在上面一节中,我通过RAISERROR重写了创建User的Stored procedure,实际上上面的Stored procedure是有问题的。我之所以没有立即指出,是因为这是一个很容易犯的错误,尤其是习惯了.NET Exception Handling的人更容易犯这样的错误。我们知道在.NET Application中,如果出现一个未处理的Exception,程序将立即终止,后续的程序将不会执行,但是对于上面的SQL则不一样,虽然我们通过RAISERROR将Error抛出,但是SQL的指定并不会被终止,INSERT语句仍然会被执行的。我想很多人会说在RAISERROR后加一个Return就可以了嘛。不错这是一个常用的解决方案,但是我不倾向于使用这种方法。为了更清楚地说明这个问题,我们举另一个相关的例子,上面我们介绍了创建User的例子,我们现在来引入另一个例子:如何将一个User添加到一个Role里面。由于这个例子在后面还将使用,我先讲设计的Table的结构介绍一下:T_USERS和T_ROLES分别存放User和Role,User和Role不区分大小写并且唯一,两者通过T_USERS_IN_ROLES进行关联。
现在我们来写将user添加到Role的Stored Procedure:首先验证User和Role是否存在,然后验证该User和Role是否已经存在,最后将Mapping关系添加到T_USERS_IN_ROLES中:
(
@user_name NVARCHAR(256),
@role_name NVARCHAR(256)
)
AS
DECLARE @user_id VARCHAR(50)
DECLARE @role_id VARCHAR(50)
SELECT @user_id = [USER_ID] FROM dbo.T_USERS WHERE LOWERED_USER_NAME = LOWER(@user_name)
IF(@user_id IS NULL)
BEGIN
RAISERROR ('The user dose not exist',16,1)
RETURN
END
SELECT @role_id = [ROLE_ID] FROM dbo.T_ROLES WHERE LOWERED_ROLE_NAME = LOWER(@role_name)
IF(@role_id IS NULL)
BEGIN
RAISERROR ('The role dose not exist',16,1)
RETURN
END
IF(EXISTS(SELECT * FROM T_USERS_IN_ROLES WHERE [USER_ID] = @user_id AND ROLE_ID = @role_id))
BEGIN
RAISERROR ('The user is already in the role',16,1)
RETURN
END
INSERT INTO dbo.T_USERS_IN_ROLES([USER_ID],ROLE_ID) VALUES(@user_id,@role_id)
虽然说在上面的Stored procedure中,我们在困难出现Exception的地方添加了RETURN,从而防止了后续的程序继续执行,但是对于一些我们无法预知的Exception呢?我们该如何添加这个RETURN呢?我想有人会说在每条语句执行之后都通过@@ERROR判断是否有Exception出现,我知道很多人喜欢这么做,而事实上,我现在真在维护的一些Stored procedure就是这么做的:全篇都是IF@@ERROR RETURN。其实我们完全可以通过其它的方式是我们的SQL看出来更加优雅一点。那就是使用我们很熟悉的TRY CATCH。在SQL Server中我们通过BEGIN TRY/END TRY和BEGIN CATCH/END CATCH这样的结构来进行Exception Handling。
通过TRY CATCH,上面的Stored procedure可以改成下面的样子:
(
@user_name NVARCHAR( 256),
@role_name NVARCHAR( 256)
)
AS
DECLARE @user_id VARCHAR( 50)
DECLARE @role_id VARCHAR( 50)
DECLARE @error_message NVARCHAR( 256)
DECLARE @error_serverity INT
DECLARE @error_state INT
BEGIN TRY
SELECT @user_id = [ USER_ID ] FROM dbo.T_USERS WHERE LOWERED_USER_NAME = LOWER( @user_name)
IF( @user_id IS NULL)
BEGIN
RAISERROR ( ' The user dose not exist ', 16, 1)
END
SELECT @role_id = [ ROLE_ID ] FROM dbo.T_ROLES WHERE LOWERED_ROLE_NAME = LOWER( @role_name)
IF( @role_id IS NULL)
BEGIN
RAISERROR ( ' The role dose not exist ', 16, 1)
END
IF( EXISTS( SELECT * FROM T_USERS_IN_ROLES WHERE [ USER_ID ] = @user_id AND ROLE_ID = @role_id))
BEGIN
RAISERROR ( ' The user is already in the role ', 16, 1)
END
INSERT INTO dbo.T_USERS_IN_ROLES( [ USER_ID ],ROLE_ID) VALUES( @user_id, @role_id)
END TRY
BEGIN CATCH
SET @error_message = ERROR_MESSAGE)
SET @error_serverity = ERROR_SEVERITY()
SET @error_state = ERROR_STATE()
RAISERROR( @error_message, @error_serverity, @error_state)
END CATCh
当执行上面一个SQL的时候,碰到任何一个我们自己抛出的Exception和系统异常,都会跳到Catch Block中执行相应的操作。在CATCH中,我们把在TRY Block中遇到的Error从新抛出。
在这里有一些需要注意的是:并非所有的Error都会使用SQL的执行流入Catch Block,下面是两个主要的例外:
-
Severity<10
-
Severity>20并且会马上中止Session
此外,相信大家也看见了在Catch中使用了一些Error作为前缀的Function,这些Function为系统定义的Function,用于返回当前Error的一些信息,这样的Function有:
-
ERROR_NUMBER():返回Error Number,相当于@@ERROR。
-
ERROR_MESSAGE():返回Error message.
-
ERROR_SEVERITY():返回Error严重级别.
-
ERROR_STATE() :返回Error的状态.
-
ERROR_LINE() :返回出现Error的行号.
ERROR_PROCEDURE() :返回出现Error的Stored Procedure名称.
四、 Error message & sys.messages
从前面的部分我们可以主要介绍了一种基于RAISERROR和TRY/CATCH的异常处理机制,个人觉得这是一种值得推荐的做法。但是上面的处理有一种不太理想的做法是:在每个Stored procedure中为不同的Error定义了Message。其实在很多情况下,每个Stored procedure都需要处理一些共同的Error,而且对于.NET Application来说往往是通过Message来判断Exception的类型,所以保持各个Stored Procedure的Message的一致性和Stored procedure和Application的Message的一致性就显得尤为重要。所以我们希望的做法是一次定义,对此使用。在Oracle中,我们知道我们可以通过定义具有全局意义的常数来解决,而对于SQL Server,没有全局常数的概念(在我的印象中好像没有),我们需要寻求另一种解决方案:将Message 添加到sys.messages中。
在前面的部分我们说过,sys.messages是可以用于专门存放Error相关的信息:Error number, severity,state,message等。而且他不但可以用于系统与定义error的存储,也可以用于存放我们自定义的Error。更加可喜的是,SQL Server定义了一些built-in stored procedure来用于message的添加、删除和修改:
[ , [ @lang = ] ' language ' ]
[ , [ @with_log = ] ' with_log ' ]
[ , [ @replace = ] ' replace ' ]
关于如何使用这些stored procedure,可以参阅SQL Server Books Online。在这里,我同下面的script添加我需要的Error。
GO
sp_addmessage @msgnum = 50002, @severity = 16, @msgtext = N ' This role is already existent ', @replace = ' replace '
Go
sp_addmessage @msgnum = 50003, @severity = 16, @msgtext = N ' This user does not exist ', @replace = ' replace '
GO
sp_addmessage @msgnum = 50004, @severity = 16, @msgtext = N ' This role does not exist ', @replace = ' replace '
GO
sp_addmessage @msgnum = 50005, @severity = 16, @msgtext = N ' This user is already in the role ', @replace = ' replace '
GO
[注:直接操作sys.messages是不被允许的]
五、 ADO.NET Exception Handling
上面所有的都在介绍在Database层面如何进行Exception handling,下面我们同一个简单的Demo,简单介绍一个我么的.NET Application如何处理从Database Engine抛出的Exception。在这里我们使用一个简单的Cosole application模拟一个简单的Security方面的场景:创建用户、创建角色、添加用户到角色。大部分的功能都在上面提到了,在这里做一下总结:
1. 表结构:
2. Messages(通过上面一节末Script在sys.messages中创建):
· 50001:This user is already existent
· 50002:This role is already existent
· 50003:This user does not exist
· 50004:This role does not exist
· 50005:This user is already in the role
3. Stored procedure
· Create User:P_USERS_I
(
@user_id varchar( 50),
@user_name nvarchar( 256)
)
AS
DECLARE @error_number INT
DECLARE @error_serverity INT
DECLARE @error_state INT
BEGIN TRY
IF( EXISTS( SELECT * FROM dbo.T_USERS WHERE LOWERED_USER_NAME = LOWER( @user_name) OR [ USER_ID ] = @user_id))
BEGIN
RAISERROR ( 50001, 16, 1)
END
INSERT INTO dbo.T_USERS
( [ USER_ID ]
, [ USER_NAME ]
,LOWERED_USER_NAME)
VALUES( @user_id, @user_name, LOWER( @user_name))
END TRY
BEGIN CATCH
SET @error_number = ERROR_NUMBER()
SET @error_serverity =ERROR_SEVERITY()
SET @error_state = ERROR_STATE()
RAISERROR( @error_number, @error_serverity, @error_state)
END CATCH
· Create Role:T_ROLES_I
(
@role_id varchar( 50),
@role_name nvarchar( 256)
)
AS
DECLARE @error_number INT
DECLARE @error_serverity INT
DECLARE @error_state INT
BEGIN TRY
IF( EXISTS( SELECT * FROM dbo.T_ROLES WHERE LOWERED_ROLE_NAME = LOWER( @ROLE_name) OR [ ROLE_ID ] = @role_id))
BEGIN
RAISERROR ( 50002, 16, 1)
END
INSERT INTO dbo.T_ROLES
( [ ROLE_ID ]
, [ ROLE_NAME ]
,LOWERED_ROLE_NAME)
VALUES( @ROLE_id, @ROLE_name, LOWER( @ROLE_name))
END TRY
BEGIN CATCH
SET @error_number = ERROR_NUMBER()
SET @error_serverity =ERROR_SEVERITY()
SET @error_state = ERROR_STATE()
RAISERROR( @error_number, @error_serverity, @error_state)
END CATCH
· Add User in Role:P_USERS_IN_ROLES_I
(
@user_name NVARCHAR( 256),
@role_name NVARCHAR( 256)
)
AS
DECLARE @user_id VARCHAR( 50)
DECLARE @role_id VARCHAR( 50)
DECLARE @error_number INT
DECLARE @error_serverity INT
DECLARE @error_state INT
BEGIN TRY
SELECT @user_id = [ USER_ID ] FROM dbo.T_USERS WHERE LOWERED_USER_NAME = LOWER( @user_name)
IF( @user_id IS NULL)
BEGIN
RAISERROR ( 50003, 16, 1)
END
SELECT @role_id = [ ROLE_ID ] FROM dbo.T_ROLES WHERE LOWERED_ROLE_NAME = LOWER( @role_name)
IF( @role_id IS NULL)
BEGIN
RAISERROR ( 50004, 16, 1)
END
IF( EXISTS( SELECT * FROM T_USERS_IN_ROLES WHERE [ USER_ID ] = @user_id AND ROLE_ID = @role_id))
BEGIN
RAISERROR ( 50005, 16, 1)
END
INSERT INTO dbo.T_USERS_IN_ROLES( [ USER_ID ],ROLE_ID) VALUES( @user_id, @role_id)
END TRY
BEGIN CATCH
SET @error_number = ERROR_NUMBER()
SET @error_serverity =ERROR_SEVERITY()
SET @error_state = ERROR_STATE()
RAISERROR( @error_number, @error_serverity, @error_state)
END CATCH
· Delete Data: P_CLEAR_DATA
AS
DELETE FROM dbo.T_USERS_IN_ROLES
DELETE FROM dbo.T_USERS
DELETE FROM dbo.T_ROLES
GO
4. Common Function:Utility. ExecuteCommand
public static bool ExecuteCommand( string procedureName, Dictionary< string, object> parameters)
{
ConnectionStringSettings connectionStringSection = ConfigurationManager.ConnectionStrings[connectionStringName];
DbProviderFactory dbProviderFactory = DbProviderFactories.GetFactory(connectionStringSection.ProviderName);
using (DbConnection connection = dbProviderFactory.CreateConnection())
{
connection.ConnectionString = connectionStringSection.ConnectionString;
connection.Open();
DbCommand command = connection.CreateCommand();
command.CommandText = procedureName;
command.CommandType = CommandType.StoredProcedure;
DbParameter parameter;
foreach (KeyValuePair<string, object> param in parameters)
{
parameter = dbProviderFactory.CreateParameter();
parameter.ParameterName = param.Key;
parameter.DbType = DbType.String;
parameter.Value = param.Value;
command.Parameters.Add(parameter);
}
DbTransaction transation = connection.BeginTransaction();
command.Transaction = transation;
try
{
command.ExecuteNonQuery();
transation.Commit();
return true;
}
catch
{
transation.Rollback();
throw;
}
}
}
5. Create User, Create Role, Add User In Role, Delete All Data
private const string ErrorRoleExists = "This role is already existent";
private const string ErrorUserNotExists = "This user does not exist";
private const string ErrorRoleNotExists = "This role does not exist";
private const string ErrorUserInRole = "This user is already in the role";
public static bool CreateUser( string userName)
{
string procedureName = "P_USERS_I";
Dictionary<string, object> parameters = new Dictionary<string, object>();
parameters.Add("user_id", Guid.NewGuid().ToString());
parameters.Add("user_name", userName);
try
{
ExecuteCommand(procedureName, parameters);
return true;
}
catch (Exception ex)
{
if (ex.Message == ErrorUserExists)
{
Console.WriteLine("The user \"{0}\" you specify is already existent!",userName);
return false; ;
}
Console.WriteLine("A unhandled exception is thrown for some unknown reason!");
return false;
}
}
public static bool CreateRole( string roleName)
{
string procedureName = "P_ROLES_I";
Dictionary<string, object> parameters = new Dictionary<string, object>();
parameters.Add("role_id", Guid.NewGuid().ToString());
parameters.Add("role_name", roleName);
try
{
ExecuteCommand(procedureName, parameters);
return true;
}
catch (Exception ex)
{
if (ex.Message==ErrorRoleExists)
{
Console.WriteLine("The role \"{0}\" you specify is already existent!",roleName);
return false; ;
}
Console.WriteLine("A unhandled exception is thrown for some unknown reason!");
return false;
}
}
public static bool AddUserInRole( string userName, string roleName)
{
string procedureName = "P_USERS_IN_ROLES_I";
Dictionary<string, object> parameters = new Dictionary<string, object>();
parameters.Add("user_name", userName);
parameters.Add("role_name", roleName);
try
{
ExecuteCommand(procedureName, parameters);
return true;
}
catch (Exception ex)
{
if (ex.Message==ErrorUserNotExists)
{
Console.WriteLine("The user \"{0}\" you specify is not existent!", userName);
return false;
}
if (ex.Message==ErrorRoleNotExists)
{
Console.WriteLine("The role \"{0}\" you specify is not existent!",roleName);
return false;
}
if (ex.Message == ErrorUserInRole)
{
Console.WriteLine("The user \"{0}\" is in the role \"{1}\"!",userName,roleName);
return false;
}
Console.WriteLine("A unhandled exception is thrown for some unknown reason!");
return false;
}
}
public static void Clear()
{
ExecuteCommand("P_CLEAR_DATA", new Dictionary<string, object>());
}
6. Programs
{
static void Main(string[] args)
{
Utility.Clear();
if (Utility.CreateUser("Artech"))
{
Console.WriteLine("The user \"{0}\" has been sucessully created!", "Artech");
}
if (Utility.CreateUser("Artech"))
{
Console.WriteLine("The user \"{0}\" has been sucessully created!", "Artech");
}
if (Utility.CreateRole("Administrator"))
{
Console.WriteLine("\nThe role \"{0}\" has been sucessully created!", "Administrator");
}
if (Utility.CreateRole("Administrator"))
{
Console.WriteLine("The role \"{0}\" has been sucessully created!", "Administrator");
}
if (Utility.AddUserInRole("Artech", "Administrator"))
{
Console.WriteLine("\nThe user \"{0}\" has been successfully added in the role \"{1}\"", "Artech", "Administrator");
}
if (Utility.AddUserInRole("Dave Crane", "Administrator"))
{
Console.WriteLine("The user \"{0}\" has been successfully added in the role \"{1}\"", "Dave Crane", "Administrator");
}
if (Utility.AddUserInRole("Artech", "Super Administrator"))
{
Console.WriteLine("The user \"{0}\" has been successfully added in the role \"{1}\"", "Artech", "Super Administrator");
}
if (Utility.AddUserInRole("Artech", "Administrator"))
{
Console.WriteLine("The user \"{0}\" has been successfully added in the role \"{1}\"", "Artech", "Administrator");
}
}
7. 最终执行结果
[原创]谈谈基于SQL Server的Exception Handling - PART I
[原创]谈谈基于SQL Server 的Exception Handling - PART II
[原创]谈谈基于SQL Server 的Exception Handling - PART III
微信公众账号:大内老A
微博: www.weibo.com/artech
如果你想及时得到个人撰写文章以及著作的消息推送,或者想看看个人推荐的技术资料,可以扫描左边二维码(或者长按识别二维码)关注个人公众号(原来公众帐号 蒋金楠的自媒体将会停用)。
本文版权归作者和博客园共有,欢迎转载,但未经作者同意必须保留此段声明,且在文章页面明显位置给出原文连接,否则保留追究法律责任的权利。