align: none"><span style="font-size: 10pt; color: blue; font-family: 'Courier New'; mso-no-proof: yes">GRANT SELECT ON </span><span style="font-size: 10pt; font-family: 'Courier New'; mso-no-proof: yes">dbo.aspnet_Users <span style="color: blue">TO </span>dynamicCertUser<o:p></o:p></span>

<p class="MsoNormal" style="margin: 0in 0in 0pt; mso-layout-grid-align: none"><span style="font-size: 10pt; color: blue; font-family: 'Courier New'; mso-no-proof: yes">GRANT SELECT ON </span><span style="font-size: 10pt; font-family: 'Courier New'; mso-no-proof: yes">dbo.aspnet_Membership <span style="color: blue">TO </span>dynamicCertUser<o:p></o:p></span>

<p class="MsoNormal" style="margin: 0in 0in 0pt; mso-layout-grid-align: none"><span style="font-size: 10pt; color: blue; font-family: 'Courier New'; mso-no-proof: yes">GRANT SELECT ON </span><span style="font-size: 10pt; font-family: 'Courier New'; mso-no-proof: yes">dbo.DSC_Product <span style="color: blue">TO </span>dynamicCertUser<o:p></o:p></span>

<p class="MsoNormal" style="margin: 0in 0in 0pt; mso-layout-grid-align: none"><span style="font-size: 10pt; color: blue; font-family: 'Courier New'; mso-no-proof: yes">GRANT SELECT ON </span><span style="font-size: 10pt; font-family: 'Courier New'; mso-no-proof: yes">dbo.DSC_Category_Product_Map <span style="color: blue">TO </span>dynamicCertUser<o:p></o:p></span>

<p class="MsoNormal" style="margin: 0in 0in 0pt; mso-layout-grid-align: none"><span style="font-size: 10pt; color: blue; font-family: 'Courier New'; mso-no-proof: yes">GRANT SELECT ON </span><span style="font-size: 10pt; font-family: 'Courier New'; mso-no-proof: yes">dbo.DSC_Product_Attribute_Map <span style="color: blue">TO </span>dynamicCertUser<o:p></o:p></span>

<p class="MsoNormal" style="margin: 0in 0in 0pt; mso-layout-grid-align: none"><span style="font-size: 10pt; color: blue; font-family: 'Courier New'; mso-no-proof: yes">GRANT SELECT ON </span><span style="font-size: 10pt; font-family: 'Courier New'; mso-no-proof: yes">dbo.DSC_Attribute <span style="color: blue">TO </span>dynamicCertUser<o:p></o:p></span>

<p class="MsoNormal" style="margin: 0in 0in 0pt; mso-layout-grid-align: none"><span style="font-size: 10pt; color: blue; font-family: 'Courier New'; mso-no-proof: yes">GRANT SELECT ON </span><span style="font-size: 10pt; font-family: 'Courier New'; mso-no-proof: yes">dbo.DSC_Product_Attribute_Value <span style="color: blue">TO </span>dynamicCertUser<o:p></o:p></span>

<p class="MsoNormal" style="margin: 0in 0in 0pt; mso-layout-grid-align: none"><span style="font-size: 10pt; color: blue; font-family: 'Courier New'; mso-no-proof: yes">GRANT SELECT ON </span><span style="font-size: 10pt; font-family: 'Courier New'; mso-no-proof: yes">dbo.DSC_Product_Descriptor <span style="color: blue">TO </span>dynamicCertUser<o:p></o:p></span>

<p class="MsoNormal" style="margin: 0in 0in 0pt; mso-layout-grid-align: none"><span style="font-size: 10pt; color: blue; font-family: 'Courier New'; mso-no-proof: yes">GRANT SELECT ON </span><span style="font-size: 10pt; font-family: 'Courier New'; mso-no-proof: yes">dbo.vw_DSC_Product_Stock <span style="color: blue">TO </span>dynamicCertUser<o:p></o:p></span>

<p class="MsoNormal" style="margin: 0in 0in 0pt; mso-layout-grid-align: none"><span style="font-size: 10pt; color: blue; font-family: 'Courier New'; mso-no-proof: yes">GRANT SELECT ON </span><span style="font-size: 10pt; font-family: 'Courier New'; mso-no-proof: yes">dbo.DSC_Order <span style="color: blue">TO </span>dynamicCertUser<o:p></o:p></span>

<p class="MsoNormal" style="margin: 0in 0in 0pt; mso-layout-grid-align: none"><span style="font-size: 10pt; color: blue; font-family: 'Courier New'; mso-no-proof: yes">GRANT SELECT ON </span><span style="font-size: 10pt; font-family: 'Courier New'; mso-no-proof: yes">dbo.DSC_Order_Item <span style="color: blue">TO </span>dynamicCertUser<o:p></o:p></span>

<p class="MsoNormal" style="margin: 0in 0in 0pt; mso-layout-grid-align: none"><span style="font-size: 10pt; color: blue; font-family: 'Courier New'; mso-no-proof: yes">GRANT SELECT ON </span><span style="font-size: 10pt; font-family: 'Courier New'; mso-no-proof: yes">dbo.DSC_Order_Address <span style="color: blue">TO </span>dynamicCertUser<o:p></o:p></span>

<p class="MsoNormal" style="margin: 0in 0in 0pt; mso-layout-grid-align: none"><span style="font-size: 10pt; color: blue; font-family: 'Courier New'; mso-no-proof: yes">GRANT SELECT ON </span><span style="font-size: 10pt; font-family: 'Courier New'; mso-no-proof: yes">dbo.DSC_Order_Note <span style="color: blue">TO </span>dynamicCertUser<o:p></o:p></span>

<p class="MsoNormal" style="margin: 0in 0in 0pt; mso-layout-grid-align: none"><span style="font-size: 10pt; color: blue; font-family: 'Courier New'; mso-no-proof: yes">GRANT SELECT ON </span><span style="font-size: 10pt; font-family: 'Courier New'; mso-no-proof: yes">dbo.DSC_Order_Total <span style="color: blue">TO </span>dynamicCertUser<o:p></o:p></span>

<p class="MsoNormal" style="margin: 0in 0in 0pt; mso-layout-grid-align: none"><span style="font-size: 10pt; color: blue; font-family: 'Courier New'; mso-no-proof: yes">GRANT SELECT ON </span><span style="font-size: 10pt; font-family: 'Courier New'; mso-no-proof: yes">dbo.DSC_Category_GetChildren <span style="color: blue">TO </span>dynamicCertUser<o:p></o:p></span>

<p class="MsoNormal" style="margin: 0in 0in 0pt; mso-layout-grid-align: none"><span style="font-size: 10pt; color: blue; font-family: 'Courier New'; mso-no-proof: yes">GRANT SELECT ON </span><span style="font-size: 10pt; font-family: 'Courier New'; mso-no-proof: yes">dbo.DSC_Page <span style="color: blue">TO </span>dynamicCertUser<o:p></o:p></span>

<p class="MsoNormal" style="margin: 0in 0in 0pt; mso-layout-grid-align: none"><span style="font-size: 10pt; font-family: 'Courier New'; mso-no-proof: yes">GO<o:p></o:p></span>

<p class="MsoNormal" style="margin: 0in 0in 0pt; mso-layout-grid-align: none"><span style="font-size: 10pt; font-family: 'Courier New'; mso-no-proof: yes"><o:p> </o:p></span>

<p class="MsoNormal" style="margin: 0in 0in 0pt; mso-layout-grid-align: none"><span style="font-size: 10pt; font-family: 'Courier New'; mso-no-proof: yes"><span style="color: #a31515"><o:p></o:p></span></span>

DotShoppingCart Staff
4/2/2008 6:16:11 AM
danros
Posts: 4
Joined: 4/23/2008
Re: Permission Settings in Open Source Edition V2

Thanks for the reply.

I did use InstDSC.exe to create the database, but unfortunately it is complaining about running DSC_Parse_IDs which dynamically called from [DSC_Order_GetByDateRangeAndStatusList].

Tried granting access to the dynamicCertUser account, but did not get much further.

Here's the actual message.

Thanks in advance,

Daniel

 

<span>

The SELECT permission was denied on the object 'DSC_Parse_Ids', database 'dotShoppingCart2', schema 'dbo'.

</span> Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

Exception Details: System.Data.SqlClient.SqlException: The SELECT permission was denied on the object 'DSC_Parse_Ids', database 'dotShoppingCart2', schema 'dbo'.

Source Error:

<table width="100%" bgcolor="#ffffcc"> <tbody> <tr> <td>
Line 583:            db.AddOutParameter(cmd, "@totalOrders", DbType.Int32, sizeof(Int32));
Line 584:
Line 585: DataSet ds = db.ExecuteDataSet(cmd);
Line 586: int totalNumber = (int)db.GetParameterValue(cmd, "@totalOrders");
Line 587:
</td> </tr> </tbody> </table>

4/2/2008 11:02:09 AM
lukezy
Posts: 2109
Joined: 6/12/2007
Location:WA, US
Re: Permission Settings in Open Source Edition V2

Looks like CreateDB.sql is missing the following. Try running this directly.

<font color="#0000ff" size="2"><font color="#0000ff" size="2">

GRANT SELECT ON

[dbo].[DSC_Parse_Ids] <font color="#0000ff" size="2"><font color="#0000ff" size="2">TO [DSC_Public]

DotShoppingCart Staff
4/2/2008 2:10:20 PM
danros
Posts: 4
Joined: 4/23/2008
Re: Permission Settings in Open Source Edition V2

Thanks again. 

This time it DOES work.

You will also need to grant the above permissions on the DSC_Order table.

 

 

 

4/12/2008 9:33:38 PM
lukezy
Posts: 2109
Joined: 6/12/2007
Location:WA, US
Re: Permission Settings in Open Source Edition V2

You don't need to grant Select to DSC_Order because they loosen the table DSC_Order  permission. Here is the complete fix.

<div style="margin: 0in 0in 0pt"><span style="font-size: 10pt; color: blue">GRANT SELECT ON </span><span style="font-size: 10pt"> [dbo].[DSC_Parse_Ids] <span style="color: blue">TO </span>[DSC_Public]</span> <div style="margin: 0in 0in 0pt"><span style="font-size: 10pt; color: blue">ADD </span><span style="font-size: 10pt">SIGNATURE <span style="color: blue">TO </span>[dbo].[DSC_Order_GetByDateRangeAndStatusList] <span style="color: blue">BY </span>CERTIFICATE dynamicCert <span style="color: blue">WITH </span>PASSWORD = <span style="color: #a31515">'dsc dyn@mic2007'</span></span>
DotShoppingCart Staff