public void ConvertToDomainTypeTest()
{
var databaseUser = new DbModels.User {
Id = Guid.NewGuid(),
FirstName = "test",
LastName = "test",
Country = "UK",
City = "London",
Street = "Baker street",
HouseNumber = "221B"
};
var mockContext = new Mock <IDataContext>();
var mapper = new UserDatabaseMapper();
var result = mapper.ConvertToDomainType(databaseUser, mockContext.Object);
Assert.AreEqual(databaseUser.Id, result.Id);
Assert.AreEqual(databaseUser.FirstName, result.FirstName);
Assert.AreEqual(databaseUser.LastName, result.LastName);
Assert.AreEqual(databaseUser.Country, result.Address.Country);
Assert.AreEqual(databaseUser.City, result.Address.City);
Assert.AreEqual(databaseUser.Street, result.Address.Street);
Assert.AreEqual(databaseUser.HouseNumber, result.Address.HouseNumber);
}
public void ConvertToDatabaseTypeTest()
{
var domainUser = new Domain.User.User {
Id = Guid.NewGuid(),
FirstName = "test",
LastName = "test",
Address = new Address {
Country = "UK",
City = "London",
Street = "Baker street",
HouseNumber = "221B"
}
};
var mapper = new UserDatabaseMapper();
var result = mapper.ConvertToDatabaseType(domainUser);
Assert.AreEqual(domainUser.Id, result.Id);
Assert.AreEqual(domainUser.FirstName, result.FirstName);
Assert.AreEqual(domainUser.LastName, result.LastName);
Assert.AreEqual(domainUser.Address.Country, result.Country);
Assert.AreEqual(domainUser.Address.City, result.City);
Assert.AreEqual(domainUser.Address.Street, result.Street);
Assert.AreEqual(domainUser.Address.HouseNumber, result.HouseNumber);
}
public static UserDatabaseMapper[] GetAll()
{
DataTable tbl = GetDataTable();
UserDatabaseMapper[] all = new UserDatabaseMapper[tbl.Rows.Count];
for (int i = 0; i < tbl.Rows.Count; i++)
all[i] = Load(tbl.Rows[i]);
return all;
}
public static UserDatabaseMapper[] GetAll()
{
DataTable tbl = GetDataTable();
UserDatabaseMapper[] all = new UserDatabaseMapper[tbl.Rows.Count];
for (int i = 0; i < tbl.Rows.Count; i++)
{
all[i] = Load(tbl.Rows[i]);
}
return(all);
}
protected void btnSubmit_Click(object sender, EventArgs e)
{
if (!ddlEndDateValidateAllOrNoneSet.IsValid ||
!ddlStartDateValidateAllOrNoneSet.IsValid)
{
return;
}
txtPwd.Attributes["value"] = txtPwd.Text; // pwd fields is unset on send back to server, so re-set it
if (GetUrlParamType() == UrlParamType.View)
{
Response.Redirect(UrlParamModifier.AddEdit(Request.RawUrl, "type", "edit"));
}
else if (GetUrlParamType() == UrlParamType.Edit)
{
Staff staff = StaffDB.GetByID(Convert.ToInt32(this.lblId.Text));
if (!Convert.ToBoolean(ConfigurationManager.AppSettings["UseConfigDB"]) && staff.Login != txtLogin.Text && UserDatabaseMapperDB.UsernameExists(txtLogin.Text))
{
SetErrorMessage("Login name already in use by another user");
return;
}
if (StaffDB.LoginExists(txtLogin.Text, staff.StaffID))
{
SetErrorMessage("Login name already in use by another user");
return;
}
if (staff.Pwd != txtPwd.Text && txtPwd.Text.Length < 6)
{
SetErrorMessage(staff.Pwd.Length >= 6 ? "Password must be at least 6 characters" : "New passwords must be at least 6 characters");
return;
}
bool loggedInUserIsStakeholder = Session["IsStakeholder"] != null && Convert.ToBoolean(Session["IsStakeholder"]);
bool loggedInUserIsMasterAdmin = Session["IsMasterAdmin"] != null && Convert.ToBoolean(Session["IsMasterAdmin"]);
PersonDB.Update(staff.Person.PersonID, Convert.ToInt32(ddlTitle.SelectedValue), Utilities.FormatName(txtFirstname.Text), Utilities.FormatName(txtMiddlename.Text), Utilities.FormatName(txtSurname.Text), staff.Person.Nickname, ddlGender.SelectedValue, staff.Person.Dob, DateTime.Now);
StaffDB.Update(staff.StaffID, staff.Person.PersonID, txtLogin.Text, txtPwd.Text, staff.StaffPosition.StaffPositionID, staff.Field.ID, staff.CostCentre.CostCentreID,
staff.IsContractor, staff.Tfn, staff.ProviderNumber,
ddlStatus.SelectedValue == "Inactive", staff.IsCommission, staff.CommissionPercent,
staff.IsStakeholder, staff.IsMasterAdmin, staff.IsAdmin, staff.IsPrincipal, staff.IsProvider, staff.IsExternal,
GetStartDateFromForm(), GetEndDateFromForm(), txtComments.Text, staff.EnableDailyReminderSMS, staff.EnableDailyReminderEmail, staff.HideBookingNotes);
if (!Convert.ToBoolean(ConfigurationManager.AppSettings["UseConfigDB"]) && staff.Login != txtLogin.Text)
{
UserDatabaseMapper curDBMapper = UserDatabaseMapperDB.GetByLogin(staff.Login, Session["DB"].ToString());
UserDatabaseMapperDB.Update(curDBMapper.ID, txtLogin.Text, Session["DB"].ToString());
}
Response.Redirect(UrlParamModifier.AddEdit(Request.RawUrl, "type", "view"));
}
else if (GetUrlParamType() == UrlParamType.Add)
{
if (!Convert.ToBoolean(ConfigurationManager.AppSettings["UseConfigDB"]) && UserDatabaseMapperDB.UsernameExists(txtLogin.Text))
{
SetErrorMessage("Login name already in use by another user");
return;
}
if (StaffDB.LoginExists(txtLogin.Text))
{
SetErrorMessage("Login name already in use by another user");
return;
}
if (txtPwd.Text.Length < 6)
{
SetErrorMessage("Password must be at least 6 characters");
return;
}
int person_id = -1;
int staff_id = -1;
bool staff_added = false;
int mainDbUserID = -1;
try
{
if (!Convert.ToBoolean(ConfigurationManager.AppSettings["UseConfigDB"]))
{
mainDbUserID = UserDatabaseMapperDB.Insert(txtLogin.Text, Session["DB"].ToString());
}
Staff loggedInStaff = StaffDB.GetByID(Convert.ToInt32(Session["StaffID"]));
person_id = PersonDB.Insert(loggedInStaff.Person.PersonID, Convert.ToInt32(ddlTitle.SelectedValue), Utilities.FormatName(txtFirstname.Text), Utilities.FormatName(txtMiddlename.Text), Utilities.FormatName(txtSurname.Text), "", ddlGender.SelectedValue, DateTime.MinValue);
staff_id = StaffDB.Insert(person_id, txtLogin.Text, txtPwd.Text, StaffPositionDB.GetByDescr("Unknown").StaffPositionID, 0, 59,
false, "", "",
ddlStatus.SelectedValue == "Inactive", false, 0,
false, false, false, false, false, true,
GetStartDateFromForm(), GetEndDateFromForm(), txtComments.Text, false, false, false);
staff_added = true;
string url = Request.RawUrl;
url = UrlParamModifier.AddEdit(url, "type", "view");
url = UrlParamModifier.AddEdit(url, "id", staff_id.ToString());
Response.Redirect(url);
}
catch (Exception)
{
if (staff_added)
{
string url = Request.RawUrl;
url = UrlParamModifier.AddEdit(url, "type", "view");
url = UrlParamModifier.AddEdit(url, "id", staff_id.ToString());
Response.Redirect(url);
return;
}
// roll back - backwards of creation order
PersonDB.Delete(person_id);
if (!Convert.ToBoolean(ConfigurationManager.AppSettings["UseConfigDB"]))
{
UserDatabaseMapperDB.Delete(mainDbUserID);
}
throw;
}
}
else
{
HideTableAndSetErrorMessage();
}
}
protected void GrdStaff_RowUpdating(object sender, GridViewUpdateEventArgs e)
{
Label lblId = (Label)GrdStaff.Rows[e.RowIndex].FindControl("lblId");
DropDownList ddlTitle = (DropDownList)GrdStaff.Rows[e.RowIndex].FindControl("ddlTitle");
TextBox txtFirstname = (TextBox)GrdStaff.Rows[e.RowIndex].FindControl("txtFirstname");
TextBox txtMiddlename = (TextBox)GrdStaff.Rows[e.RowIndex].FindControl("txtMiddlename");
TextBox txtSurname = (TextBox)GrdStaff.Rows[e.RowIndex].FindControl("txtSurname");
DropDownList ddlGender = (DropDownList)GrdStaff.Rows[e.RowIndex].FindControl("ddlGender");
TextBox txtLogin = (TextBox)GrdStaff.Rows[e.RowIndex].FindControl("txtLogin");
TextBox txtPwd = (TextBox)GrdStaff.Rows[e.RowIndex].FindControl("txtPwd");
DropDownList ddlStatus = (DropDownList)GrdStaff.Rows[e.RowIndex].FindControl("ddlStatus");
int staff_id = Convert.ToInt32(lblId.Text);
int person_id = GetPersonID(Convert.ToInt32(lblId.Text));
if (person_id == -1) // happens when back button hit after update .. with option to update again ... but no selected row exists within page data
{
GrdStaff.EditIndex = -1;
FillGrid();
return;
}
Staff staff = StaffDB.GetByID(staff_id);
if (!Convert.ToBoolean(ConfigurationManager.AppSettings["UseConfigDB"]) && staff.Login != txtLogin.Text && UserDatabaseMapperDB.UsernameExists(txtLogin.Text))
{
SetErrorMessage("Login name already in use by another user");
return;
}
if (staff.Login != txtLogin.Text && StaffDB.LoginExists(txtLogin.Text, staff_id))
{
SetErrorMessage("Login name already in use by another user");
return;
}
if (staff.Pwd != txtPwd.Text && txtPwd.Text.Length < 6)
{
SetErrorMessage(staff.Pwd.Length >= 6 ? "Password must be at least 6 characters" : "New passwords must be at least 6 characters");
return;
}
DataTable dt = Session["externalstaffinfo_data"] as DataTable;
DataRow[] foundRows = dt.Select("person_id=" + person_id.ToString());
DataRow row = foundRows[0]; // Convert.ToInt32(row["person_id"])
PersonDB.Update(person_id, Convert.ToInt32(ddlTitle.SelectedValue), Utilities.FormatName(txtFirstname.Text), Utilities.FormatName(txtMiddlename.Text), Utilities.FormatName(txtSurname.Text), row["nickname"].ToString(), ddlGender.SelectedValue, staff.Person.Dob, DateTime.Now);
StaffDB.Update(staff_id, person_id, txtLogin.Text, txtPwd.Text, Convert.ToInt32(row["staff_position_id"]), staff.Field.ID, staff.CostCentre.CostCentreID,
staff.IsContractor, staff.Tfn, staff.ProviderNumber,
ddlStatus.SelectedValue == "Inactive", staff.IsCommission, staff.CommissionPercent,
staff.IsStakeholder, staff.IsMasterAdmin, staff.IsAdmin, staff.IsPrincipal, staff.IsProvider, staff.IsExternal,
row["start_date"] == DBNull.Value ? DateTime.MinValue : (DateTime)row["start_date"], row["end_date"] == DBNull.Value ? DateTime.MinValue : (DateTime)row["end_date"], row["comment"].ToString(), staff.EnableDailyReminderSMS, staff.EnableDailyReminderEmail);
if (!Convert.ToBoolean(ConfigurationManager.AppSettings["UseConfigDB"]) && staff.Login != txtLogin.Text)
{
UserDatabaseMapper curDBMapper = UserDatabaseMapperDB.GetByLogin(staff.Login, Session["DB"].ToString());
UserDatabaseMapperDB.Update(curDBMapper.ID, txtLogin.Text, Session["DB"].ToString());
}
GrdStaff.EditIndex = -1;
FillGrid();
}
protected void GrdStaff_RowUpdating(object sender, GridViewUpdateEventArgs e)
{
Label lblId = (Label)GrdStaff.Rows[e.RowIndex].FindControl("lblId");
DropDownList ddlTitle = (DropDownList)GrdStaff.Rows[e.RowIndex].FindControl("ddlTitle");
TextBox txtFirstname = (TextBox)GrdStaff.Rows[e.RowIndex].FindControl("txtFirstname");
TextBox txtMiddlename = (TextBox)GrdStaff.Rows[e.RowIndex].FindControl("txtMiddlename");
TextBox txtSurname = (TextBox)GrdStaff.Rows[e.RowIndex].FindControl("txtSurname");
DropDownList ddlGender = (DropDownList)GrdStaff.Rows[e.RowIndex].FindControl("ddlGender");
DropDownList ddlDOB_Day = (DropDownList)GrdStaff.Rows[e.RowIndex].FindControl("ddlDOB_Day");
DropDownList ddlDOB_Month = (DropDownList)GrdStaff.Rows[e.RowIndex].FindControl("ddlDOB_Month");
DropDownList ddlDOB_Year = (DropDownList)GrdStaff.Rows[e.RowIndex].FindControl("ddlDOB_Year");
TextBox txtLogin = (TextBox)GrdStaff.Rows[e.RowIndex].FindControl("txtLogin");
TextBox txtPwd = (TextBox)GrdStaff.Rows[e.RowIndex].FindControl("txtPwd");
//DropDownList ddlStaffPosition = (DropDownList)GrdStaff.Rows[e.RowIndex].FindControl("ddlStaffPosition");
DropDownList ddlField = (DropDownList)GrdStaff.Rows[e.RowIndex].FindControl("ddlField");
CheckBox chkContractor = (CheckBox)GrdStaff.Rows[e.RowIndex].FindControl("chkContractor");
TextBox txtTFN = (TextBox)GrdStaff.Rows[e.RowIndex].FindControl("txtTFN");
DropDownList ddlStatus = (DropDownList)GrdStaff.Rows[e.RowIndex].FindControl("ddlStatus");
DropDownList ddlCostCentre = (DropDownList)GrdStaff.Rows[e.RowIndex].FindControl("ddlCostCentre");
TextBox txtProviderNumber = (TextBox)GrdStaff.Rows[e.RowIndex].FindControl("txtProviderNumber");
CheckBox chkIsCommission = (CheckBox)GrdStaff.Rows[e.RowIndex].FindControl("chkIsCommission");
TextBox txtCommissionPercent = (TextBox)GrdStaff.Rows[e.RowIndex].FindControl("txtCommissionPercent");
CheckBox chkIsStakeholder = (CheckBox)GrdStaff.Rows[e.RowIndex].FindControl("chkIsStakeholder");
CheckBox chkIsAdmin = (CheckBox)GrdStaff.Rows[e.RowIndex].FindControl("chkIsAdmin");
CheckBox chkIsMasterAdmin = (CheckBox)GrdStaff.Rows[e.RowIndex].FindControl("chkIsMasterAdmin");
CheckBox chkIsPrincipal = (CheckBox)GrdStaff.Rows[e.RowIndex].FindControl("chkIsPrincipal");
CheckBox chkIsProvider = (CheckBox)GrdStaff.Rows[e.RowIndex].FindControl("chkIsProvider");
CheckBox chkSMSBKs = (CheckBox)GrdStaff.Rows[e.RowIndex].FindControl("chkSMSBKs");
CheckBox chkEmailBKs = (CheckBox)GrdStaff.Rows[e.RowIndex].FindControl("chkEmailBKs");
CheckBox chkHideBKNotes = (CheckBox)GrdStaff.Rows[e.RowIndex].FindControl("chkHideBKNotes");
int staff_id = Convert.ToInt32(lblId.Text);
int person_id = GetPersonID(Convert.ToInt32(lblId.Text));
if (person_id == -1) // happens when back button hit after update .. with option to update again ... but no selected row exists within page data
{
GrdStaff.EditIndex = -1;
FillGrid();
return;
}
Staff staff = StaffDB.GetByID(staff_id);
if (!Convert.ToBoolean(ConfigurationManager.AppSettings["UseConfigDB"]) && staff.Login != txtLogin.Text && UserDatabaseMapperDB.UsernameExists(txtLogin.Text))
{
SetErrorMessage("Login name already in use by another user");
return;
}
if (staff.Login != txtLogin.Text && StaffDB.LoginExists(txtLogin.Text, staff_id))
{
SetErrorMessage("Login name already in use by another user");
return;
}
if (staff.Pwd != txtPwd.Text && txtPwd.Text.Length < 6)
{
SetErrorMessage(staff.Pwd.Length >= 6 ? "Password must be at least 6 characters" : "New passwords must be at least 6 characters");
return;
}
DataTable dt = Session["staffinfo_data"] as DataTable;
DataRow[] foundRows = dt.Select("person_id=" + person_id.ToString());
DataRow row = foundRows[0]; // Convert.ToInt32(row["person_id"])
if (!Convert.ToBoolean(row["is_provider"]) && chkIsProvider.Checked && (StaffDB.GetCountOfProviders() >= Convert.ToInt32(SystemVariableDB.GetByDescr("MaxNbrProviders").Value)))
{
SetErrorMessage("You have reached your maximum allowable providers. Please uncheck their status as a provider to update them or hit cancel. Contact Mediclinic if you would like to upgrade your account.");
return;
}
if (chkIsProvider.Checked)
{
System.Data.DataTable tbl = DBBase.GetGenericDataTable_WithWhereOrderClause(null, "Field", "has_offerings=1 AND field_id <> 0", "", "field_id", "descr");
bool roleSetAsProvider = false;
IDandDescr[] fields = new IDandDescr[tbl.Rows.Count];
for (int i = 0; i < tbl.Rows.Count; i++)
{
fields[i] = new IDandDescr(Convert.ToInt32(tbl.Rows[i]["field_id"]), tbl.Rows[i]["descr"].ToString());
if (Convert.ToInt32(ddlField.SelectedValue) == Convert.ToInt32(tbl.Rows[i]["field_id"]))
{
roleSetAsProvider = true;
}
}
if (!roleSetAsProvider)
{
if (fields.Length == 1)
{
SetErrorMessage("When setting a staff member as a provider, you need to set their Role as '" + fields[0].Descr + "'.");
return;
}
else if (fields.Length == 2)
{
SetErrorMessage("When setting a staff member as a provider, you need to set their Role as '" + fields[0].Descr + "' or '" + fields[1].Descr + "'.");
return;
}
else
{
string providerFields = string.Empty;
for (int i = 0; i < fields.Length; i++)
{
providerFields += (providerFields.Length == 0 ? "" : ", ") + (fields.Length >= 2 && i == (fields.Length - 2) ? "or " : "") + fields[i].Descr;
}
SetErrorMessage("When setting a staff member as a provider, you need to set their Role as one of the following: " + providerFields);
return;
}
}
}
if (chkIsMasterAdmin.Checked)
{
chkIsAdmin.Checked = true;
}
PersonDB.Update(person_id, Convert.ToInt32(ddlTitle.SelectedValue), Utilities.FormatName(txtFirstname.Text), Utilities.FormatName(txtMiddlename.Text), Utilities.FormatName(txtSurname.Text), row["nickname"].ToString(), ddlGender.SelectedValue, GetDate(ddlDOB_Day.SelectedValue, ddlDOB_Month.SelectedValue, ddlDOB_Year.SelectedValue), DateTime.Now);
StaffDB.Update(staff_id, person_id, txtLogin.Text, txtPwd.Text, Convert.ToInt32(row["staff_position_id"]), Convert.ToInt32(ddlField.SelectedValue), Convert.ToInt32(ddlCostCentre.SelectedValue),
chkContractor.Checked, txtTFN.Text, txtProviderNumber.Text.ToUpper(),
ddlStatus.SelectedValue == "Inactive", chkIsCommission.Checked, Convert.ToDecimal(txtCommissionPercent.Text),
chkIsStakeholder.Checked, chkIsMasterAdmin.Checked, chkIsAdmin.Checked, chkIsPrincipal.Checked, chkIsProvider.Checked, staff.IsExternal,
row["start_date"] == DBNull.Value ? DateTime.MinValue : (DateTime)row["start_date"], row["end_date"] == DBNull.Value ? DateTime.MinValue : (DateTime)row["end_date"], row["comment"].ToString(), chkSMSBKs.Checked, chkEmailBKs.Checked, chkHideBKNotes.Checked);
if (!Convert.ToBoolean(ConfigurationManager.AppSettings["UseConfigDB"]) && staff.Login != txtLogin.Text)
{
UserDatabaseMapper curDBMapper = UserDatabaseMapperDB.GetByLogin(staff.Login, Session["DB"].ToString());
if (curDBMapper == null)
{
UserDatabaseMapperDB.Insert(txtLogin.Text, Session["DB"].ToString());
}
else
{
UserDatabaseMapperDB.Update(curDBMapper.ID, txtLogin.Text, Session["DB"].ToString());
}
}
GrdStaff.EditIndex = -1;
FillGrid();
}
public static bool UsernameExists(UserDatabaseMapper[] list, string username)
{
foreach (UserDatabaseMapper user in list)
if (user.Username == username)
return true;
return false;
}
protected void btnSubmit_Click(object sender, EventArgs e)
{
if (!ddlEndDateValidateAllOrNoneSet.IsValid ||
!ddlStartDateValidateAllOrNoneSet.IsValid ||
!ddlDOBValidateAllOrNoneSet.IsValid)
{
return;
}
txtPwd.Attributes["value"] = txtPwd.Text; // pwd fields is unset on send back to server, so re-set it
if (GetUrlParamType() == UrlParamType.View)
{
Response.Redirect(UrlParamModifier.AddEdit(Request.RawUrl, "type", "edit"));
}
else if (GetUrlParamType() == UrlParamType.Edit)
{
Staff staff = StaffDB.GetByID(Convert.ToInt32(this.lblId.Text));
if (!Convert.ToBoolean(ConfigurationManager.AppSettings["UseConfigDB"]) && staff.Login != txtLogin.Text && UserDatabaseMapperDB.UsernameExists(txtLogin.Text))
{
SetErrorMessage("Login name already in use by another user");
return;
}
if (StaffDB.LoginExists(txtLogin.Text, staff.StaffID))
{
SetErrorMessage("Login name already in use by another user");
return;
}
if (staff.Pwd != txtPwd.Text && txtPwd.Text.Length < 6)
{
SetErrorMessage(staff.Pwd.Length >= 6 ? "Password must be at least 6 characters" : "New passwords must be at least 6 characters");
return;
}
bool loggedInUserIsStakeholder = Session["IsStakeholder"] != null && Convert.ToBoolean(Session["IsStakeholder"]);
bool loggedInUserIsMasterAdmin = Session["IsMasterAdmin"] != null && Convert.ToBoolean(Session["IsMasterAdmin"]);
bool setIsStakeholder = loggedInUserIsStakeholder ? chkIsStakeholder.Checked : staff.IsStakeholder;
bool setIsMasterAdmin = loggedInUserIsStakeholder || loggedInUserIsMasterAdmin ? chkIsMasterAdmin.Checked : staff.IsMasterAdmin;
if (!staff.IsProvider && chkIsProvider.Checked && (StaffDB.GetCountOfProviders() >= Convert.ToInt32(SystemVariableDB.GetByDescr("MaxNbrProviders").Value)))
{
SetErrorMessage("You have reached your maximum allowable providers. Please uncheck their status as a provider to update them or hit cancel. Contact Mediclinic if you would like to upgrade your account.");
return;
}
if (chkIsProvider.Checked)
{
System.Data.DataTable tbl = DBBase.GetGenericDataTable_WithWhereOrderClause(null, "Field", "has_offerings=1 AND field_id <> 0", "", "field_id", "descr");
bool roleSetAsProvider = false;
IDandDescr[] fields = new IDandDescr[tbl.Rows.Count];
for (int i = 0; i < tbl.Rows.Count; i++)
{
fields[i] = new IDandDescr(Convert.ToInt32(tbl.Rows[i]["field_id"]), tbl.Rows[i]["descr"].ToString());
if (Convert.ToInt32(ddlField.SelectedValue) == Convert.ToInt32(tbl.Rows[i]["field_id"]))
{
roleSetAsProvider = true;
}
}
if (!roleSetAsProvider)
{
if (fields.Length == 1)
{
SetErrorMessage("When setting a staff member as a provider, you need to set their Role as '" + fields[0].Descr + "'.");
return;
}
else if (fields.Length == 2)
{
SetErrorMessage("When setting a staff member as a provider, you need to set their Role as '" + fields[0].Descr + "' or '" + fields[1].Descr + "'.");
return;
}
else
{
string providerFields = string.Empty;
for (int i = 0; i < fields.Length; i++)
{
providerFields += (providerFields.Length == 0 ? "" : ", ") + (fields.Length >= 2 && i == (fields.Length - 2) ? "or " : "") + fields[i].Descr;
}
SetErrorMessage("When setting a staff member as a provider, you need to set their Role as one of the following: " + providerFields);
return;
}
}
}
if (chkIsMasterAdmin.Checked)
{
chkIsAdmin.Checked = true;
}
PersonDB.Update(staff.Person.PersonID, Convert.ToInt32(ddlTitle.SelectedValue), Utilities.FormatName(txtFirstname.Text), Utilities.FormatName(txtMiddlename.Text), Utilities.FormatName(txtSurname.Text), staff.Person.Nickname, ddlGender.SelectedValue, GetDOBFromForm(), DateTime.Now);
StaffDB.Update(staff.StaffID, staff.Person.PersonID, txtLogin.Text, txtPwd.Text, staff.StaffPosition.StaffPositionID, Convert.ToInt32(ddlField.SelectedValue), staff.CostCentre.CostCentreID,
chkContractor.Checked, txtTFN.Text, txtProviderNumber.Text.ToUpper(),
ddlStatus.SelectedValue == "Inactive", chkIsCommission.Checked, Convert.ToDecimal(txtCommissionPercent.Text),
setIsStakeholder, setIsMasterAdmin, chkIsAdmin.Checked, chkIsPrincipal.Checked, chkIsProvider.Checked, staff.IsExternal,
GetStartDateFromForm(), GetEndDateFromForm(), txtComments.Text, chkSMSBKs.Checked, chkEmailBKs.Checked);
if (!Convert.ToBoolean(ConfigurationManager.AppSettings["UseConfigDB"]) && staff.Login != txtLogin.Text)
{
UserDatabaseMapper curDBMapper = UserDatabaseMapperDB.GetByLogin(staff.Login, Session["DB"].ToString());
if (curDBMapper == null)
{
UserDatabaseMapperDB.Insert(txtLogin.Text, Session["DB"].ToString());
}
else
{
UserDatabaseMapperDB.Update(curDBMapper.ID, txtLogin.Text, Session["DB"].ToString());
}
}
Response.Redirect(UrlParamModifier.AddEdit(Request.RawUrl, "type", "view"));
}
else if (GetUrlParamType() == UrlParamType.Add)
{
if (chkIsProvider.Checked && (StaffDB.GetCountOfProviders() >= Convert.ToInt32(SystemVariableDB.GetByDescr("MaxNbrProviders").Value)))
{
SetErrorMessage("You have reached your maximum allowable providers. Please uncheck their status as a provider to add them. Contact Mediclinic if you would like to upgrade your account.");
return;
}
if (chkIsProvider.Checked)
{
System.Data.DataTable tbl = DBBase.GetGenericDataTable_WithWhereOrderClause(null, "Field", "has_offerings=1 AND field_id <> 0", "", "field_id", "descr");
bool roleSetAsProvider = false;
IDandDescr[] fields = new IDandDescr[tbl.Rows.Count];
for (int i = 0; i < tbl.Rows.Count; i++)
{
fields[i] = new IDandDescr(Convert.ToInt32(tbl.Rows[i]["field_id"]), tbl.Rows[i]["descr"].ToString());
if (Convert.ToInt32(ddlField.SelectedValue) == Convert.ToInt32(tbl.Rows[i]["field_id"]))
{
roleSetAsProvider = true;
}
}
if (!roleSetAsProvider)
{
if (fields.Length == 1)
{
SetErrorMessage("When setting a staff member as a provider, you need to set their Role as '" + fields[0].Descr + "'.");
return;
}
else if (fields.Length == 2)
{
SetErrorMessage("When setting a staff member as a provider, you need to set their Role as '" + fields[0].Descr + "' or '" + fields[1].Descr + "'.");
return;
}
else
{
string providerFields = string.Empty;
for (int i = 0; i < fields.Length; i++)
{
providerFields += (providerFields.Length == 0 ? "" : ", ") + (fields.Length >= 2 && i == (fields.Length - 2) ? "or " : "") + fields[i].Descr;
}
SetErrorMessage("When setting a staff member as a provider, you need to set their Role as one of the following: " + providerFields);
return;
}
}
}
if (!Convert.ToBoolean(ConfigurationManager.AppSettings["UseConfigDB"]) && UserDatabaseMapperDB.UsernameExists(txtLogin.Text))
{
lblErrorMessage.Text = "Login name already in use by another user";
lblErrorMessage.Visible = true;
return;
}
if (StaffDB.LoginExists(txtLogin.Text))
{
lblErrorMessage.Text = "Login name already in use by another user";
lblErrorMessage.Visible = true;
return;
}
if (txtPwd.Text.Length < 6)
{
SetErrorMessage("Password must be at least 6 characters");
return;
}
int person_id = -1;
int staff_id = -1;
bool staff_added = false;
int mainDbUserID = -1;
try
{
if (!Convert.ToBoolean(ConfigurationManager.AppSettings["UseConfigDB"]))
{
mainDbUserID = UserDatabaseMapperDB.Insert(txtLogin.Text, Session["DB"].ToString());
}
bool loggedInUserIsStakeholder = Session["IsStakeholder"] != null && Convert.ToBoolean(Session["IsStakeholder"]);
bool loggedInUserIsMasterAdmin = Session["IsMasterAdmin"] != null && Convert.ToBoolean(Session["IsMasterAdmin"]);
bool setIsStakeholder = loggedInUserIsStakeholder ? chkIsStakeholder.Checked : false;
bool setIsMasterAdmin = loggedInUserIsStakeholder || loggedInUserIsMasterAdmin ? chkIsMasterAdmin.Checked : false;
if (chkIsMasterAdmin.Checked)
{
chkIsAdmin.Checked = true;
}
Staff loggedInStaff = StaffDB.GetByID(Convert.ToInt32(Session["StaffID"]));
person_id = PersonDB.Insert(loggedInStaff.Person.PersonID, Convert.ToInt32(ddlTitle.SelectedValue), Utilities.FormatName(txtFirstname.Text), Utilities.FormatName(txtMiddlename.Text), Utilities.FormatName(txtSurname.Text), "", ddlGender.SelectedValue, GetDOBFromForm());
staff_id = StaffDB.Insert(person_id, txtLogin.Text, txtPwd.Text, StaffPositionDB.GetByDescr("Unknown").StaffPositionID, Convert.ToInt32(ddlField.SelectedValue), 59,
chkContractor.Checked, txtTFN.Text, txtProviderNumber.Text.ToUpper(),
ddlStatus.SelectedValue == "Inactive", chkIsCommission.Checked, Convert.ToDecimal(txtCommissionPercent.Text),
setIsStakeholder, setIsMasterAdmin, chkIsAdmin.Checked, chkIsPrincipal.Checked, chkIsProvider.Checked, false,
GetStartDateFromForm(), GetEndDateFromForm(), txtComments.Text, chkSMSBKs.Checked, chkEmailBKs.Checked);
staff_added = true;
string url = Request.RawUrl;
url = UrlParamModifier.AddEdit(url, "type", "view");
url = UrlParamModifier.AddEdit(url, "id", staff_id.ToString());
Response.Redirect(url);
}
catch (Exception)
{
if (staff_added)
{
string url = Request.RawUrl;
url = UrlParamModifier.AddEdit(url, "type", "view");
url = UrlParamModifier.AddEdit(url, "id", staff_id.ToString());
Response.Redirect(url);
return;
}
// roll back - backwards of creation order
PersonDB.Delete(person_id);
if (!Convert.ToBoolean(ConfigurationManager.AppSettings["UseConfigDB"]))
{
UserDatabaseMapperDB.Delete(mainDbUserID);
}
throw;
}
}
else
{
HideTableAndSetErrorMessage();
}
}
private void LogIn(string login, string pwd)
{
try
{
Session.Remove("DB");
if (Convert.ToBoolean(ConfigurationManager.AppSettings["UseConfigDB"]))
{
Session["DB"] = ConfigurationManager.AppSettings["Database"];
}
else // Get DB from Mediclinic_Main
{
UserDatabaseMapper user = UserDatabaseMapperDB.GetByLogin(login);
if (user == null)
{
this.FailureText.Text = "<div class=\"alert alert-danger\" runat=\"server\"><strong>Login Failed.</strong> Please ensure that your username and password are correct and try again.</div>";
return;
}
Session["DB"] = user.DBName;
}
Staff staff = StaffDB.GetByLogin(login);
Patient patient = PatientDB.GetByLogin(login);
bool allowPatientLogins = Convert.ToInt32(SystemVariableDB.GetByDescr("AllowPatientLogins").Value) == 1;
bool validStaff = staff != null && staff.Pwd == pwd && !staff.IsFired;
bool validPatient = allowPatientLogins && patient != null && patient.Pwd == pwd && !patient.IsDeleted;
if (validStaff)
{
UserLogin curLogin = UserLoginDB.GetCurLoggedIn(staff.StaffID, -1, HttpContext.Current.Session.SessionID, -1);
if (curLogin != null)
{
UserLoginDB.UpdateLastAccessTime(curLogin.UserloginID, DateTime.Now, Request.RawUrl);
UserLoginDB.UpdateSetOtherSessionsOfThisUserLoggedOut(curLogin.UserloginID, staff.StaffID, -1);
}
else
{
UserLoginDB.UpdateSetAllSessionsLoggedOut(staff.StaffID, -1);
UserLoginDB.Insert((staff == null) ? -1 : staff.StaffID, -1, login, -1, validStaff, HttpContext.Current.Session.SessionID, Request.UserHostAddress);
}
this.FailureText.Text = "";
Session["IsLoggedIn"] = true;
Session["IsStakeholder"] = staff.IsStakeholder;
Session["IsMasterAdmin"] = staff.IsMasterAdmin;
Session["IsAdmin"] = staff.IsAdmin;
Session["IsPrincipal"] = staff.IsPrincipal;
Session["IsProvider"] = staff.IsProvider;
Session["IsExternal"] = staff.IsExternal;
Session["StaffID"] = staff.StaffID;
Session["StaffFullnameWithoutMiddlename"] = staff.Person.FullnameWithoutMiddlename;
Session["StaffFirstname"] = staff.Person.Firstname;
Session["NumDaysToDisplayOnBookingScreen"] = staff.NumDaysToDisplayOnBookingScreen;
Session["HideBookingNotes"] = staff.HideBookingNotes;
Session["ShowOtherProvidersOnBookingScreen"] = false;
Session["ShowHeaderOnBookingScreen"] = staff.ShowHeaderOnBookingScreen;
Session["SystemVariables"] = SystemVariableDB.GetAll();
Session["OfferingColors"] = OfferingDB.GetColorCodes();
System.Web.Security.FormsAuthentication.SetAuthCookie("--", true); // needed to use forms authentication
UserView userView = UserView.GetInstance();
Site[] allowedSites = StaffSiteRestrictionDB.GetSitesNotRestricted(staff.StaffID, -1, false);
//
// until aged care is running, remove aged care from display
//
/*
* System.Collections.ArrayList list = new System.Collections.ArrayList();
* for (int i = 0; i < allowedSites.Length; i++)
* if (allowedSites[i].SiteType.ID == 1 || Utilities.IsDev())
* list.Add(allowedSites[i]);
* allowedSites = (Site[])list.ToArray(typeof(Site));
*/
Site[] allSites = SiteDB.GetAll();
if (allowedSites.Length == 0 && allSites.Length == 1)
{
Session["SiteID"] = allSites[0].SiteID;
Session["SiteName"] = allSites[0].Name;
Session["IsMultipleSites"] = false;
Session["SiteIsClinic"] = allSites[0].SiteType.ID == 1;
Session["SiteIsAgedCare"] = allSites[0].SiteType.ID == 2;
Session["SiteIsGP"] = allSites[0].SiteType.ID == 3;
Session["SiteTypeID"] = allSites[0].SiteType.ID;
Session["SiteTypeDescr"] = allSites[0].SiteType.Descr;
UserLoginDB.UpdateSite(staff.StaffID, -1, allSites[0].SiteID);
if (!userView.IsAdminView) // need to choose org
{
if (Session["OrgID"] == null) // providers need to select an org, need to choose one
{
Response.Redirect("~/Account/SelectOrgV2.aspx" + GetUrlCarryOverParams(), false);
return;
}
}
}
if (allowedSites.Length == 1)
{
Session["SiteID"] = allowedSites[0].SiteID;
Session["SiteName"] = allowedSites[0].Name;
Session["IsMultipleSites"] = false;
Session["SiteIsClinic"] = allowedSites[0].SiteType.ID == 1;
Session["SiteIsAgedCare"] = allowedSites[0].SiteType.ID == 2;
Session["SiteIsGP"] = allowedSites[0].SiteType.ID == 3;
Session["SiteTypeID"] = allowedSites[0].SiteType.ID;
Session["SiteTypeDescr"] = allowedSites[0].SiteType.Descr;
UserLoginDB.UpdateSite(staff.StaffID, -1, allowedSites[0].SiteID);
if (!userView.IsAdminView) // need to choose org
{
if (Session["OrgID"] == null) // providers need to select an org, need to choose one
{
Response.Redirect("~/Account/SelectOrgV2.aspx" + GetUrlCarryOverParams(), false);
return;
}
}
}
else // if more than one site, go to choose. if no sites this page will say to contact admin
{
if (Session["SiteID"] == null) // admins if yet to login to a site, need to choose one
{
Session["IsMultipleSites"] = true;
Response.Redirect("~/Account/SelectSiteV2.aspx" + GetUrlCarryOverParams(), false);
return;
}
}
/*
*
* if (!staff.IsAdmin)
* {
* // provs only login to clinic site
* Site site = SiteDB.GetByID(2);
* Session["SiteID"] = site.SiteID;
* Session["SiteName"] = site.Name;
*
* if (Session["OrgID"] == null) // providers et to login to select an org, need to choose one
* {
* if (Request.QueryString["from_url"] != null)
* {
* Response.Redirect("~/Account/SelectOrgV2.aspx?" + Request.RawUrl.Substring(Request.RawUrl.IndexOf("from_url=")), false);
* return;
* }
* else
* {
* Response.Redirect("~/Account/SelectOrgV2.aspx", false);
* return;
* }
* }
* }
* else
* {
* if (Session["SiteID"] == null) // admins if yet to login to a site, need to choose one
* {
* if (Request.QueryString["from_url"] != null)
* {
* Response.Redirect("~/Account/SelectSiteV2.aspx?" + Request.RawUrl.Substring(Request.RawUrl.IndexOf("from_url=")), false);
* return;
* }
* else
* {
* Response.Redirect("~/Account/SelectSiteV2.aspx", false);
* return;
* }
* }
* }
*
*/
if (Request.QueryString["from_url"] != null)
{
Response.Redirect(Server.UrlDecode(Request.RawUrl.Substring(Request.RawUrl.IndexOf("from_url=") + 9)), false);
return;
}
else
{
Response.Redirect(Convert.ToInt32(Session["StaffID"]) >= 0 ? "~/Default.aspx" : "~/StaffLoginsV2.aspx", false);
return;
}
}
else if (validPatient)
{
UserLogin curLogin = UserLoginDB.GetCurLoggedIn(-1, patient.PatientID, HttpContext.Current.Session.SessionID, -1);
if (curLogin != null)
{
UserLoginDB.UpdateLastAccessTime(curLogin.UserloginID, DateTime.Now, Request.RawUrl);
UserLoginDB.UpdateSetOtherSessionsOfThisUserLoggedOut(curLogin.UserloginID, -1, patient.PatientID);
}
else
{
UserLoginDB.UpdateSetAllSessionsLoggedOut(-1, patient.PatientID);
UserLoginDB.Insert(-1, (patient == null) ? -1 : patient.PatientID, login, -1, validPatient, HttpContext.Current.Session.SessionID, Request.UserHostAddress);
}
this.FailureText.Text = "";
Session["IsLoggedIn"] = true;
Session["IsStakeholder"] = false;
Session["IsMasterAdmin"] = false;
Session["IsAdmin"] = false;
Session["IsPrincipal"] = false;
Session["IsProvider"] = false;
Session["IsExternal"] = false;
Session["PatientID"] = patient.PatientID;
Session["StaffFullnameWithoutMiddlename"] = patient.Person.FullnameWithoutMiddlename;
Session["StaffFirstname"] = patient.Person.Firstname;
Session["NumDaysToDisplayOnBookingScreen"] = 3;
Session["ShowOtherProvidersOnBookingScreen"] = false;
Session["ShowHeaderOnBookingScreen"] = true;
Session["SystemVariables"] = SystemVariableDB.GetAll();
Session["OfferingColors"] = OfferingDB.GetColorCodes();
System.Web.Security.FormsAuthentication.SetAuthCookie("--", true); // needed to use forms authentication
Site[] allSites = SiteDB.GetAll();
Site[] allowedSites = SiteDB.GetAll();
//
// remove aged care from display
//
System.Collections.ArrayList list = new System.Collections.ArrayList();
for (int i = 0; i < allSites.Length; i++)
{
if (allSites[i].SiteType.ID == 1)
{
list.Add(allSites[i]);
}
}
allowedSites = (Site[])list.ToArray(typeof(Site));
if (allowedSites.Length == 0 && allSites.Length == 1)
{
Session["SiteID"] = allSites[0].SiteID;
Session["SiteName"] = allSites[0].Name;
Session["SiteIsClinic"] = allSites[0].SiteType.ID == 1;
Session["SiteIsAgedCare"] = allSites[0].SiteType.ID == 2;
Session["SiteIsGP"] = allSites[0].SiteType.ID == 3;
Session["SiteTypeID"] = allSites[0].SiteType.ID;
Session["SiteTypeDescr"] = allSites[0].SiteType.Descr;
UserLoginDB.UpdateSite(-1, patient.PatientID, allSites[0].SiteID);
if (Session["OrgID"] == null) // providers, ext staff, patient logins need to select an org, need to choose one
{
if (Request.QueryString["from_url"] != null)
{
string from_url = Server.UrlDecode(Request.RawUrl.Substring(Request.RawUrl.IndexOf("from_url=") + 9));
if (from_url.Contains("BookingsV2.aspx?") && from_url.Contains("orgs="))
{
Uri theRealURL = new Uri(HttpContext.Current.Request.Url.Scheme + "://" + HttpContext.Current.Request.Url.Authority + from_url);
string orgs = HttpUtility.ParseQueryString(theRealURL.Query).Get("orgs");
if (Regex.IsMatch(orgs, @"^\d+$"))
{
Organisation org = OrganisationDB.GetByID(Convert.ToInt32(orgs));
if (org != null)
{
Session["OrgID"] = org.OrganisationID.ToString();
Session["OrgName"] = org.Name;
Response.Redirect(from_url, false);
return;
}
}
}
}
Response.Redirect("~/Account/SelectOrgV2.aspx" + GetUrlCarryOverParams(), false);
return;
}
}
if (allowedSites.Length == 1)
{
Session["SiteID"] = allowedSites[0].SiteID;
Session["SiteName"] = allowedSites[0].Name;
Session["SiteIsClinic"] = allowedSites[0].SiteType.ID == 1;
Session["SiteIsAgedCare"] = allowedSites[0].SiteType.ID == 2;
Session["SiteIsGP"] = allowedSites[0].SiteType.ID == 3;
Session["SiteTypeID"] = allowedSites[0].SiteType.ID;
Session["SiteTypeDescr"] = allowedSites[0].SiteType.Descr;
UserLoginDB.UpdateSite(-1, patient.PatientID, allowedSites[0].SiteID);
if (Session["OrgID"] == null) // providers need to select an org, need to choose one
{
if (Request.QueryString["from_url"] != null)
{
string from_url = Server.UrlDecode(Request.RawUrl.Substring(Request.RawUrl.IndexOf("from_url=") + 9));
if (from_url.Contains("BookingsV2.aspx?") && from_url.Contains("orgs="))
{
Uri theRealURL = new Uri(HttpContext.Current.Request.Url.Scheme + "://" + HttpContext.Current.Request.Url.Authority + from_url);
string orgs = HttpUtility.ParseQueryString(theRealURL.Query).Get("orgs");
if (Regex.IsMatch(orgs, @"^\d+$"))
{
Organisation org = OrganisationDB.GetByID(Convert.ToInt32(orgs));
if (org != null)
{
Session["OrgID"] = org.OrganisationID.ToString();
Session["OrgName"] = org.Name;
Response.Redirect(from_url, false);
return;
}
}
}
}
Response.Redirect("~/Account/SelectOrgV2.aspx" + GetUrlCarryOverParams(), false);
return;
}
}
else // if more than one site, go to choose. if no sites this page will say to contact admin
{
if (Session["SiteID"] == null) // admins if yet to login to a site, need to choose one
{
Response.Redirect("~/Account/SelectSiteV2.aspx" + GetUrlCarryOverParams(), false);
return;
}
}
if (Request.QueryString["from_url"] != null)
{
Response.Redirect(Server.UrlDecode(Request.RawUrl.Substring(Request.RawUrl.IndexOf("from_url=") + 9)), false);
return;
}
else
{
Response.Redirect(Convert.ToInt32(Session["StaffID"]) >= 0 ? "~/Default.aspx" : "~/StaffLoginsV2.aspx", false);
return;
}
}
else
{
//UserLoginDB.Insert((staff == null) ? -1 : staff.StaffID, login, -1, validStaff, HttpContext.Current.Session.SessionID, Request.UserHostAddress);
this.FailureText.Text = "Login Failed.";
}
}
catch (Exception ex)
{
Logger.LogException(ex);
if (Utilities.IsDev())
{
FailureText.Text = ex.ToString();
}
else
{
throw;
}
}
}
protected void Retrieve(string username)
{
try
{
Session.Remove("DB");
if (Convert.ToBoolean(System.Configuration.ConfigurationManager.AppSettings["UseConfigDB"]))
{
Session["DB"] = System.Configuration.ConfigurationManager.AppSettings["Database"];
}
else // Get DB from Mediclinic_Main
{
UserDatabaseMapper user = UserDatabaseMapperDB.GetByLogin(username);
if (user == null)
{
this.FailureText.Text = "Login Failed.";
return;
}
Session["DB"] = user.DBName;
}
Session["SystemVariables"] = SystemVariableDB.GetAll();
if (username.Length > 0)
{
Staff staff = StaffDB.GetByLogin(username);
Patient patient = PatientDB.GetByLogin(username);
if (staff != null && !staff.IsFired)
{
string[] emails = ContactDB.GetEmailsByEntityID(staff.Person.EntityID);
if (emails.Length == 0)
{
throw new CustomMessageException("No email is set for user: "******",", emails));
this.FailureText.Text = "An email has been sent with login details for '" + username + "' to the email address(es) associated with that user";
}
else if (patient != null && !patient.IsDeleted)
{
string[] emails = ContactDB.GetEmailsByEntityID(patient.Person.EntityID);
if (emails.Length == 0)
{
throw new CustomMessageException("No email is set for user: "******",", emails));
this.FailureText.Text = "An email has been sent with login details for '" + username + "' to the email address(es) associated with that user";
}
else
{
throw new CustomMessageException("Username does not exist");
}
}
else
{
throw new CustomMessageException("Please enter a username");
}
}
catch (CustomMessageException cmEx)
{
this.FailureText.Text = cmEx.Message;
}
finally
{
Session.Remove("DB");
Session.Remove("SystemVariables");
}
}
