/// <summary> /// Inserts the new user in to M_USERS. /// </summary> /// <param name="userName">Name of the user.</param> /// <param name="password">Password.</param> /// <param name="cardId">The card id.</param> /// <param name="userAuthenticationOn">The user authentication on.</param> /// <param name="pin">The pin.</param> /// <param name="authenticationMode">The authentication mode.</param> /// <param name="defaultDepartment">The default department.</param> /// <returns>string</returns> /// <remarks> /// Sequence Diagram:<br/> /// <img src="SequenceDiagrams/SD_DataManagerDevice.Controller.Users.InsertUser.jpg"/> /// </remarks> public static string InsertUser(string userName, string password, string cardId, string userAuthenticationOn, string pin, string authenticationMode, int defaultDepartment, string domainName, string emailid, ref bool isUpdated) { isUpdated = false; string returnValue = string.Empty; string hashPassword = Protector.ProvideEncryptedPassword(password); string hashPin = string.Empty; string hashCardId = string.Empty; if (!string.IsNullOrEmpty(pin)) { hashPin = Protector.ProvideEncryptedPin(pin); } if (!string.IsNullOrEmpty(cardId)) { hashCardId = Protector.ProvideEncryptedCardID(cardId); } string sqlQuery = "insert into M_USERS(USR_CARD_ID, USR_ID,USR_DOMAIN, USR_SOURCE, USR_NAME,USR_EMAIL, USR_PIN, USR_PASSWORD,USR_ATHENTICATE_ON,USR_DEPARTMENT,USR_ROLE, REC_CDATE, REC_ACTIVE)values(N'" + hashCardId + "',N'" + userName.Replace("'", "''") + "',N'" + domainName + "',N'" + authenticationMode + "' ,N'" + userName.Replace("'", "''") + "',N'" + emailid + "',N'" + hashPin + "',N'" + hashPassword + "',N'" + userAuthenticationOn + "',N'" + defaultDepartment + "','user', getdate(), 'True')"; if (Users.IsRecordExists("M_USERS", "USR_ID", userName, authenticationMode)) { isUpdated = true; sqlQuery = "update M_USERS set USR_CARD_ID=N'" + hashCardId + "',USR_PASSWORD=N'" + hashPassword + "',USR_PIN=N'" + hashPin + "',USR_ATHENTICATE_ON=N'" + userAuthenticationOn + "' where USR_ID=N'" + userName + "' and USR_SOURCE=N'" + authenticationMode + "'"; } using (Database dbUser = new Database()) { DbCommand cmdUser = dbUser.GetSqlStringCommand(sqlQuery); returnValue = dbUser.ExecuteNonQuery(cmdUser); } return(returnValue); }
/// <summary> /// Inserts the new user in to M_USERS. /// </summary> /// <param name="userName">Name of the user.</param> /// <param name="password">Password.</param> /// <param name="cardId">The card id.</param> /// <param name="userAuthenticationOn">The user authentication on.</param> /// <param name="pin">The pin.</param> /// <param name="authenticationMode">The authentication mode.</param> /// <param name="defaultDepartment">The default department.</param> /// <returns>string</returns> /// <remarks> /// Sequence Diagram:<br/> /// <img src="SequenceDiagrams/SD_DataManagerDevice.Controller.Users.InsertUser.jpg"/> /// </remarks> public static string UpdateUser(string userName, string password, string cardId, string userAuthenticationOn, string pin, string authenticationMode, int defaultDepartment, string domainName, ref bool isUpdated) { isUpdated = false; string returnValue = string.Empty; string hashPassword = Protector.ProvideEncryptedPassword(password); string hashPin = string.Empty; string hashCardId = string.Empty; if (!string.IsNullOrEmpty(pin)) { hashPin = Protector.ProvideEncryptedPin(pin); } if (!string.IsNullOrEmpty(cardId)) { hashCardId = Protector.ProvideEncryptedCardID(cardId); } string sqlQuery = ""; isUpdated = true; sqlQuery = "update M_USERS set USR_CARD_ID=N'" + hashCardId + "',USR_PASSWORD=N'" + hashPassword + "',USR_ATHENTICATE_ON=N'" + userAuthenticationOn + "' where USR_ID=N'" + userName + "' and USR_SOURCE=N'" + authenticationMode + "'"; using (Database dbUser = new Database()) { DbCommand cmdUser = dbUser.GetSqlStringCommand(sqlQuery); returnValue = dbUser.ExecuteNonQuery(cmdUser); } return(returnValue); }
/// <summary> /// Determines whether [is card exists] [the specified card ID]. /// </summary> /// <param name="cardId">The card id.</param> /// <returns> /// <c>true</c> if [is card exists] [the specified card ID]; otherwise, <c>false</c>. /// </returns> /// <remarks> /// Sequence Diagram:<br/> /// <img src="SequenceDiagrams/SD_DataManagerDevice.Controller.Card.IsCardExists.jpg"/> /// </remarks> public static bool IsCardExists(string cardId) { bool isUserExits = false; string hashCardId = Protector.ProvideEncryptedCardID(cardId); string sqlQuery = "select USR_ACCOUNT_ID from M_USERS with (nolock) where USR_CARD_ID=N'" + hashCardId + "'"; using (Database dbCard = new Database()) { DbCommand cmdCard = dbCard.GetSqlStringCommand(sqlQuery); DbDataReader drUserId = dbCard.ExecuteReader(cmdCard, CommandBehavior.CloseConnection); if (drUserId.HasRows) { isUserExits = true; } if (drUserId != null && drUserId.IsClosed == false) { drUserId.Close(); } } return(isUserExits); }
/// <summary> /// Updates the user details. /// </summary> /// <remarks> /// Sequence Diagram:<br/> /// <img src="SequenceDiagrams/CD_PrintRoverWeb.AdministrationAddUsers.UpdateUserDetails.jpg"/> /// </remarks> private void UpdateUserDetails() { string userAccountId = HdUserID.Value; string userID = TextBoxUserID.Text.Trim(); string userName = TextBoxName.Text; string userPassword = TextBoxPassword.Text; string userPin = TextBoxPin.Text; string userCardID = TextBoxCard.Text; string userEmail = TextBoxEmail.Text; bool isLoginEnabled = CheckBoxEnableLogOn.Checked; string userLoginEnabled = "0"; string userRole = DropDown_UserRole.SelectedItem.Value.ToLower().ToString(); string userCostCenter = DropDownListCostCenters.SelectedValue; string department = "1"; //DropDownDepartment.SelectedValue; string authenticationMode = string.Empty; string hashedPinNumber = string.Empty; string auditMessage = string.Empty; string authenticationServer = "Local"; string auditorSource = HostIP.GetHostIP(); string isMyAccount = DropDownListMyAccount.SelectedValue; string userCommand = TextBoxPin.Text; if (isLoginEnabled) { userLoginEnabled = "1"; } if (DropDown_UserRole.SelectedIndex == 0) { string serverMessage = Localization.GetServerMessage("", Session["selectedCulture"] as string, "SELECT_USER_ROLE"); GetMasterPage().DisplayActionMessage(AppLibrary.MessageType.Error.ToString(), serverMessage, null); return; } //DataSet dsUserDetails = DataManager.Provider.Users.provideSelectedUserDetails(userID, userSource); DataSet dsUserDetails = DataManager.Provider.Users.provideSelectedUserDetails(userAccountId, userSource); if (TextBoxPassword.Text != Convert.ToString(dsUserDetails.Tables[0].Rows[0]["USR_PASSWORD"], CultureInfo.CurrentUICulture)) { userPassword = Protector.ProvideEncryptedPassword(userPassword); } if (!string.IsNullOrEmpty(userCardID)) { if (TextBoxCard.Text != Convert.ToString(dsUserDetails.Tables[0].Rows[0]["USR_CARD_ID"], CultureInfo.CurrentUICulture)) { if (DataManager.Controller.Card.IsCardExists(userCardID, userID)) { string serverMessage = Localization.GetServerMessage("", Session["selectedCulture"] as string, "CARD_CONFIGURED_ANOTHER_USER"); GetMasterPage().DisplayActionMessage(AppLibrary.MessageType.Error.ToString(), serverMessage, null); return; } else { userCardID = Protector.ProvideEncryptedCardID(userCardID); } } } string sqlAddonFilter = string.Format(CultureInfo.CurrentCulture, " USR_ID <> '{0}'", userID); if (!string.IsNullOrEmpty(userPin)) { if (TextBoxPin.Text != Convert.ToString(dsUserDetails.Tables[0].Rows[0]["USR_PIN"], CultureInfo.CurrentUICulture)) { hashedPinNumber = Protector.ProvideEncryptedPin(TextBoxPin.Text); if (DataManager.Controller.Users.IsOtherRecordExists("M_USERS", "USR_PIN", hashedPinNumber, sqlAddonFilter)) { string serverMessage = Localization.GetServerMessage("", Session["selectedCulture"] as string, "PIN_ALREADY_USED"); GetMasterPage().DisplayActionMessage(AppLibrary.MessageType.Error.ToString(), serverMessage, null); return; } } else { hashedPinNumber = TextBoxPin.Text; } } else { hashedPinNumber = TextBoxPin.Text; } try { string addSqlResponse = DataManager.Controller.Users.UpdateUserDetails(userSource, userAccountId, userName, userPassword, hashedPinNumber, userCardID, userEmail, userLoginEnabled, true, DropDownPrintProfile.SelectedValue, userRole, department, userCostCenter, isMyAccount, userCommand); if (string.IsNullOrEmpty(addSqlResponse)) { auditMessage = "User " + userID + " updated successfully"; LogManager.RecordMessage(auditorSource, Session["UserID"] as string, LogManager.MessageType.Success, auditMessage); string serverMessage = Localization.GetServerMessage("", Session["selectedCulture"] as string, "USER_UPDATE_SUCCESS"); GetMasterPage().DisplayActionMessage(AppLibrary.MessageType.Success.ToString(), serverMessage, null); GetUserDetails(); return; } } catch (Exception ex) { auditMessage = userID + " Failed to update User"; LogManager.RecordMessage(auditorSource, Session["UserID"] as string, LogManager.MessageType.CriticalError, auditMessage, null, ex.Message, ex.StackTrace); string serverMessage1 = Localization.GetServerMessage("", Session["selectedCulture"] as string, "USER_UPDATE_FAIL"); GetMasterPage().DisplayActionMessage(AppLibrary.MessageType.Error.ToString(), serverMessage1, null); return; } }