I have created a simple C# MVC website with Entity Framework.
Created a simple model, DBContext, Controller and View.
Everything works great - but as soon as I lock down the SQL User to only query the SQL View that is needed I get the following:
An exception of type 'System.Data.SqlClient.SqlException' occurred in EntityFramework.dll but was not handled in user code
Additional information: CREATE TABLE permission denied in database 'MyDatabase'.
Again, everything works if the user has the CREATE TABLE permission but this shouldn't be necessary.
How to avaid that?
Best regards
Related
We use MSSQL for our C# .NET Framework 4.8 Application using Entity Framework for database related activities.
But on our production environment the SQL server has the Securable: View any database on Deny.
The database for the application exists but Entity Framework cannot see the database and tries to create it, this results in the CREATE DATABASE permission denied in database 'master' error.
I am using CreateDatabaseIfNotExists and MigrateDatabaseToLatestVersion in my Application_Start().
Now the issue (I think) lies with CreateDatabaseIfNotExists.
For the first run we give the db user enough rights to create and fill the database, it does this without problem.
But after the initial setup we remove those rights and the issue starts.
It tries to create the database, But it already exists.
And I am hoping there is a way to have both Automatic database creation/migration, and the View any database on deny securable.
Does anyone have a idea on how to solve this issue?
Is there some sort of option I could enable to stop this behaviour?
You should "wire in" IHostingEnvironment and make sure you run
CreateDatabaseIfNotExists and MigrateDatabaseToLatestVersion
only in certain environments.
===========
For DotNet-Core (NON asp.net-core) apps.
https://learn.microsoft.com/en-us/dotnet/api/microsoft.extensions.hosting.internal.hostingenvironment?view=dotnet-plat-ext-7.0
for asp.net-core.
https://learn.microsoft.com/en-us/dotnet/api/microsoft.aspnetcore.hosting.iwebhostenvironment?view=aspnetcore-6.0
....
Then you will use (probably an existing)
"Is" method:
https://learn.microsoft.com/en-us/dotnet/api/microsoft.aspnetcore.hosting.hostingenvironmentextensions.isdevelopment?view=aspnetcore-7.0
IsDevelopment
IsProduction
IsStaging
or you have the ability to "add your own environment".. with
IsEnvironment(string)
I would NEVER leave to "auto-voodoo" what might happen to the production database.
You can see this approach:
https://stackoverflow.com/a/60399887/214977
I would like to ask you if it is possible to proceed (in entity framework core):
context.Database.Migrate();
using database user without ddladmin permissions?
What I would like to achieve:
User without permission should not update migrations (without errors). However users with those kinds of permissions should be able to make migrations.
Currently, I am getting this kind of errors:
System.Private.CoreLib: Exception while executing function: xxx. Core
Microsoft SqlClient Data Provider: CREATE TABLE permission denied in
database 'xxxx'.
You have two options:
You give the user the db_ddladmin role
You add the create table grant to the user, like GRANT CREATE TABLE TO Joe AS dbo
I think the second one is what you are looking for.
The problem is that the web page was not deployed after migrating using another computer and also, the migration file was deleted.
the error was
The model backing the 'ProjectContext' context has changed since the
database was created. Consider using Code First Migrations to update
the database
Description: An unhandled exception occurred during the execution of
the current web request. Please review the stack trace for more
information about the error and where it originated in the code.
Exception Details: System.InvalidOperationException: The model backing
the 'ProjectContext' context has changed since the database was
created. Consider using Code First Migrations to update the database
Source Error:
An unhandled exception was generated during the execution of the
current web request. Information regarding the origin and location of
the exception can be identified using the exception stack trace below.
is there any way to solve this problem from my computer? or there is another problem behind this?
What the message says is that your database model is out of sync with your Entity Framework 'Code First' model / code.
To overcome this issue, you can use Code First Migrations. The linked tutorial on MSDN explains what you should do. You effectively have to use the Package Console and some C# code to migrate one version to another. This is something you have to do while coding the project. If you release it, the code can automatically update your database model to match your Entity Framework Code First code.
I am recently started working on Microsoft Sync framework 2.1 based project, which already developed, requirement is simple to sync db(server to client and client to server), but i am getting very frequent error stating blah_blah_selectchanges already exist(procedure), once i will delete all mentioned procedure it will work fine.. then again when i am trying with another machine this error comes again.. Now i am not getting a idea how to overcome with this error... I did some research and found additional tables(under sync db) created by the provisioning process: Products_Tracking, schema_info, scope_config, and scope_info. There are also other database objects such as triggers and stored procedures created by the provisioning process. I have one doubt if additional table/Procedure/Triggers is already exist on sync schema why it is creating again..
check how you're provisioning. Are you checking if the scope exists already? if there are existing scopes for the table and you want to add a new scope, you should specify SetCreateProceduresForAdditionalScopeDefault.
I've got a SQL Server mirroring set up with a primary, secondary and witness to provide automatic failover for my application. I've been experimenting with using the CommitFailureHandler class but I've run into a problem when using it in a specific scenario:
In the connection string the database server that is currently the
Mirror must specified as the Data Source and the Principal must be
specified as the Failover Partner.
The application must have migrations to perform against the database
The __TransactionHistory table must not exist
If any of those three conditions are not present then it works without problems.
When this situation does occur then a SqlException is thrown saying that Login Failed for the given user. I also the following messages in the SQL Server event log (on the Mirror instance):
Login failed for user 'myUser'. Reason: Failed to open the explicitly specified database 'myDatabase'.
Login failed for user 'myUser'. Reason: Password did not match that for the login provided.
For the record, the login and password are correct and work fine when any one of the three conditions are not true.
Here is the line where I set the transaction handler in my Database Configuration class:
SetTransactionHandler(SqlProviderServices.ProviderInvariantName, () => new CommitFailureHandler());
What's going on?
So I found this issue on the entity framework issues tracker: https://entityframework.codeplex.com/workitem/2050
It appears that there is a bug in EF 6.1 where the credentials would be stripped out of the connection string before the __TransactionHistory table could be created in the circumstances given in the question (it also manifested in SQL Azure).
The bug has been fixed in the latest beta of EF (6.1.1-beta1).