// GET: Home
public ActionResult Index()
{
var myRoleProvider = new MyRoleProvider();
var roles = myRoleProvider.GetRolesForUser().ToList <string>();
return(View(roles));
}
public JsonResult GetData()
{
using (ELaundryDBEntities db = new ELaundryDBEntities())
{
MyRoleProvider mr = new MyRoleProvider();
db.Configuration.LazyLoadingEnabled = false;
List <UserViewModel> lstuser = new List <UserViewModel>();
var lst = db.tblUsers.ToList();
string[] str = new string[] { };
foreach (var item in lst)
{
string roles = "";
str = mr.GetRolesForUser(item.Username);
if (str.Length > 0)
{
foreach (var r in str)
{
roles += r.ToString() + ",";
}
roles = roles.Remove(roles.IndexOf(','));
}
tblUserBranch tbub = db.tblUserBranches.Where(u => u.UserId == item.UserId).FirstOrDefault();
tblBranch br = db.tblBranches.Where(u => u.BranchId == tbub.BranchId).FirstOrDefault();
lstuser.Add(new UserViewModel()
{
UserId = item.UserId, Username = item.Username, Fullname = item.Fullname, RoleName = roles, BranchName = br.BranchName
});
}
return(Json(new { data = lstuser }, JsonRequestBehavior.AllowGet));
}
}
public ActionResult ChangeRoles(string userId, List <string> roles)
{
MyRoleProvider provider = new MyRoleProvider();
// получаем пользователя
int intUserId = Convert.ToInt32(userId);
User user = db.Users.Where(u => u.Id == intUserId).FirstOrDefault();
if (user != null)
{
// получем список ролей пользователя
var userRoles = db.Users.Include("Roles").Where(u => u.Id == user.Id).FirstOrDefault().Roles.Select(r => r.Name).ToList();
// получаем все роли
var allRoles = db.Roles.ToList();
// получаем список ролей, которые были добавлены
var addedRoles = roles.Except(userRoles).ToArray();
// получаем роли, которые были удалены
var removedRoles = userRoles.Except(roles).ToArray();
provider.AddUsersToRoles(user, addedRoles);
provider.RemoveUsersFromRoles(user, removedRoles);
return(RedirectToAction("AllUsers", "Account"));
}
return(View());
}
//
// GET: /User/Edit/5
public ActionResult Edit(int id)
{
var review =_db.GetDBUser(id);
string[] roles=new MyRoleProvider().GetRolesForUser(review.userName);
ViewBag.Roles = roles[0];
return View(review);
}
public override void OnAuthorization(AuthorizationContext filterContext)
{
var myroles = new MyRoleProvider().GetRolesForUser(filterContext.HttpContext.User.Identity.Name);
// If they are authorized, handle accordingly
if (!filterContext.HttpContext.User.Identity.IsAuthenticated || !myroles.Contains("Analista"))
{
filterContext.Result = new RedirectToRouteResult(new RouteValueDictionary(new { area = "Analista", controller = "Login", action = "index" }));
}
}
public ActionResult ChangeRoles(int?Id)
{
int id = Convert.ToInt32(Id);
MyRoleProvider provider = new MyRoleProvider();
User user = db.Users.FirstOrDefault(u => u.Id == id);
UserRolesChangeViewModel userRolesChangeViewModel = new UserRolesChangeViewModel
{
User = user, AllRoles = db.Roles.ToList(), UserRoles = provider.GetRolesForUser(user.Login).ToList()
};
return(View(userRolesChangeViewModel));
}
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
using (var _UserRepo = new UsuarioRepository())
{
var Roles = new MyRoleProvider().GetRolesForUser(filterContext.HttpContext.User.Identity.Name);
if (Roles.Contains("Users"))
{
var user = _UserRepo.GetByEmail(filterContext.HttpContext.User.Identity.Name);
filterContext.Controller.ViewBag.datavencimento = user.DataVencimentoLicenca.ToString("dd/MM/yyyy");
filterContext.Controller.ViewBag.username = user.Nome;
}
}
}
public int AddUser(User user)
{
SqlParameter idParameter;
using (SqlConnection connection = new SqlConnection(_connectionString))
{
var command = connection.CreateCommand();
command.CommandType = CommandType.StoredProcedure;
command.CommandText = "dbo.AddUser";
var usernameParameter = new SqlParameter()
{
DbType = DbType.String,
ParameterName = "@Username",
Value = user.Username,
Direction = ParameterDirection.Input
};
command.Parameters.Add(usernameParameter);
var passwordParameter = new SqlParameter()
{
DbType = DbType.String,
ParameterName = "@Password",
Value = user.Password,
Direction = ParameterDirection.Input
};
command.Parameters.Add(passwordParameter);
idParameter = new SqlParameter()
{
DbType = DbType.Int32,
ParameterName = "@Id",
Value = user.UserId,
Direction = ParameterDirection.Output
};
command.Parameters.Add(idParameter);
connection.Open();
command.ExecuteNonQuery();
}
MyRoleProvider provider = new MyRoleProvider();
provider.AddRoleToUser((int)idParameter.Value, "User");
return((int)idParameter.Value);
}
public ActionResult ShowProfile()
{
if (HttpContext.User.Identity.Name == "")
{
return(RedirectToAction("HomeScreen", "Home"));
}
ProfileInfo userProfile = new ProfileInfo();
User currentUser = repository.GetUser(HttpContext.User.Identity.Name);
MyRoleProvider tempRoleProvider = new MyRoleProvider();
userProfile.Roles = tempRoleProvider.GetRolesForUser(HttpContext.User.Identity.Name);
userProfile.DisplayName = currentUser.Name;
userProfile.UserTransactions = repository.GetUserTransactions(currentUser.UserID);
userProfile.UserID = currentUser.UserID;
return(View(userProfile));
}
public ActionResult Login(LoginViewModel l, string ReturnUrl = "")
{
if (ModelState.IsValid)
{
using (GymDBEntities db = new GymDBEntities())
{
var users = db.tblUsers.Where(a => a.Username == l.Username && a.Password == l.Password).FirstOrDefault();
if (users != null)
{
Session.Add("emailid", users.Email);
Session.Add("userid", users.UserId);
Session.Add("fullname", users.Fullname);
Session.Add("photo", users.Photo);
FormsAuthentication.SetAuthCookie(l.Username, true);
if (Url.IsLocalUrl(ReturnUrl))
{
return(Redirect(ReturnUrl));
}
else
{
tblUser tb = db.tblUsers.Where(u => u.Username == l.Username && u.Password == l.Password).FirstOrDefault();
MyRoleProvider mp = new MyRoleProvider();
if (mp.IsUserInRole(l.Username, "User") == true)
{
//if (User.IsInRole("Teacher"))
//{
return(RedirectToAction("Index", "User"));
}
else if (mp.IsUserInRole(l.Username, "Admin") == true)
{
return(RedirectToAction("Index", "Admin"));
}
}
}
else
{
ViewBag.Message = "Invalid user";
}
}
}
return(View());
}
public ActionResult Login(LoginViewModel l, string ReturnUrl = "")
{
//ViewBag.Roles = rdb.GetAllRoles();
bool i = udb.CheckUserLogin(l);
if (i)
{
Session.Add("emailid", l.EmailId);
FormsAuthentication.SetAuthCookie(l.EmailId, true);
if (Url.IsLocalUrl(ReturnUrl))
{
return(Redirect(ReturnUrl));
}
else
{
tblUserInfo tb = _db.tblUserInfoes.Where(u => u.EmailId == l.EmailId && u.Password == l.Password).FirstOrDefault();
MyRoleProvider mp = new MyRoleProvider();
if (mp.IsUserInRole(l.EmailId, "Teacher") == true)
{
//if (User.IsInRole("Teacher"))
//{
return(RedirectToAction("Index", "Tutor"));
}
else if (mp.IsUserInRole(l.EmailId, "Student") == true)
{
return(RedirectToAction("index", "Student"));
}
}
}
else
{
ModelState.AddModelError("", "Invalid User");
}
return(View());
}
public MembershipCreateStatus bCreateUser(string CompanyName, string Username, string Password, string Email, string TaxCode, string Phone)
{
if (String.IsNullOrEmpty(CompanyName)) throw new ArgumentException("Value cannot be null or empty.", "CompanyName");
if (String.IsNullOrEmpty(Username)) throw new ArgumentException("Value cannot be null or empty.", "UserName");
if (String.IsNullOrEmpty(Email)) throw new ArgumentException("Value cannot be null or empty.", "Email");
if (String.IsNullOrEmpty(Password)) throw new ArgumentException("Value cannot be null or empty.", "Password");
MembershipCreateStatus status;
var checkUser = from m in StoreDb.Webmasters
where (m.Username == Username)
select m;
if (checkUser.Count() != 0)
{
status = MembershipCreateStatus.DuplicateUserName;
return status;
}
var checkEmail = from m in StoreDb.Webmasters
where (m.Email == Email)
select m;
if (checkEmail.Count() != 0)
{
status = MembershipCreateStatus.DuplicateEmail;
return status;
}
Webmaster web = new Webmaster();
web.Username = Username;
web.FirstName = CompanyName;
web.CompanyName = CompanyName;
web.Password = Password;
web.Phone = Phone;
web.Email = Email;
web.Status = 0;
web.DateJoin = DateTime.Now;
web.AccountType = 1; //0 la personal account 1 la bussiness account
web.TaxCode = TaxCode;
string hash = MPHash.hash(Username + Password);
web.VerifyCode = hash;
StoreDb.Webmasters.AddObject(web);
StoreDb.SaveChanges();
status = MembershipCreateStatus.Success;
//Tao bang Earning tuong ung
var checknow = StoreDb.Webmasters.Single(m => m.Username == Username);
Earning e = new Earning();
e.Amount = 0;
e.Currency = "VND";
e.WebmasterId = checknow.Id;
e.Status = 0;//keep money
StoreDb.Earnings.AddObject(e);
StoreDb.SaveChanges();
//tao Role cho user nay
string[] webmaster = new string[] { "Webmaster" };
string[] user = new string[] { Username };
MyRoleProvider role = new MyRoleProvider();
role.AddUsersToRoles(user, webmaster);
//tao Setting table cho webmaster nay
int webmt = StoreDb.Webmasters.Single(w => w.Username == Username).Id;
Setting set = new Setting();
set.WebmasterId = webmt;
set.Language = "EN";//default is EN
StoreDb.Settings.AddObject(set);
StoreDb.SaveChanges();
return status;
}
public override void OnAuthorization(AuthorizationContext filterContext)
{
var myroles = new MyRoleProvider().GetRolesForUser(filterContext.HttpContext.User.Identity.Name);
if (!filterContext.HttpContext.User.Identity.IsAuthenticated || !myroles.Contains("Users"))
{
if (filterContext.HttpContext.Request.IsAjaxRequest())
{
filterContext.HttpContext.Response.StatusCode = (int)HttpStatusCode.Unauthorized;
filterContext.HttpContext.Response.TrySkipIisCustomErrors = true;
filterContext.HttpContext.Response.StatusDescription = "Tempo de Authenticaçao expirada";
filterContext.HttpContext.Response.SuppressFormsAuthenticationRedirect = true;
filterContext.Result = new JsonResult
{
Data = new
{
Error = "Not Authorized",
LogOnUrl = "/usuario/login"
},
JsonRequestBehavior = JsonRequestBehavior.AllowGet
};
}
else
{
FormsAuthentication.SignOut();
filterContext.Result = new RedirectToRouteResult(new RouteValueDictionary(new { area = "Usuario", controller = "Login", action = "index" }));
}
}
else
{
var token = filterContext.HttpContext.Session["token"];
if (token == null)
{
FormsAuthentication.SignOut();
if (filterContext.HttpContext.Request.IsAjaxRequest())
{
filterContext.HttpContext.Response.StatusCode = (int)HttpStatusCode.Unauthorized;
filterContext.HttpContext.Response.TrySkipIisCustomErrors = true;
filterContext.HttpContext.Response.StatusDescription = "Tempo de Authenticaçao expirada";
filterContext.HttpContext.Response.SuppressFormsAuthenticationRedirect = true;
filterContext.Result = new JsonResult
{
Data = new
{
Error = "Not Authorized",
LogOnUrl = "/usuario/login"
},
JsonRequestBehavior = JsonRequestBehavior.AllowGet
};
}
else
{
filterContext.Result = new RedirectToRouteResult(new RouteValueDictionary(new { area = "Usuario", controller = "Login", action = "index" }));
}
}
else if (token != null)
{
var expDate = int.Parse(Helper.GetJWTPayloadValue(token.ToString(), "exp"));
int unixTimestampNow = (int)(DateTime.UtcNow.Subtract(new DateTime(1970, 1, 1))).TotalSeconds;
if (expDate < unixTimestampNow)
{
FormsAuthentication.SignOut();
if (filterContext.HttpContext.Request.IsAjaxRequest())
{
filterContext.HttpContext.Response.StatusCode = (int)HttpStatusCode.Unauthorized;
filterContext.HttpContext.Response.TrySkipIisCustomErrors = true;
filterContext.HttpContext.Response.StatusDescription = "Tempo de Authenticaçao expirada";
filterContext.HttpContext.Response.SuppressFormsAuthenticationRedirect = true;
filterContext.Result = new JsonResult
{
Data = new
{
Error = "Not Authorized",
LogOnUrl = "/usuario/login"
},
JsonRequestBehavior = JsonRequestBehavior.AllowGet
};
}
else
{
FormsAuthentication.SignOut();
filterContext.Result = new RedirectToRouteResult(new RouteValueDictionary(new { area = "Usuario", controller = "Login", action = "index" }));
}
}
}
}
}
// GET: Test
public ActionResult TestUserRole(string tempName)
{
MyRoleProvider tempRoleProvider = new MyRoleProvider();
return(PartialView(tempRoleProvider.GetRolesForUser(tempName)));
}
