Example #1
0
        public ActionResult Index(User user, string action, string ReturnUrl)
        {
            if (action == "Submit")
            {
                bool result = false;
                string msg = string.Empty;
                string fullName = string.Empty;
                if (ModelState.IsValid)
                {
                    Entities.UserManagement.SampleData entities = new SampleData();

                   // result = entities.SUsers.Any(u => u.Username == user.Username);

                    if ( user.Username == null || user.Password == null)
                    {
                        ModelState.AddModelError("", "Please enter Username / Password !");
                        ViewBag.msg = "Error";
                        return View();
                    }
                    if (user.Username == "sadmin")
                    {
                        result = _applicationContext.ServiceContext.AdminService.Login(user.Username, user.Password);
                        fullName = _applicationContext.ServiceContext.AdminService.GetUserName();
                    }
                    else
                    {
                        if (Url.IsLocalUrl(ReturnUrl) && ReturnUrl.Length > 1 && ReturnUrl.StartsWith("/")
                        && !ReturnUrl.StartsWith("//") && !ReturnUrl.StartsWith("/\\"))
                        {
                            string InstitutionId = ReturnUrl.Split('=')[1];
                            Session.Add("InstitutionId", InstitutionId);
                            //ReInitializing Application Context with Institution Details.
                            System.Web.HttpContext.Current.Session["ApplicationContext"] = null;
                            _applicationContext = new ApplicationContext();
                            System.Web.HttpContext.Current.Session["ApplicationContext"] = _applicationContext;

                            result = _applicationContext.ServiceContext.UserService.AuthenticateUser(user.Username, user.Password, out msg, out fullName);
                        }

                    }
                    if (result)
                    {
                        Session["Username"] = fullName;
                        System.Web.HttpContext.Current.Session["ApplicationContext"] = null;
                        Session["InstitutionId"] = null;
                        FormsAuthentication.SetAuthCookie(user.Username, false);

                        if (Url.IsLocalUrl(ReturnUrl) && ReturnUrl.Length > 1 && ReturnUrl.StartsWith("/")
                        && !ReturnUrl.StartsWith("//") && !ReturnUrl.StartsWith("/\\"))
                        {
                            return Redirect(ReturnUrl);
                        }
                        else
                        {
                            return RedirectToAction("ManageInstitution", "Admin");
                        }
                    }
                    else
                    {
                        if (string.IsNullOrWhiteSpace(msg))
                            msg = "Invalid username / Password !";
                        ModelState.AddModelError("", msg);
                        ViewBag.msg = "Error";
                        string tmp = System.Web.HttpContext.Current.Request.RawUrl;
                       // RedirectToAction("Index", "Admin", new { ReturnUrl = ReturnUrl });
                        return View();
                    }
                }
            }
            else
            {
                ModelState.Clear();
                ViewBag.msg = null;
                return View();
            }
            return View();
        }
Example #2
0
        // GET: Institution
        public ActionResult InstitutionDashboard(int? InstitutionId)
        {
            List<ViewModels.Appointment> apps = new List<ViewModels.Appointment>();
            var instList = _applicationContext.ServiceContext.AdminService.GetTenants();
            ViewBag.instListcount = instList.Count;

            if (instList.Count == 0)
            {
                return View(apps);
            }

            if (InstitutionId != null && InstitutionId > 0)
            {
                //Added to avoid direct injection of Istitution ID.
                if(HttpContext.User.Identity.Name != "sadmin")
                if (Session["InstitutionId"] != null && Session["InstitutionId"].ToString() != InstitutionId.ToString())
                {
                    FormsAuthentication.SignOut();
                    Session.Abandon();
                    return RedirectToAction("Index", "Admin", new { Error = "Sorry you are not Authorized to Perform this Action" });
                }
                if (Session["InstitutionId"] == null || Session["InstitutionId"].ToString() != InstitutionId.ToString())
                {
                    Session.Add("InstitutionId", InstitutionId);
                    //ReInitializing Application Context with Institution Details.
                    System.Web.HttpContext.Current.Session["ApplicationContext"] = null;
                    _applicationContext = new ApplicationContext();
                    System.Web.HttpContext.Current.Session["ApplicationContext"] = _applicationContext;
                }

                int v2 = InstitutionId ?? default(int);
                string InstName = _applicationContext.ServiceContext.AdminService.GetInstitutionName(v2);
                Session["InstitutionName"] = InstName;
                NameValueCollection searchfilter = new NameValueCollection();
                searchfilter.Add("name", null);
                searchfilter.Add("appdt", DateTime.Now.ToString("MM/dd/yyyy"));
                searchfilter.Add("clinicId", "-1");
                apps = _applicationContext.ServiceContext.AppointmentService.GetAppointments(v2, searchfilter);
                ViewBag.AppointmentCount = apps.Count();
                ViewBag.RecordStatus = "";
                ViewBag.TodaysDate = DateTime.Now.ToString("MM/dd/yyyy");

                ViewBag.LBCCount = _applicationContext.ServiceContext.RiskClinicServices.GetPatients("LBC").Count();
                ViewBag.BRCACount = _applicationContext.ServiceContext.RiskClinicServices.GetPatients("BRCA").Count();

                if (apps.Count == 0)
                {
                    ViewBag.RecordStatus = "No records found.";
                }

                /*=======Start Load Clinic Dropdown======================*/
                var _ClinicList = _applicationContext.ServiceContext.AppointmentService.GetClinics((int)Session["InstitutionId"]);
                ViewBag.ClinicList = new SelectList(_ClinicList.ToList(), "clinicID", "clinicName");

                /*=======End Load Clinic Dropdown======================*/
                return View(apps);

            }
            else if (Session["InstitutionId"] != null)
            {
                   InstitutionId = Convert.ToInt32(Session["InstitutionId"]);
                   return RedirectToAction("InstitutionDashboard", new { InstitutionId = InstitutionId });
            }

            return RedirectToAction("ManageInstitution", "Admin");
        }