Example #1
0
        public IHttpActionResult PutUser(string userName, UserViewModel user_view_model)
        {
            if (!ModelState.IsValid)
                return BadRequest(ModelState);

            if (userName != user_view_model.UserName)
                return BadRequest();

            //把資料庫中的那筆資料讀出來
            var user_db = db.Users.Find(userName);
            if (user_db == null)
            {
                return ResponseMessage(Request.CreateErrorResponse(HttpStatusCode.NotFound, "這筆資料已被刪除!"));
            }
            else
            {
                try
                {
                    //移除舊角色功能選單
                    foreach (var item in user_db.Role.Menus)
                    {
                        user_db.Menus.Remove(item);
                    }

                    //更新新角色
                    user_db.Role_Id = user_view_model.RoleId;
                    db.Entry(user_db).OriginalValues["Timestamp"] = Convert.FromBase64String(user_view_model.TimestampString);
                    db.SaveChanges();

                    //加入新角色功能選單
                    var roleMenus = user_db.Role.Menus;
                    foreach (var item in roleMenus)
                    {
                        user_db.Menus.Add(item);
                    }
                    db.SaveChanges();

                    //寫入AccessLog
                    MPAccessLog.WriteEntry(User.Identity.Name, AccessAction.Update, "User",
                        JsonConvert.SerializeObject(new { user_db.UserName, roleName=user_db.Role.Name }));
                }
                catch (DbUpdateConcurrencyException)
                {
                    if (!UserExists(userName))
                        throw new HttpResponseException(Request.CreateResponse(HttpStatusCode.NotFound, "這筆資料已被刪除!"));
                    else
                        throw new HttpResponseException(Request.CreateErrorResponse(HttpStatusCode.Conflict, "這筆資料已被其他人修改!"));// ""
                }
                catch (Exception ex)
                {
                    throw new HttpResponseException(Request.CreateResponse(HttpStatusCode.BadRequest, ex.Message));
                }
            }

            return Ok(ToUserViewModel(user_db));
        }
Example #2
0
        public IHttpActionResult PostUser(UserViewModel user_view_model)
        {
            if (!ModelState.IsValid)
            {
                return BadRequest(ModelState);
            }

            var role = db.Roles.Find(user_view_model.RoleId);
            if (role==null)
            {
                return ResponseMessage(Request.CreateErrorResponse(HttpStatusCode.NotFound, "沒有對應的角色!"));
            }

            User user = db.Users.Find(user_view_model.UserName);
            if (user == null)
            {
                try
                {
                    //新增使用者
                    user = new User { UserName = user_view_model.UserName, Password = user_view_model.UserName, Role = role };
                    db.Users.Add(user);

                    //新增使用者角色的功能選單
                    foreach (var menu in role.Menus)
                    {
                        user.Menus.Add(menu);
                    }

                    //寫入資料庫
                    db.SaveChanges();

                    //寫入AccessLog
                    MPAccessLog.WriteEntry(User.Identity.Name, AccessAction.Create, "User",
                                                        JsonConvert.SerializeObject(new { user.UserName, roleName=user.Role.Name }));
                }
                catch (Exception ex)
                {
                    throw new HttpResponseException(Request.CreateResponse(HttpStatusCode.BadRequest, ex.Message));
                }
            }
            return CreatedAtRoute("GetUserByUserName", new { userName = user.UserName }, ToUserViewModel(user));
        }