Beispiel #1
0
        public UserDO GetUserByID(int UserID)
        {
            UserDO user = new UserDO();

            try
            {
                using (SqlConnection connection = new SqlConnection(connectionString))
                {
                    SqlCommand command = new SqlCommand("VIEW_USER_BY_ID", connection);
                    command.CommandType = CommandType.StoredProcedure;
                    connection.Open();
                    command.Parameters.AddWithValue("@userID", UserID);
                    SqlDataReader reader = command.ExecuteReader();
                    reader.Read();
                    user.UserID       = reader.GetInt64(0);
                    user.FullName     = reader.GetString(1);
                    user.UserName     = reader.GetString(2);
                    user.UserPassword = reader.GetString(3);
                    user.RoleID       = reader.GetInt64(4);
                    user.Email        = reader.GetString(5);
                    connection.Close();
                    command.Dispose();
                    connection.Dispose();
                }
            }
            catch (Exception ex)
            {
                ErrorLog error = new ErrorLog();
                error.Log(ex, "GetUserByID", "DAL", "Error");
            }
            return(user);
        }
Beispiel #2
0
        /// <summary>
        /// Filters data while reading from the database
        /// </summary>
        /// <param name="reader">SqlDataReader to read from the database</param>
        /// <returns>Returns a UserDO with no null values</returns>
        public UserDO MapReaderToSingle(SqlDataReader reader)
        {
            UserDO userDO = new UserDO();

            if (reader["UserID"] != DBNull.Value)
            {
                userDO.UserID = (int)reader["UserID"];
            }
            if (reader["FirstName"] != DBNull.Value)
            {
                userDO.FirstName = (string)reader["FirstName"];
            }
            if (reader["LastName"] != DBNull.Value)
            {
                userDO.LastName = (string)reader["LastName"];
            }
            if (reader["Username"] != DBNull.Value)
            {
                userDO.Username = (string)reader["Username"];
            }
            if (reader["Password"] != DBNull.Value)
            {
                userDO.Password = (string)reader["Password"];
            }
            if (reader["Email"] != DBNull.Value)
            {
                userDO.Email = (string)reader["Email"];
            }
            if (reader["RoleID"] != DBNull.Value)
            {
                userDO.RoleID = (int)reader["RoleID"];
            }
            return(userDO);
        }
Beispiel #3
0
        public void CreateNewUser(UserDO user)
        {
            try
            {
                using (SqlConnection sqlCon = new SqlConnection(connectionString))
                    using (SqlCommand sqlCMD = new SqlCommand("USERS_CREATE", sqlCon))
                    {
                        sqlCMD.CommandType = System.Data.CommandType.StoredProcedure;

                        sqlCMD.Parameters.AddWithValue("UserName", user.UserName);
                        sqlCMD.Parameters.AddWithValue("UserPass", user.Password);
                        sqlCMD.Parameters.AddWithValue("Role", user.Role);
                        sqlCMD.Parameters.AddWithValue("FirstName", user.FirstName);
                        sqlCMD.Parameters.AddWithValue("LastName", user.LastName);
                        sqlCMD.Parameters.AddWithValue("Banned", user.Banned);
                        sqlCMD.Parameters.AddWithValue("Inactive", user.Inactive);
                        sqlCMD.Parameters.AddWithValue("Salt", user.Salt);

                        sqlCon.Open();
                        sqlCMD.ExecuteNonQuery();
                    }
            }
            catch (SqlException sqlEx)
            {
                Logger.LogSqlException(sqlEx);
            }
        }
Beispiel #4
0
        public IHttpActionResult PutUserDO(int id, UserDO userDO)
        {
            if (!ModelState.IsValid)
            {
                return(BadRequest(ModelState));
            }

            if (id != userDO.UserDOID)
            {
                return(BadRequest());
            }

            db.Entry(userDO).State = EntityState.Modified;

            try
            {
                db.SaveChanges();
            }
            catch (DbUpdateConcurrencyException)
            {
                if (!UserDOExists(id))
                {
                    return(NotFound());
                }
                else
                {
                    throw;
                }
            }

            return(StatusCode(HttpStatusCode.NoContent));
        }
Beispiel #5
0
        public ActionResult UpdateUser(UserViewModel userInfo)
        {
            ActionResult response = null;

            try
            {
                if ((Int64)Session["RoleID"] == 3)
                {
                    UserPO  form = userInfo.Form;
                    UserMap map  = new UserMap();
                    if (ModelState.IsValid)
                    {
                        UserDO userObject = map.UserPOToDO(form);
                        userDL.UpdateUser(userObject);
                        response = RedirectToAction("UserIndex");
                    }
                    else
                    {
                        response = View(userInfo);
                    }
                }
                else
                {
                    response = RedirectToAction("Index", "Home");
                }
            }
            catch (SqlException sqlEx)
            {
                userInfo.message = new ExceptionAnalysis().GenerateResponse(sqlEx);
                response         = View(userInfo);
            }
            return(response);
        }
Beispiel #6
0
        public ActionResult UpdateUser(UserPO form)
        {
            ActionResult response = null;

            try
            {
                _logger.LogMessage("Info", "Update User Post", MethodBase.GetCurrentMethod().ToString(),
                                   "Request to update information for user with ID #" + form.UserID + " received from user with ID #" + Session["ID"] + ".");
                if (ModelState.IsValid)
                {
                    _logger.LogMessage("Info", "Model State check passed", MethodBase.GetCurrentMethod().ToString(),
                                       "UserPO form model state is valid.");
                    //Allow role changes if updater is admin
                    if ((int.TryParse(Session["Role"].ToString(), out int role) && role >= 3) ||
                        (TempData["initialRole"] != null && (int)TempData["initialRole"] == form.RoleID))
                    {
                        //Under no circumstances allow altered UserID
                        if (TempData["initialID"] != null && (int)TempData["initialID"] == form.UserID)
                        {
                            _logger.LogMessage("Attempting to map User PO to DO.");
                            UserDO userDO = Mapping.Mapper.UserPOtoDO(form);
                            _userDAO.UpdateUser(userDO);

                            if (TempData["updatingSelf"] != null &&
                                TempData["updatingSelf"].ToString() == "true")
                            {
                                TempData.Remove("updatingSelf");
                                //reset session in case own username was changed
                                SetSession(form.Username, form.RoleID);
                            }
                            else
                            {
                            }
                            TempData["updateSuccess"] = "User information updated.";
                            response = RedirectToAction("UserDetails", "Account", new { username = form.Username });
                        }
                        else
                        {
                            _logger.LogMessage("Warning", "User Update forbidden", MethodBase.GetCurrentMethod().ToString(),
                                               "User ID could not be verified or failed verification. Attempt to submit update form with altered User ID was denied.");
                            TempData["noPermission"] = "An error has been encountered. You have been returned to the home page.";
                            response = RedirectToAction("Index", "Home");
                        }
                    }
                    else
                    {
                        _logger.LogMessage("Warning", "User Update forbidden", MethodBase.GetCurrentMethod().ToString(),
                                           "Non admin with User ID#" + Session["ID"].ToString() + " and username '" + Session["Username"].ToString() + "' attempted to change user role.");
                        TempData["noPermission"] = "An error has been encountered. You have been returned to the home page.";
                        response = RedirectToAction("Index", "Home");
                    }
                }
                else
                {
                    _logger.LogMessage("Warning", "Model State check failed", MethodBase.GetCurrentMethod().ToString(),
                                       "UserPO form model state was not valid. Returning user to View.");
                    FillRoleDropDown(form);
                    response = View(form);
                }
            }
        public ActionResult UpdateUser(int UserID)
        {
            UserDO       item     = null;
            UserPO       display  = null;
            ActionResult response = RedirectToAction("Index", "Home");

            if (Session["RoleID"] != null && ((int)Session["RoleID"] == 3))
            {
                try
                {
                    //Make sure password is not being called
                    item    = _dataAccess.ReadIndividualUserByID(UserID);
                    display = UserMappers.UserDOtoPO(item);
                }

                catch (Exception exception)
                {
                    ErrorLogger.LogExceptions(exception);
                    response = View(UserID);
                }

                finally
                { }

                response = View(display);
            }

            else
            {
                response = RedirectToAction("Index", "Home");
            }

            return(response);
        }
        public ActionResult UpdateUser(int specificUser = default(int))
        {
            ActionResult response = null;

            //Only registered users can update their information.
            if (Session["UserRole"] != null)
            {
                //The user accessing the update page must be updating their own information, unless they are admin.
                if (specificUser != (int)Session["UserID"] && (int)Session["UserRole"] != 1)
                {
                    //Make them match if they don't.
                    specificUser = (int)Session["UserID"];
                }
                try
                {
                    //Populate the form with the user's current information.
                    UserDO userObject  = _dataAccess.UserDetails(specificUser);
                    UserPO displayUser = Mapper.UserDOtoPO(userObject);
                    response = View(displayUser);
                }
                catch (Exception ex)
                {
                    //If there is an issue, send the user to the game's index.
                    Logger.Log(ex);
                    response = RedirectToAction("Index", "Games");
                }
                finally { }
            }
            else
            {
                //If the user has lost session, redirect them.
                response = RedirectToAction("Index", "Games");
            }
            return(response);
        }
 //Set session upon login, storing their username, userId and their given role.
 private void SetSession(UserDO user)
 {
     Session["Username"] = user.Username;
     Session["UserID"]   = user.UserID;
     Session["UserRole"] = user.RoleID;
     Session.Timeout     = 10;
 }
Beispiel #10
0
        public ActionResult Register(UserPO form)
        {
            //Declaring local variables
            ActionResult oResponse = RedirectToAction("Login", "Account");

            if (ModelState.IsValid)
            {
                try
                {
                    form.RoleID = 3;
                    UserDO dataObject = UserMapper.MapPOtoDO(form);
                    dataAccess.CreateUser(dataObject);

                    TempData["Message"] = $"{form.Username} was created successfully.";
                }
                catch (Exception ex)
                {
                    oResponse           = View(form);
                    TempData["Message"] = "Fail";
                }
            }
            else
            {
                oResponse = View(form);
            }

            return(oResponse);
        }
        public ActionResult UserDetails(int specificUser = default(int))
        {
            ActionResult response = null;

            //Only accessiblle to signed in users.
            if (Session["UserRole"] != null)
            {
                //The details page must match the user Id of the user requesting, or be an admin.
                if (specificUser != (int)Session["UserID"] && (int)Session["UserRole"] != 1)
                {
                    //Make them match if they don't.
                    specificUser = (int)Session["UserID"];
                }
                try
                {
                    //Get and display the users information.
                    UserDO userObject  = _dataAccess.UserDetails(specificUser);
                    UserPO displayUser = Mapper.UserDOtoPO(userObject);
                    response = View(displayUser);
                }
                catch (Exception ex)
                {
                    Logger.Log(ex);
                    //If there is an issue getting the user's details, sent the user to the Index of Games.
                    response = RedirectToAction("Index", "Games");
                }
                finally { }
            }
            else
            {
                //Redirect if the user does not have session.
                response = RedirectToAction("Index", "Games");
            }
            return(response);
        }
Beispiel #12
0
        public ActionResult Create(UserPO form)
        {
            ActionResult oResponse = RedirectToAction("Index", "Account");

            //Validation check
            if (ModelState.IsValid)
            {
                try
                {
                    //Passing dataObjects mapped from PO to DO for CreateUser()
                    UserDO dataObject = UserMapper.MapPOtoDO(form);
                    dataAccess.CreateUser(dataObject);

                    TempData["Message"] = $"{form.Username} was created successfully.";
                }
                catch (Exception ex)
                {
                    oResponse           = View(form);
                    TempData["Message"] = "Fail";
                }
            }
            else
            {
                oResponse = View(form);
            }

            return(oResponse);
        }
Beispiel #13
0
        //Method that allows user to input the information they want to update
        public ActionResult UpdateUser(int UserId)
        {
            //declaring object using model PlayerPO
            UserPO userToUpdate = new UserPO();

            //Beginning of processes
            try
            {
                //declare List using Model UserDO, and use it to store all information on the game recovered by using a DAL access call
                UserDO item = _dataAccess.UserReadByID(UserId);
                //assign all data to object using a mapper
                userToUpdate = MapUserTF.UserDOtoPO(item);
            }
            //catch to record any exceptions that crop up
            catch (Exception ex)
            {
                //call to method to record necessary information
                ErrorFile.ErrorHandlerPL(ex);
            }
            //finally to tie up any loose ends
            finally
            { }
            //Sends the data in the list to the view to be seen by the user.
            return(View(userToUpdate));
        }
Beispiel #14
0
 public void UpdateUser(UserDO userObject)
 {
     try
     {
         using (SqlConnection connection = new SqlConnection(connectionString))
         {
             SqlCommand command = new SqlCommand("UPDATE_USER", connection);
             command.CommandType = CommandType.StoredProcedure;
             connection.Open();
             command.Parameters.AddWithValue("@userID", userObject.UserID);
             command.Parameters.AddWithValue("@fullName", userObject.FullName);
             command.Parameters.AddWithValue("@userName", userObject.UserName);
             command.Parameters.AddWithValue("@userPassword", userObject.UserPassword);
             command.Parameters.AddWithValue("@roleID", userObject.RoleID);
             command.Parameters.AddWithValue("@email", userObject.Email);
             command.ExecuteNonQuery();
             connection.Close();
             command.Dispose();
             connection.Dispose();
         }
     }
     catch (SqlException sqlEx)
     {
         ErrorLog error = new ErrorLog();
         error.Log(sqlEx, "UpdateUser", "SQL", "Error");
         throw sqlEx;
     }
     catch (Exception ex)
     {
         ErrorLog error = new ErrorLog();
         error.Log(ex, "UpdateUser", "DAL", "Error");
     }
 }
        public IActionResult Create([FromBody] UserVO user)
        {
            var userDO = new UserDO
            {
                UserNumber   = user.UserNumber,
                UserPassword = user.UserPassword,
                Email        = user.Email,
                Radio        = user.Radio,
                City         = user.City,
                Date         = user.Date
            };

            try
            {
                var inserteduser = _userService.Insert(userDO);

                return(Json(new
                {
                    code = "success",
                    data = inserteduser
                }));
            }
            catch (Exception ex)
            {
                return(Json(new
                {
                    code = "fail",
                    message = ex.Message
                }));
            }
        }
Beispiel #16
0
        //INFO: Return all users in the database.
        public List <UserDO> GetUsers()
        {
            List <UserDO> UserDOs = new List <UserDO>();

            using (riverkeeperEntities RKEntities = new riverkeeperEntities())
            {
                List <User> Users = (from u in RKEntities.Users
                                     select u).ToList();
                foreach (var user in Users)
                {
                    if (user != null)
                    {
                        UserDO userDO = new UserDO()
                        {
                            FirstName    = user.FirstName,
                            LastName     = user.LastName,
                            PhoneNumber  = user.PhoneNumber,
                            Type         = user.Type,
                            EmailAddress = user.EmailAddress,
                            ZipCode      = user.ZipCode
                        };
                        UserDOs.Add(userDO);
                    }
                    if (user == null)
                    {
                        throw new Exception("No user in DB");
                    }
                }
            }
            return(UserDOs);
        }
Beispiel #17
0
        protected void lbSave_Click(object sender, EventArgs e)
        {
            User   u   = new User();
            UserDO udo = new UserDO();

            u = CollectUser();

            if (Request["New"] != null)
            {
                int id = udo.CreateUser(u);
                if (id > 0)
                {
                    nlUser.SetCleanNotification("Пользователь успешно создан. ID=" + id.ToString());
                }
                else
                {
                    nlUser.SetDirtyNotification("Произошла ошибка при создании пользователя");
                }
            }
            else
            {
                bool ok = udo.UpdateUser(u);
                if (ok)
                {
                    nlUser.SetCleanNotification("Пользователь успешно обновлен.");
                }
                else
                {
                    nlUser.SetDirtyNotification("Произошла ошибка при обновлении пользователя");
                }
            }
        }
Beispiel #18
0
        public UserDO MapReadToSingle(SqlDataReader reader)
        {
            UserDO result = new UserDO();

            if (reader["UserID"] != DBNull.Value)
            {
                result.UserId = (long)reader["UserID"];
            }
            if (reader["UserName"] != DBNull.Value)
            {
                result.Username = (string)reader["UserName"];
            }
            if (reader["Pass"] != DBNull.Value)
            {
                result.Password = (string)reader["Pass"];
            }
            if (reader["RoleID"] != DBNull.Value)
            {
                result.Role = (long)reader["RoleID"];
            }
            if (reader["Email"] != DBNull.Value)
            {
                result.Email = (string)reader["Email"];
            }
            if (reader["Address"] != DBNull.Value)
            {
                result.Address = (string)reader["Address"];
            }
            if (reader["Country"] != DBNull.Value)
            {
                result.Country = (string)reader["Address"];
            }
            return(result);
        }
Beispiel #19
0
        public PinzCustomPrincipal(IIdentity client)
        {
            this.Identity = client;

            PinzDbContext dbContext = new PinzDbContext("pinzDBConnectionString");

            roles = new List <string>();
            if (Identity.IsAuthenticated)
            {
                roles.Add(USER);
            }

            UserDO user = dbContext.Users.Single(u => u.EMail == Identity.Name);

            if (user.ProjectStaff.Any(ps => ps.IsProjectAdmin == true))
            {
                roles.Add(PROJECT_ADMIN);
            }
            if (user.IsCompanyAdmin)
            {
                roles.Add(PROJECT_ADMIN);
                roles.Add(COMPANY_ADMIN);
            }
            if (user.IsPinzSuperAdmin)
            {
                roles.Add(PROJECT_ADMIN);
                roles.Add(COMPANY_ADMIN);
                roles.Add(PINZ_SUPERADMIN);
            }
        }
        public UserDO ViewUserByUsername(string username)
        {
            UserDO userObject = new UserDO();

            try
            {
                using (SqlConnection sqlConnection = new SqlConnection(connectionString))
                {
                    SqlCommand sqlCommand = new SqlCommand("VIEW_USER_BY_USERNAME", sqlConnection);
                    sqlCommand.CommandType = CommandType.StoredProcedure;
                    sqlCommand.Parameters.AddWithValue("@Username", username);
                    sqlConnection.Open();
                    SqlDataReader sqlDataReader = sqlCommand.ExecuteReader();
                    while (sqlDataReader.Read())
                    {
                        userObject              = new UserDO();
                        userObject.UserID       = sqlDataReader.GetInt64(0);
                        userObject.CompleteName = sqlDataReader.GetString(1).Trim();
                        userObject.UserName     = sqlDataReader.GetString(2).Trim();
                        userObject.Password     = sqlDataReader.GetString(3).Trim();
                        userObject.RoleID       = sqlDataReader.GetInt32(4);
                    }
                    sqlConnection.Close();
                    sqlConnection.Dispose();
                    sqlCommand.Dispose();
                }
            }
            catch (Exception exc)
            {
                LoggingDataAccessLayer.LogViewUserByUsername(exc);
            }
            return(userObject);
        }
        public ActionResult UpdateUser(UserPO form)
        {
            ActionResult response = null;

            if (Session["RoleID"] != null && ((int)Session["RoleID"] == 3))
            {
                if (ModelState.IsValid)
                {
                    try
                    {
                        UserDO dataObject = UserMappers.UserPOtoDOWithoutPassword(form);
                        _dataAccess.UpdateUser(dataObject);
                        response = RedirectToAction("Index", "User");
                    }

                    catch (Exception exception)
                    {
                        ErrorLogger.LogExceptions(exception);
                        response = View(form);
                    }

                    finally
                    { }
                }

                else
                {
                    response = View(form);
                }
            }

            return(response);
        }
 public void UpdateUser(UserDO userUpdateDO)
 {
     try
     {
         using (SqlConnection sqlConnection = new SqlConnection(connectionString))
         {
             SqlCommand sqlCommand = new SqlCommand("UPDATE_USER", sqlConnection);
             sqlCommand.CommandType = CommandType.StoredProcedure;
             sqlConnection.Open();
             sqlCommand.Parameters.AddWithValue("@UserID", userUpdateDO.UserID);
             sqlCommand.Parameters.AddWithValue("@CompleteName", userUpdateDO.CompleteName);
             sqlCommand.Parameters.AddWithValue("@UserName", userUpdateDO.UserName);
             sqlCommand.Parameters.AddWithValue("@Password", userUpdateDO.Password);
             sqlCommand.Parameters.AddWithValue("@RoleID", userUpdateDO.RoleID);
             sqlCommand.ExecuteNonQuery();
             sqlConnection.Close();
             sqlConnection.Dispose();
             sqlCommand.Dispose();
         }
     }
     catch (Exception exc)
     {
         LoggingDataAccessLayer.LogCreateUser(exc);
     }
 }
Beispiel #23
0
        public ActionResult Login(LoginViewModel model, string returnUrl)
        {
            if (ModelState.IsValid)
            {
                try {
                    UserDO user = UserBL.GetUserDOByUsername(model.Username);

                    if (UserBL.IsUserAuthenticationCorrect(user, model.Username, model.Password))
                    {
                        EmptySession( );
                        FormsAuthentication.SetAuthCookie(model.Username, model.RememberMe);
                        Session.Add("User", user);

                        if (Url.IsLocalUrl(returnUrl) && returnUrl.Length > 1 && returnUrl.StartsWith("/") && !returnUrl.StartsWith("//") && !returnUrl.StartsWith("/\\"))
                        {
                            return(Redirect(returnUrl));
                        }
                        else
                        {
                            return(RedirectToAction("Index", "Home"));
                        }
                    }
                } catch (BusinessException ex) {
                    ModelState.AddModelError("LogonError", ex.Message);
                }
            }

            return(View( ));
        }
        public bool RegisterUser(UserDO newUser)
        {
            bool success = false;

            try
            {
                using (SqlConnection sqlConnection = new SqlConnection(connectionString))
                {
                    SqlCommand sqlCommand = new SqlCommand("REGISTER_USER", sqlConnection);
                    sqlCommand.CommandType = CommandType.StoredProcedure;
                    sqlCommand.Parameters.AddWithValue("@CompleteName", newUser.CompleteName);
                    sqlCommand.Parameters.AddWithValue("@UserName", newUser.UserName);
                    sqlCommand.Parameters.AddWithValue("@Password", newUser.Password);
                    sqlCommand.Parameters.AddWithValue("@RoleID", newUser.RoleID);
                    sqlConnection.Open();
                    success = sqlCommand.ExecuteNonQuery() > 0;
                    sqlConnection.Close();
                    sqlConnection.Dispose();
                    sqlCommand.Dispose();
                }
            }
            catch (Exception exc)
            {
                LoggingDataAccessLayer.LogRegisterUser(exc);
            }
            return(success);
        }
Beispiel #25
0
        public ActionResult CreateUser(UserViewModel userInfo)
        {
            ActionResult response = null;

            try
            {
                if (Session["UserName"] == null)
                {
                    UserPO form = userInfo.Form;
                    if (ModelState.IsValid)
                    {
                        UserMap map        = new UserMap();
                        UserDO  userObject = map.UserPOToDO(form);
                        userObject.RoleID = 1;
                        userDL.CreateUser(userObject);
                        response = RedirectToAction("Login", "Account");
                    }
                    else
                    {
                        response = View(userInfo);
                    }
                }
                else
                {
                    response = RedirectToAction("Index", "Home");
                }
            }
            catch (SqlException sqlEx)
            {
                //What about the exception do we wish to analyze?
                userInfo.message = new ExceptionAnalysis().GenerateResponse(sqlEx);
                response         = View(userInfo);
            }
            return(response);
        }
Beispiel #26
0
        //View by the username to see if form is valid if it is then let them view the store else return form.
        public ActionResult Login(Login form)
        {
            ActionResult response;

            try
            {
                if (ModelState.IsValid)
                {
                    UserDO userDataObject = _UserDataAccess.ViewUserByUserName(form.UserName);

                    if (userDataObject.Username.Equals(form.UserName) && userDataObject.Email.Equals(form.Email) && userDataObject.Password.Equals(form.Password))
                    {
                        Session["Username"]  = userDataObject.Username;
                        Session["UserID"]    = userDataObject.UserId;
                        Session["RoleName"]  = userDataObject.RoleName;
                        userDataObject.Email = form.Email;
                        response             = RedirectToAction("Store", "PC");
                    }
                    else
                    {
                        response = View(form);
                    }
                }
                else
                {
                    response = View(form);
                }
            }
            catch
            {
                response = View(form);
            }
            return(response);
        }
Beispiel #27
0
        ///<summary>
        /// Updates information for a User
        /// first,last, email, team, role  (Admin, SM,TL)
        /// </summary>
        public ActionResult UpdateUserInfo(UserViewModel userToUpdateVM)
        {
            ActionResult oResponse = null;

            // Ensure user is authenticated
            if (ModelState.IsValid)
            {
                try
                {
                    //TODO: Map userCred and Team for update

                    // Map user from presentation to data objects
                    UserDO userUpdateDO = Mapper.Map <UserPO, UserDO>(userToUpdateVM.User);

                    // Passes form to be updated
                    _uda.UpdateUser(userUpdateDO);

                    oResponse = View("ViewUserByUserID", userToUpdateVM.User.UserID);
                }
                catch (Exception ex)
                {
                    ErrorLogger.LogError(ex, "UpdateUserInfo", "Account");
                    userToUpdateVM.ErrorMessage = "The was an issue with updating employee information. Please try again. If the problem persists contact your IT department.";

                    oResponse = View(userToUpdateVM);
                }
            }
            else
            {
                oResponse = View(userToUpdateVM);
            }
            return(oResponse);
        }
Beispiel #28
0
        public ActionResult Delete(string username)
        {
            ActionResult response;
            string       userName = (string)Session["UserName"];

            if (username != userName)
            {
                UserDO user        = _UserDataAccess.ViewUserByUserName(username);
                User   deletedUser = _mapper.MapDOtoPO(user);
                long   userID      = deletedUser.UserID;
                //Make sure that ID isnt 0
                if (userID > 0)
                {
                    _UserDataAccess.DeleteUser(userID);
                    response = RedirectToAction("ViewUsers", "Account");
                }
                else
                {
                    response = RedirectToAction("ViewUsers", "Account");
                }
            }
            else
            {
                response = RedirectToAction("Index", "Home");
            }
            return(response);
        }
Beispiel #29
0
        public UserDO ViewSingleUser(int id)
        {
            UserDO user = new UserDO();

            try
            {
                using (SqlConnection sqlCon = new SqlConnection(connectionString))
                    using (SqlCommand sqlCMD = new SqlCommand("USERS_VIEW_SINGLE", sqlCon))
                    {
                        sqlCMD.CommandType = System.Data.CommandType.StoredProcedure;
                        sqlCMD.Parameters.AddWithValue("UserID", id);

                        sqlCon.Open();

                        using (SqlDataReader reader = sqlCMD.ExecuteReader())
                        {
                            if (reader.Read())
                            {
                                user = Mapper.MapSingleUser(reader);
                            }
                        }
                    }
            }
            catch (SqlException sqlEx)
            {
                Logger.LogSqlException(sqlEx);
            }
            return(user);
        }
Beispiel #30
0
        public List <UserDO> ViewUsers()
        {
            List <UserDO> userList = new List <UserDO>();

            try
            {
                using (SqlConnection connection = new SqlConnection(connectionString))
                {
                    SqlCommand command = new SqlCommand("VIEW_USERS", connection);
                    command.CommandType = CommandType.StoredProcedure;
                    connection.Open();
                    SqlDataReader reader = command.ExecuteReader();
                    while (reader.Read())
                    {
                        UserDO userObject = new UserDO();
                        userObject.UserID       = reader.GetInt64(0);
                        userObject.FullName     = reader.GetString(1);
                        userObject.UserName     = reader.GetString(2);
                        userObject.UserPassword = reader.GetString(3);
                        userObject.RoleID       = reader.GetInt64(4);
                        userObject.Email        = reader.GetString(5);
                        userList.Add(userObject);
                    }
                    connection.Close();
                    command.Dispose();
                    connection.Dispose();
                }
            }
            catch (Exception ex)
            {
                ErrorLog error = new ErrorLog();
                error.Log(ex, "ViewUsers", "DAL", "Error");
            }
            return(userList);
        }