public ActionResult Edit(string groupId, string groupName, string add)
{
bool adding = bool.Parse(add);
MxUser mxUser = GetMxUser();
if (mxUser.IsInRole("GROUP_View") || mxUser.IsInRole("GROUP_Add") || mxUser.IsInRole("GROUP_Edit") || mxUser.IsInRole("GROUP_Delete"))
{
var model = new GroupsModel(GetMxUser(), groupId, groupName, adding);
return(View(model));
}
else
{
return(RedirectToAction("NoAccess", "Account", new { returnUrl = "Admin/Groups" }));
}
}
public JsonResult EditGroup(FormCollection form)
{
JsonResult jr = new JsonResult();
MxUser mxUser = GetMxUser();
if (form["del"] == "true")
{
if (mxUser.IsInRole("GROUP_Delete"))
{
BLL.Groups.Delete(form["groupId"]);
}
else
{
jr = Json(new { success = "false", error = "User does not have Delete rights" });
}
}
else
{
if (mxUser.IsInRole("GROUP_Edit"))
{
if (!String.IsNullOrEmpty(form["edit"]))
{
try
{
BLL.Groups.Update(form["groupId"], form["roles"], form["groupName"], form["description"]);
jr = Json(new { success = "true" });
}
catch (Exception ex)
{
jr = Json(new { success = "false", error = ex.Message });
}
}
}
else
{
jr = Json(new { success = "false", error = "User does not have Edit rights" });
}
}
return(jr);
}
public ActionResult EditUser(string userId)
{
MxUser mxUser = GetMxUser();
if (mxUser.IsInRole("USERS_View"))
{
var model = new EditUserModel(new MxUser(userId), mxUser);
return(View(model));
}
else
{
return(RedirectToAction("NoAccess", "Account", new { returnUrl = "Admin/UserAdmin" }));
}
}
public ActionResult AddUser()
{
MxUser mxUser = GetMxUser();
if (mxUser.IsInRole("USERS_Add"))
{
var model = new AddUserModel(mxUser);
return(View("AddUser", model));
}
else
{
throw new Exception("The currently logged in user does not have user add rights");
}
}
/****************** User Admin *******************/
#region User Admin
public ActionResult List()
{
MxUser mxUser = GetMxUser();
if (mxUser.IsInRole("USERS_View"))
{
var model = new UserListModel(mxUser, MxUser.GetAllUsers());
return(View(model));
}
else
{
return(RedirectToAction("NoAccess", "Account", new { returnUrl = "Admin/UserAdmin" }));
}
}
public ActionResult ViewUser(string userId)
{
MxUser mxUser = GetMxUser();
if (mxUser.IsInRole("USERS_View"))
{
var model = new UsersModel(mxUser, userId.ToLower());
return(View("Users", model));
}
else
{
return(RedirectToAction("Login", "Account", new { returnUrl = "Admin/UserAdmin" }));
}
}
//
// GET: /Account/Users
public ActionResult Users()
{
MxUser mxUser = GetMxUser();
if (mxUser.IsInRole("USERS_View"))
{
var model = new UsersModel(mxUser, ""); // no user
return(View(model));
}
else
{
return(RedirectToAction("Login", "Account", new { returnUrl = "Admin/UserAdmin" }));
}
}
public ActionResult Add()
{
MxUser mxUser = GetMxUser();
if (mxUser.IsInRole("GROUP_Add"))
{
var model = new GroupsModel(GetMxUser(), true);
return(View(model));
}
else
{
return(RedirectToAction("NoAccess", "Account", new { returnUrl = "Admin/Groups" }));
}
}
public ContentResult DueDatesShipments(string orderId)
{
MxUser mxUser = GetMxUser();
if (mxUser.IsInRole("CUSTOMER_View"))
{
var model = new OrderStatus(mxUser);
return(Content(model.GetDueDatesShipments(orderId)));
}
else
{
return(Content(UnauthorizedContent()));
}
}
public ContentResult List(string status, string companyId)
{
MxUser mxUser = GetMxUser();
if (mxUser.IsInRole("CUSTOMER_View"))
{
//var um = new UserModel(Membership.GetUser().ProviderUserKey.ToString());
var model = new OrderStatus(mxUser);
return(Content(model.GetOrders(status, companyId)));
}
else
{
return(Content(UnauthorizedContent()));
}
}
public ActionResult Status()
{
MxUser mxUser = GetMxUser();
if (mxUser.IsInRole("CUSTOMER_View"))
{
//var um = new UserModel(Membership.GetUser().ProviderUserKey.ToString());
//string companyName = BLL.Customer.CustomerName(um);
var model = new OrderStatus(GetMxUser());
return(View(model));
}
else
{
return(RedirectToAction("NoAccess", "Account", new { returnUrl = "Orders" }));
}
}
/// <summary>
/// Constructor for the ButtonModel
/// </summary>
/// <param name="user"></param>
/// <param name="requiredRoles">if the user has any of these roles, then the user will see the button. Pass null or empty array if the button does not require any roles to see</param>
/// <param name="buttonText">localized text</param>
/// <param name="buttonJsCall">Javascript that will be executed when the button is clicked</param>
/// <param name="buttonDescription">localized description of the button</param>
public ButtonModel(MxUser user, string id, string[] requiredRoles, string buttonText, string buttonJsCall, string buttonDescription,
string cssClass, string iconClass, bool showButtonText)
{
Usr = user;
Id = id;
RequiredRoles = requiredRoles;
ButtonText = buttonText;
JsCall = buttonJsCall;
ButtonDescription = buttonDescription;
ShowBtn = false;
if (string.IsNullOrEmpty(iconClass))
{
CssClass = cssClass;
}
else
{
CssClass = cssClass + " icon";
}
IconClass = iconClass;
ShowBtnText = showButtonText;
if (requiredRoles == null || requiredRoles.Length == 0)
{
ShowBtn = true;
}
else
{
for (int i = 0; i < requiredRoles.Length; i++)
{
if (user.IsInRole(requiredRoles[i]))
{
ShowBtn = true;
break;
}
}
}
if (!ShowBtnText)
{
Tooltip = buttonText;
}
}
public JsonResult ClearUserSeats(FormCollection form)
{
JsonResult jr = new JsonResult();
MxUser mxUser = GetMxUser();
if (mxUser.IsInRole("USERS_Edit"))
{
try
{
BLL.MxLicense.UnseatUser(form["userId"], "");
jr = Json(new { success = "true" });
}
catch (Exception ex)
{
jr = Json(new { success = "false", error = ex.Message });
}
}
else
{
throw new Exception("The currently logged in user does not have user Edit rights");
}
return(jr);
}
public JsonResult AddRolesToGroups(FormCollection form)
{
JsonResult jr = new JsonResult();
MxUser mxUser = GetMxUser();
try
{
if (mxUser.IsInRole("GROUP_Edit"))
{
BLL.Groups.UpdateRoleInGroups(form["groups"].Replace("addRole_", ""), form["role"]);
jr = Json(new { success = "true" });
}
else
{
jr = Json(new { success = "false", error = "User does not have Group Edit rights" });
}
}
catch (Exception ex)
{
jr = Json(new { success = "false", error = ex.Message });
}
return(jr);
}
public JsonResult DeleteGroup(FormCollection form)
{
JsonResult jr = new JsonResult();
MxUser mxUser = GetMxUser();
if (mxUser.IsInRole("GROUP_Delete"))
{
try
{
BLL.Groups.Delete(form["groupId"]);
jr = Json(new { success = "true" });
}
catch (Exception ex)
{
jr = Json(new { success = "false", error = ex.Message });
}
}
else
{
jr = Json(new { success = "false", error = "User does not have Delete rights" });
}
return(jr);
}
public JsonResult EditUser(string userId, FormCollection form)
{
JsonResult jr = new JsonResult();
MembershipUser mbrUser;
MxUser mxUser = GetMxUser();
if (form["del"] == "true")
{
if (mxUser.IsInRole("USERS_Delete"))
{
Membership.DeleteUser(form["userName"], true);
}
else
{
throw new Exception("The currently logged in user does not have user delete rights");
}
}
else
{
if (!String.IsNullOrEmpty(form["edit"]))
{
if (mxUser.IsInRole("USERS_Edit"))
{
mbrUser = Membership.GetUser(new Guid(form["userId"]));
if (form["changePw"] == "on")
{
string generatedPw = mbrUser.ResetPassword();
mbrUser.ChangePassword(generatedPw, "default");
}
if (form["userSuspended"] != "on")
{
mbrUser.IsApproved = true;
}
else
{
mbrUser.IsApproved = false;
}
string clt = form["changedLicType"];
if (bool.Parse(form["changedLicType"]))
{
BLL.MxLicense.UnseatUser(mbrUser.ProviderUserKey.ToString(), "");
}
}
else
{
throw new Exception("The currently logged in user does not have user edit rights");
}
}
else
{
if (mxUser.IsInRole("USERS_Add"))
{
mbrUser = Membership.CreateUser(form["username"], "default", form["emailAddr"]);
mbrUser.IsApproved = true;
}
else
{
throw new Exception("The currently logged in user does not have user add rights");
}
}
System.Web.Profile.ProfileBase profile = System.Web.Profile.ProfileBase.Create(mbrUser.UserName);
mbrUser.Email = form["emailAddr"];
bool compAdmin = form["isCompanyAdmin"] == "on" ? true : false;
bool acctAdmin = form["isAcctAdmin"] == "on" ? true : false;
bool prodAdmin = form["isProdAdmin"] == "on" ? true : false;
bool external = form["isExternal"] == "on" ? true : false;
bool exempt = form["isExempt"] == "on" ? true : false;
bool cantChangePw = form["cantChangePw"] == "on" ? true : false;
profile.SetPropertyValue("firstName", form["firstName"]);
profile.SetPropertyValue("lastName", form["lastName"]);
profile.SetPropertyValue("initials", form["initials"]);
profile.SetPropertyValue("CompanyAdmin", compAdmin);
profile.SetPropertyValue("CantChangePw", cantChangePw);
profile.SetPropertyValue("ProdAdmin", prodAdmin);
profile.SetPropertyValue("AcctAdmin", acctAdmin);
profile.SetPropertyValue("External", external);
profile.SetPropertyValue("Exempt", exempt);
profile.SetPropertyValue("PwExpireInterval", form["pwExpireInterval"]);
profile.SetPropertyValue("MinuteLimit", form["timeoutLimit"]);
profile.SetPropertyValue("LicenseType", form["licenseType"]);
try
{
Membership.UpdateUser(mbrUser);
profile.Save();
BLL.MxUser.UpdateUserPermissions(mbrUser.ProviderUserKey.ToString(), form["suppliers"], form["customers"], form["groups"]);
jr = Json(new { success = "true" });
}
catch (Exception exc)
{
jr = Json(new { success = "false", error = exc.Message });
}
}
return(jr);
}