public ActionResult DeletePending(int id = 0)
{
if (Authorized(RoleType.SystemManager))
{
PendingUser user;
using (PendingUsersRepository userRep = new PendingUsersRepository())
{
user = userRep.GetEntity(id, "User");
}
if (user == null)
{
return(Error(Loc.Dic.error_user_not_found));
}
if (user.CompanyId != CurrentUser.CompanyId)
{
return(Error(Loc.Dic.error_no_permission));
}
return(View(user));
}
else
{
return(Error(Loc.Dic.error_no_permission));
}
}
public ActionResult DeletePendingConfirmed(int id)
{
if (Authorized(RoleType.SystemManager))
{
PendingUser user;
using (PendingUsersRepository pendingUserRep = new PendingUsersRepository())
{
user = pendingUserRep.GetEntity(id);
if (user == null)
{
return(Error(Loc.Dic.error_user_not_found));
}
if (user.CompanyId != CurrentUser.CompanyId)
{
return(Error(Loc.Dic.error_no_permission));
}
pendingUserRep.Delete(user.Id);
}
return(RedirectToAction("Index"));
}
else
{
return(Error(Loc.Dic.error_no_permission));
}
}
private bool?CompanyCanAddUsers()
{
int companyUserCount = 0;
int companyUserLimit = 0;
using (UsersRepository usersRep = new UsersRepository(CurrentUser.CompanyId))
using (PendingUsersRepository pendingUsersRep = new PendingUsersRepository())
using (CompaniesRepository companiesRep = new CompaniesRepository())
{
try
{
companyUserCount =
usersRep.GetList().Where(x => x.CompanyId == CurrentUser.CompanyId && x.IsActive).Count() +
pendingUsersRep.GetList().Where(x => x.CompanyId == CurrentUser.CompanyId).Count();
companyUserLimit = companiesRep.GetEntity(CurrentUser.CompanyId).UsersLimit;
}
catch
{
return(null);
}
}
return(companyUserCount < companyUserLimit);
}
public ActionResult EditPending(PendingUser user, string[] roleNames)
{
if (Authorized(RoleType.SystemManager))
{
if (ModelState.IsValid)
{
PendingUser userFromDatabase;
using (PendingUsersRepository pendingUserRep = new PendingUsersRepository())
{
userFromDatabase = pendingUserRep.GetEntity(user.Id);
if (userFromDatabase != null)
{
if (userFromDatabase.CompanyId != CurrentUser.CompanyId)
{
return(Error(Loc.Dic.error_no_permission));
}
RoleType combinedRoles = RoleType.None;
List <RoleType> forbiddenRoles = GetForbiddenRoles();
foreach (string roleName in roleNames)
{
RoleType role;
if (Enum.TryParse(roleName, out role) && !forbiddenRoles.Contains(role))
{
combinedRoles = Roles.CombineRoles(combinedRoles, role);
}
else
{
return(Error(Loc.Dic.error_invalid_form));
}
}
userFromDatabase.Email = user.Email;
userFromDatabase.Roles = (int)combinedRoles;
userFromDatabase.OrdersApproverId = user.OrdersApproverId.HasValue && user.OrdersApproverId.Value == -1 ? null : user.OrdersApproverId;
pendingUserRep.Update(userFromDatabase);
return(RedirectToAction("Index"));
}
else
{
return(Error(Loc.Dic.error_user_not_found));
}
}
}
else
{
return(Error(ModelState));
}
}
else
{
return(Error(Loc.Dic.error_no_permission));
}
}
public ActionResult EditPending(int id = 0)
{
if (Authorized(RoleType.SystemManager))
{
PendingUser user;
List <SelectListItemDB> usersList = new List <SelectListItemDB> {
new SelectListItemDB()
{
Id = -1, Name = "(ללא) מאשר סופי"
}
};
using (UsersRepository usersRep = new UsersRepository(CurrentUser.CompanyId))
using (PendingUsersRepository pendingUserRep = new PendingUsersRepository())
{
user = pendingUserRep.GetEntity(id);
usersList.AddRange(usersRep.GetList().Where(u => u.CompanyId == CurrentUser.CompanyId && ((RoleType)u.Roles & RoleType.OrdersApprover) == RoleType.OrdersApprover).Select(x => new SelectListItemDB()
{
Id = x.Id, Name = x.FirstName + " " + x.LastName
}));
}
if (user.CompanyId != CurrentUser.CompanyId)
{
return(Error(Loc.Dic.error_no_permission));
}
if (user != null)
{
ViewBag.OrdersApproverId = new SelectList(usersList, "Id", "Name", user.OrdersApproverId.HasValue ? user.OrdersApproverId.Value : -1);
List <string> roleNames = GetRoleNames();
ViewBag.RolesList = roleNames;
ViewBag.ExistingRoles =
Roles.GetAllRoles((RoleType)user.Roles)
.Select(x => x.ToString())
.ToList();
return(View(user));
}
else
{
return(Error(Loc.Dic.error_user_not_found));
}
}
else
{
return(Error(Loc.Dic.error_no_permission));
}
}
public ActionResult Index(int page = FIRST_PAGE, string sortby = NO_SORT_BY, string order = DEFAULT_ORDER)
{
if (!Authorized(RoleType.UsersManager))
{
return(Error(Loc.Dic.error_no_permission));
}
AllUsersModel model = new AllUsersModel();
IEnumerable <User> activeUsersQuery;
using (UsersRepository usersRep = new UsersRepository(CurrentUser.CompanyId))
using (PendingUsersRepository pendingUsersRep = new PendingUsersRepository())
using (CompaniesRepository companiesRep = new CompaniesRepository())
{
activeUsersQuery = usersRep.GetList().Where(x => x.CompanyId == CurrentUser.CompanyId && x.IsActive).ToList();
activeUsersQuery = Pagination(activeUsersQuery, page, sortby, order).ToList();
model.NonActiveUsers = usersRep.GetList().Where(x => x.CompanyId == CurrentUser.CompanyId && !x.IsActive).ToList();
Company company = companiesRep.GetEntity(CurrentUser.CompanyId);
if (model.NonActiveUsers == null)
{
return(Error(Loc.Dic.error_users_get_error));
}
if (activeUsersQuery == null)
{
return(Error(Loc.Dic.error_users_get_error));
}
if (company == null)
{
return(Error(Loc.Dic.error_database_error));
}
model.ActiveUsers = activeUsersQuery.ToList();
model.ActiveUsersCount = activeUsersQuery.Count();
model.CanceledUsersCount = model.NonActiveUsers.Count();
model.UsersLimit = companiesRep.GetEntity(CurrentUser.CompanyId).UsersLimit;
return(View(model));
}
}
private LogInResult ResponseIntoUser(IAuthenticationResponse response)
{
LogInResult logInResult = new LogInResult();
logInResult.IsAuthenticated = true;
var fetchResponse = response.GetExtension<FetchResponse>();
if (fetchResponse != null)
{
logInResult.User = new OpenIdUser(fetchResponse, response.ClaimedIdentifier);
using (AllUsersRepository userRep = new AllUsersRepository())
using (PendingUsersRepository pendingUserRep = new PendingUsersRepository())
{
User user = userRep.GetList().SingleOrDefault(x => x.Email == logInResult.User.Email);
if (user != null)
{
if (user.IsActive)
{
if (user.FirstName != logInResult.User.FirstName || user.LastName != logInResult.User.LastName)
{
user.FirstName = logInResult.User.FirstName;
user.LastName = logInResult.User.LastName;
userRep.Update(user);
}
logInResult.IsRegistered = true;
logInResult.User.UserId = user.Id;
return logInResult;
}
else
{
logInResult.IsRegistered = false;
logInResult.IsCanceled = true;
logInResult.User.UserId = user.Id;
return logInResult;
}
}
else
{
PendingUser pendingUser = pendingUserRep.GetList().SingleOrDefault(x => x.Email == logInResult.User.Email);
if (pendingUser != null)
{
User newUser = new User()
{
CompanyId = pendingUser.CompanyId,
Email = logInResult.User.Email,
FirstName = logInResult.User.FirstName,
LastName = logInResult.User.LastName,
CreationTime = DateTime.Now,
LastLogInTime = DateTime.Now,
Roles = pendingUser.Roles,
LanguageId = pendingUser.LanguageId,
IsActive = true
};
if (!userRep.Create(newUser))
return logInResult;
logInResult.User.UserId = newUser.Id;
pendingUserRep.Delete(pendingUser.Id);
logInResult.IsNewUser = true;
logInResult.IsRegistered = true;
return logInResult;
}
else
{
return logInResult;
}
}
}
}
else
{
return logInResult;
}
}
public ActionResult Create(User user, string[] roleNames)
{
if (!ModelState.IsValid)
{
List <string> allRoleNames = GetRoleNames();
List <SelectListItemDB> ApprovalRoutesList = new List <SelectListItemDB>()
{
new SelectListItemDB()
{
Id = -1, Name = Loc.Dic.NoApprovalRoute
}
};
SelectList languagesList;
using (ApprovalRoutesRepository routesRep = new ApprovalRoutesRepository(CurrentUser.CompanyId))
using (LanguagesRepository languagesRep = new LanguagesRepository())
{
ApprovalRoutesList.AddRange(
routesRep.GetList()
.Select(x => new SelectListItemDB()
{
Id = x.Id, Name = x.Name
})
);
languagesList = new SelectList(languagesRep.GetList().ToList(), "Id", "Name");
}
ViewBag.RolesList = allRoleNames;
ViewBag.RoutesList = new SelectList(ApprovalRoutesList, "Id", "Name");
ViewBag.LanguagesList = languagesList;
return(View(user));
}
if (user.DefaultApprovalRouteId == -1)
{
user.DefaultApprovalRouteId = null;
}
if (!Authorized(RoleType.SystemManager))
{
return(Error(Loc.Dic.error_no_permission));
}
int companyUserCount = 0;
int companyUserLimit = 0;
using (UsersRepository usersRep = new UsersRepository(CurrentUser.CompanyId))
using (ApprovalRoutesRepository routesRep = new ApprovalRoutesRepository(CurrentUser.CompanyId))
using (PendingUsersRepository pendingUsersRep = new PendingUsersRepository())
using (CompaniesRepository companiesRep = new CompaniesRepository())
{
if (user.DefaultApprovalRouteId.HasValue)
{
var route = routesRep.GetEntity(user.DefaultApprovalRouteId.Value);
if (route == null)
{
return(Error(Loc.Dic.error_invalid_form));
}
}
try
{
companyUserCount =
usersRep.GetList().Where(x => x.IsActive).Count() +
pendingUsersRep.GetList().Where(x => x.CompanyId == CurrentUser.CompanyId).Count();
companyUserLimit = companiesRep.GetEntity(CurrentUser.CompanyId).UsersLimit;
}
catch
{
return(Error(Loc.Dic.error_database_error));
}
bool userExists = usersRep.GetList().Any(x => x.CompanyId == CurrentUser.CompanyId && x.Email == user.Email);
bool pendingUserExists = pendingUsersRep.GetList().Any(x => x.CompanyId == CurrentUser.CompanyId && x.Email == user.Email);
if (userExists || pendingUserExists)
{
return(Error(Loc.Dic.error_users_exist_error));
}
}
if (companyUserCount >= companyUserLimit)
{
return(Error(Loc.Dic.error_users_limit_reached));
}
user.CompanyId = CurrentUser.CompanyId;
user.CreationTime = DateTime.Now;
RoleType combinedRoles = RoleType.None;
List <RoleType> forbiddenRoles = GetForbiddenRoles();
if (roleNames == null || roleNames.Count() == 0)
{
return(Error(Loc.Dic.error_invalid_form));
}
foreach (string roleName in roleNames)
{
RoleType role;
if (!Enum.TryParse(roleName, out role) || forbiddenRoles.Contains(role))
{
return(Error(Loc.Dic.error_invalid_form));
}
combinedRoles = Roles.CombineRoles(combinedRoles, role);
}
user.Roles = (int)combinedRoles;
user.DefaultApprovalRouteId = user.DefaultApprovalRouteId.HasValue && user.DefaultApprovalRouteId.Value == -1 ? null : user.DefaultApprovalRouteId;
using (UsersRepository usersRep = new UsersRepository(CurrentUser.CompanyId))
{
if (!usersRep.Create(user))
{
return(Error(Loc.Dic.error_users_create_error));
}
}
return(RedirectToAction("Index"));
}
private bool? CompanyCanAddUsers()
{
int companyUserCount = 0;
int companyUserLimit = 0;
using (UsersRepository usersRep = new UsersRepository(CurrentUser.CompanyId))
using (PendingUsersRepository pendingUsersRep = new PendingUsersRepository())
using (CompaniesRepository companiesRep = new CompaniesRepository())
{
try
{
companyUserCount =
usersRep.GetList().Where(x => x.CompanyId == CurrentUser.CompanyId && x.IsActive).Count() +
pendingUsersRep.GetList().Where(x => x.CompanyId == CurrentUser.CompanyId).Count();
companyUserLimit = companiesRep.GetEntity(CurrentUser.CompanyId).UsersLimit;
}
catch
{
return null;
}
}
return companyUserCount < companyUserLimit;
}
public ActionResult EditPending(PendingUser user, string[] roleNames)
{
if (Authorized(RoleType.SystemManager))
{
if (ModelState.IsValid)
{
PendingUser userFromDatabase;
using (PendingUsersRepository pendingUserRep = new PendingUsersRepository())
{
userFromDatabase = pendingUserRep.GetEntity(user.Id);
if (userFromDatabase != null)
{
if (userFromDatabase.CompanyId != CurrentUser.CompanyId)
return Error(Loc.Dic.error_no_permission);
RoleType combinedRoles = RoleType.None;
List<RoleType> forbiddenRoles = GetForbiddenRoles();
foreach (string roleName in roleNames)
{
RoleType role;
if (Enum.TryParse(roleName, out role) && !forbiddenRoles.Contains(role))
{
combinedRoles = Roles.CombineRoles(combinedRoles, role);
}
else
{
return Error(Loc.Dic.error_invalid_form);
}
}
userFromDatabase.Email = user.Email;
userFromDatabase.Roles = (int)combinedRoles;
userFromDatabase.OrdersApproverId = user.OrdersApproverId.HasValue && user.OrdersApproverId.Value == -1 ? null : user.OrdersApproverId;
pendingUserRep.Update(userFromDatabase);
return RedirectToAction("Index");
}
else
{
return Error(Loc.Dic.error_user_not_found);
}
}
}
else
{
return Error(ModelState);
}
}
else
{
return Error(Loc.Dic.error_no_permission);
}
}
public ActionResult Index(int page = FIRST_PAGE, string sortby = NO_SORT_BY, string order = DEFAULT_ORDER)
{
if (!Authorized(RoleType.UsersManager)) return Error(Loc.Dic.error_no_permission);
AllUsersModel model = new AllUsersModel();
IEnumerable<User> activeUsersQuery;
using (UsersRepository usersRep = new UsersRepository(CurrentUser.CompanyId))
using (PendingUsersRepository pendingUsersRep = new PendingUsersRepository())
using (CompaniesRepository companiesRep = new CompaniesRepository())
{
activeUsersQuery = usersRep.GetList().Where(x => x.CompanyId == CurrentUser.CompanyId && x.IsActive).ToList();
activeUsersQuery = Pagination(activeUsersQuery, page, sortby, order).ToList();
model.NonActiveUsers = usersRep.GetList().Where(x => x.CompanyId == CurrentUser.CompanyId && !x.IsActive).ToList();
Company company = companiesRep.GetEntity(CurrentUser.CompanyId);
if (model.NonActiveUsers == null) return Error(Loc.Dic.error_users_get_error);
if (activeUsersQuery == null) return Error(Loc.Dic.error_users_get_error);
if (company == null) return Error(Loc.Dic.error_database_error);
model.ActiveUsers = activeUsersQuery.ToList();
model.ActiveUsersCount = activeUsersQuery.Count();
model.CanceledUsersCount = model.NonActiveUsers.Count();
model.UsersLimit = companiesRep.GetEntity(CurrentUser.CompanyId).UsersLimit;
return View(model);
}
}
public ActionResult Create(User user, string[] roleNames)
{
if (!ModelState.IsValid)
{
List<string> allRoleNames = GetRoleNames();
List<SelectListItemDB> ApprovalRoutesList = new List<SelectListItemDB>() { new SelectListItemDB() { Id = -1, Name = Loc.Dic.NoApprovalRoute } };
SelectList languagesList;
using (ApprovalRoutesRepository routesRep = new ApprovalRoutesRepository(CurrentUser.CompanyId))
using (LanguagesRepository languagesRep = new LanguagesRepository())
{
ApprovalRoutesList.AddRange(
routesRep.GetList()
.Select(x => new SelectListItemDB() { Id = x.Id, Name = x.Name })
);
languagesList = new SelectList(languagesRep.GetList().ToList(), "Id", "Name");
}
ViewBag.RolesList = allRoleNames;
ViewBag.RoutesList = new SelectList(ApprovalRoutesList, "Id", "Name");
ViewBag.LanguagesList = languagesList;
return View(user);
}
if (user.DefaultApprovalRouteId == -1) user.DefaultApprovalRouteId = null;
if (!Authorized(RoleType.SystemManager)) return Error(Loc.Dic.error_no_permission);
int companyUserCount = 0;
int companyUserLimit = 0;
using (UsersRepository usersRep = new UsersRepository(CurrentUser.CompanyId))
using (ApprovalRoutesRepository routesRep = new ApprovalRoutesRepository(CurrentUser.CompanyId))
using (PendingUsersRepository pendingUsersRep = new PendingUsersRepository())
using (CompaniesRepository companiesRep = new CompaniesRepository())
{
if (user.DefaultApprovalRouteId.HasValue)
{
var route = routesRep.GetEntity(user.DefaultApprovalRouteId.Value);
if (route == null) return Error(Loc.Dic.error_invalid_form);
}
try
{
companyUserCount =
usersRep.GetList().Where(x => x.IsActive).Count() +
pendingUsersRep.GetList().Where(x => x.CompanyId == CurrentUser.CompanyId).Count();
companyUserLimit = companiesRep.GetEntity(CurrentUser.CompanyId).UsersLimit;
}
catch
{
return Error(Loc.Dic.error_database_error);
}
bool userExists = usersRep.GetList().Any(x => x.CompanyId == CurrentUser.CompanyId && x.Email == user.Email);
bool pendingUserExists = pendingUsersRep.GetList().Any(x => x.CompanyId == CurrentUser.CompanyId && x.Email == user.Email);
if (userExists || pendingUserExists)
return Error(Loc.Dic.error_users_exist_error);
}
if (companyUserCount >= companyUserLimit) return Error(Loc.Dic.error_users_limit_reached);
user.CompanyId = CurrentUser.CompanyId;
user.CreationTime = DateTime.Now;
RoleType combinedRoles = RoleType.None;
List<RoleType> forbiddenRoles = GetForbiddenRoles();
if (roleNames == null || roleNames.Count() == 0) return Error(Loc.Dic.error_invalid_form);
foreach (string roleName in roleNames)
{
RoleType role;
if (!Enum.TryParse(roleName, out role) || forbiddenRoles.Contains(role)) return Error(Loc.Dic.error_invalid_form);
combinedRoles = Roles.CombineRoles(combinedRoles, role);
}
user.Roles = (int)combinedRoles;
user.DefaultApprovalRouteId = user.DefaultApprovalRouteId.HasValue && user.DefaultApprovalRouteId.Value == -1 ? null : user.DefaultApprovalRouteId;
using (UsersRepository usersRep = new UsersRepository(CurrentUser.CompanyId))
{
if (!usersRep.Create(user)) return Error(Loc.Dic.error_users_create_error);
}
return RedirectToAction("Index");
}
public ActionResult EditPending(int id = 0)
{
if (Authorized(RoleType.SystemManager))
{
PendingUser user;
List<SelectListItemDB> usersList = new List<SelectListItemDB> { new SelectListItemDB() { Id = -1, Name = "(ללא) מאשר סופי" } };
using (UsersRepository usersRep = new UsersRepository(CurrentUser.CompanyId))
using (PendingUsersRepository pendingUserRep = new PendingUsersRepository())
{
user = pendingUserRep.GetEntity(id);
usersList.AddRange(usersRep.GetList().Where(u => u.CompanyId == CurrentUser.CompanyId && ((RoleType)u.Roles & RoleType.OrdersApprover) == RoleType.OrdersApprover).Select(x => new SelectListItemDB() { Id = x.Id, Name = x.FirstName + " " + x.LastName }));
}
if (user.CompanyId != CurrentUser.CompanyId)
return Error(Loc.Dic.error_no_permission);
if (user != null)
{
ViewBag.OrdersApproverId = new SelectList(usersList, "Id", "Name", user.OrdersApproverId.HasValue ? user.OrdersApproverId.Value : -1);
List<string> roleNames = GetRoleNames();
ViewBag.RolesList = roleNames;
ViewBag.ExistingRoles =
Roles.GetAllRoles((RoleType)user.Roles)
.Select(x => x.ToString())
.ToList();
return View(user);
}
else
{
return Error(Loc.Dic.error_user_not_found);
}
}
else
{
return Error(Loc.Dic.error_no_permission);
}
}
public ActionResult DeletePendingConfirmed(int id)
{
if (Authorized(RoleType.SystemManager))
{
PendingUser user;
using (PendingUsersRepository pendingUserRep = new PendingUsersRepository())
{
user = pendingUserRep.GetEntity(id);
if (user == null)
{
return Error(Loc.Dic.error_user_not_found);
}
if (user.CompanyId != CurrentUser.CompanyId)
{
return Error(Loc.Dic.error_no_permission);
}
pendingUserRep.Delete(user.Id);
}
return RedirectToAction("Index");
}
else
{
return Error(Loc.Dic.error_no_permission);
}
}
public ActionResult DeletePending(int id = 0)
{
if (Authorized(RoleType.SystemManager))
{
PendingUser user;
using (PendingUsersRepository userRep = new PendingUsersRepository())
{
user = userRep.GetEntity(id, "User");
}
if (user == null)
{
return Error(Loc.Dic.error_user_not_found);
}
if (user.CompanyId != CurrentUser.CompanyId)
{
return Error(Loc.Dic.error_no_permission);
}
return View(user);
}
else
{
return Error(Loc.Dic.error_no_permission);
}
}
private LogInResult ResponseIntoUser(IAuthenticationResponse response)
{
LogInResult logInResult = new LogInResult();
logInResult.IsAuthenticated = true;
var fetchResponse = response.GetExtension <FetchResponse>();
if (fetchResponse != null)
{
logInResult.User = new OpenIdUser(fetchResponse, response.ClaimedIdentifier);
using (AllUsersRepository userRep = new AllUsersRepository())
using (PendingUsersRepository pendingUserRep = new PendingUsersRepository())
{
User user = userRep.GetList().SingleOrDefault(x => x.Email == logInResult.User.Email);
if (user != null)
{
if (user.IsActive)
{
if (user.FirstName != logInResult.User.FirstName || user.LastName != logInResult.User.LastName)
{
user.FirstName = logInResult.User.FirstName;
user.LastName = logInResult.User.LastName;
userRep.Update(user);
}
logInResult.IsRegistered = true;
logInResult.User.UserId = user.Id;
return(logInResult);
}
else
{
logInResult.IsRegistered = false;
logInResult.IsCanceled = true;
logInResult.User.UserId = user.Id;
return(logInResult);
}
}
else
{
PendingUser pendingUser = pendingUserRep.GetList().SingleOrDefault(x => x.Email == logInResult.User.Email);
if (pendingUser != null)
{
User newUser = new User()
{
CompanyId = pendingUser.CompanyId,
Email = logInResult.User.Email,
FirstName = logInResult.User.FirstName,
LastName = logInResult.User.LastName,
CreationTime = DateTime.Now,
LastLogInTime = DateTime.Now,
Roles = pendingUser.Roles,
LanguageId = pendingUser.LanguageId,
IsActive = true
};
if (!userRep.Create(newUser))
{
return(logInResult);
}
logInResult.User.UserId = newUser.Id;
pendingUserRep.Delete(pendingUser.Id);
logInResult.IsNewUser = true;
logInResult.IsRegistered = true;
return(logInResult);
}
else
{
return(logInResult);
}
}
}
}
else
{
return(logInResult);
}
}
