public IActionResult GetOpenLessonsChartData()
{
LessonBusiness lessonManager = new LessonBusiness(DbContext);
UserSessionContext userSessionContext = new UserSessionContext(this.HttpContext);
//Filter by lessons user owns. For Admin, show all.
var filter = new LessonFilters {
ShowOnlyOwnedLessons = true
};
int unused = 0;
var userLessons = lessonManager.GetLessonsPaged(userSessionContext.CurrentUser, filter, false, 0, 0, out unused)
.Where(x => x.StatusId != (int)Enumerations.LessonStatus.MIGRATION && x.StatusId != (int)Enumerations.LessonStatus.Closed).ToList();
var data = from l in userLessons
group l by l.Status into lessonsByStatus
select new
{
Label = lessonsByStatus.Key.Name,
Percent = Math.Round((((double)lessonsByStatus.Count()) / userLessons.Count() * 100), 1),
Count = lessonsByStatus.Count(),
StatusId = lessonsByStatus.Key.Id,
Sort = lessonsByStatus.Key.SortOrder
};
return(Json(data.OrderBy(x => x.Sort)));
}
void IActionFilter.OnActionExecuting(ActionExecutingContext filterContext)
{
UserSessionContext us = new UserSessionContext(filterContext.HttpContext);
int userId = us.GetUserId();
var query = from u in db.Users
where u.Id == userId && u.Role == userRole
select u;
var user = query.FirstOrDefault();
if (user == null)
{
RouteValueDictionary redirectTargetDictionary = new RouteValueDictionary();
redirectTargetDictionary.Add("action", "Login");
redirectTargetDictionary.Add("controller", "Account");
filterContext.Result = new RedirectToRouteResult(redirectTargetDictionary);
}
else
{
filterContext.HttpContext.Items.Add("User", user);
}
this.OnActionExecuting(filterContext);
}
public ActionResult Login(FormCollection formCollection, string username, string password, string url = "")
{
User u = null;
try
{
u = UserSessionContext.Dologin(username, password);
}
catch (Exception ex)
{
return(Redirect($"/Admin/AdminHome/Login/?error={HttpUtility.UrlEncode(ex.ToMessage())}"));
}
if (u == null)
{
return(View());
}
if (UserSessionContext.CurrentUserIsSysAdmin(u.TokenSession) || string.IsNullOrEmpty(url))
{
return(Redirect("~/Admin"));
}
url = HttpUtility.UrlDecode(url);
if (url.Equals(UserSessionContext.UrlAdminLogin, StringComparison.OrdinalIgnoreCase))
{
return(Redirect("~/"));
}
return(Redirect(url));
}
public Guid GetShoppingCartId()
{
var httpContext = System.Web.HttpContext.Current;
var currentUserId = UserSessionContext.CurrentUserId();
var sessionCart = httpContext.Session["shoppingcartid"];
string temp = string.Empty;
if (sessionCart != null)
{
temp = sessionCart.ToString();
}
Guid cartId;
if (!string.IsNullOrEmpty(temp))
{
return(Guid.Parse(temp));
}
cartId = Guid.NewGuid();
httpContext.Session["shoppingcartid"] = cartId.ToString();
MemoryMessageBuss.PushCommand(new CreateShoppingCart(cartId, currentUserId, LanguageId, CurrentIpAddress, SiteDomainUrl));
return(cartId);
}
public ActionResult Login(LoginUserViewModel model)
{
if (!ModelState.IsValid)
{
return(View(model));
}
var query = from u in db.Users
where u.Name == model.Username
select u;
var user = query.FirstOrDefault();
if (user == null || !PasswordHashService.ValidatePassword(model.Password, user.Password))
{
FlashMessageHelper.SetMessage(this, FlashMessageType.Warning, "Autoryzacja użytkownika nie przebiegła pomyślnie.");
return(View(model));
}
UserSessionContext us = new UserSessionContext(HttpContext);
us.SetUserId(user.Id);
return(RedirectToAction("Index", "Character"));
}
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
if (UserSessionContext.CurrentUser() == null || UserSessionContext.CurrentUserId() == Guid.Empty)
{
HttpContextBase context = filterContext.HttpContext;
var url = context.Request.Url.ToString().ToLower();
var customerLoginUrl = UserSessionContext.UrlFrontEndLogin + "?url=" + HttpUtility.UrlEncode(url);
if (_returnTypeInJson)
{
filterContext.Result = new JsonResult()
{
Data = new { Message = "Require logedin : " + url },
JsonRequestBehavior = JsonRequestBehavior.AllowGet
};
}
else
{
filterContext.Result = new RedirectResult(customerLoginUrl);
}
}
base.OnActionExecuting(filterContext);
}
public IActionResult Search(SearchViewModel model)
{
if (ModelState.IsValid)
{
UserSessionContext userContext = new UserSessionContext(this.HttpContext);
if (model.Clear)
{
model = new SearchViewModel {
Blank = true
};
}
else
{
model.Clear = false;
model.Blank = false;
this.ShowAlert("Your search results are being processed and will be displayed in the Lesson List below shortly. You can clear these results and return to your Lesson List by clicking the arrow on the Search button and selecting \"Clear Search Results\".", "sprite-find");
}
if (model.IsLessonTypeValidSelected)
{
model.LessonTypeInvalidId = null;
}
else
{
model.LessonTypeValidId = null;
}
userContext.LastSearch = model;
ModelState.Clear();
}
return(Index(Enumerations.PageAction.Search, null));
}
public CachedSessionItem(UserSessionContext userSession, TUserSession sessionEntity)
{
UserSession = userSession;
ExpirationType = sessionEntity.ExpirationType;
ExpiresOn = sessionEntity.FixedExpiration;
LastUsedOn = sessionEntity.LastUsedOn;
}
public JsonResult CreateNewShoppingCart()
{
var id = Guid.NewGuid();
SetShoppingCartId(id);
MemoryMessageBuss.PushCommand(new CreateShoppingCart(id, UserSessionContext.CurrentUserId(), LanguageId, CurrentIpAddress, SiteDomainUrl));
return(Json(new { Ok = true, Data = new { Id = id }, Message = "Success" }, JsonRequestBehavior.AllowGet));
}
public ActionResult Logout()
{
UserSessionContext us = new UserSessionContext(HttpContext);
us.RemoveUserId();
return(RedirectToAction("Login", "Account"));
}
public IActionResult SaveDraft(LessonViewModel updatedModel)
{
UserSessionContext userSession = new UserSessionContext(this.HttpContext);
userSession.DraftDefaults = updatedModel;
return(Save(updatedModel));
}
public JsonResult DeleteVoucherCode(List <Guid> ids)
{
foreach (var id in ids)
{
MemoryMessageBuss.PushCommand(new DeleteVoucherCode(id, UserSessionContext.CurrentUserId(), DateTime.Now));
}
return(Json(new { Ok = true, Data = new { Ids = ids }, Message = "Success" }, JsonRequestBehavior.AllowGet));
}
public JsonResult AddComent(Guid id, string comment, Guid?commentParentId)
{
var x = commentParentId ?? Guid.Empty;
string authorName = UserSessionContext.CurrentUsername();
MemoryMessageBuss.PushCommand(new AddCommentToProduct(id, comment, authorName, UserSessionContext.CurrentUserId(), x));
return(Json(new { Ok = true, Data = new { Id = id }, Message = "Success" }, JsonRequestBehavior.AllowGet));
}
public ActionResult Logout()
{
try
{
UserSessionContext.Dologout();
}
catch { }
return(Redirect(UserSessionContext.UrlAdminLogin));
}
public IActionResult GetLessonCommentList(int id, DataTableParametersViewData gridData)
{
UserSessionContext userContext = new UserSessionContext(this.HttpContext);
int pageIndex = (gridData.iDisplayStart / gridData.iDisplayLength) + 1;
pageIndex = pageIndex <= 0 ? 0 : pageIndex - 1;
var pageSize = gridData.iDisplayLength;
int totalCount;
LessonBusiness lessonBusinessManager = new LessonBusiness(DbContext);
var comments = lessonBusinessManager.GetLessonComments(id, userContext.CurrentUser, userContext.CurrentUser.RoleId == (int)Enumerations.Role.Administrator, out totalCount);
if (comments == null)
{
return(Json(null));
}
List <object> result = new List <object>();
foreach (var comment in comments)
{
Dictionary <string, string> commentData = new Dictionary <string, string>();
commentData.Add("Enabled", comment.Enabled.ToString());
commentData.Add("Id", comment.Id.ToString());
commentData.Add("Date", comment.CreateDate.ToDisplayDate());
commentData.Add("User", HttpUtility.HtmlEncode(comment.CreateUser));
commentData.Add("Type", comment.CommentType.Name + (comment.Enabled == true ? "" : " (Deleted)"));
commentData.Add("Comment", HttpUtility.HtmlEncode(comment.Content));
//@Url.Action("Delete", "Lesson", new { id = Model.Id }, "http")
string buttonHtml = userContext.CurrentUser.RoleId == (int)Enumerations.Role.Administrator ?
string.Format("<div><a href='#' class='{0}delete-comment float-left' data-url='{1}' data-commentType='{2}'><span class='float-left web-sprite sprite-{3}'></span> {0}Delete</a><div class='clear'></div></div>",
comment.Enabled == true ? "" : "Un-",
Url.Action((comment.Enabled == true ? "" : "Un") + "DeleteComment", "Lesson", new { id = comment.Id, lessonId = id }, "http"),
comment.CommentType.Name,
comment.Enabled == true ? "delete16" : "arrow-undo")
: "";
commentData.Add("Actions", buttonHtml);
var rawCommentData = (from c in commentData
select c.Value).ToArray();
result.Add(rawCommentData);
}
return(Json(
new
{
eEcho = gridData.sEcho,
iTotalRecords = totalCount,
iTotalDisplayRecords = totalCount,
aaData = result
}));
}
public ISession Login(string username, string password)
{
Exist();
CheckPw(password);
CheckUserName(username);
try
{
using (var c = new UserSessionContext(_connectionString))
{
var userMatched =
(from u in c.Users where u.Name == username && u.SiteName == Name select u)
.SingleOrDefault();
if (userMatched == null ||
!VerifyHashedPw(userMatched.Password, password, HashedPwSize, SaltSize, IterationNumber))
{
return(null);
}
var dbSession = (from s in c.Sessions
where s.User.Name == userMatched.Name //prendo la sessione più recente
select s).OrderByDescending(s => s.ValidUntil).FirstOrDefault();
ISession session;
if (dbSession != null && dbSession.ValidUntil > _alarmClock.Now) //se la sessione esiste ed è ancora valida
{
dbSession.ValidUntil = _alarmClock.Now.AddSeconds(SessionExpirationInSeconds); //aggiorno la sessione a db
c.SaveChanges();
var user = new User(username, Name, _alarmClock, _connectionString);
session = new Session(dbSession.Id, dbSession.ValidUntil, user, _alarmClock,
_connectionString);
return(session);
}
else
{
var newSession = new SessionEntity()
{
Id = GenerateSessionId(),
ValidUntil = _alarmClock.Now.AddSeconds(SessionExpirationInSeconds)
};
userMatched.Sessions.Add(newSession);
c.Sessions.Add(newSession);
c.SaveChanges();
var user = new User(username, Name, _alarmClock, _connectionString);
session = new Session(newSession.Id, newSession.ValidUntil, user, _alarmClock, _connectionString);
return(session);
}
}
}
catch (Exception e)
{
Debug.WriteLine(e.Message);
throw new UnavailableDbException("connection failed!", e);
}
}
public JsonResult CheckVoucherCode(string voucherCode)
{
if (string.IsNullOrEmpty(voucherCode))
{
return(Json(new
{
Ok = false,
Data = new { VoucherValue = 0, Description = "voucher code required" },
Message = "voucher code required"
}, JsonRequestBehavior.AllowGet));
}
var id = GetShoppingCartId();
var currentUserId = UserSessionContext.CurrentUserId();
MemoryMessageBuss.PushCommand(new CheckVoucherCodeForShoppingCart(id, voucherCode, currentUserId));
ShoppingCart cart;
string description = string.Empty;
List <ContentLanguage> contentLanguages;
using (var db = new CoreEcommerceDbContext())
{
cart = db.ShoppingCarts.SingleOrDefault(i => i.Id == id);
var voucher =
db.VoucherCodes.SingleOrDefault(
i => i.Code.Equals(voucherCode, StringComparison.OrdinalIgnoreCase));
if (voucher == null)
{
return(Json(new
{
Ok = false,
Data = new
{
VoucherValue = 0,
Description = "voucher code was not exist"
},
Message = "voucher code was not exist"
}, JsonRequestBehavior.AllowGet));
}
contentLanguages = db.ContentLanguages.Where(i => i.Id == voucher.Id || i.Id == voucher.VoucherMethodId)
.ToList();
}
description = string.Join("<br>", contentLanguages.Where(i => i.ColumnName.Equals("Description")).Select(i => i.ColumnValue).ToList());
return(Json(new
{
Ok = true,
Data = new
{
VoucherValue = cart.VoucherValue,
Description = description
},
Message = "Success"
}, JsonRequestBehavior.AllowGet));
}
public IActionResult DownloadFile()
{
UserSessionContext userSession = new UserSessionContext(this.HttpContext);
if (userSession.ExportLog != null)
{
userSession.ExportLog.Downloaded = true;
return(File(userSession.ExportLog.FileBytes, userSession.ExportLog.ContentType, userSession.ExportLog.FileName));
}
return(null);
}
public UserSessionController(UserSessionContext context)
{
_context = context;
if (!_context.UserSessions.Any())
{
_context.UserSessions.Add(new UserSession {
UserID = 1, SessionID = 1
});
_context.SaveChanges();
}
}
public JsonResult AdminConfirmPayFail(string orderCode)
{
Guid id;
using (var db = new CoreEcommerceDbContext())
{
id = db.PaymentTransactions.Where(i => i.OrderCode.Equals(orderCode, StringComparison.OrdinalIgnoreCase)).Select(i => i.Id)
.SingleOrDefault();
}
MemoryMessageBuss.PushCommand(new AdminFailPaymentTransaction(id, UserSessionContext.CurrentUserId(), DateTime.Now));
return(Json(new { Ok = true, Data = new { OrderCode = orderCode }, Message = "Success" }, JsonRequestBehavior.AllowGet));
}
public IActionResult Submit(LessonViewModel updatedModel)
{
if (updatedModel.SaveAction == Enumerations.SaveAction.SubmitAnother)
{
ModelState.Clear();
return(Index(Enumerations.PageAction.Submit, null));
}
UserSessionContext userSession = new UserSessionContext(this.HttpContext);
userSession.DraftDefaults = updatedModel;
return(Save(updatedModel));
}
/// <summary>
/// Allows or blocks the display of a checkbox depending on user authorization level.
/// </summary>
/// <typeparam name="TModel"></typeparam>
/// <param name="htmlHelper"></param>
/// <param name="expression"></param>
/// <param name="requiredPrivilege">Privilege needed to show the field</param>
/// <param name="readOnlyBehaviour">Behavior of the field if not authorized</param>
/// <param name="htmlAttributes"></param>
/// <param name="forceReadOnly">Force the field into read-only mode regardless of authorization</param>
/// <returns></returns>
public static IHtmlContent CheckBoxForAuth <TModel>(this IHtmlHelper <TModel> htmlHelper, Expression <Func <TModel, bool> > expression, Enumerations.Role requiredPrivilege, Enumerations.ReadOnlyBehaviour readOnlyBehaviour, object htmlAttributes, bool forceReadOnly = false)
{
// If user has no privileges refuse access
bool fullAccess = new UserSessionContext(htmlHelper.GetHttpContext()).UserHasAccess(requiredPrivilege);
string html = htmlHelper.CheckBoxFor(expression, htmlAttributes).ToString();
if (!fullAccess)
{
ModelExpression modelExpression = htmlHelper.GetModelExpressionProvider().CreateModelExpression(htmlHelper.ViewData, expression);
var expressionValue = (bool)modelExpression.Model;
switch (readOnlyBehaviour)
{
case Enumerations.ReadOnlyBehaviour.CheckedIcon:
html = expressionValue ? "<span class='red-icon red-icon-check' />" : "";
html += htmlHelper.HiddenFor(expression).ToString();
break;
case Enumerations.ReadOnlyBehaviour.Disabled:
var htmlOptions = new RouteValueDictionary(htmlAttributes);
if (!htmlOptions.ContainsKey("disabled"))
{
htmlOptions.Add("disabled", "disabled");
}
else
{
htmlOptions["disabled"] = "disabled";
}
html = htmlHelper.CheckBoxFor(expression, htmlOptions).ToString();
break;
case Enumerations.ReadOnlyBehaviour.EmptyString:
html = htmlHelper.HiddenFor(expression).ToString();
break;
case Enumerations.ReadOnlyBehaviour.InnerHtml:
html = htmlHelper.SpanFor(expression, htmlAttributes).ToString();
html += htmlHelper.HiddenFor(expression).ToString();
break;
default:
throw new ArgumentOutOfRangeException("readOnlyBehaviour");
}
}
return(new HtmlString(html));
}
/// <summary>
/// Allows or blocks the display of an action link depending on user authorization level.
/// </summary>
public static IHtmlContent ActionLinkAuth(this IHtmlHelper htmlHelper, Enumerations.Role requiredPrivilege, Enumerations.AuthFailedBehaviour authFailedBehaviour, string linkText, string actionName, string controllerName, object routeValues, object htmlAttributes, string alternateLinkText)
{
//If no link text, just return an empty string.
if (string.IsNullOrEmpty(linkText))
{
return(HtmlString.Empty);
}
// If user has no privileges refuse access
bool hasAccess = new UserSessionContext(htmlHelper.GetHttpContext()).UserHasAccess(requiredPrivilege);
var htmlOptions = new RouteValueDictionary(htmlAttributes);
var routeOptions = new RouteValueDictionary(routeValues);
//Remove disabled attribute if present
if (htmlOptions.ContainsKey("disabled"))
{
htmlOptions.Remove("disabled");
}
IHtmlContent result = htmlHelper.ActionLink(linkText, actionName, controllerName, routeOptions, htmlOptions);
if (!hasAccess)
{
switch (authFailedBehaviour)
{
case Enumerations.AuthFailedBehaviour.AlternateLink:
if (string.IsNullOrEmpty(alternateLinkText))
{
throw new ArgumentNullException("alternateLinkText", "alternateLinkText cannot be null or empty");
}
result = htmlHelper.ActionLink(alternateLinkText, actionName, controllerName, routeOptions, htmlOptions);
break;
case Enumerations.AuthFailedBehaviour.EmptyString:
result = HtmlString.Empty;
break;
case Enumerations.AuthFailedBehaviour.InnerHtml:
result = htmlHelper.Span(linkText, htmlOptions);
break;
default:
throw new ArgumentOutOfRangeException("authFailedBehaviour");
}
}
return(result);
}
public JsonResult Facebooklogin(string userId, string accessToken, string uid, string name, string email, string avatarUrl)
{
if (string.IsNullOrEmpty(email) || string.IsNullOrEmpty(accessToken))
{
return(Json(new { Ok = false, Data = new { email }, Message = "Fail" }, JsonRequestBehavior.AllowGet));
}
var u = UserSessionContext.DoLoginFromFacebook(userId, accessToken, name, email, avatarUrl, SiteDomainUrl);
if (u == null)
{
return(Json(new { Ok = false, Data = new { email }, Message = "Fail" }, JsonRequestBehavior.AllowGet));
}
return(Json(new { Ok = true, Data = new { email }, Message = "Success" }, JsonRequestBehavior.AllowGet));
}
public JsonResult SaveProfile(string phone, string email)
{
var id = UserSessionContext.CurrentUserId();
if (string.IsNullOrEmpty(phone) || string.IsNullOrEmpty(email))
{
return(Json(new { Ok = false, Data = new { Id = id }, Message = "Phone, email are require" }, JsonRequestBehavior.AllowGet));
}
MemoryMessageBuss.PushCommand(new UpdateUser(id, phone, email, id, DateTime.Now));
return(Json(new { Ok = true, Data = new { Id = id }, Message = "Success" }, JsonRequestBehavior.AllowGet));
}
public ActionResult UserProfile()
{
var model = new FeUserProfile();
var currentUser = UserSessionContext.CurrentUser();
model.Id = currentUser.Id;
using (var db = new CoreEcommerceDbContext())
{
var user = db.Users.SingleOrDefault(i => i.Id == model.Id);
model.Email = user.Email;
model.Phone = user.Phone;
}
return(View(model));
}
public IActionResult SendNotifications(AdminViewData updatedModel)
{
ApplicationContext appContext = new ApplicationContext(this.Cache);
if (ViewData.ModelState["NotificationDays"].Errors.Count == 0)
{
UserSessionContext userContext = new UserSessionContext(this.HttpContext);
LessonBusiness businessManager = new LessonBusiness(DbContext);
var notificationType = (Enumerations.NotificationEmailType)updatedModel.EmailNotificationType;
List <Lesson> lessons = businessManager.GetLessonsForNotification(notificationType, updatedModel.NotificationDays);
if (lessons != null && lessons.Count > 0)
{
List <EmailInfo> emailList = new List <EmailInfo>();
foreach (var lesson in lessons)
{
//If this key exists in the web.config, re-direct all eamils to that address.
string overrideEmailAddress = Utility.SafeGetAppConfigSetting <string>("Debug_OverrideEmailAddress", null);
EmailTemplateViewData model = new EmailTemplateViewData(LessonViewModel.ToViewModel(this.HttpContext, lesson), notificationType, appContext, overrideEmailAddress);
string emailMessageBody = Utils.RenderPartialViewToString(this, "EmailTemplate", model);
EmailInfo emailInfo = new EmailInfo
{
Body = emailMessageBody,
MailTo = model.Redirecting ? model.OverrideMailTo : model.MailTo,
Subject = model.Subject
};
emailList.Add(emailInfo);
}
businessManager.SendEmails(emailList);
}
this.SetEmailsSent();
return(RedirectPermanent("Index"));
}
ModelState.Clear();
AddError("X Days is invalid");
return(Index());
}
public IActionResult ChangeRole(int roleId)
{
if (bool.Parse(Utility.SafeGetAppConfigSetting("Debug_AllUserPermissionChange", "false")))
{
UserSessionContext userSession = new UserSessionContext(this.HttpContext);
var currentuser = userSession.CurrentUser;
//tem code
currentuser.RoleId = roleId;
userSession.CurrentUser = currentuser;
}
return(RedirectToActionPermanent("Index", "Home"));
}
public JsonResult Googlelogin(string googleId, string name, string email, string avatarUrl, string idToken)
{
if (string.IsNullOrEmpty(email) || string.IsNullOrEmpty(idToken))
{
return(Json(new { Ok = false, Data = new { email }, Message = "Fail" }, JsonRequestBehavior.AllowGet));
}
var u = UserSessionContext.DoLoginFromGoogle(googleId, name, email, avatarUrl, idToken, SiteDomainUrl);
if (u == null)
{
return(Json(new { Ok = false, Data = new { email }, Message = "Fail" }, JsonRequestBehavior.AllowGet));
}
return(Json(new { Ok = true, Data = new { email }, Message = "Success" }, JsonRequestBehavior.AllowGet));
}
public ActionResult Login(FormCollection formCollection, string username, string password, string url = "")
{
UserSessionContext.Dologin(username, password);
if (!string.IsNullOrEmpty(url))
{
return(Redirect(HttpUtility.UrlDecode(url)));
}
if (UserSessionContext.CurrentUserIsSysAdmin())
{
return(Redirect("~/Admin"));
}
if (UserSessionContext.CurrentUser() != null)
{
return(Redirect("~/"));
}
return(View());
}
