public ActionResult Authorize(Account userModel)
{
using (portaldatabaseEntities db = new portaldatabaseEntities())
{
var userDetails = db.Accounts.Where(x => x.Username == userModel.Username && x.Password == userModel.Password).FirstOrDefault();
var account_status = db.Accounts.Where(x => x.Username == userModel.Username && x.Password == userModel.Password && x.StatusID == 1).FirstOrDefault();
if (userDetails != null) //Correct username/password
{
if (account_status != null) //check if status is good
{
Session["Name"] = userDetails.Username;
Session["RoleName"] = db.Roles.Where(x => x.RoleID == userDetails.RoleID).Select(y => y.Role_Name).FirstOrDefault();
Session["AccountID"] = userDetails.AccountID;
Session["RoleID"] = userDetails.RoleID;
return(RedirectToAction("Index", "Home"));
}
else
{
userModel.LoginErrorMessage = "The Account is blocked/deactivated";
return(View("Index", userModel));
}
}
else
{
userModel.LoginErrorMessage = "Wrong Username/Password";
return(View("Index", userModel));
}
}
}
public ActionResult EditPassword(UserProfile userModel)
{
using (portaldatabaseEntities db = new portaldatabaseEntities())
{
//Set Username Password
string oldUsername = Session["Name"].ToString();
string newPassword = userModel.newPassword;
string oldPassword = userModel.oldPassword;
var userDetails = db.Accounts.Where(x => x.Username == oldUsername && x.Password == oldPassword).FirstOrDefault();
if (userDetails == null) //wrong username/password
{
return(RedirectToAction("Index", "EditProfile"));
}
else
{
db.Database.ExecuteSqlCommand("update dbo.Accounts set Password = '******' where Username = '******'");
//logout
int AccountID = (int)Session["AccountID"];
Session.Abandon();
return(RedirectToAction("Index", "EditProfile"));
}
}
}
public IEnumerable <Role> getRoleNames() //function to get all roles from db
{
using (portaldatabaseEntities db = new portaldatabaseEntities())
{
return(db.Database.SqlQuery <Role>("select * from dbo.Roles").ToList());
}
}
public IEnumerable <Status_Entity> getStatus() //function to get all status from db
{
using (portaldatabaseEntities db = new portaldatabaseEntities())
{
return(db.Database.SqlQuery <Status_Entity>("select * from dbo.Status").ToList());
}
}
public ActionResult EditUser(UsersData UserModel, Role RoleModel, Status_Entity StatusModel)
{
//Set username, rolename, status = from the view
string Username = UserModel.Username;
string Rolename = RoleModel.Role_Name;
string Statusname = StatusModel.Status;
//all fields have to be changed to edit a user
if (Username == null || Rolename == null || Statusname == null)
{
return(RedirectToAction("Index", "Users_Management"));
}
else
{
//update the role and status of the user
using (portaldatabaseEntities db = new portaldatabaseEntities())
{
db.Database.ExecuteSqlCommand("update dbo.Accounts set RoleID = (select RoleID from dbo.Roles where" +
" Roles.Role_Name = '" + Rolename + "'), StatusID = (select StatusID from dbo.Status where Status.Status = '" + Statusname + "')" +
" where Accounts.Username = '******'");
}
return(RedirectToAction("Index", "Users_Management"));
}
}
public ActionResult EditUsername(UserProfile userModel)
{
using (portaldatabaseEntities db = new portaldatabaseEntities())
{
//Set Username and password from the view
string oldUsername = Session["Name"].ToString();
string newUsername = userModel.newUsername;
string password = userModel.oldPassword;
var userDetails = db.Accounts.Where(x => x.Username == oldUsername && x.Password == password).FirstOrDefault();
if (userDetails == null || checkExistingUser(userModel) == true) //wrong username/password or username already exists
{
return(RedirectToAction("Index", "EditProfile"));
}
else
{
db.Database.ExecuteSqlCommand("update dbo.Accounts set Username = '******' where Username = '******'");
//log out user after the change
int AccountID = (int)Session["AccountID"];
Session.Abandon();
return(RedirectToAction("Index", "EditProfile"));
}
}
}
public IEnumerable <LinksData> getLinksData() //function to get links and its corresponding role and status
{
using (portaldatabaseEntities db = new portaldatabaseEntities())
{
return(db.Database.SqlQuery <LinksData>("select * from dbo.Links as links, dbo.Roles as roles, dbo.Status as status " +
"where links.RoleID = roles.RoleID and links.StatusID = status.StatusID").ToList());
}
}
public IEnumerable <UsersData> getUsersData() //function to get Users and its corresponding role and status
{
using (portaldatabaseEntities db = new portaldatabaseEntities())
{
return(db.Database.SqlQuery <UsersData>("select * from dbo.Accounts as users, dbo.Roles as roles, dbo.Status as status " +
"where users.RoleID = roles.RoleID and users.StatusID = status.StatusID").ToList());
}
}
public ActionResult Remove(LinksData linkModel)
{
string URL = linkModel.URL;
using (portaldatabaseEntities db = new portaldatabaseEntities())
{
//sql query to delete link from db
db.Database.ExecuteSqlCommand("Delete from dbo.links where URL = '" + URL + "'");
return(RedirectToAction("Index", "Links_Management"));
}
}
public void AddRole(Role newRole)
{
//create new database object
using (portaldatabaseEntities db = new portaldatabaseEntities())
{
//add new role to database
db.Roles.Add(newRole);
//save changes to database
db.SaveChanges();
}
}
public void AddLink(Link newLink)
{
//create new database object
using (portaldatabaseEntities db = new portaldatabaseEntities())
{
//add new link to database
db.Links.Add(newLink);
//save changes to database
db.SaveChanges();
}
}
public void AddUser(Account newUser)
{
//create new database object
using (portaldatabaseEntities db = new portaldatabaseEntities())
{
//add new user to database
db.Accounts.Add(newUser);
//save changes to database
db.SaveChanges();
}
}
public ActionResult Remove(UsersData userModel)
{
string Username = userModel.Username;
using (portaldatabaseEntities db = new portaldatabaseEntities())
{
//sql query to delete user from db
db.Database.ExecuteSqlCommand("Delete from dbo.Accounts where Username = '******'");
return(RedirectToAction("Index", "Users_Management"));
}
}
public bool checkExistingRole(Role roleModel)
{
using (portaldatabaseEntities db = new portaldatabaseEntities())
{
var RoleName = db.Roles.Where(x => x.Role_Name == roleModel.Role_Name).FirstOrDefault();
//check if role exists in the database already
if (RoleName == null) //not in db
{
return(false);
}
else
{
return(true); //return true if URL is in db
}
}
}
public bool checkExistingUser(UsersData userModel)
{
using (portaldatabaseEntities db = new portaldatabaseEntities())
{
var Username = db.Accounts.Where(x => x.Username == userModel.Username).FirstOrDefault();
//check if Username exists in the database already
if (Username == null) //not in db
{
return(false);
}
else
{
return(true); //return true if Username is in db
}
}
}
public bool checkExistingLink(LinksData userModel)
{
using (portaldatabaseEntities db = new portaldatabaseEntities())
{
var URL = db.Links.Where(x => x.URL == userModel.URL).FirstOrDefault();
//check if URL exists in the database already
if (URL == null) //not in db
{
return(false);
}
else
{
return(true); //return true if URL is in db
}
}
}
public IEnumerable <Link> getLinks()
{
using (portaldatabaseEntities db = new portaldatabaseEntities())
{
if (Session["RoleID"] == null)
{
return(db.Links.ToList().Where(x => x.RoleID == 3 && x.StatusID == 1)); //return all global links that are active
}
else
{
int User_RoleID = (int)(Session["RoleID"]);
//return a list of links where roleID from db == roleID of the logged user or global and active
return(db.Links.ToList().Where(x => (x.RoleID == User_RoleID || x.RoleID == 3) && x.StatusID == 1));
}
}
}
public bool checkExistingUser(Account userModel)
{
//we're an instance of our db
using (portaldatabaseEntities db = new portaldatabaseEntities())
{
var User = db.Accounts.Where(x => x.Username == userModel.Username).FirstOrDefault();
//check if user exists in the database already
if (User == null) //not in db
{
return(false);
}
else
{
return(true); //return true if user is in db
}
}
}
//checks if a role is currently assigned to a user or a link
public bool checkRoleInLinksAndUsers(Role roleModel)
{
using (portaldatabaseEntities db = new portaldatabaseEntities())
{
string rolename = roleModel.Role_Name;
var result = db.Database.SqlQuery <Role>("select * from dbo.links,dbo.Roles,dbo.Accounts where (links.RoleID = Roles.RoleID " +
"or Accounts.RoleID=Roles.RoleID) and Roles.Role_Name = '" + rolename + "'").ToList();
//check if role is assigned to a user
if (result.Count() == 0 && rolename != "Global" && rolename != "Company Client" && rolename != "Portal Administrator" && rolename != "System Administrator") //not in db
{
return(false);
}
else
{
return(true); //return true if URL is in db
}
}
}
public ActionResult Remove(Role roleModel)
{
string RoleName = roleModel.Role_Name;
bool checkRoles = checkRoleInLinksAndUsers(roleModel);
if (checkRoles == false) //role is not in db and not a default role
{
using (portaldatabaseEntities db = new portaldatabaseEntities())
{
//sql query to delete role from db
db.Database.ExecuteSqlCommand("Delete from dbo.Roles where Role_Name = '" + RoleName + "'");
return(RedirectToAction("Index", "Roles_management"));
}
}
else
{
return(RedirectToAction("Index", "Roles_Management"));
}
}
public ActionResult Register(LinksData linkModel)
{
using (portaldatabaseEntities db = new portaldatabaseEntities())
{
//Set the URL name
Link newLink = new Link();
newLink.URL = linkModel.URL;
//Check if link already exists in server
if (checkExistingLink(linkModel) == false && newLink.URL != null) //check if not in the db and the URL is not null
{
//Call function to add to the database
AddLink(newLink);
return(RedirectToAction("Index", "Links_Management"));
}
else
{
return(RedirectToAction("Index", "Links_Management"));
}
}
}
public ActionResult Register(UsersData userModel)
{
using (portaldatabaseEntities db = new portaldatabaseEntities())
{
//Set the URL name
Account newUser = new Account();
newUser.Username = userModel.Username;
newUser.Password = "******"; //default password, can't make a trigger for this b/c password is not nullable
//Check if user already exists in server
if (checkExistingUser(userModel) == false && newUser.Username != null)
{
//Call function to add to the database
AddUser(newUser);
return(RedirectToAction("Index", "Users_Management"));
}
else
{
return(RedirectToAction("Index", "Users_Management"));
}
}
}
public ActionResult Register(Role roleModel)
{
using (portaldatabaseEntities db = new portaldatabaseEntities())
{
//Set the Role name
Role newRole = new Role();
newRole.Role_Name = roleModel.Role_Name;
newRole.Role_description = roleModel.Role_Name;
//Check if Role already exists in server
if (checkExistingRole(roleModel) == false && newRole.Role_Name != null)
{
//Call function to add to the database
AddRole(newRole);
return(RedirectToAction("Index", "Roles_Management"));
}
else
{
return(RedirectToAction("Index", "Roles_Management"));
}
}
}
public ActionResult Register(Account userModel)
{
using (portaldatabaseEntities db = new portaldatabaseEntities())
{
//Set the Username and password
Account newUser = new Account();
newUser.Username = userModel.Username;
newUser.Password = userModel.Password;
//Check if user already exists in server
if (checkExistingUser(userModel) == false && newUser.Username != null && newUser.Password != null)
{
//Call function to add to the database
AddUser(newUser);
userModel.RegistrationSuccessMessage = "The Account is now registered!";
return(View("Index", userModel));
}
else
{
userModel.RegistrationSuccessMessage = "The Account already exists!!!";
return(View("Index", userModel));
}
}
}
public ActionResult EditRole(LinksData LinkModel, Role RoleModel, Status_Entity StatusModel)
{
string URLname = LinkModel.URL;
string Rolename = RoleModel.Role_Name;
string Statusname = StatusModel.Status;
//All fields have to be filled out to edit role
if (URLname == null || Rolename == null || Statusname == null)
{
return(RedirectToAction("Index", "Links_Management"));
}
else
{
//updating the role for the link
using (portaldatabaseEntities db = new portaldatabaseEntities())
{
db.Database.ExecuteSqlCommand("update dbo.links set RoleID = (select RoleID from dbo.Roles where" +
" Roles.Role_Name = '" + Rolename + "'), StatusID = (select StatusID from dbo.Status where Status.Status = '" + Statusname + "')" +
" where links.URL = '" + URLname + "'");
}
return(RedirectToAction("Index", "Links_Management"));
}
}
