I need to do a select where I decrypt a column value using sql certificate and im currently using type providers (sooo nice :)).
In raw sql this would be like so (more or less):
OPEN SYMMETRIC KEY KEYNAME
DECRYPTION BY CERTIFICATE CERTNAME;
SELECT ID, CONVERT(varchar, DecryptByKey(KEYNAME)) AS 'DecyptedData'
FROM dbo.EncryptedData;
CLOSE SYMMETRIC KEY SymmetricKey1;
I have no interest in creating a view for this purpose.
I would like to do this in F# code, hence the request for raw sql ability (if possible)
An ADO connection is an option, but I would like to use type providers if possible to avoid an extra connection.
Does anyone know if this can be done easily?
I did not find a way to do this with the type provider and so ended up using FSharp.Data.SqlClient to handle it.
It works like a charm, but with the downside that I now use 2 different providers for accessing data in the same table :).
Related
I am setting up an Azure Function for housekeeping my relational database.
I want to be able to control what table can be clear in which interval via Application Settings (i.e. env vaiable), so I am investigating the best way to insert multiple value in one application settings.
I currently have 2 ideas:
Idea 1:
Use JSON, so the application settings will be something like this:
HOUSEKEEPING_VALUE={"table_a":3,"table_b":6}
After decoding the JSON format, I will clear table_a in 3 months interval, table_b in 6 months interval.
Idea 2:
Use the same format as those used by Azure connection string x1=y1;x2=y2;x3=y3;:
HOUSEKEEPING_VALUE=table_a=3;table_b=6;
Would like to ask the community, any other ways to achieve my goal which is more elegant? Or perhaps using JSON for my case is the norm? Thanks!
There are no elegant ways for multiple values stored in app setting in azure portal.
You should use the 2 solutions as mentioned in your question, then parse them by yourself.
There other option (secured/centralized) is using Azure App Configuration Store to and bootsrap in your Azure Functions
quick start of Azure App Configuration
how to leverage json content type
I got myself into a place where I need to port some functionality from a legacy Firebird database into MSSQL. The table schema and data was ok, all was enumerable and selectable for sysdba, however, the application layer is proving to be a pain.
The database has some 1000+ procedures and I would like to to move them over with some review rather than rebuilding the whole DAL. The problem is (you guessed) that they all appear to be encrypted somehow. When I ask to alter it to generate a script I get the ALTER script but the body of the procedure looks like a base64 string of some binary content. My first guess is encryption.
Is there some way to decrypt those bodies, like there is for MSSQL? Please note that Firebird database is running on its original box, in its original Firebird installation, nothing has been copied or moved, in case access to some keys is required.
When you create (or alter) a stored procedure in Firebird, Firebird will store the original body in column RDB$PROCEDURE_SOURCE of table RDB$PROCEDURES. This will not be encrypted. This body is not relevant for Firebird itself, as it will use the compiled form of the stored procedure (in column RDB$PROCEDURE_BLR); it is only stored to allow isql (and other tools) to generate the DDL script of the database.
Some software vendors don't like that people have access to their sourcecode, and so they will either null this RDB$PROCEDURE_SOURCE column or - as is likely the case with your database - encrypt the body in some way.
If this is an application that was developed in-house, you will need to find the original scripts used to build this database.
Otherwise there is no way to undo this without knowing exactly what the vendor (or developer) has done. Another possible solution would be to reverse engineer to stored procedure from the BLR (Binary Language Representation, the compiled form of the stored procedure), but I am not aware of tools that do this (and this might not result in very readable code).
Doing either of these might violate the license agreement, and maybe even local law. Your best bet would be to contact the vendor of this legacy application and ask (or pay) them for this source code.
The ISQL tool can print the BLR in 'readable' form, but as it is very low-level, I don't know how helpful that will be. For an example see this answer.
Since Firebird 3.0, database encryption is now possible ...so it has nothing to do with the Firebird installation, rather the database it self was already encrypted, I'm afraid you'll need the encryption keys to decrypt the data read these articles:
http://firebirdsql.org/file/documentation/release_notes/html/en/3_0/rnfb30-security-encryption.html
http://tracker.firebirdsql.org/browse/CORE-657
I have set up a breeze app with entities set to autoGeneratedKeyType of Identity. My database uses char(32) guids for primary keys, which are generated as defaults on the PK columns, which are NOT set as identities.
Upon save, the record gets created in the database, but it saves with the temporary breeze generated keys of 'undefined-1', 'undefined-2' etc.
Can breeze handle this type of server-side key generation scheme? What are my options? I must stick with this key generation approach due to the design of the existing system. Generating guids on the client comes to mind...
Have you got any ideas?
If you are working with Guid's, I think best practice should be to generate them on the client. You can use the breeze.core.getUuid() method ( currently undocumented) to generate client side Guid's.
If you really want to generate them on the server, then you will need to use a Breeze KeyGenerator. There is more information on this topic here: Search for Key Generator within this page and within the API docs.
I have a bit of problem here. I have created a lookupfield in my application server using Delphi XE2 DataSnap technology. On the client side, that field becomes TStringField. Now, the problem is that I loose the lookup functionality on the client side. To top that, I can't change the stringfield on the client side because it is read only (even if I manually turn off the read only property).
I don't want to lookup tables on the client side because I don't want all the data loaded on my client side just to support look up.
I can change the Key field value, but the stringfield lookup text doesnt change unless I apply updates and reload the data.
Users want to see the text change.
What should I do?
Seems you have to review your GUI functionality: lookup fields are really an client side feature. And it needs the lookup source - so to use it on client the lookup table must be loaded. DataSnap guys are very nice here, converting it to an TStringField when transmitting it to the client... I would simply ignore it.
So, if the lookup table is that big, you shouldn't using lookup fields but search UIs - or autocomplete comboboxes which you do queries against the DataSnap Server. Maybe you have to code it manually in the combobox case, I don't know (see if JVCL have something you can use to shortcut the path).
Alternatively, if the lookup table are seldom updated, you can aggresively cache it and have an updating mechanism to detect changes. So you can use the lookup fields the way they were created for.
Long time ago i faced that problem and i found a solution that is a bit complex to analyze here but i try to give some guidelines till i have the time to write a detailed blog post.
The idea consists of info (concerning lookup fields such as field properties, datasets, providers) packaged by the provider as optionalparams at the server side.
At client side a derived TClientDataset can unpack and process these info, create on the fly client datasets that retrieve needed lookup datasets and setup it's lookup fields accordingly.
The process is transparent due to the embedded functionality in the derived client dataset class and the only things to remember is to create that info in the provider's OnGetDatasetProperties event and turn false all provider flags in lookup fields.
In my program I have multiple databases. One is fixed and cannot be changed, but there are also some others, the so called user databases.
I thought now I have to start for every database one connection and to connect to each data dictionary. How is it possible to connect to more than one database with one connection by handing over the data dictionary filename? Btw. I am using a local server.
thank you very much,
André
P.S.: Okay I might find the answer to my problem.
The Key word is CreateDDLink. The procedure is connecting to another data dictionary, but before a master dictionary has to be set.
Links may be what you are looking for as you indicated in the question. You can use the API or SQL to create a permanent link alias, or you can dynamically create links on the fly.
I would recomend reviewing this specific help file page: Using Tables from Multiple Data Dictionaries
for a permanent alias (using SQL) look at sp_createlink. You can either create the link to authenticate the current user or set up the link to authenticate as a specific user. Then use the link name in your SQL statements.
select * from linkname.tablename
Or dynamically you can use the following which will authenticate the current user:
select * from "..\dir\otherdd.add".table1
However, links are only available to SQL. If you want to use the table directly (i.e. via a TAdsTable component) you will need to create views. See KB 080519-2034. The KB mentions you can't post updates if the SQL statement for the view results in a static cursor, but you can get around that by creating triggers on the view.