/// <summary>
/// This method fires when the user clicks the Send Link button and it
/// sends the user a reset password link via Email
/// </summary>
/// <param name="sender">The btnSendForgotLink DevEx button</param>
/// <param name="e">The Click event</param>
protected void btnSendForgotLink_Click(object sender, EventArgs e)
{
//Only continue if the page is valid
if (ASPxEdit.AreEditorsValid(this, btnSendForgotLink.ValidationGroup))
{
// Validate the user's email address
var manager = Context.GetOwinContext().GetUserManager <ApplicationUserManager>();
PyramidUser user = manager.FindByName(txtUsername.Text);
if (user == null || !manager.IsEmailConfirmed(user.Id))
{
msgSys.ShowMessageToUser("warning", "Email Failure", "The user either does not exist or is not confirmed.", 25000);
}
else
{
//Send the reset link to the user
string code = manager.GeneratePasswordResetToken(user.Id);
string callbackUrl = IdentityHelper.GetResetPasswordRedirectUrl(code, Request);
manager.SendEmail(user.Id, "Reset your password", Utilities.GetEmailHTML(callbackUrl, "Reset Password", true, "Password Reset Requested", "Please reset your password by clicking the Reset Password link below.", Request));
//Show the email sent div and hide the forgot div
divEmailSent.Visible = true;
divForgot.Visible = false;
}
}
}
/// <summary>
/// This method fires when the user sends a confirmation email
/// </summary>
/// <param name="sender">The lbSendConfirmEmail LinkButton</param>
/// <param name="e">The Click event</param>
protected void lbSendConfirmEmail_Click(object sender, EventArgs e)
{
//The user object
PyramidUser user = null;
//Get the user object
using (ApplicationDbContext context = new ApplicationDbContext())
{
user = context.Users.Where(u => u.Id == hfUserPK.Value).FirstOrDefault();
}
//Make sure the user exists
if (user != null && user.Id != null)
{
//Get the user manager
var manager = Context.GetOwinContext().GetUserManager <ApplicationUserManager>();
//If the user exists, send the user an email to confirm their account
string emailcode = manager.GenerateEmailConfirmationToken(user.Id);
string callbackUrl = IdentityHelper.GetAccountConfirmationRedirectUrl(emailcode, user.Id, Request);
manager.SendEmail(user.Id, "Confirm your account", Utilities.GetEmailHTML(callbackUrl, "Confirm Account", true, "Welcome " + user.FirstName + " " + user.LastName + "!", "Your user account for the Pyramid Model Implementation Data System was created by an administrator.<br/>Your username for this system is:<br/><br/>" + user.UserName + "<br/><br/>Once you confirm your account and create your password, you will be able to start using the system.<br/>To get started, please click the link below.", Request));
//Show the user a success message
msgSys.ShowMessageToUser("success", "Email Sent", "Confirmation email successfully sent!", 5000);
}
else
{
//Show an error message
msgSys.ShowMessageToUser("danger", "Error", "The user could not be found!", 10000);
}
}
/// <summary>
/// This method fires when the user clicks the save button and
/// it attempts to add a new user to the system with the information
/// provided on the page
/// </summary>
/// <param name="sender">The submitUser control</param>
/// <param name="e">The Click event</param>
protected void submitUser_Click(object sender, EventArgs e)
{
//Get the user manager
var manager = Context.GetOwinContext().GetUserManager <ApplicationUserManager>();
//Create and fill the user object
PyramidUser newUser = new PyramidUser();
newUser.FirstName = txtFirstName.Value.ToString();
newUser.LastName = txtLastName.Value.ToString();
newUser.UserName = txtUsername.Value.ToString();
newUser.Email = txtEmail.Value.ToString();
newUser.EmailConfirmed = false;
newUser.TwoFactorEnabled = false;
newUser.PhoneNumber = (txtPhoneNumber.Value == null ? null : txtPhoneNumber.Value.ToString());
newUser.PhoneNumberConfirmed = false;
//Attempt to create the user
IdentityResult result = manager.Create(newUser, txtPassword.Value.ToString());
if (result.Succeeded)
{
//If the user creation succeeded, send the user an email to confirm their account
string emailcode = manager.GenerateEmailConfirmationToken(newUser.Id);
string callbackUrl = IdentityHelper.GetAccountConfirmationRedirectUrl(emailcode, newUser.Id, Request);
manager.SendEmail(newUser.Id, "Confirm your account", Utilities.GetEmailHTML(callbackUrl, "Confirm Account", true, "Welcome " + newUser.FirstName + " " + newUser.LastName + "!", "Your user account for the Pyramid Model Implementation Data System was created by an administrator.<br/>Your username for this system is:<br/><br/>" + newUser.UserName + "<br/><br/>Once you confirm your account and create your password, you will be able to start using the system.<br/>To get started, please click the link below.", Request));
//Add the user to their identity role
manager.AddToRole(newUser.Id, ddIdentityRole.SelectedItem.Text.ToString());
//Add the user to their program role
using (PyramidContext context = new PyramidContext())
{
//Create the UserProgramRole object and fill it
UserProgramRole userPrgRole = new UserProgramRole();
userPrgRole.CreateDate = DateTime.Now;
userPrgRole.Creator = User.Identity.Name;
userPrgRole.ProgramFK = Convert.ToInt32(ddProgram.Value);
userPrgRole.ProgramRoleCodeFK = Convert.ToInt32(ddProgramRole.Value);
userPrgRole.Username = newUser.UserName;
//Add the UserProgramRole to the database and save
context.UserProgramRole.Add(userPrgRole);
context.SaveChanges();
}
//Redirect the user
Response.Redirect("/Admin/UserManagement?message=CreateUserSuccess");
}
else
{
msgSys.ShowMessageToUser("danger", "Error", result.Errors.FirstOrDefault(), 120000);
}
}
/// <summary>
/// This method gets the UserProgramRoles rows for the user and
/// it binds those results to the proper Repeater
/// </summary>
private void BindUserProgramRoles(PyramidContext currentContext, PyramidUser currentUser)
{
//Get the ProgramRoles for the user
var userProgramRoles = currentContext.UserProgramRole
.Include(upr => upr.Program)
.Include(upr => upr.CodeProgramRole)
.Where(upr => upr.Username == currentUser.UserName)
.OrderBy(upr => upr.Program.ProgramName)
.ToList();
repeatUserRoles.DataSource = userProgramRoles;
repeatUserRoles.DataBind();
}
/// <summary>
/// This method accepts a user object and updates the user in the database
/// </summary>
/// <param name="user">A PyramidUser object</param>
/// <returns>True if the edit succeeded, false otherwise</returns>
public bool UpdateUser(PyramidUser user)
{
//Get the user
var founduser = appContext.Users.Where(x => x.Id == user.Id).AsQueryable().FirstOrDefault();
if (founduser == null)
{
//If the user does not exist, add it
appContext.Users.Add(user);
}
else
{
//Update the user's values
appContext.Entry(founduser).CurrentValues.SetValues(user);
}
//Return a bool that indicates if the save succeeded
return(appContext.SaveChanges() > 0);
}
/// <summary>
/// This method returns a user's Identity role from the database
/// </summary>
/// <param name="username">The user's username</param>
/// <param name="userManager">The ApplicationUserManager</param>
/// <returns>The identity role name if it can, null if it fails</returns>
public static string GetIdentityRoleByUsername(string username, ApplicationUserManager userManager)
{
string returnVal;
try
{
//Get the user
PyramidUser user = userManager.FindByName(username);
//Get the identity role (our system only allows for a user to have one)
returnVal = userManager.GetRoles(user.Id).FirstOrDefault();
}
catch (Exception ex)
{
//If an error occurred, log it and return null
LogException(ex);
returnVal = null;
}
return(returnVal);
}
protected void Page_Load(object sender, EventArgs e)
{
//Get the current program role
currentProgramRole = Utilities.GetProgramRoleFromSession(Session);
//Get the user manager
manager = Context.GetOwinContext().GetUserManager <ApplicationUserManager>();
//Get the user id from the query string
string id = Request.QueryString["Id"];
//Get the user object
currentUser = manager.FindById(id);
//Make sure the user exists
if (currentUser == null)
{
Response.Redirect("/Admin/UserManagement.aspx?message=UserNotFound");
}
if (!IsPostBack)
{
using (PyramidContext context = new PyramidContext())
{
//Show the user's program roles
BindUserProgramRoles(context, currentUser);
//Get the program list
var programs = context.Program.AsNoTracking().Include(p => p.Hub).OrderBy(p => p.ProgramName).Select(p => new {
p.ProgramPK,
ProgramName = p.ProgramName + " (" + p.Hub.Name + ")"
}).ToList();
ddProgram.DataSource = programs;
ddProgram.DataBind();
//Get the program role list, limited to the roles the user is allowed to add
var programRoles = context.CodeProgramRole.AsNoTracking()
.Where(cpr => cpr.RolesAuthorizedToModify.Contains((currentProgramRole.RoleFK.Value.ToString() + ",")))
.OrderBy(cpr => cpr.RoleName)
.ToList();
ddProgramRole.DataSource = programRoles;
ddProgramRole.DataBind();
}
//Get the identity roles
var identityRoles = appContext.Roles.OrderBy(r => r.Name).ToList();
//Remove the guest role because it is not implemented in any way
IdentityRole guestRole = identityRoles.Where(ir => ir.Name == "Guest").FirstOrDefault();
if (guestRole != null)
{
identityRoles.Remove(guestRole);
}
//Only allow super admins and application admins who are editing themselves to see the Admin identity role
if (currentProgramRole.RoleFK.Value == (int)Utilities.ProgramRoleFKs.SUPER_ADMIN || (currentProgramRole.RoleFK.Value == (int)Utilities.ProgramRoleFKs.APPLICATION_ADMIN && User.Identity.Name == currentUser.UserName))
{
//Do not remove the Admin identity role
}
else
{
//Remove the Admin identity role
IdentityRole adminRole = identityRoles.Where(ir => ir.Name == "Admin").FirstOrDefault();
identityRoles.Remove(adminRole);
}
//Bind the identity role dropdown
ddIdentityRole.DataSource = identityRoles;
ddIdentityRole.DataBind();
//If the user exists, fill the form
txtFirstName.Value = currentUser.FirstName;
txtLastName.Value = currentUser.LastName;
txtEmail.Value = currentUser.Email;
txtPhoneNumber.Value = currentUser.PhoneNumber;
deLockoutEndDate.Value = (currentUser.LockoutEndDateUtc.HasValue ? currentUser.LockoutEndDateUtc.Value.ToString("MM/dd/yyyy") : "");
ddIdentityRole.SelectedItem = ddIdentityRole.Items.FindByValue(currentUser.Roles.FirstOrDefault().RoleId);
//Set focus to the first name field
txtFirstName.Focus();
}
}
/// <summary>
/// When the user clicks the Save button, save the changes to the user
/// </summary>
/// <param name="sender">The submitUser control</param>
/// <param name="e">The Click event</param>
protected void submitUser_Click(object sender, EventArgs e)
{
//Make sure the current user is correct
currentUser = manager.FindById(currentUser.Id);
//Whether or not the email changed
bool emailChanged = false;
//Only continue if the page is valid
if (ASPxEdit.AreEditorsValid(this, submitUser.ValidationGroup))
{
//Check to see if the user's email changed
if (currentUser.Email != Convert.ToString(txtEmail.Value))
{
//The email changed
emailChanged = true;
}
//Only de-confirm the user's phone if it changed
if (txtPhoneNumber.Value == null || (currentUser.PhoneNumber != txtPhoneNumber.Value.ToString()))
{
currentUser.PhoneNumberConfirmed = false;
}
//Update the user's role
if (currentUser.Roles.FirstOrDefault().RoleId != Convert.ToString(ddIdentityRole.Value))
{
//Get the old role and new role
string oldRole = appContext.Roles.Find(currentUser.Roles.FirstOrDefault().RoleId).Name;
string newRole = appContext.Roles.Find(Convert.ToString(ddIdentityRole.Value)).Name;
//Change the role
manager.RemoveFromRole(currentUser.Id, oldRole);
manager.AddToRole(currentUser.Id, newRole);
}
//Set the user's information
currentUser.EmailConfirmed = !emailChanged;
currentUser.PhoneNumber = (txtPhoneNumber.Value == null ? null : txtPhoneNumber.Value.ToString());
currentUser.Email = txtEmail.Value.ToString();
currentUser.FirstName = txtFirstName.Value.ToString();
currentUser.LastName = txtLastName.Value.ToString();
currentUser.LockoutEndDateUtc = (String.IsNullOrWhiteSpace(Convert.ToString(deLockoutEndDate.Value)) ? (DateTime?)null : Convert.ToDateTime(deLockoutEndDate.Value));
currentUser.UpdateTime = DateTime.Now;
//Update the user in the database
IdentityResult result = manager.Update(currentUser);
if (result.Succeeded)
{
//Send an email if the email changed
if (emailChanged)
{
//Generate the confirmation token and url
string code = manager.GenerateEmailConfirmationToken(currentUser.Id);
string callbackUrl = IdentityHelper.GetEmailConfirmationRedirectUrl(code, currentUser.Id, Request);
//Send the confirmation email to the user via email
manager.SendEmail(currentUser.Id, "Confirm your email address change", Utilities.GetEmailHTML(callbackUrl, "Confirm Email", true, "Email Updated", "Please confirm your email address change by clicking the Confirm Email link below.", Request));
}
//Redirect the user to the user management page
Response.Redirect("/Admin/UserManagement.aspx?message=EditUserSuccess");
}
else
{
//Show the user an error message
msgSys.ShowMessageToUser("danger", "Error", result.Errors.FirstOrDefault(), 120000);
}
}
}
protected void Page_Load()
{
//Get the user manager
userManager = Context.GetOwinContext().GetUserManager <ApplicationUserManager>();
//Get the current user
CurrentUser = userManager.FindById(User.Identity.GetUserId());
if (!IsPostBack)
{
//Fill the text boxes
txtPhoneNumber.Value = CurrentUser.PhoneNumber;
txtEmail.Text = CurrentUser.Email;
// Render success message
var message = Request.QueryString["m"];
if (message != null)
{
// Strip the query string from action
Form.Action = ResolveUrl("~/Account/Manage");
SuccessMessage =
message == "ChangePwdSuccess" ? "Your password has been successfully changed!"
: message == "SetPwdSuccess" ? "Your password has been successfully set!"
: message == "RemoveLoginSuccess" ? "The account was successfully removed!"
: message == "AddPhoneNumberSuccess" ? "Phone number has been successfully added!"
: message == "VerifyPhoneNumberSuccess" ? "Phone number has been successfully verified!"
: message == "RemovePhoneNumberSuccess" ? "Phone number was successfully removed!"
: String.Empty;
//Show the message
msgSys.ShowMessageToUser("success", "Success", SuccessMessage, 15000);
}
//Show or hide the two-factor buttons
ShowHideTwoFactorButtons(CurrentUser.TwoFactorEnabled);
//Show or hide the phone buttons
ShowHidePhoneButtons(CurrentUser.PhoneNumber, CurrentUser.PhoneNumberConfirmed);
using (PyramidContext context = new PyramidContext())
{
//Get the user's selected customization options
List <spGetUserCustomizationOptions_Result> selectedOptions = context.spGetUserCustomizationOptions(CurrentUser.UserName).ToList();
//Fill and set the user customization option dropdowns
//----------------- Fireworks -------------------------
List <CodeCustomizationOptionValue> fireworkOptions = context.CodeCustomizationOptionValue.AsNoTracking()
.Include(ccov => ccov.CodeCustomizationOptionType)
.Where(ccov => ccov.CodeCustomizationOptionType.Description.ToLower() == "fireworks")
.OrderBy(ccov => ccov.OrderBy)
.ToList();
ddFireworks.DataSource = fireworkOptions;
ddFireworks.DataBind();
//Set the selected value
int fireworksOption = selectedOptions.Where(so => so.OptionTypeDescription.ToLower() == "fireworks").Select(so => so.OptionValuePK).FirstOrDefault().GetValueOrDefault();
ddFireworks.SelectedItem = ddFireworks.Items.FindByValue(fireworksOption);
//----------------- End Fireworks -------------------------
}
}
}
/// <summary>
/// This method executes when the user clicks the save button for the UserFileUploads
/// and it saves the UserFileUpload information to the database
/// </summary>
/// <param name="sender">The submitUserFileUpload submit user control</param>
/// <param name="e">The Click event</param>
protected void submitFileUpload_Click(object sender, EventArgs e)
{
//Allow editors and hub data viewers to add files
if (currentProgramRole.AllowedToEdit.Value ||
currentProgramRole.RoleFK.Value == (int)Utilities.ProgramRoleFKs.HUB_DATA_VIEWER)
{
//Get the file to upload
UploadedFile file = bucUploadFile.UploadedFiles[0];
if (file.ContentLength > 0 && file.IsValid)
{
//Get the actual file name
string actualFileName = Path.GetFileNameWithoutExtension(file.FileName) + "-" +
Path.GetRandomFileName().Substring(0, 6) +
Path.GetExtension(file.FileName);
//Get the display file name
string displayFileName = Path.GetFileNameWithoutExtension(file.FileName);
//Get the file type
string fileExtension = Path.GetExtension(file.FileName).ToLower();
string fileType;
switch (fileExtension)
{
case ".pdf":
fileType = "pdf";
break;
case ".doc":
case ".docx":
fileType = "word";
break;
case ".ppt":
case ".pptx":
fileType = "powerpoint";
break;
case ".xls":
case ".xlsx":
fileType = "excel";
break;
case ".jpeg":
case ".jpg":
case ".png":
fileType = "image";
break;
default:
fileType = "alt";
break;
}
//Upload the file to Azure storage
string filePath = Utilities.UploadFileToAzureStorage(file.FileBytes, actualFileName,
Utilities.ConstantAzureStorageContainerName.UPLOADED_FILES.ToString());
if (!String.IsNullOrWhiteSpace(filePath))
{
PyramidUser currentUser = null;
// Validate the user password
using (var manager = Context.GetOwinContext().GetUserManager <ApplicationUserManager>())
{
//Try to get the user
currentUser = manager.FindByName(User.Identity.Name);
}
using (PyramidContext context = new PyramidContext())
{
//Create the database object for the file
UserFileUpload currentUserFileUpload = new UserFileUpload();
currentUserFileUpload.CreateDate = DateTime.Now;
currentUserFileUpload.Creator = User.Identity.Name;
currentUserFileUpload.UploadedBy = currentUser.FirstName + " " + currentUser.LastName;
currentUserFileUpload.Description = txtFileDescription.Value.ToString();
currentUserFileUpload.FileType = fileType;
currentUserFileUpload.DisplayFileName = displayFileName;
currentUserFileUpload.FileName = actualFileName;
currentUserFileUpload.FilePath = filePath;
currentUserFileUpload.TypeCodeFK = Convert.ToInt32(ddFileType.Value);
//Set the proper FKs
if (currentUserFileUpload.TypeCodeFK == (int)Utilities.FileTypeFKs.PROGRAM_WIDE)
{
currentUserFileUpload.ProgramFK = Convert.ToInt32(ddProgram.Value);
currentUserFileUpload.HubFK = null;
currentUserFileUpload.StateFK = null;
currentUserFileUpload.CohortFK = null;
}
else if (currentUserFileUpload.TypeCodeFK == (int)Utilities.FileTypeFKs.HUB_WIDE)
{
currentUserFileUpload.ProgramFK = null;
currentUserFileUpload.HubFK = Convert.ToInt32(ddHub.Value);
currentUserFileUpload.StateFK = null;
currentUserFileUpload.CohortFK = null;
}
else if (currentUserFileUpload.TypeCodeFK == (int)Utilities.FileTypeFKs.STATE_WIDE)
{
currentUserFileUpload.ProgramFK = null;
currentUserFileUpload.HubFK = null;
currentUserFileUpload.StateFK = Convert.ToInt32(ddState.Value);
currentUserFileUpload.CohortFK = null;
}
else if (currentUserFileUpload.TypeCodeFK == (int)Utilities.FileTypeFKs.COHORT_WIDE)
{
currentUserFileUpload.ProgramFK = null;
currentUserFileUpload.HubFK = null;
currentUserFileUpload.StateFK = null;
currentUserFileUpload.CohortFK = Convert.ToInt32(ddCohort.Value);
}
//Save to the database
context.UserFileUpload.Add(currentUserFileUpload);
context.SaveChanges();
//Redirect the user back to this page with a message
Response.Redirect("/Pages/UploadedFiles.aspx?messageType=UploadSuccess");
}
}
else
{
msgSys.ShowMessageToUser("danger", "Upload Failed", "The file failed to upload properly, please try again.", 10000);
}
}
else
{
msgSys.ShowMessageToUser("danger", "Error", "No valid file was selected to be uploaded!", 120000);
}
}
else
{
msgSys.ShowMessageToUser("danger", "Error", "You are not authorized to make changes!", 120000);
}
}
/// <summary>
/// This method fires when the user clicks the Login button and it attempts to log
/// the user in
/// </summary>
/// <param name="sender">The btnLogin DevExpress button</param>
/// <param name="e">The Click event</param>
protected void btnLogin_Click(object sender, EventArgs e)
{
if (ASPxEdit.AreEditorsValid(this, btnLogin.ValidationGroup))
{
// Validate the user password
var manager = Context.GetOwinContext().GetUserManager <ApplicationUserManager>();
var signinManager = Context.GetOwinContext().GetUserManager <ApplicationSignInManager>();
//Try to get the user
PyramidUser user = manager.FindByName(txtUsername.Text);
//Make sure that the user is confirmed
if (user != null && manager.IsEmailConfirmed(user.Id))
{
//Try to sign the user in
var result = signinManager.PasswordSignIn(txtUsername.Text, txtPassword.Text, false, user.LockoutEnabled);
switch (result)
{
case SignInStatus.Success:
//The user successfully logged in
List <UserProgramRole> userProgramRoles;
List <spGetUserCustomizationOptions_Result> userCustomizationOptions;
using (PyramidContext context = new PyramidContext())
{
//Get the user's program roles
userProgramRoles = context.UserProgramRole.AsNoTracking()
.Include(upr => upr.CodeProgramRole)
.Include(upr => upr.Program)
.Where(upr => upr.Username == txtUsername.Text).ToList();
//Get the user's customization options
userCustomizationOptions = context.spGetUserCustomizationOptions(txtUsername.Text).ToList();
//Keep a record of successful logins
LoginHistory history = new LoginHistory();
history.Username = txtUsername.Text;
history.LoginTime = DateTime.Now;
//If the user only has one program role, record it in the login history
if (userProgramRoles.Count == 1)
{
history.ProgramFK = userProgramRoles.First().ProgramFK;
history.Role = userProgramRoles.First().CodeProgramRole.RoleName;
}
//Save the login history
context.LoginHistory.Add(history);
context.SaveChanges();
//Save the LoginHistory primary key to the session for later access
Session["LoginHistoryPK"] = history.LoginHistoryPK;
}
//Set the user customization options cookie
Utilities.SetCustomizationOptionCookie(userCustomizationOptions);
//Redirect the user based on the number of roles they have
if (userProgramRoles.Count > 1)
{
Response.Redirect(String.Format("/Account/SelectRole.aspx?ReturnUrl={0}",
(Request.QueryString["ReturnUrl"] != null ? Request.QueryString["ReturnUrl"].ToString() : "/Default.aspx")));
}
else
{
//To hold the role information
ProgramAndRoleFromSession roleInfo = new ProgramAndRoleFromSession();
//Get the UserProgramRole
UserProgramRole userRole = userProgramRoles.FirstOrDefault();
//Set the session variables for the program roles
roleInfo.RoleFK = userRole.CodeProgramRole.CodeProgramRolePK;
roleInfo.RoleName = userRole.CodeProgramRole.RoleName;
roleInfo.AllowedToEdit = userRole.CodeProgramRole.AllowedToEdit;
roleInfo.CurrentProgramFK = userRole.ProgramFK;
roleInfo.ProgramName = userRole.Program.ProgramName;
//Get the hub and state information
using (PyramidContext context = new PyramidContext())
{
Program currentProgram = context.Program.AsNoTracking()
.Include(p => p.Hub)
.Include(p => p.State)
.Include(p => p.ProgramType)
.Where(p => p.ProgramPK == userRole.ProgramFK).FirstOrDefault();
roleInfo.HubFK = currentProgram.HubFK;
roleInfo.HubName = currentProgram.Hub.Name;
roleInfo.StateFK = currentProgram.StateFK;
roleInfo.StateName = currentProgram.State.Name;
roleInfo.StateLogoFileName = currentProgram.State.LogoFilename;
roleInfo.StateCatchphrase = currentProgram.State.Catchphrase;
roleInfo.StateDisclaimer = currentProgram.State.Disclaimer;
//Set the allowed program fks
if (roleInfo.RoleFK == (int)Utilities.ProgramRoleFKs.HUB_DATA_VIEWER)
{
//Hub viewer, allow them to see the programs in that hub
var hubPrograms = context.Program.AsNoTracking()
.Where(p => p.HubFK == roleInfo.HubFK.Value)
.ToList();
roleInfo.ProgramFKs = hubPrograms
.Select(hp => hp.ProgramPK)
.ToList();
//Allow them to see all cohorts in their hub
roleInfo.CohortFKs = hubPrograms
.Select(hp => hp.CohortFK)
.Distinct()
.ToList();
//Don't restrict their view of the BOQs
roleInfo.ShowBOQ = true;
roleInfo.ShowBOQFCC = true;
}
else if (roleInfo.RoleFK == (int)Utilities.ProgramRoleFKs.APPLICATION_ADMIN)
{
//App admin, allow them to see all programs in a state
roleInfo.ProgramFKs = context.Program.AsNoTracking()
.Where(p => p.StateFK == roleInfo.StateFK.Value)
.Select(p => p.ProgramPK).ToList();
//Allow them to see all cohorts in a state
roleInfo.CohortFKs = context.Cohort.AsNoTracking()
.Where(c => c.StateFK == roleInfo.StateFK.Value)
.Select(c => c.CohortPK).ToList();
//Don't restrict their view of the BOQs
roleInfo.ShowBOQ = true;
roleInfo.ShowBOQFCC = true;
}
else if (roleInfo.RoleFK == (int)Utilities.ProgramRoleFKs.SUPER_ADMIN)
{
//Super admin, all programs in all states
roleInfo.ProgramFKs = context.Program.AsNoTracking()
.Select(p => p.ProgramPK).ToList();
//All cohorts
roleInfo.CohortFKs = context.Cohort.AsNoTracking()
.Select(c => c.CohortPK).ToList();
//Don't restrict their view of the BOQs
roleInfo.ShowBOQ = true;
roleInfo.ShowBOQFCC = true;
}
else
{
//Something else, limit to the current program fk
List <int> programFKs = new List <int>();
programFKs.Add(roleInfo.CurrentProgramFK.Value);
roleInfo.ProgramFKs = programFKs;
//Limit to current cohort fk
List <int> cohortFKs = new List <int>();
cohortFKs.Add(currentProgram.CohortFK);
roleInfo.CohortFKs = cohortFKs;
//Determine if this program is a FCC program
var fccProgramTypes = currentProgram.ProgramType
.Where(pt => pt.TypeCodeFK == (int)Utilities.ProgramTypeFKs.FAMILY_CHILD_CARE ||
pt.TypeCodeFK == (int)Utilities.ProgramTypeFKs.GROUP_FAMILY_CHILD_CARE)
.ToList();
//Limit their view to the right BOQ type
if (fccProgramTypes.Count > 0)
{
roleInfo.ShowBOQ = false;
roleInfo.ShowBOQFCC = true;
}
else
{
roleInfo.ShowBOQ = true;
roleInfo.ShowBOQFCC = false;
}
}
}
//Add the role information to the session
Utilities.SetProgramRoleInSession(Session, roleInfo);
//Redirect the user
Response.Redirect(Request.QueryString["ReturnUrl"] != null ? Request.QueryString["ReturnUrl"].ToString() : "/Default.aspx");
}
break;
case SignInStatus.LockedOut:
Response.Redirect("/Account/Lockout");
break;
case SignInStatus.RequiresVerification:
Response.Redirect(String.Format("/Account/TwoFactorAuthenticationSignIn?ReturnUrl={0}",
Request.QueryString["ReturnUrl"]), true);
break;
case SignInStatus.Failure:
default:
//Show the user an error message
msgSys.ShowMessageToUser("danger", "Error", "Invalid login attempt", 120000);
//Focus the password text box
txtPassword.Focus();
break;
}
}
else
{
msgSys.ShowMessageToUser("danger", "Error", "Invalid login attempt", 120000);
}
}
}
