Do not add parameters for sp_describe_parameter_encryption when not p…

…rovided (#1115) * Update SqlCommand.cs * only execute sp_describe_parameter_encryption if parameters not empty * add test * improve test coverage * only go through parameters if not null * revert previous attempt * Update ApiShould.cs * Update ApiShould.cs
dotnet · Jul 10, 2021 · ae693c3 · ae693c3
1 parent 4fdd40b
commit ae693c3
Show file tree

Hide file tree

Showing 4 changed files with 76 additions and 7 deletions.
diff --git a/doc/samples/AzureKeyVaultProviderExample_2_0.cs b/doc/samples/AzureKeyVaultProviderExample_2_0.cs
@@ -242,7 +242,5 @@ public CustomerRecord(int id, string fName, string lName)
             }
         }
     }
-
-    //</Snippet1>
-
 }
+//</Snippet1>
diff --git a/src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/SqlCommand.cs b/src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/SqlCommand.cs
@@ -5837,11 +5837,22 @@ private SqlParameter BuildStoredProcedureStatementForColumnEncryption(string sto
         {
             Debug.Assert(CommandType == CommandType.StoredProcedure, "BuildStoredProcedureStatementForColumnEncryption() should only be called for stored procedures");
             Debug.Assert(!string.IsNullOrWhiteSpace(storedProcedureName), "storedProcedureName cannot be null or empty in BuildStoredProcedureStatementForColumnEncryption");
-            Debug.Assert(parameters != null, "parameters cannot be null in BuildStoredProcedureStatementForColumnEncryption");
 
             StringBuilder execStatement = new StringBuilder();
             execStatement.Append(@"EXEC ");
 
+            if (parameters is null)
+            {
+                execStatement.Append(ParseAndQuoteIdentifier(storedProcedureName, false));
+                return new SqlParameter(
+                    null,
+                    ((execStatement.Length << 1) <= TdsEnums.TYPE_SIZE_LIMIT) ? SqlDbType.NVarChar : SqlDbType.NText,
+                    execStatement.Length)
+                {
+                    Value = execStatement.ToString()
+                };
+            }
+
             // Find the return value parameter (if any).
             SqlParameter returnValueParameter = null;
             foreach (SqlParameter parameter in parameters)

diff --git a/src/Microsoft.Data.SqlClient/netfx/src/Microsoft/Data/SqlClient/SqlCommand.cs b/src/Microsoft.Data.SqlClient/netfx/src/Microsoft/Data/SqlClient/SqlCommand.cs
@@ -6786,11 +6786,22 @@ private SqlParameter BuildStoredProcedureStatementForColumnEncryption(string sto
         {
             Debug.Assert(CommandType == CommandType.StoredProcedure, "BuildStoredProcedureStatementForColumnEncryption() should only be called for stored procedures");
             Debug.Assert(!string.IsNullOrWhiteSpace(storedProcedureName), "storedProcedureName cannot be null or empty in BuildStoredProcedureStatementForColumnEncryption");
-            Debug.Assert(parameters != null, "parameters cannot be null in BuildStoredProcedureStatementForColumnEncryption");
 
             StringBuilder execStatement = new StringBuilder();
             execStatement.Append(@"EXEC ");
 
+            if (parameters is null)
+            {
+                execStatement.Append(ParseAndQuoteIdentifier(storedProcedureName, false));
+                return new SqlParameter(
+                    null,
+                    ((execStatement.Length << 1) <= TdsEnums.TYPE_SIZE_LIMIT) ? SqlDbType.NVarChar : SqlDbType.NText,
+                    execStatement.Length)
+                {
+                    Value = execStatement.ToString()
+                };
+            }
+
             // Find the return value parameter (if any).
             SqlParameter returnValueParameter = null;
             foreach (SqlParameter parameter in parameters)

diff --git a/src/Microsoft.Data.SqlClient/tests/ManualTests/AlwaysEncrypted/ApiShould.cs b/src/Microsoft.Data.SqlClient/tests/ManualTests/AlwaysEncrypted/ApiShould.cs
@@ -878,6 +878,53 @@ public void TestExecuteReaderWithCommandBehavior(string connection, CommandBehav
             });
         }
 
+        [ConditionalTheory(typeof(DataTestUtility), nameof(DataTestUtility.AreConnStringSetupForAE))]
+        [ClassData(typeof(AEConnectionStringProvider))]
+        public void TestEnclaveStoredProceduresWithAndWithoutParameters(string connectionString)
+        {
+            using SqlConnection sqlConnection = new(connectionString);
+            sqlConnection.Open();
+
+            using SqlCommand sqlCommand = new("", sqlConnection, transaction: null,
+                columnEncryptionSetting: SqlCommandColumnEncryptionSetting.Enabled);
+
+            string procWithoutParams = DataTestUtility.GetUniqueName("EnclaveWithoutParams", withBracket: false);
+            string procWithParam = DataTestUtility.GetUniqueName("EnclaveWithParams", withBracket: false);
+
+            try
+            {
+                sqlCommand.CommandText = $"CREATE PROCEDURE {procWithoutParams} AS SELECT FirstName, LastName  FROM [{_tableName}];";
+                sqlCommand.ExecuteNonQuery();
+                sqlCommand.CommandText = $"CREATE PROCEDURE {procWithParam} @id INT AS SELECT FirstName, LastName FROM [{_tableName}] WHERE CustomerId = @id";
+                sqlCommand.ExecuteNonQuery();
+                int expectedFields = 2;
+
+                sqlCommand.CommandText = procWithoutParams;
+                sqlCommand.CommandType = CommandType.StoredProcedure;
+                using (SqlDataReader reader = sqlCommand.ExecuteReader())
+                {
+                    Assert.Equal(expectedFields, reader.VisibleFieldCount);
+                }
+
+                sqlCommand.CommandText = procWithParam;
+                sqlCommand.CommandType = CommandType.StoredProcedure;
+                Exception ex = Assert.Throws<SqlException>(() => sqlCommand.ExecuteReader());
+                string expectedMsg = $"Procedure or function '{procWithParam}' expects parameter '@id', which was not supplied.";
+
+                Assert.Equal(expectedMsg, ex.Message);
+
+                sqlCommand.Parameters.AddWithValue("@id", 0);
+                using (SqlDataReader reader = sqlCommand.ExecuteReader())
+                {
+                    Assert.Equal(expectedFields, reader.VisibleFieldCount);
+                }
+            }
+            finally
+            {
+                DropHelperProcedures(new[] { procWithoutParams, procWithParam }, connectionString);
+            }
+        }
+
         [ConditionalTheory(typeof(DataTestUtility), nameof(DataTestUtility.AreConnStringSetupForAE))]
         [ClassData(typeof(AEConnectionStringProvider))]
         public void TestPrepareWithExecuteNonQuery(string connection)
@@ -2262,15 +2309,17 @@ public void TestSystemProvidersHavePrecedenceOverInstanceLevelProviders(string c
                 connection.Open();
                 using SqlCommand command = CreateCommandThatRequiresSystemKeyStoreProvider(connection);
                 connection.RegisterColumnEncryptionKeyStoreProvidersOnConnection(customKeyStoreProviders);
-                command.ExecuteReader();
+                SqlDataReader reader = command.ExecuteReader();
+                Assert.Equal(3, reader.VisibleFieldCount);
             }
 
             using (SqlConnection connection = new(connectionString))
             {
                 connection.Open();
                 using SqlCommand command = CreateCommandThatRequiresSystemKeyStoreProvider(connection);
                 command.RegisterColumnEncryptionKeyStoreProvidersOnCommand(customKeyStoreProviders);
-                command.ExecuteReader();
+                SqlDataReader reader = command.ExecuteReader();
+                Assert.Equal(3, reader.VisibleFieldCount);
             }
         }