public Usuario GetUsuario(string user_name, string password)
{
if (User == null)
{
throw new SoapException("Autenticación requerida", SoapException.ClientFaultCode);
}
else if (!User.IsValid())
{
throw new SoapException("Unauthorized", SoapException.ClientFaultCode);
}
Usuario usuario = new Usuario();
using (SqlConnection Conexion = new SqlConnection(ConfigurationManager.ConnectionStrings["dgtdeskConnectionString"].ConnectionString))
{
try
{
Conexion.Open();
string consulta =
@"select id, name, email from users where user_name = @user_name and password = @passwordB64";
SqlCommand cmd = Conexion.CreateCommand();
cmd.CommandText = consulta;
cmd.Parameters.Add("@user_name", SqlDbType.VarChar).Value = user_name;
cmd.Parameters.Add("@passwordB64", SqlDbType.VarChar).Value = Utiles.Base64Encode(password);
SqlDataReader dr = cmd.ExecuteReader();
if (dr.Read())
{
usuario.Id = dr.GetInt32(0);
usuario.Name = dr.GetString(1);
usuario.Email = dr.GetString(2);
usuario.UserName = user_name;
}
}
catch (Exception ex)
{
Exception innerEx = ex.InnerException ?? ex;
throw new SoapException("No se pudo encontrar al usuario", SoapException.ServerFaultCode, innerEx);
}
return(usuario);
}
}
public string SetUsuario(string user_name, string password, string name, string email)
{
if (User == null)
{
throw new SoapException("Autenticación requerida", SoapException.ClientFaultCode);
}
else if (!User.IsValid())
{
throw new SoapException("Unauthorized", SoapException.ClientFaultCode);
}
using (SqlConnection Conexion = new SqlConnection(ConfigurationManager.ConnectionStrings["dgtdeskConnectionString"].ConnectionString))
{
try
{
Conexion.Open();
string consulta =
@"insert into users
(user_name, password, email, name)
values (@user_name, @password, @email, @name)";
SqlCommand cmd = Conexion.CreateCommand();
cmd.CommandText = consulta;
cmd.Parameters.Add("@user_name", SqlDbType.VarChar).Value = user_name;
cmd.Parameters.Add("@password", SqlDbType.VarChar).Value = Utiles.Base64Encode(password);
cmd.Parameters.Add("@email", SqlDbType.VarChar).Value = email;
cmd.Parameters.Add("@name", SqlDbType.VarChar).Value = name;
if (cmd.ExecuteNonQuery() > 0)
{
return("OK");
}
else
{
throw new SoapException("El usuario ya existe o los parámetros proporcionados no son correctos", SoapException.ClientFaultCode);
}
}
catch (Exception ex)
{
Exception innerEx = ex.InnerException ?? ex;
throw new SoapException("No se pudo crear el usuario", SoapException.ServerFaultCode, innerEx);
}
}
}
public string SetDenuncia(
string EmailUsuario,
int TipoDenunciaId,
string Detalles,
string Direccion,
DateTime FechaDenuncia,
//opcionales
bool Cerrada = false,
string TelefonoUsuario = null,
string Acciones = null,
DateTime?FechaAccion = null,
DateTime?FechaCierre = null
)
{
if (User == null)
{
throw new SoapException("Autenticación requerida", SoapException.ClientFaultCode);
}
else if (!User.IsValid())
{
throw new SoapException("Unauthorized", SoapException.ClientFaultCode);
}
using (SqlConnection Conexion = new SqlConnection(ConfigurationManager.ConnectionStrings["dgtdeskConnectionString"].ConnectionString))
{
try
{
Conexion.Open();
string consulta =
@"insert into complaint
(details, address, user_email, user_phone, complaint_date, actions, action_date, closed, close_date, complaint_type_id)
values (@details, @address, @user_email, @user_phone, @complaint_date, @actions, @action_date, @closed, @close_date, @complaint_type_id)";
SqlCommand cmd = Conexion.CreateCommand();
cmd.CommandText = consulta;
Utiles.AddParameter(cmd, "@details", SqlDbType.VarChar, Detalles);
Utiles.AddParameter(cmd, "@address", SqlDbType.VarChar, Direccion);
Utiles.AddParameter(cmd, "@user_email", SqlDbType.VarChar, EmailUsuario);
Utiles.AddParameter(cmd, "@user_phone", SqlDbType.VarChar, TelefonoUsuario);
Utiles.AddParameter(cmd, "@complaint_date", SqlDbType.DateTime, FechaDenuncia);
Utiles.AddParameter(cmd, "@actions", SqlDbType.VarChar, Acciones);
Utiles.AddParameter(cmd, "@action_date", SqlDbType.DateTime, FechaAccion);
Utiles.AddParameter(cmd, "@closed", SqlDbType.Bit, Cerrada);
Utiles.AddParameter(cmd, "@close_date", SqlDbType.DateTime, FechaCierre);
Utiles.AddParameter(cmd, "@complaint_type_id", SqlDbType.Int, TipoDenunciaId);
if (cmd.ExecuteNonQuery() > 0)
{
return("OK");
}
else
{
throw new SoapException("Los parámetros proporcionados no son correctos", SoapException.ClientFaultCode);
}
}
catch (Exception ex)
{
Exception innerEx = ex.InnerException ?? ex;
throw new SoapException("No se pudo crear la denuncia", SoapException.ServerFaultCode, innerEx);
}
}
}