public HttpResponseMessage postMstUserForm(Entities.MstUserForm userForm)
{
try
{
Data.MstUserForm newUserForm = new Data.MstUserForm();
newUserForm.FormId = userForm.FormId;
newUserForm.UserId = userForm.UserId;
newUserForm.CanDelete = userForm.CanDelete;
newUserForm.CanAdd = userForm.CanAdd;
newUserForm.CanLock = userForm.CanLock;
newUserForm.CanUnlock = userForm.CanUnlock;
newUserForm.CanPrint = userForm.CanPrint;
newUserForm.CanPreview = userForm.CanPreview;
newUserForm.CanEdit = userForm.CanEdit;
newUserForm.CanTender = userForm.CanTender;
newUserForm.CanDiscount = userForm.CanDiscount;
newUserForm.CanView = userForm.CanView;
newUserForm.CanSplit = userForm.CanSplit;
newUserForm.CanCancel = userForm.CanCancel;
newUserForm.CanReturn = userForm.CanReturn;
db.MstUserForms.InsertOnSubmit(newUserForm);
db.SubmitChanges();
return(Request.CreateResponse(HttpStatusCode.OK));
}
catch (Exception ex)
{
Debug.WriteLine(ex);
return(Request.CreateResponse(HttpStatusCode.InternalServerError, "Something's went wrong from the server."));
}
}
// ===========
// User Rights
// ===========
public ActionResult UserRights(String formName)
{
var currentUser = from d in db.MstUsers where d.UserId == User.Identity.GetUserId() select d;
if (currentUser.Any())
{
var userForms = from d in db.MstUserForms where d.UserId == currentUser.FirstOrDefault().Id&& d.SysForm.FormName.Equals(formName) select d;
if (userForms.Any())
{
var userFormsRights = userForms.FirstOrDefault();
var model = new Entities.MstUserForm
{
CanAdd = userFormsRights.CanAdd,
CanEdit = userFormsRights.CanEdit,
CanDelete = userFormsRights.CanDelete,
CanLock = userFormsRights.CanLock,
CanUnlock = userFormsRights.CanUnlock,
CanCancel = userFormsRights.CanCancel,
CanPrint = userFormsRights.CanPrint
};
return(View(model));
}
else
{
return(RedirectToAction("Forbidden", "Software"));
}
}
else
{
return(RedirectToAction("Login", "Account"));
}
}
public HttpResponseMessage putUser(String id, Entities.MstUserForm userForm)
{
try
{
var usersForm = from d in db.MstUserForms where d.Id == Convert.ToInt32(id) select d;
if (usersForm.Any())
{
//var userId = (from d in db.MstUsers where d.AspNetUserId == User.Identity.GetUserId() select d).FirstOrDefault().Id;
var updateUserForm = usersForm.FirstOrDefault();
updateUserForm.FormId = userForm.FormId;
updateUserForm.UserId = userForm.UserId;
updateUserForm.CanDelete = userForm.CanDelete;
updateUserForm.CanAdd = userForm.CanAdd;
updateUserForm.CanLock = userForm.CanLock;
updateUserForm.CanUnlock = userForm.CanUnlock;
updateUserForm.CanPrint = userForm.CanPrint;
updateUserForm.CanPreview = userForm.CanPreview;
updateUserForm.CanEdit = userForm.CanEdit;
updateUserForm.CanTender = userForm.CanTender;
updateUserForm.CanDiscount = userForm.CanDiscount;
updateUserForm.CanView = userForm.CanView;
updateUserForm.CanSplit = userForm.CanSplit;
updateUserForm.CanCancel = userForm.CanCancel;
updateUserForm.CanReturn = userForm.CanReturn;
db.SubmitChanges();
return(Request.CreateResponse(HttpStatusCode.OK));
}
else
{
return(Request.CreateResponse(HttpStatusCode.NotFound));
}
}
catch (Exception e)
{
Debug.WriteLine(e);
return(Request.CreateResponse(HttpStatusCode.BadRequest));
}
}
public HttpResponseMessage UpdateUserForm(Entities.MstUserForm objUserForm, String id, String userId)
{
try
{
var currentUser = from d in db.MstUsers
where d.UserId == User.Identity.GetUserId()
select d;
if (currentUser.Any())
{
var currentUserId = currentUser.FirstOrDefault().Id;
var userForms = from d in db.MstUserForms
where d.UserId == currentUserId &&
d.SysForm.FormName.Equals("UserDetail")
select d;
if (userForms.Any())
{
if (userForms.FirstOrDefault().CanEdit)
{
var user = from d in db.MstUsers
where d.Id == Convert.ToInt32(userId)
select d;
if (user.Any())
{
if (!user.FirstOrDefault().IsLocked)
{
var userForm = from d in db.MstUserForms
where d.Id == Convert.ToInt32(id)
select d;
if (userForm.Any())
{
String oldObject = at.GetObjectString(userForm.FirstOrDefault());
var updateUserForm = userForm.FirstOrDefault();
updateUserForm.FormId = objUserForm.FormId;
updateUserForm.CanAdd = objUserForm.CanAdd;
updateUserForm.CanEdit = objUserForm.CanEdit;
updateUserForm.CanDelete = objUserForm.CanDelete;
updateUserForm.CanLock = objUserForm.CanLock;
updateUserForm.CanUnlock = objUserForm.CanUnlock;
updateUserForm.CanCancel = objUserForm.CanCancel;
updateUserForm.CanPrint = objUserForm.CanPrint;
db.SubmitChanges();
String newObject = at.GetObjectString(userForm.FirstOrDefault());
at.InsertAuditTrail(currentUser.FirstOrDefault().Id, GetType().Name, MethodBase.GetCurrentMethod().Name, oldObject, newObject);
return(Request.CreateResponse(HttpStatusCode.OK));
}
else
{
return(Request.CreateResponse(HttpStatusCode.NotFound, "Data not found. These user form details are not found in the server."));
}
}
else
{
return(Request.CreateResponse(HttpStatusCode.BadRequest, "You cannot edit and update user form if the current user detail is locked."));
}
}
else
{
return(Request.CreateResponse(HttpStatusCode.NotFound, "These current user details are not found in the server. Please add new user first before proceeding."));
}
}
else
{
return(Request.CreateResponse(HttpStatusCode.BadRequest, "Sorry. You have no rights to edit and update user form."));
}
}
else
{
return(Request.CreateResponse(HttpStatusCode.BadRequest, "Sorry. You have no access for this user page."));
}
}
else
{
return(Request.CreateResponse(HttpStatusCode.BadRequest, "Theres no current user logged in."));
}
}
catch (Exception e)
{
Debug.WriteLine(e);
return(Request.CreateResponse(HttpStatusCode.InternalServerError, "Something's went wrong from the server."));
}
}
public HttpResponseMessage AddUserForm(Entities.MstUserForm objUserForm, String userId)
{
try
{
var currentUser = from d in db.MstUsers
where d.UserId == User.Identity.GetUserId()
select d;
if (currentUser.Any())
{
var currentUserId = currentUser.FirstOrDefault().Id;
var userForms = from d in db.MstUserForms
where d.UserId == currentUserId &&
d.SysForm.FormName.Equals("UserDetail")
select d;
if (userForms.Any())
{
if (userForms.FirstOrDefault().CanAdd)
{
var user = from d in db.MstUsers
where d.Id == Convert.ToInt32(userId)
select d;
if (user.Any())
{
if (!user.FirstOrDefault().IsLocked)
{
Data.MstUserForm newUserForm = new Data.MstUserForm
{
UserId = Convert.ToInt32(userId),
FormId = objUserForm.FormId,
CanAdd = objUserForm.CanAdd,
CanEdit = objUserForm.CanEdit,
CanDelete = objUserForm.CanDelete,
CanLock = objUserForm.CanLock,
CanUnlock = objUserForm.CanUnlock,
CanPrint = objUserForm.CanPrint
};
db.MstUserForms.InsertOnSubmit(newUserForm);
db.SubmitChanges();
return(Request.CreateResponse(HttpStatusCode.OK));
}
else
{
return(Request.CreateResponse(HttpStatusCode.BadRequest, "You cannot add new user form if the current user detail is locked."));
}
}
else
{
return(Request.CreateResponse(HttpStatusCode.NotFound, "These current user details are not found in the server. Please add new user first before proceeding."));
}
}
else
{
return(Request.CreateResponse(HttpStatusCode.BadRequest, "Sorry. You have no rights to add user form."));
}
}
else
{
return(Request.CreateResponse(HttpStatusCode.BadRequest, "Sorry. You have no access for this user page."));
}
}
else
{
return(Request.CreateResponse(HttpStatusCode.BadRequest, "Theres no current user logged in."));
}
}
catch (Exception e)
{
Debug.WriteLine(e);
return(Request.CreateResponse(HttpStatusCode.InternalServerError, "Something's went wrong from the server."));
}
}
