public static dynamic GetAuthroizedUser()
{
dynamic CurrentUser = null;
try
{
HttpSessionState session = HttpContext.Current.Session;
string model = session[ "Model" ].ToString();
int id = Int32.Parse( session[ "UserId" ].ToString() );
if ( model.Equals( "Agent" ) )
{
AgentModel connector = new AgentModel();
CurrentUser = connector.SelectById( id );
}
else if ( model.Equals( "Client" ) )
{
ClientModel connector = new ClientModel();
CurrentUser = connector.SelectById( id );
}
}
catch
{
return null;
}
return CurrentUser;
}
/// <summary>
/// Test if nickname is unique
/// </summary>
/// <param name="model">Model object for this connector</param>
/// <returns>True if model is unique</returns>
public bool IsUniqueName( AgentModel model )
{
KeyValuePair<string, string> arg = new KeyValuePair<string, string>( "Name", model.Name );
string sql = "SELECT COUNT(*) FROM " + TableName;
int count = ExecuteCustomQuery( QueryType.Count, sql, arg );
if ( count == 0 )
return true;
return false;
}
public ActionResult Create(AgentModel model)
{
try
{
if (ModelState.IsValid)
{
string password = Request["AdminPassword"];
#region Validate unique name of the model
if (!model.IsUniqueName(model))
{
ModelState.AddModelError("Permission error", "Такой пользователь уже существует.");
return View(model);
}
#endregion
#region Check common password
if (password.Equals("nya"))
{
if (model.Permission)
{
ModelState.AddModelError("Permission error", "Вы не можете выставить агенту права суперпользователя.");
return View(model);
}
model.Insert(model);
return Redirect("/");
}
#endregion
#region Check supreuser password
else if (password.Equals("neko"))
{
model.Insert(model);
return RedirectToAction("/");
}
#endregion
#region Check wrong password
else
{
ModelState.AddModelError("Wrong password", "Пароль не верен.");
return View(model);
}
#endregion
}
return View(model);
}
catch
{
return View(model);
}
}
public ActionResult Delete(int id)
{
try
{
IUser currentUser = Authorization.GetAuthroizedUser();
if ( currentUser.IsSuperuser() )
{
AgentModel model = new AgentModel();
model.DeleteById( id );
}
}
catch
{
return RedirectToAction( "Index" );
}
return RedirectToAction( "Index" );
}
public ActionResult ProcessLogin(FormCollection formCollection)
{
// Recieve form variables through post data
string name = formCollection["Name"];
string model = formCollection["SelectUser"];
int id = -1;
// Check if it is client or agent request authorization
// f**k DRY, no dynamic outside base classes
if (model.Equals("Client"))
{
ClientModel clientConnector = new ClientModel();
id = clientConnector.ExecuteCustomQuery(
BaseSqlDatabaseModel.QueryType.Id,
"SELECT ClientId FROM " + clientConnector.TableName,
new KeyValuePair<string, string>("Name", name)
);
}
else if (model.Equals("Agent"))
{
AgentModel agentConnector = new AgentModel();
id = agentConnector.ExecuteCustomQuery(
BaseSqlDatabaseModel.QueryType.Id,
"SELECT AgentId FROM " + agentConnector.TableName,
new KeyValuePair<string, string>("Name", name)
);
}
if (id != -1)
{
Session["Model"] = model;
Session["UserId"] = id;
return Redirect("/");
}
return View("LogIn");
}
public ActionResult Edit(int id)
{
try
{
IUser currentUser = Authorization.GetAuthroizedUser();
if ( currentUser == null )
return Redirect( "/" );
if ( currentUser.IsSuperuser() )
{
AgentModel model = new AgentModel();
model = model.SelectById( id );
return View( model );
}
}
catch
{
return RedirectToAction( "Index" );
}
return RedirectToAction( "Index" );
}
public ActionResult Index()
{
IUser currentUser = Authorization.GetAuthroizedUser();
if ( currentUser == null )
return Redirect( "/" );
try
{
if ( currentUser.IsSuperuser() )
{
AgentModel model = new AgentModel();
List<AgentModel> tariffList = model.SelectAll().ConvertAll( x => ( AgentModel ) x );
ViewData[ "agentList" ] = tariffList;
return View();
}
}
catch
{
ViewData[ "agentList" ] = new List<AgentModel>();
return View();
}
return Redirect( "/" );
}
public ActionResult Edit( int id, AgentModel model )
{
try
{
IUser currentUser = Authorization.GetAuthroizedUser();
if ( currentUser.IsSuperuser() && ModelState.IsValid )
{
model.Update( id, model );
return RedirectToAction( "Index" );
}
}
catch
{
return RedirectToAction( "Index" );
}
return View( model );
}