A WebService as Data Access Layer - Suggestions needed

T

Timothy Parez

Hello,

We have a small sized database (22 tables) on a Microsoft SQL Server.
We would like to use a WebService to manage all access to that database,
enforcing a custom security scheme and thin clients.

(The clients will be SWF, GTK# and SWF-PocketPC applications)

I'm having trouble defining the methods I need, but currently I have
something like this:

* ADOBJECT */
[WebMethod(Description="Get a list of all ADOBJECT record")]
public DataSet GetAdObjects()
{

/* Security:
* Administrators, Publishers, Readers, PowerUsers */

eGroup group = this.GetUserGroup();
if (group != eGroup.None)
{
return this.GetDataSet("SELECT * FROM
ADOBJECT","ADOBJECT",null);
}
else
{
this.throwAccessDeniedException("GetAdObjects()",String.Empty);
return null;
}
}

/* ADOBJECTTYPE */
[WebMethod(Description="Get a list of all ADOBJECTTYPE records")]
public DataSet GetAdObjectTypes()
{

/* Security:
* Administrators, Publishers, Readers, PowerUsers */

eGroup group = this.GetUserGroup();
if (group != eGroup.None)
{
return this.GetDataSet("SELECT * FROM
ADOBJECTTYPE","ADOBJECTTYPE",null);
}
else
{
this.throwAccessDeniedException("GetAdObjectTypes()",
String.Empty);
return null;
}
}

I have GetX() methods like this for every table in our database,
and I apply a custom security scheme here.

These methods return a dataset, which the client then filters.
I don't allow the client to execute SQL for security reasons.

Is this a good approuch ? And how shall I go about linkage tables and adding
or updating data.

Thnx.
 
S

Saurabh Nandu

hi,

One of the things that can be done is using a single Typed DataSet that has relationships defined between multiple data tables.

Another way which is my personal preference is to create my own set of custom entites which are decorated with the XML Element attributes to enable serialization.
With custom entites I am able to shape the schema to be able to easily define nested classes etc.. which also have relevant attributes setup for XML Serialization.
 
T

Timothy Parez

That's a bit of chinese for me :)
Not really home in webservices :)

Saurabh Nandu said:
hi,

One of the things that can be done is using a single Typed DataSet that
Click to expand...
has relationships defined between multiple data tables.
Another way which is my personal preference is to create my own set of
Click to expand...
custom entites which are decorated with the XML Element attributes to enable
serialization.
With custom entites I am able to shape the schema to be able to easily
Click to expand...
define nested classes etc.. which also have relevant attributes setup for
XML Serialization.
--
Regards,
Saurabh Nandu
Master C#, the easy way...
[ www.MasterCSharp.com ]



Timothy Parez said:
Hello,

We have a small sized database (22 tables) on a Microsoft SQL Server.
We would like to use a WebService to manage all access to that database,
enforcing a custom security scheme and thin clients.

(The clients will be SWF, GTK# and SWF-PocketPC applications)

I'm having trouble defining the methods I need, but currently I have
something like this:

* ADOBJECT */
[WebMethod(Description="Get a list of all ADOBJECT record")]
public DataSet GetAdObjects()
{

/* Security:
* Administrators, Publishers, Readers, PowerUsers */

eGroup group = this.GetUserGroup();
if (group != eGroup.None)
{
return this.GetDataSet("SELECT * FROM
ADOBJECT","ADOBJECT",null);
}
else
{
this.throwAccessDeniedException("GetAdObjects()",String.Empty);
return null;
}
}

/* ADOBJECTTYPE */
[WebMethod(Description="Get a list of all ADOBJECTTYPE records")]
public DataSet GetAdObjectTypes()
{

/* Security:
* Administrators, Publishers, Readers, PowerUsers */

eGroup group = this.GetUserGroup();
if (group != eGroup.None)
{
return this.GetDataSet("SELECT * FROM
ADOBJECTTYPE","ADOBJECTTYPE",null);
}
else
{
this.throwAccessDeniedException("GetAdObjectTypes()",
String.Empty);
return null;
}
}

I have GetX() methods like this for every table in our database,
and I apply a custom security scheme here.

These methods return a dataset, which the client then filters.
I don't allow the client to execute SQL for security reasons.

Is this a good approuch ? And how shall I go about linkage tables and adding
or updating data.

Thnx.
Click to expand...
Click to expand...
 
S

Saurabh Nandu

Hi,

Sorry I can't help you much, without using the .NET Classes References...

Typed DataSets is a Technology from ADO.NET - You should look at using that.
If you are using VS.NET, then you can take a WalkThrough from the VS.NET Documentation that will teach you to build Typed DataSets.


--
Regards,
Saurabh Nandu
AksTech Solutions, reflecting your needs...
[ www.AksTech.com ]
[ www.MasterCSharp.com ]



Timothy Parez said:
That's a bit of chinese for me :)
Not really home in webservices :)

Saurabh Nandu said:
hi,

One of the things that can be done is using a single Typed DataSet that
Click to expand...
has relationships defined between multiple data tables.
Another way which is my personal preference is to create my own set of
Click to expand...
custom entites which are decorated with the XML Element attributes to enable
serialization.
With custom entites I am able to shape the schema to be able to easily
Click to expand...
define nested classes etc.. which also have relevant attributes setup for
XML Serialization.
--
Regards,
Saurabh Nandu
Master C#, the easy way...
[ www.MasterCSharp.com ]



Timothy Parez said:
Hello,

We have a small sized database (22 tables) on a Microsoft SQL Server.
We would like to use a WebService to manage all access to that database,
enforcing a custom security scheme and thin clients.

(The clients will be SWF, GTK# and SWF-PocketPC applications)

I'm having trouble defining the methods I need, but currently I have
something like this:

* ADOBJECT */
[WebMethod(Description="Get a list of all ADOBJECT record")]
public DataSet GetAdObjects()
{

/* Security:
* Administrators, Publishers, Readers, PowerUsers */

eGroup group = this.GetUserGroup();
if (group != eGroup.None)
{
return this.GetDataSet("SELECT * FROM
ADOBJECT","ADOBJECT",null);
}
else
{
this.throwAccessDeniedException("GetAdObjects()",String.Empty);
return null;
}
}

/* ADOBJECTTYPE */
[WebMethod(Description="Get a list of all ADOBJECTTYPE records")]
public DataSet GetAdObjectTypes()
{

/* Security:
* Administrators, Publishers, Readers, PowerUsers */

eGroup group = this.GetUserGroup();
if (group != eGroup.None)
{
return this.GetDataSet("SELECT * FROM
ADOBJECTTYPE","ADOBJECTTYPE",null);
}
else
{
this.throwAccessDeniedException("GetAdObjectTypes()",
String.Empty);
return null;
}
}

I have GetX() methods like this for every table in our database,
and I apply a custom security scheme here.

These methods return a dataset, which the client then filters.
I don't allow the client to execute SQL for security reasons.

Is this a good approuch ? And how shall I go about linkage tables and adding
or updating data.

Thnx.
Click to expand...
Click to expand...
Click to expand...
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

webservice with datasets 1
[MSSQL] [WebService] Last inserted ID in transaction 0
Errors when accessing data from a webservice 4
Setting ConnectionString when creating a data access layer with datasets 2
how to pass a value in this webservice? 2
Update underlying data using a DataSet and Webservices 0
Receiving arbitary 2-dimensional tables in a WebService method 1
Newbie: does not have a parameterless constructor 1

Members online

Total: 27 (members: 1, guests: 26)
Robots: 351

Forum statistics

Threads
473,755
Messages
2,569,536
Members
45,014
Latest member
BiancaFix3

Latest Threads

Top