//Get DepartmentAccess
public EditDepartmentAccess GetDepartmentAccess(int id)
{
DepartmentAccess departmentAccess = ctx.DepartmentAccess.Single(e => e.CompanyID == _companyID && e.DepartmentAccessID == id);
EditDepartmentAccess readDepartmentAccess = new EditDepartmentAccess
{
DepartmentAccessID = departmentAccess.DepartmentAccessID,
DepartmentID = departmentAccess.DepartmentID,
DepartmentName = ctx.Departments.Single(e => e.DepartmentID == departmentAccess.DepartmentID).DepartmentName,
Username = ctx.Users.Single(e => e.Id == departmentAccess.UserID).UserName,
//UserID = departmentAccess.UserID,
PermissionID = departmentAccess.PermissionID,
Access = ctx.Permissions.Single(e => e.PermissionID == departmentAccess.PermissionID).Access,
};
CreateHistory history = new CreateHistory
{
CompanyID = _companyID,
UserID = _userID.ToString(),
Table = "DepartmentAccess",
stringID = id.ToString(),
Request = $"GetDepartmentAccess({id})"
};
AddHistory(history);
return(readDepartmentAccess);
}
//Edit DepartmentAccess
public bool EditDepartmentAccess(EditDepartmentAccess model)
{
DepartmentAccess departmentAccess = ctx.DepartmentAccess.Find(model.DepartmentAccessID);
if (departmentAccess == null)
{
return(false);
}
if (departmentAccess.CompanyID != _companyID) //Check that user is in the same company as the requesting user.
{
return(false);
}
string uID = ctx.Users.Single(e => e.UserNumber == model.UserID).Id;
departmentAccess.DepartmentID = model.DepartmentID;
departmentAccess.UserID = uID;
departmentAccess.PermissionID = model.PermissionID;
departmentAccess.ModifiedDateUTC = DateTimeOffset.UtcNow;
CreateHistory history = new CreateHistory
{
CompanyID = _companyID,
UserID = _userID.ToString(),
Table = "DepartmentAccess",
stringID = model.DepartmentAccessID.ToString(),
Request = Newtonsoft.Json.JsonConvert.SerializeObject(model)
};
return(AddHistory(history));
}
//List DepartmentAccess
public IEnumerable <ReadDepartmentAccess> GetAllDepartmentAccess()
{
var query = ctx.DepartmentAccess.Where(e => e.CompanyID == _companyID).Select(f => new ReadDepartmentAccess
{
DepartmentAccessID = f.DepartmentAccessID,
DepartmentID = f.DepartmentID,
CompanyID = f.CompanyID,
DepartmentName = ctx.Departments.FirstOrDefault(e => e.DepartmentID == f.DepartmentID).DepartmentName,
UserID = ctx.Users.FirstOrDefault(e => e.Id == f.UserID).UserName,
PermissionID = f.PermissionID,
Access = ctx.Permissions.FirstOrDefault(e => e.PermissionID == f.PermissionID).Access,
CreatedDateUTC = f.CreatedDateUTC,
ModifiedDateUTC = f.ModifiedDateUTC
});
CreateHistory history = new CreateHistory
{
CompanyID = _companyID,
UserID = _userID.ToString(),
Table = "DepartmentAccess",
stringID = null,
Request = $"GetAllDepartmentAccess()"
};
AddHistory(history);
return(query.ToList());
}
//Update Contact
public EditContact GetContact(int id)
{
Contact contact = ctx.Contacts.Find(id);
EditContact editContact = new EditContact
{
ContactID = contact.ContactID,
FirstName = contact.FirstName,
LastName = contact.LastName,
PreferredName = contact.PreferredName,
Email = contact.Email,
CellPhone = contact.CellPhone
};
CreateHistory history = new CreateHistory
{
CompanyID = _companyID,
UserID = _userID.ToString(),
Table = "Contacts",
Method = $"GetContact(int id)",
stringID = id.ToString(),
Request = "GetContact(int id)",
};
AddHistory(history);
return(editContact);
}
public bool ContactEdit(EditContact model)
{
Contact contact = ctx.Contacts.Find(model.ContactID);
if (contact == null)
{
return(false);
}
contact.FirstName = model.FirstName;
contact.LastName = model.LastName;
contact.PreferredName = model.PreferredName;
contact.Email = model.Email;
contact.CellPhone = model.CellPhone;
contact.ModifiedDateUTC = DateTimeOffset.UtcNow;
CreateHistory history = new CreateHistory
{
CompanyID = _companyID,
UserID = _userID.ToString(),
Table = "Departments",
stringID = model.ContactID.ToString(),
Request = Newtonsoft.Json.JsonConvert.SerializeObject(model)
};
return(AddHistory(history));
}
//Get User
public ReadUser GetUser(Guid id)
{
ApplicationUser user = ctx.Users.Find(id.ToString());
if (user == null) //Check for a Null User
{
return(null);
}
if (user.CompanyID != _companyID) //Check that user is in the same company as the requesting user.
{
return(null);
}
ReadUser readUser = new ReadUser
{
UserID = user.Id,
CompanyID = user.CompanyID,
DepartmentID = user.DepartmentID,
Username = user.UserName,
Email = user.Email,
IsLocked = user.LockoutEnabled,
CreatedDateUTC = user.CreatedDateUTC
};
CreateHistory history = new CreateHistory
{
CompanyID = _companyID,
UserID = _userID.ToString(),
Table = "Users",
stringID = id.ToString(),
Request = $"GetUser({id})"
};
AddHistory(history);
return(readUser);
}
//Users Section
//Used by Helpdesk and Admin Roles
//Add User
public bool AddUser(CreateUser model)
{
if (ctx.Departments.Single(e => e.DepartmentID == model.DepartmentID).CompanyID != _companyID)
{
//Sanataize Password in Model
model.Password = "";
model.ConfirmPassword = "";
CreateHistory historyFail = new CreateHistory
{
CompanyID = _companyID,
UserID = _userID.ToString(),
Table = "Users",
stringID = null,
Request = Newtonsoft.Json.JsonConvert.SerializeObject(model)
};
AddHistory(historyFail);
return(false);
}
PasswordHasher ph = new PasswordHasher();
ApplicationUser newUser = ctx.Users.Add(new ApplicationUser
{
CompanyID = _companyID,
DepartmentID = model.DepartmentID,
UserName = model.Username,
Email = model.Email,
PasswordHash = ph.HashPassword(model.Password),
SecurityStamp = Guid.NewGuid().ToString(),
UserNumber = ctx.Users.Count() + 1,
CreatedDateUTC = DateTimeOffset.UtcNow
});
ctx.SaveChanges();
var UserManager = new UserManager <ApplicationUser>(new UserStore <ApplicationUser>(ctx));
string role = GetAllRoles().Single(e => e.RoleID == model.RoleID).RoleName;
UserManager.AddToRole(newUser.Id, role);
//Sanataize Password in Model
model.Password = "";
model.ConfirmPassword = "";
CreateHistory history = new CreateHistory
{
CompanyID = _companyID,
UserID = _userID.ToString(),
Table = "Users",
stringID = null,
Request = Newtonsoft.Json.JsonConvert.SerializeObject(model)
};
return(AddHistory(history));
}
public async Task <ActionResult> CheckOut(string error)
{
Cart myCart = (Cart)Session["Cart"];
if (myCart.myCart.Count == 0)
{
return(View("Index"));
}
string email = HttpContext.User.Identity.Name;
AspNetUser user = await Utility.Util.getUser(HttpContext.User);
List <CreditCard> myList = await(from x in db.CreditCards
where x.userId.ToString().Equals(user.Id)
select x).ToListAsync <CreditCard>();
IList <ShowCard> newList = new List <ShowCard>();
foreach (CreditCard c in myList)
{
newList.Add(Utility.Util.convertToShowCard(c));
}
CreateHistory historyModel = new CreateHistory
{
cards = new SelectList(newList, "creditCardID", "creditCardID"),
country = new SelectList(db.Country, "countryName", "countryName")
};
var model = new CheckOut
{
creditTypes = Utility.Util.getCreditTypex(),
months = Utility.Util.getMonthx(),
years = Utility.Util.getYearx(),
history = historyModel
};
if (myList == null || myList.Count == 0)
{
ModelState.AddModelError("", "Add credit card before finishing order");
}
if (error != null)
{
ModelState.AddModelError("", error);
}
return(View(model));
}
//Helpers
//Populate History Table
private bool AddHistory(CreateHistory model)
{
StackFrame stack = new StackFrame(1);
ctx.History.Add(new History
{
CompanyID = model.CompanyID,
UserID = model.UserID,
Table = model.Table,
Method = stack.GetMethod().Name,
stringID = model.stringID,
Request = model.Request,
CreatedDateUTC = DateTimeOffset.UtcNow
});
return(ctx.SaveChanges() > 0);
}
//List Users
public IEnumerable <ReadUser> GetAllUsers()
{
List <ApplicationUser> applicationUsers = ctx.Users.Where(e => e.CompanyID == _companyID).ToList();
List <ReadUser> readUsers = new List <ReadUser>();
string department;
foreach (ApplicationUser user in applicationUsers)
{
if (ctx.Departments.FirstOrDefault(e => e.DepartmentID == user.DepartmentID) == null)
{
department = "No Department";
}
else
{
department = ctx.Departments.FirstOrDefault(e => e.DepartmentID == user.DepartmentID).DepartmentName;
}
readUsers.Add(new ReadUser
{
UserID = user.Id,
CompanyID = user.CompanyID,
DepartmentID = user.DepartmentID,
Department = department,
//RoleID = ctx.Roles.FirstOrDefault(e => e.Id == f.Id).Name,
RoleID = GetRoleID(user.Id),
//RoleName = _role,
RoleName = GetRoleName(user.Id),
Username = user.UserName,
Email = user.Email,
IsLocked = user.LockoutEnabled,
CreatedDateUTC = user.CreatedDateUTC
});
}
CreateHistory history = new CreateHistory
{
CompanyID = _companyID,
UserID = _userID.ToString(),
Table = "Users",
stringID = null,
Request = "GetAllUsers()"
};
AddHistory(history);
return(readUsers);
}
//Change Password - This should be accessable by every non disabled user. This may move to a new service.
public bool ResetPassword(CreatePassword model)
{
PasswordHasher ph = new PasswordHasher();
ApplicationUser user = ctx.Users.Single(e => e.Id.ToString() == _userID.ToString());
user.PasswordHash = ph.HashPassword(model.Password);
CreateHistory history = new CreateHistory
{
CompanyID = _companyID,
UserID = _userID.ToString(),
Table = "Users",
stringID = null,
Request = "ResetPassword(CreatePassword model)"
};
AddHistory(history);
return(ctx.SaveChanges() == 1);
}
public IEnumerable <ReadAllContact> GetAllUserContacts()
{
List <DepartmentAccess> departmentAccess = ctx.DepartmentAccess.Where(e => e.UserID == _userID.ToString() && e.CompanyID == _companyID).ToList();
List <int> departmentIDs = new List <int>();
List <ReadAllContact> readContacts = new List <ReadAllContact>();
foreach (DepartmentAccess item in departmentAccess)
{
foreach (ApplicationUser appUser in ctx.Users.Where(e => e.CompanyID == _companyID && e.DepartmentID == item.DepartmentID))
{
foreach (var contact in dbx.Contacts)
{
if (appUser.Id == contact.OwnerID)
{
readContacts.Add(new ReadAllContact
{
ContactID = contact.ContactID,
FirstName = contact.FirstName,
LastName = contact.LastName,
PreferredName = contact.PreferredName,
Email = contact.Email,
CellPhone = contact.CellPhone,
Username = appUser.UserName,
CreatedDateUTC = contact.CreatedDateUTC,
ModifiedDateUTC = contact.ModifiedDateUTC,
PermissionID = item.PermissionID
});
}
}
}
}
CreateHistory history = new CreateHistory
{
CompanyID = _companyID,
UserID = _userID.ToString(),
Table = "Contact",
stringID = null,
Request = "GetAllUserContacts()"
};
AddHistory(history);
return(readContacts);
}
public bool AddDepartment(CreateDepartment model)
{
ctx.Departments.Add(new Departments
{
CompanyID = _companyID,
DepartmentName = model.DepartmentName,
CreatedDateUTC = DateTimeOffset.UtcNow
});
CreateHistory history = new CreateHistory
{
CompanyID = _companyID,
UserID = _userID.ToString(),
Table = "Departments",
Method = $"AddDepartment(CreateDepartment model)",
stringID = null,
Request = Newtonsoft.Json.JsonConvert.SerializeObject(model)
};
return(AddHistory(history));
}
public bool DeleteDepartment(int id)
{
Departments department = ctx.Departments.Find(id);
if (department == null)
{
return(false);
}
ctx.Departments.Remove(department);
CreateHistory history = new CreateHistory
{
CompanyID = _companyID,
UserID = _userID.ToString(),
Table = "Departments",
stringID = id.ToString(),
Request = $"DeleteDepartment({id})"
};
return(AddHistory(history));
}
//Disable User
public bool DisableUser(Guid id)
{
ApplicationUser user = ctx.Users.Find(id);
if (user == null)
{
return(false);
}
user.LockoutEnabled = true;
CreateHistory history = new CreateHistory
{
CompanyID = _companyID,
UserID = _userID.ToString(),
Table = "Users",
stringID = id.ToString(),
Request = $"DisableUser({id})"
};
return(AddHistory(history));
}
public EditDepartment GetDepartment(int id)
{
Departments department = ctx.Departments.Single(e => e.CompanyID == _companyID && e.DepartmentID == id);
EditDepartment editDepartment = new EditDepartment
{
DepartmentID = department.DepartmentID,
DepartmentName = department.DepartmentName,
};
CreateHistory history = new CreateHistory
{
CompanyID = _companyID,
UserID = _userID.ToString(),
Table = "Departments",
Method = $"GetDepartment()",
stringID = id.ToString(),
Request = "GetDepartment()",
};
AddHistory(history);
return(editDepartment);
}
public bool EditDepartment(int id, EditDepartment model)
{
Departments departments = ctx.Departments.Find(id);
if (departments == null)
{
return(false);
}
departments.DepartmentName = model.DepartmentName;
departments.ModifiedDateUTC = DateTimeOffset.UtcNow;
CreateHistory history = new CreateHistory
{
CompanyID = _companyID,
UserID = _userID.ToString(),
Table = "Departments",
Method = $"EditDepartment({id}, EditDepartment model)",
stringID = id.ToString(),
Request = Newtonsoft.Json.JsonConvert.SerializeObject(model)
};
return(AddHistory(history));
}
//User Methods
//Create Contact
public bool CreateContact(CreateContact model)
{
ctx.Contacts.Add(new Contact
{
FirstName = model.FirstName,
LastName = model.LastName,
PreferredName = model.PreferredName,
Email = model.Email,
CellPhone = model.CellPhone,
OwnerID = _userID.ToString(),
});
CreateHistory history = new CreateHistory
{
CompanyID = _companyID,
UserID = _userID.ToString(),
Table = "Contact",
stringID = null,
Request = Newtonsoft.Json.JsonConvert.SerializeObject(model)
};
return(AddHistory(history));
}
//Departments Section
public IEnumerable <ReadDepartments> GetAllDepartments()
{
var query = ctx.Departments.Where(e => e.CompanyID == _companyID).Select(g => new ReadDepartments
{
DepartmentID = g.DepartmentID,
CompanyID = g.CompanyID,
DepartmentName = g.DepartmentName,
CreatedDateUTC = g.CreatedDateUTC,
ModifiedDateUTC = g.ModifiedDateUTC
});
CreateHistory history = new CreateHistory
{
CompanyID = _companyID,
UserID = _userID.ToString(),
Table = "Departments",
Method = $"GetAllDepartments()",
stringID = null,
Request = "GetAllDepartment()",
};
AddHistory(history);
return(query.ToList());
}
//Delete DepartmentAccess
public bool DeleteDepartmentAccess(int id)
{
DepartmentAccess departmentAccess = ctx.DepartmentAccess.Find(id);
if (departmentAccess == null)
{
return(false);
}
if (departmentAccess.CompanyID != _companyID) //Check that user is in the same company as the requesting user.
{
return(false);
}
ctx.DepartmentAccess.Remove(departmentAccess);
CreateHistory history = new CreateHistory
{
CompanyID = _companyID,
UserID = _userID.ToString(),
Table = "DepartmentAccess",
stringID = id.ToString(),
Request = $"DeleteDepartmentAccess({id})"
};
return(AddHistory(history));
}
//Update User
public bool EditUser(Guid id, EditUser model)
{
PasswordHasher ph = new PasswordHasher();
ApplicationUser user = ctx.Users.Find(id.ToString());
if (user == null)
{
return(false);
}
user.CompanyID = _companyID;
user.DepartmentID = model.DepartmentID;
user.UserName = model.Username;
user.Email = model.Email;
user.LockoutEnabled = model.IsLocked;
user.PasswordHash = ph.HashPassword(model.Password);
user.SecurityStamp = Guid.NewGuid().ToString();
var UserManager = new UserManager <ApplicationUser>(new UserStore <ApplicationUser>(ctx));
string role = GetAllRoles().Single(e => e.RoleID == model.RoleID).RoleName;
string removeRole = UserManager.GetRoles(model.UserID.ToString()).Single().ToString();
UserManager.RemoveFromRole(model.UserID.ToString(), removeRole);
UserManager.AddToRole(model.UserID.ToString(), role);
//Sanataize Password in Model
model.Password = "";
model.ConfirmPassword = "";
CreateHistory history = new CreateHistory
{
CompanyID = _companyID,
UserID = _userID.ToString(),
Table = "Users",
stringID = id.ToString(),
Request = Newtonsoft.Json.JsonConvert.SerializeObject(model)
};
return(AddHistory(history));
}
//DepartmentAccess Section
//Pairs user to department in a company and assigns access.
//Add DepartmentAccess
public bool AddDepartmentAccess(CreateDepartmentAccess model)
{
//var projectName = formcollection["UserID"];
string uID = ctx.Users.Single(e => e.UserNumber == model.UserID).Id;
ctx.DepartmentAccess.Add(new DepartmentAccess
{
DepartmentID = model.DepartmentID,
CompanyID = _companyID,
UserID = uID,
PermissionID = model.PermissionID,
CreatedDateUTC = DateTimeOffset.UtcNow
});
CreateHistory history = new CreateHistory
{
CompanyID = _companyID,
UserID = _userID.ToString(),
Table = "DepartmentAccess",
stringID = null,
Request = Newtonsoft.Json.JsonConvert.SerializeObject(model)
};
return(AddHistory(history));
}
public EditUser GetUserEdit(Guid id)
{
ApplicationUser user = ctx.Users.Find(id.ToString());
if (user == null) //Check for a Null User
{
return(null);
}
if (user.CompanyID != _companyID) //Check that user is in the same company as the requesting user.
{
return(null);
}
string roleName = GetRoleName(user.Id);
string departmentName = ctx.Departments.Single(e => e.DepartmentID == user.DepartmentID).DepartmentName;
EditUser editUser = new EditUser
{
UserID = Guid.Parse(user.Id),
RoleName = roleName,
DepartmentID = user.DepartmentID,
DepartmentName = departmentName,
Username = user.UserName,
Email = user.Email,
IsLocked = user.LockoutEnabled,
};
CreateHistory history = new CreateHistory
{
CompanyID = _companyID,
UserID = _userID.ToString(),
Table = "Users",
stringID = id.ToString(),
Request = $"GetUser({id})"
};
AddHistory(history);
return(editUser);
}
