public bool ValidatePassword()
{
HBS.Entities.UserProfile u=new HBS.Entities.UserProfile();
u.UserName=this.UserName;
u.Password=this.Password;
string reqText=JsonConvert.SerializeObject(u);
byte[] data = Encoding.UTF8.GetBytes(reqText);
bool result = false;
string uri = "http://services.heartbeat-biz.com/api/Security";
//string uri = "http://localhost:3687/api/Security";
HttpWebRequest req = (HttpWebRequest)WebRequest.Create(uri);
req.Method = "post";
req.ContentType = "application/json";
req.Accept = "text/json";
Stream requestStream = req.GetRequestStream();
requestStream.Write(data, 0, data.Length);
requestStream.Close();
HttpWebResponse response = (HttpWebResponse)req.GetResponse();
//Now Reading the Response to the end. This is basically a JSON Object comprised of the JSON Array Mentioned in comment above
StreamReader read = new StreamReader(response.GetResponseStream());
string ResponseJSon = read.ReadToEnd();
read.Close();
u = JsonConvert.DeserializeObject<HBS.Entities.UserProfile>(ResponseJSon);
this.RoleId = u.RoleId;
this.userid = u.UserId;
this.RoleName = u.RoleName;
this.companyid = u.CompanyId;
return result;
}
public bool ValidatePassword()
{
HBS.Entities.UserProfile u = new HBS.Entities.UserProfile();
u.UserName = this.UserName;
u.Password = this.Password;
string reqText = JsonConvert.SerializeObject(u);
byte[] data = Encoding.UTF8.GetBytes(reqText);
bool result = false;
string uri = "http://services.heartbeat-biz.com/api/Security";
HttpWebRequest req = (HttpWebRequest)WebRequest.Create(uri);
req.Method = "post";
req.ContentType = "application/json";
req.Accept = "text/json";
Stream requestStream = req.GetRequestStream();
requestStream.Write(data, 0, data.Length);
requestStream.Close();
HttpWebResponse response = (HttpWebResponse)req.GetResponse();
//Now Reading the Response to the end. This is basically a JSON Object comprised of the JSON Array Mentioned in comment above
StreamReader read = new StreamReader(response.GetResponseStream());
string ResponseJSon = read.ReadToEnd();
read.Close();
u = JsonConvert.DeserializeObject <HBS.Entities.UserProfile>(ResponseJSon);
this.userid = u.UserId;
this.companyid = u.CompanyId;
return(result);
}
public UserProfile PostUser([FromBody] UserProfile user)
{
UserProfile userInRepo;
userInRepo = securityEntity.GetUser(user.UserName);
if (userInRepo == null)
userInRepo = new UserProfile() { UserId = -2 };
else if (!(user.Password == userInRepo.Password))
userInRepo.UserId = -1;
return userInRepo;
}
public int AddUser(UserProfile user)
{
using (var conn = new SqlConnection(PrescienceRxConnectionString))
{
conn.Open();
using (var cmd = new SqlCommand(AddUserSp, conn))
{
cmd.CommandType = System.Data.CommandType.StoredProcedure;
cmd.Parameters.Add("@CompanyId", System.Data.SqlDbType.Int);
cmd.Parameters["@CompanyId"].Value = user.CompanyId;
cmd.Parameters.Add("@UserName", System.Data.SqlDbType.VarChar);
cmd.Parameters["@UserName"].Value = user.UserName;
cmd.Parameters.Add("@Password", System.Data.SqlDbType.VarChar);
cmd.Parameters["@Password"].Value = user.Password;
cmd.Parameters.Add("@FirstName", System.Data.SqlDbType.VarChar);
cmd.Parameters["@FirstName"].Value = user.FirstName;
cmd.Parameters.Add("@LastName", System.Data.SqlDbType.VarChar);
cmd.Parameters["@LastName"].Value = user.LastName;
cmd.Parameters.Add("@Email", System.Data.SqlDbType.VarChar);
cmd.Parameters["@Email"].Value = user.Email;
cmd.Parameters.Add("@CreatedBy", System.Data.SqlDbType.Int);
cmd.Parameters["@CreatedBy"].Value = user.CreatedBy;
cmd.Parameters.Add("@RoleId", System.Data.SqlDbType.Int);
cmd.Parameters["@RoleId"].Value = user.RoleId;
int i = Convert.ToInt32(cmd.ExecuteScalar());
if (i > 0)
{
cmd.CommandText = AssignUserModuleSp;
cmd.Parameters.Clear();
cmd.Parameters.Add("@UserId", System.Data.SqlDbType.Int);
cmd.Parameters["@UserId"].Value = i;
cmd.Parameters.Add("@ModuleId", System.Data.SqlDbType.Int);
foreach (var item in user.LstModules)
{
cmd.Parameters["@ModuleId"].Value = item;
cmd.ExecuteNonQuery();
}
}
return i;
}
}
}
public bool UpdateUser(UserProfile user)
{
using (var conn = new SqlConnection(PrescienceRxConnectionString))
{
conn.Open();
using (var cmd = new SqlCommand(UpdateUserSp, conn))
{
cmd.CommandType = System.Data.CommandType.StoredProcedure;
cmd.Parameters.Add("@UserId", System.Data.SqlDbType.Int);
cmd.Parameters["@UserId"].Value = user.UserId;
cmd.Parameters.Add("@CompanyId", System.Data.SqlDbType.Int);
cmd.Parameters["@CompanyId"].Value = user.CompanyId;
cmd.Parameters.Add("@UserName", System.Data.SqlDbType.VarChar);
cmd.Parameters["@UserName"].Value = user.UserName;
cmd.Parameters.Add("@Password", System.Data.SqlDbType.VarChar);
cmd.Parameters["@Password"].Value = user.Password;
cmd.Parameters.Add("@FirstName", System.Data.SqlDbType.VarChar);
cmd.Parameters["@FirstName"].Value = user.FirstName;
cmd.Parameters.Add("@LastName", System.Data.SqlDbType.VarChar);
cmd.Parameters["@LastName"].Value = user.LastName;
cmd.Parameters.Add("@Email", System.Data.SqlDbType.VarChar);
cmd.Parameters["@Email"].Value = user.Email;
cmd.Parameters.Add("@UpdatedBy", System.Data.SqlDbType.Int);
cmd.Parameters["@UpdatedBy"].Value = user.UpdatedBy;
cmd.Parameters.Add("@RoleId", System.Data.SqlDbType.Int);
cmd.Parameters["@RoleId"].Value = user.RoleId;
bool b = cmd.ExecuteNonQuery() > 0;
if (b)
{
cmd.CommandText = "Delete from dbo.UserModules WHERE UserId=" + user.UserId;
cmd.CommandType = System.Data.CommandType.Text;
cmd.Parameters.Clear();
cmd.ExecuteNonQuery();
cmd.CommandText = AssignUserModuleSp;
cmd.CommandType = System.Data.CommandType.StoredProcedure;
cmd.Parameters.Add("@UserId", System.Data.SqlDbType.Int);
cmd.Parameters["@UserId"].Value = user.UserId;
cmd.Parameters.Add("@ModuleId", System.Data.SqlDbType.Int);
foreach (var item in user.LstModules)
{
cmd.Parameters["@ModuleId"].Value = item;
cmd.ExecuteNonQuery();
}
}
return b;
}
}
}
public List<UserProfile> GetUsers(int companyId, string searchText)
{
UserProfile user = null;
List<UserProfile> ListUserProfile = null;
using (var conn = new SqlConnection(PrescienceRxConnectionString))
{
conn.Open();
using (var cmd = new SqlCommand(SearchUsersSp, conn)) //TODO: Need a correct stored procedue name right now it has not been created.
{
cmd.CommandType = System.Data.CommandType.StoredProcedure;
cmd.Parameters.Add("@companyId", System.Data.SqlDbType.Int);
cmd.Parameters["@companyId"].Value = companyId;
cmd.Parameters.Add("@searchText", System.Data.SqlDbType.VarChar);
cmd.Parameters["@searchText"].Value = searchText;
using (var myReader = cmd.ExecuteReader())
{
try
{
if (myReader.HasRows)
{
ListUserProfile = new List<UserProfile>();
while (myReader.Read())
{
user = new UserProfile(myReader);
ListUserProfile.Add(user);
}
}
}
catch (Exception ex)
{
// TODO Logg Error here
}
}
}
}
return ListUserProfile;
}
public List<UserProfile> GetUsers(int companyId)
{
UserProfile user = null;
List<UserProfile> ListUserProfile = null;
using (var conn = new SqlConnection(PrescienceRxConnectionString))
{
conn.Open();
using (var cmd = new SqlCommand(GetUsersByCompanyIdSp, conn))
{
cmd.CommandType = System.Data.CommandType.StoredProcedure;
cmd.Parameters.Add("@companyId", System.Data.SqlDbType.Int);
cmd.Parameters["@companyId"].Value = companyId;
using (var myReader = cmd.ExecuteReader())
{
try
{
if (myReader.HasRows)
{
ListUserProfile = new List<UserProfile>();
while (myReader.Read())
{
user = new UserProfile(myReader);
ListUserProfile.Add(user);
}
}
}
catch (Exception ex)
{
// TODO Logg Error here
}
}
}
}
return ListUserProfile;
}
public UserProfile GetUser(string userName)
{
UserProfile user = null;
using (var conn = new SqlConnection(PrescienceRxConnectionString))
{
conn.Open();
using (var cmd = new SqlCommand(GetUesrByUserNameSp, conn))
{
cmd.CommandType = System.Data.CommandType.StoredProcedure;
cmd.Parameters.Add("@UserName", System.Data.SqlDbType.VarChar);
cmd.Parameters["@UserName"].Value = userName;
using (var myReader = cmd.ExecuteReader())
{
try
{
if (myReader.HasRows)
{
myReader.Read();
user = new UserProfile(myReader);
}
}
catch (Exception ex)
{
// TODO Logg Error here
}
}
}
}
return user;
}
public UserProfile GetUser(int userId)
{
UserProfile user = null;
using (var conn = new SqlConnection(PrescienceRxConnectionString))
{
conn.Open();
using (var cmd = new SqlCommand(GetUesrByIdSp, conn))
{
cmd.CommandType = System.Data.CommandType.StoredProcedure;
cmd.Parameters.Add("@UserId", System.Data.SqlDbType.Int);
cmd.Parameters["@UserId"].Value = userId;
using (var myReader = cmd.ExecuteReader())
{
try
{
if (myReader.HasRows)
{
myReader.Read();
user = new UserProfile(myReader);
AdminRepository admrep = new AdminRepository();
List<Module> modules = admrep.GetModulesByUser(userId);
user.LstModules = new List<int>();
foreach (var item in modules)
{
user.LstModules.Add(item.ModuleId);
}
}
}
catch (Exception ex)
{
// TODO Logg Error here
}
}
}
}
return user;
}