public void Test_GetPersonInformation_Found_SiteAdmin()
{
DBAccessor dba = new DBAccessor();
Person person = dba.GetPersonInformation(TestConstants.GETPERSONINFORMATION_VALIDEMAIL_ADMIN);
Assert.AreEqual(TestConstants.GETPERSONINFORMATION_VALIDEMAIL_ADMIN, person.email);
Assert.AreEqual(TestConstants.GETPERSONINFORMATION_PASSWORD_ADMIN, person.getUnencryptedPassword());
Assert.AreEqual(TestConstants.GETPERSONINFORMATION_FIRSTNAME_ADMIN, person.firstName);
Assert.AreEqual(TestConstants.GETPERSONINFORMATION_LASTNAME_ADMIN, person.lastName);
Assert.AreEqual(TestConstants.GETPERSONINFORMATION_USERID_ADMIN, person.ID);
Assert.AreEqual(TestConstants.GETPERSONINFORMATION_COACHENABLED_ADMIN, person.permissions.coachEnabled);
Assert.AreEqual(TestConstants.GETPERSONINFORMATION_SITEADMIN_ADMIN, person.permissions.siteAdmin);
}
public ActionResult AddCoachRequest()
{
String result = "Coach permission has been requested.";
DBAccessor dba = new DBAccessor();
// Add request to the DB
string email = User.Identity.Name;
Person requestee = dba.GetPersonInformation(email);
if (requestee != null) {
if (dba.AddNewRequest(requestee.ID, RequestType.COACH_PERMISSION)) {
// Send email that a request was added
try {
// Form an email
MailMessage newMessage = new MailMessage();
SmtpClient mailService = new SmtpClient();
//set the addresses
newMessage.From = new MailAddress(AppConstants.EMAIL_ADMIN);
newMessage.To.Add(AppConstants.EMAIL_ADMIN);
//set the content
newMessage.Subject = "Coach Permission Requested";
newMessage.Body = requestee.firstName + " " + requestee.lastName + " has requested coach access (email: " + requestee.email + ").";
//send the message
mailService.UseDefaultCredentials = false;
mailService.DeliveryMethod = SmtpDeliveryMethod.Network;
mailService.Host = AppConstants.EMAIL_SMTP_ADDRESS;
mailService.Credentials = new NetworkCredential(AppConstants.EMAIL_SMTP_USERNAME, AppConstants.EMAIL_SMTP_PASSWORD);
mailService.Send(newMessage);
}
catch (Exception) {
result = "Error notifying the site administrator.";
}
}
else {
result = "Couldn't add a request to the database.";
}
}
else {
result = "Couldn't find the user in the database.";
}
return Json(
new { message = result },
JsonRequestBehavior.AllowGet
);
}
//
// GET: /Account/Edit
public ActionResult Edit()
{
String userEmail = User.Identity.Name;
DBAccessor dba = new DBAccessor();
Person user = dba.GetPersonInformation(userEmail);
EditModel model = new EditModel();
if (user != null) {
model.FirstName = user.firstName;
model.LastName = user.lastName;
model.Email = user.email;
model.Birthday = user.birthday;
model.Height = Convert.ToInt16(user.height);
model.Weight = Convert.ToInt16(user.weight);
model.ImageURL = user.imageURL;
}
else {
return RedirectToAction("Index", "Home");
}
return View(model);
}
/// <summary>
/// Sends an invite email to the given email with the given message.
/// </summary>
/// <param name="inviteEmail">The email of the person to invite.</param>
/// <param name="inviteMessage">The message to send with the invitation.</param>
/// <returns>Success of the call.</returns>
public ActionResult AJAX_InviteUser(string inviteEmail, string inviteMessage, long teamID)
{
string successMessage = "Message sent to " + inviteEmail;
// Make sure the request is authenticated
if (Request.IsAuthenticated) {
// Make sure the invite email is bound
if (inviteEmail != null && !inviteEmail.Equals("")) {
// Validate the request
DBAccessor dba = new DBAccessor();
Person user = dba.GetPersonInformation(User.Identity.Name);
string name = user.firstName + " " + user.lastName;
Team team = dba.GetTeamDetails(teamID);
if (team.coaches.Contains(user, new PersonComparer())) {
try {
// Add the invite to the database
long inviteID = dba.AddInvite(inviteEmail, user.ID, teamID);
// Form an email
String body = "";
if (inviteMessage != null && !inviteMessage.Equals("")) {
body += "See " + name + "'s message below:\n\n" + inviteMessage + "\n\n";
}
body += "To join the " + team.name + " visit http://dugoutdigits.com/Team/Join?id=" + inviteID + "&email=" + inviteEmail + " and follow the instructions.";
MailMessage newMessage = new MailMessage();
SmtpClient mailService = new SmtpClient();
//set the addresses
newMessage.From = new MailAddress(AppConstants.EMAIL_ADMIN);
newMessage.To.Add(inviteEmail);
//set the content
newMessage.Subject = name + " has invited you to join the " + team.name;
newMessage.Body = body;
//send the message
mailService.UseDefaultCredentials = false;
mailService.DeliveryMethod = SmtpDeliveryMethod.Network;
mailService.Host = AppConstants.EMAIL_SMTP_ADDRESS;
mailService.Credentials = new NetworkCredential(AppConstants.EMAIL_SMTP_USERNAME, AppConstants.EMAIL_SMTP_PASSWORD);
mailService.Send(newMessage);
}
catch (Exception) {
successMessage = "Error sending email to " + inviteEmail;
}
}
else {
successMessage = "Invalid attempt to invite user.";
LogEntry entry = new LogEntry(LogType.INVALID_REQUEST, LogFunction.INVITE_USER, LogAction.NA);
entry.User = user;
entry.Message = "Attempt to invite "+inviteEmail+" to join "+team.name+" (ID "+team.ID+").";
dba.LogMessage(entry);
}
}
else {
successMessage = "Please enter the email of the person you are trying to invite.";
}
}
else {
successMessage = "The request was not authenticated.";
}
// Return the success message of the addition
return Json(
new { message = successMessage },
JsonRequestBehavior.AllowGet
);
}
/// <summary>
/// Returns a list of the pending requests associated with the authenticated user.
/// </summary>
/// <returns>HTML table containing a list of requests.</returns>
public ActionResult AJAX_GetRequestTable()
{
string result = "<p>Could not authenticate the request.</p>\n";
if (Request.IsAuthenticated) {
DBAccessor dba = new DBAccessor();
Person person = dba.GetPersonInformation(User.Identity.Name);
if (person.permissions.coachEnabled) {
result = "";
// Call the database to get pending requests
List<Request> requests = dba.GetRequests(User.Identity.Name);
// Form an HTML table with the retrieved information
if (requests.Any()) {
result += "<table>\n";
result += "<tr><th>Request From</th><th>Requests to Join</th><th>Action</th></tr>\n";
foreach (Request request in requests) {
string playerName = request.requestee.firstName + " " + request.requestee.lastName;
result += "<tr><td>" + playerName + "</td><td>" + request.team.name + "</td>";
result += "<td><img src='./../Content/images/accept.png' height='20' width='20' class='request-action-image' alt='accept' onClick='action_acceptrequest(" + request.ID + ")' />";
result += "<img src='./../Content/images/decline.png' height='20' width='20' class='request-action-image' margin-right='5px' alt='decline' onClick='action_declinerequest(" + request.ID + ")' />";
result += "<div onClick='action_detailsrequest(" + request.ID + ")' class='request-action-text clickable-text'>Details</div></td></tr>";
}
result += "</table>\n";
}
else {
result += "<p>There are no pending requests at this time.</p>\n";
}
}
else {
result = "";
}
}
return Json(
new { message = result },
JsonRequestBehavior.AllowGet
);
}
/// <summary>
/// Returns an HTML table of the invites that the authenticated user has initiated
/// and are still open.
/// </summary>
/// <returns></returns>
public ActionResult AJAX_GetOpenInviteTable()
{
string result = "<p>Could not authenticate the request.</p>\n";
if (Request.IsAuthenticated) {
DBAccessor dba = new DBAccessor();
Person user = dba.GetPersonInformation(User.Identity.Name);
if (user.permissions.coachEnabled) {
result = "";
// Call the database to get pending requests
List<Invitation> invitations = dba.GetMyOpenInvites(User.Identity.Name);
// Form an HTML table with the retrieved information
if (invitations.Any()) {
result += "<table>\n";
result += "<tr><th>Invited</th><th>To Join</th><th>Sent On</th><th>Remove</th></tr>\n";
foreach (Invitation invitation in invitations) {
result += "<tr><td>" + invitation.invitee + "</td><td>" + invitation.team.name + "</td><td>" + invitation.timestamp.ToString("m") + "</td>";
result += "<td><div onClick='action_removeinvite(" + invitation.ID + ")' class='request-action-text clickable-text'>Remove</div></td></tr>";
}
result += "</table>\n";
}
else {
result += "<p>You have no open invites at this time.</p>\n";
}
}
else {
result = "";
}
}
return Json(
new { message = result },
JsonRequestBehavior.AllowGet
);
}
public ActionResult Join()
{
if (Request.IsAuthenticated) {
string inviteEmail = Request.QueryString["email"];
if (User.Identity.Name == inviteEmail) {
try {
// Get the user information
DBAccessor dba = new DBAccessor();
Person user = dba.GetPersonInformation(User.Identity.Name);
ViewBag.FirstName = user.firstName;
ViewBag.LastName = user.lastName;
ViewBag.ImageURL = user.imageURL;
// Perform the addition of the team member
long inviteID = Convert.ToInt64(Request.QueryString["id"]);
Team team = dba.AcceptInvite(User.Identity.Name, inviteID);
ViewBag.TeamName = team.name;
}
catch { }
return View();
}
else {
return RedirectToAction("Logoff", "Account");
}
}
else {
return RedirectToAction("Logon", "Account");
}
}
/// <summary>
/// Removes a request entry from the database.
/// </summary>
/// <param name="requestID">The ID of the request entry to remove.</param>
/// <returns>Success message of the request removal.</returns>
public ActionResult AJAX_RemoveRequest(long requestID)
{
// Make sure the user is authenticated
string result = "Request not authenticated.";
if (Request.IsAuthenticated) {
// Get the person id for the user currently logged in
DBAccessor dba = new DBAccessor();
Person requestee = dba.GetPersonInformation(User.Identity.Name);
// Get the request that's trying to be removed
Request request = dba.GetRequest(requestID, RequestType.JOIN_TEAM);
if (request.requestee.email == requestee.email || request.team.coaches.Contains(requestee, new PersonComparer())) {
// Remove the request to the database
result = "Error making the request.";
if (dba.RemoveRequest(requestID)) {
result = "Request removed.";
}
} else {
result = "Invalid attempt to remove request.";
String message = "Attempt to remove request from " + request.requestee.firstName + " " + request.requestee.lastName + " (ID " + request.requestee.ID + ") ";
message += "to join " + request.team.name + " (ID " + request.team.ID + ").";
LogEntry entry = new LogEntry(LogType.INVALID_REQUEST, LogFunction.REMOVE_REQUEST_JOIN, LogAction.NA);
entry.User = requestee;
entry.Message = message;
dba.LogMessage(entry);
}
}
// Return the success message of the removal
return Json(
new { message = result },
JsonRequestBehavior.AllowGet
);
}
public ActionResult LogOn(LogOnModel model, string returnUrl)
{
if (ModelState.IsValid) {
// This should be a DB check instead of Membership.ValidateUser
DBAccessor dba = new DBAccessor();
LogonResponse result = dba.CheckLoginCredentials(model.Email, model.Password);
if (result.success == (int)LogonResults.SUCCESS) {
Person user = dba.GetPersonInformation(model.Email);
FormsAuthentication.SetAuthCookie(model.Email, model.RememberMe);
// Add a name cookie
HttpCookie cookie = new HttpCookie(AppConstants.COOKIE_NAME, result.user.firstName + " " + result.user.lastName);
cookie.Expires = DateTime.Now.AddDays(1000);
this.ControllerContext.HttpContext.Response.Cookies.Add(cookie);
// Add a coach permission cookie
string permission = "false";
if (user.permissions.coachEnabled) {
permission = "true";
}
cookie = new HttpCookie(AppConstants.COOKIE_COACH_PERMISSION, permission);
cookie.Expires = DateTime.Now.AddDays(1000);
this.ControllerContext.HttpContext.Response.Cookies.Add(cookie);
if (Url.IsLocalUrl(returnUrl) && returnUrl.Length > 1 && returnUrl.StartsWith("/")
&& !returnUrl.StartsWith("//") && !returnUrl.StartsWith("/\\")) {
return Redirect(returnUrl);
}
else {
return RedirectToAction("Index", "Home");
}
}
else {
ModelState.AddModelError("", result.errorMessage);
}
}
// If we got this far, something failed, redisplay form
return View(model);
}
//
// GET: /Admin/
public ActionResult Index()
{
if (Request.IsAuthenticated) {
DBAccessor dba = new DBAccessor();
Person user = dba.GetPersonInformation(User.Identity.Name);
if (user.permissions.siteAdmin) {
ViewBag.SiteAdmin = true;
return View();
}
else {
return RedirectToAction("Index", "Home");
}
}
return RedirectToAction("LogOn", "Account");
}
public void Test_GetPersonInformation_NotFound()
{
DBAccessor dba = new DBAccessor();
Person person = dba.GetPersonInformation(TestConstants.GETPERSONINFORMATION_INVALIDEMAIL_ADMIN);
Assert.AreEqual(null, person);
}
