//
// GET: /Manage/SetPassword
public ActionResult SetPassword()
{
LogAction.log(this._controllerName, "GET", "Requested Manage-SetPassword webpage", User.Identity.GetUserId());
return(View());
}
//
// GET: /Manage/ChangePassword
public ActionResult ChangePassword()
{
LogAction.log(this._controllerName, "GET", $"Requested change password page.", User.Identity.GetUserId());
return(View());
}
// GET: Returns create form
public ActionResult Create()
{
LogAction.log(this._controllerName, "GET", "Requested RollerCategory-Create webpage", User.Identity.GetUserId());
return(View("CreateEditForm"));
}
public ActionResult Update(UpdateViewModel user)
{
ViewData["userPosition"] = getUserRoles();
try
{
ApplicationDbContext _db = new ApplicationDbContext();
var staff = (ApplicationUser)UserManager.FindById(user.Id);
var ExStaff = _db.Users.FirstOrDefault(u => u.staffID == user.staffID);
var ExStaffEmail = _db.Users.FirstOrDefault(u => u.Email == user.Email);
if (ExStaff != null)
{
if (user.Id != ExStaff.Id)
{
TempData["formStatus"] = false;
TempData["formStatusMsg"] = $"<b>ALERT</b>: Staff ID/Email has been taken by another staff.";
return(View("Edit", user));
}
}
if (ExStaffEmail != null)
{
if (user.Id != ExStaffEmail.Id)
{
TempData["formStatus"] = false;
TempData["formStatusMsg"] = $"<b>ALERT</b>: Staff ID/Email has been taken by another staff.";
return(View("Edit", user));
}
}
UserManager.RemoveFromRole(staff.Id, UserRole.getRole(staff.position));
UserManager.SetEmail(staff.Id, user.Email);
staff.staffID = user.staffID;
staff.name = user.name;
staff.IC = user.IC;
staff.position = user.position;
staff.status = user.status;
UserManager.AddToRole(staff.Id, UserRole.getRole(staff.position));
var result = UserManager.Update(staff);
if (!result.Succeeded)
{
ViewData["userPosition"] = getUserRoles();
TempData["formStatus"] = false;
TempData["formStatusMsg"] = $"<b>ALERT</b>: {result.Errors}";
return(View("Edit", user));
}
TempData["formStatus"] = true;
TempData["formStatusMsg"] = $"<b>STATUS</b>: Staff ({staff.staffID}) details has been successfully updated!";
LogAction.log(this._controllerName, "POST", $"Staff ({staff.staffID}) details updated", User.Identity.GetUserId());
//rchechbox for reset password is true
if (user.isReset)
{
UserManager.RemovePassword(staff.Id);
string newPassword = Membership.GeneratePassword(20, 8);
UserManager.AddPassword(staff.Id, newPassword);
//string code = UserManager.GeneratePasswordResetToken(user.Id);
//var reetResult=UserManager.ResetPassword(user.Id, code, newPassword);
LogAction.log(this._controllerName, "POST", $"Manager reset account {staff.staffID} password", User.Identity.GetUserId());
// Sent password reset email
SendMail.sendMail(staff.Email,
"Rubber Roller Management System Account Password Reset",
"Hi! " + staff.name + "<br/>Your account password has been reset," +
"<br/> Please use the temporary password below to login to your account and <b>change the password immediately</b> after login." +
"<br/><br/>Your credentials are as follow:" +
"<br/>staff Id: <br/>" + staff.staffID +
"<br/>Password: <br/>" + newPassword);
LogAction.log(this._controllerName, "POST", $"Account password reset email sent to current user: {staff.staffID}", User.Identity.GetUserId());
//display reset password notification
TempData["formStatus"] = true;
TempData["formStatusMsg"] = $"<b>STATUS</b>: Staff ({staff.staffID}) details has been successfully updated!</br>A new password is sent to the Email: {staff.Email}";
LogAction.log(this._controllerName, "POST", $"Staff ({staff.staffID}) details updated", User.Identity.GetUserId());
}
return(RedirectToAction("List"));
}
catch (Exception ex)
{
TempData["formStatus"] = false;
TempData["formStatusMsg"] = $"<b>ALERT</b>: Oops! Something went wrong. Please try again later.";
LogAction.log(this._controllerName, "POST", "Error: " + ex.Message, User.Identity.GetUserId());
return(Redirect(Request.UrlReferrer.ToString()));
}
}
public async Task <ActionResult> Register(RegisterViewModel model)
{
ApplicationDbContext _db = new ApplicationDbContext();
var dbUser = _db.Users.Where(u => u.staffID == model.staffID || u.Email == model.Email).FirstOrDefault();
if (dbUser != null)
{
ViewData["userPosition"] = getUserRoles();
TempData["formStatus"] = false;
if (dbUser.staffID == model.staffID)
{
TempData["formStatusMsg"] = $"<b>ALERT</b>: The staff id is already exist.";
}
else
{
TempData["formStatusMsg"] = $"<b>ALERT</b>: The email is already exist.";
}
return(View(model));
}
// Generate random password
ModelState.Remove("Password");
model.Password = Membership.GeneratePassword(20, 8);
LogAction.log(this._controllerName, "POST", $"Password generated for new user. New User: {model.staffID}", User.Identity.GetUserId());
if (ModelState.IsValid)
{
var user = new ApplicationUser
{
UserName = model.Email,
Email = model.Email,
staffID = model.staffID,
name = model.name,
IC = model.IC,
position = model.position,
status = AccountStatus.ACTIVE
};
var result = await UserManager.CreateAsync(user, model.Password);
if (result.Succeeded)
{
LogAction.log(this._controllerName, "POST", $"User account successfully created. New User: {model.staffID}", User.Identity.GetUserId());
await UserManager.AddToRoleAsync(user.Id, UserRole.getRole(user.position));
LogAction.log(this._controllerName, "POST", $"User role added for new user: {model.staffID} - {UserRole.getRole(user.position)}", User.Identity.GetUserId());
// Sent account creation email
SendMail.sendMail(model.Email,
"Rubber Roller Management System Account Creation",
"Hi ! " + model.name + "<br/>An account has been created for use of the Rubber Roller Management System with a temporary password. Please login with ur staff ID and <b>change the password immediately</b> after login." +
"<br/><br/>Your credentials are as follow:" +
"<br/>Staff Id: <br/>" + model.staffID +
"<br/>Password: <br/>" + model.Password);
LogAction.log(this._controllerName, "POST", $"Account creation email sent to new user: {model.staffID}", User.Identity.GetUserId());
TempData["formStatus"] = true;
TempData["formStatusMsg"] = "<b>STATUS</b>: Staff details has been successfully added!";
return(Redirect(Request.UrlReferrer.ToString()));
}
ModelState.AddModelError("Email", result.Errors.Last());
}
// If we got this far, something failed, redisplay form
ViewData["userPosition"] = getUserRoles();
TempData["formStatus"] = false;
TempData["formStatusMsg"] = "<b>ALERT</b>: Oops! Staff details has not been successfully added.";
return(View(model));
}
public ActionResult Register()
{
ViewData["userPosition"] = getUserRoles();
LogAction.log(this._controllerName, "GET", "Requested Account-Register webpage", User.Identity.GetUserId());
return(View());
}
