protected override bool AuthorizeCore(HttpContextBase httpContext)
{
var isAuthorized = base.AuthorizeCore(httpContext);
if (!isAuthorized)
{
return(false);
}
var myAppEntities = new MyAppEntities();
var userRoles = new UserRole();
var rd = httpContext.Request.RequestContext.RouteData;
if (Access == null)
{
Access = rd.GetRequiredString("action");
}
string controllerName = rd.GetRequiredString("controller");
var UserID = MyAppHelper.GetUserIdentityValue(httpContext.User, ClaimTypes.NameIdentifier);
var access = myAppEntities.UserRole.Where(a => a.Users.userid == UserID).Where(a => a.Roles.controller == controllerName).FirstOrDefault();
httpContext.Items["Access"] = access;
if (Access == AuthorizeUserType.View || Access == "Details")
{
return(access.allow_view);
}
else if (Access == AuthorizeUserType.Add)
{
return(access.allow_add);
}
else if (Access == AuthorizeUserType.Edit)
{
return(access.allow_edit);
}
else if (Access == AuthorizeUserType.Delete)
{
return(access.allow_delete);
}
else if (Access == AuthorizeUserType.Print)
{
return(access.allow_print);
}
else if (Access == AuthorizeUserType.Custom)
{
return(access.allow_custom);
}
else
{
return(false);
}
}
// GET: Login
public ActionResult Login(Users user)
{
if (AuthenticationManager.User.Identity.IsAuthenticated)
{
return(RedirectToAction("Index", "Home"));
}
if (user.userid == null)
{
return(View());
}
MyAppEntities myAppEntities = new MyAppEntities();
var pass = MyAppHelper.GetHashMD5(user.password);
var usr = myAppEntities.Users.Where(a => a.userid == user.userid).FirstOrDefault();
if (usr != null)
{
bool verify = false;
try{
verify = BCrypt.Net.BCrypt.Verify(user.password, usr.password);
}
catch {
verify = MyAppHelper.GetHashMD5(user.password) == user.password;
}
if (verify)
{
var claims = new List <Claim>();
claims.Add(new Claim(ClaimTypes.NameIdentifier, usr.userid));
claims.Add(new Claim(ClaimTypes.Name, usr.name));
claims.Add(new Claim(ClaimTypes.Email, usr.email));
var identity = new ClaimsIdentity(claims, DefaultAuthenticationTypes.ApplicationCookie);
AuthenticationManager.SignIn(new AuthenticationProperties()
{
AllowRefresh = true,
IsPersistent = false,
ExpiresUtc = DateTime.UtcNow.AddDays(7)
}, identity);
return(RedirectToAction("Index", "Home"));
}
else
{
TempData["Message"] = "Login Failed, Password wrong!";
return(View());
}
}
else
{
TempData["Message"] = "Login Failed, Email not found!";
return(View());
}
}
public async Task <ActionResult> Create(PatientView view)
{
var userId = await GetUserId();
var response = await UsersHelper.HavePermisionToAction(userId, "Patients", 3);
if (!response)
{
return(View("Error"));
}
if (ModelState.IsValid)
{
//var doctor = await _db.Doctors.FirstOrDefaultAsync(p => p.UserId == userId);
//if (doctor == null)
//{
// return RedirectToAction("CreateDoctorInformation", "Authors", new { area = "Configurations" });
//}
var pic = string.Empty;
const string folder = "~/Content/Patients";
if (view.ImageFile != null)
{
pic = Files.UploadPhoto(view.ImageFile, folder, "");
pic = string.Format("{0}/{1}", folder, pic);
}
var person = ToPeople(view);
person.Imagen = pic;
if (person.Tel != null)
{
person.Tel = Strings.RemoveCharacters(person.Tel);
}
if (person.Cel != null)
{
person.Cel = Strings.RemoveCharacters(person.Cel);
}
if (person.Rnc != null)
{
person.Rnc = Strings.RemoveCharacters(person.Rnc);
}
// person.AuthorId = doctor.User.AuthorId;
person.StatusId = 1;
_db.People.Add(person);
await _db.SaveChangesAsync();
var patient = ToPatient(view);
patient.PersonId = person.PersonId;
patient.Record = MyAppHelper.GenerateRecord(person.AuthorId);
//if (string.IsNullOrEmpty(view.Record2))
//{
// patient.Record2 = doctor.Prefix + patient.Record.ToString("00000");
//}
_db.Patients.Add(patient);
//var customer = new Customer
//{
// CreditAmount=0,DebAmount=0,WastedAmount=0,Name=view.Name,LastName=view.LastName
//};
//customer.PersonId = person.PersonId;
//customer.Code = MyAppHelper.GenerateRecord(doctor.User.AuthorId, 2);
//_db.Customers.Add(customer);
try
{
await _db.SaveChangesAsync();
}
catch (Exception e)
{
Console.WriteLine(e);
throw;
}
return(RedirectToAction(string.Format("Details/{0}", patient.PatientId)));
}
// ViewBag.AuthorId = view.AuthorId;
ViewBag.CountryId = new SelectList(_db.Countries, "CountryId", "NAme", view.CountryId);
ViewBag.GenderId = new SelectList(_db.Genders.OrderBy(o => o.GenderId), "GenderId", "Name",
view.GenderId);
ViewBag.MaritalSituationId =
new SelectList(_db.MaritalSituations.OrderBy(m => m.MaritalSituationId), "MaritalSituationId",
"Name", view.MaritalSituationId);
ViewBag.OcupationId = new SelectList(_db.Ocupations, "OcupationId", "Name", view.OcupationId);
ViewBag.ReligionId = new SelectList(_db.Religions.OrderBy(o => o.ReligionId), "ReligionId", "Name",
view.ReligionId);
// ViewBag.StatusId = view.StatusId;
ViewBag.BloodTypeId = new SelectList(_db.BloodTypes, "BloodTypeId", "Name", view.BloodTypeId);
ViewBag.InsuranceId = new SelectList(_db.Insurances, "InsuranceId", "Name", view.InsuranceId);
// ViewBag.PersonId = view.PersonId;
ViewBag.SchoolLevelId = new SelectList(_db.SchoolLevels, "SchoolLevelId", "Name",
view.SchoolLevelId);
return(View(view));
}
