[英]Using a stored procedure to retrieve all or single user from AspNetUsers table
我看到很多关于 ASP.Net Core Identity 使用存储过程存储 DATA 的信息,我尝试并使用相同的方法从 SQL 中的 AspNetUsers 表中检索/获取所有或单个用户详细信息,但没有成功。 下面是我的代码。
我的存储过程
alter PROCEDURE [dbo].[spEmployeeDetails]
@EmployeeID varchar(50) = ''
AS
BEGIN
IF(@EmployeeID !='')
BEGIN
SELECT * FROM AspNetUsers WHERE EmployeeId like @EmployeeID + '%'
END
ELSE
BEGIN
SELECT * FROM AspNetUsers
END
END
Model class
public class AppUsers:IdentityUser
{
public string EmployeeId { get; set; }
public string FName { get; set; }
public string LName { get; set; }
public string Nationality { get; set; }
public string PositionTitle { get; set; }
public string Department { get; set; }
public string DepartmentCode { get; set; }
public string PosCode { get; set; }
public string Grade { get; set; }
}
服务 class
public AppUsers GetaUser(string id)
{
var getuser = context.AppUsers.FromSqlRaw($"spEmployeeDetails {id}").ToList();
return getuser.FirstOrDefault();
}
我得到的错误是
InvalidOperationException: 'FromSqlRaw' or 'FromSqlInterpolated' was called with non-composable SQL and with a query composing over it. Consider calling 'AsEnumerable' after the method to perform the composition on the client side.
我也试过这段代码,但没有运气
IEnumerable<AppraisalUsers> objd = context.AppraisalUsers.FromSqlRaw($"spEmployeeDetails {id}").AsEnumerable<AppraisalUsers>();
谁能帮我从身份框架生成的 AspNetUsers 表中检索用户
我正在研究Core3.1
您应该使用FromSqlInterPolated
而不是FromSqlRaw
来阻止 sql 注入攻击。
您可以尝试像这样添加 SQL 参数名称
context.AppUsers.FromSqlInterPolated ($"exec spEmployeeDetails @EmployeeID={id}")
您也可以将其编写为纯 ef 核心代码
return context.AppUsers.FirstOrDefault(e => e.EmployeeId == id);
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.