protected bool IsATSResultOK(ATSResult result)
{
if (result.ResultCode == null || result.ResultCode != 0)
{
if (result.ResultMessage != String.Empty)
{
TempData["ErrorMsg"] = result.ResultMessage;
}
else
{
TempData["ErrorMsg"] = "An unexpected error was encountered while creating a new account. Please try again.";
}
return(false);
}
return(true);
}
public ActionResult Login(LoginModel loginModel)
{
//Populate invitationModel depending on what is returned from various views
if (PopulateModel(loginModel))
{
bool isValid = true;
string URL = String.Empty;
// RESET PASSWORD
if (invitationModel.ATSMethod == ATS.Methods.ResetPassword)
{
/* If the user returned to this website by clicking a reset passwork link, we first have to update their password to the new value they just entered. */
ATSResult resetResult = Shared.SetCredentials(invitationModel.InviteeIMIS_ID, invitationModel.Username, invitationModel.Password);
isValid = IsATSResultOK(resetResult);
}
if (!isValid)
{
return(View("Error"));
}
else
{
// LOGIN
XDocument xmlDoc = Shared.UnifiedLogin(invitationModel.Username, invitationModel.Password);
XNamespace xmlNamespace = xmlDoc.Root.Name.Namespace;
string resultMessage = xmlDoc.Root.Element(xmlNamespace + "ResultMessage").Value;
if (resultMessage != "Failed" && resultMessage != "LockedOut")
{
//If invitee somehow used someone else's credentials, do not allow them to proceed. UnifiedLogin will return
//the IMIS ID but we have to go back and get the email address to verify it is actually the one intended by the invitee.
string verifyEmail = InvitationRepository.GetEmailByID(xmlDoc.Root.Element(xmlNamespace + "ID").Value);
if (verifyEmail == null || !verifyEmail.Equals(invitationModel.Email, StringComparison.InvariantCultureIgnoreCase))
{
return(View("LoginFailed"));
}
ATSResult result = new ATSResult();
/* If this is not an NM, EMP or NEMP then we need to create a new "clone" account that IS an EMP */
List <string> validMemberTypes = new List <string> {
"NM", "EMP", "NEMP"
};
if (!validMemberTypes.Contains(invitationModel.MemberType))
{
if (Shared.CanAddContact(invitationModel.InvitationIMIS_ID,
invitationModel.FirstName,
invitationModel.LastName,
invitationModel.Email))
{
// Redirect to NewAccount and prepopulate with data we already have (except prompting for new web user credentials)?
invitationModel.CloneAccount = true;
return(RedirectToAction("NewAccount", invitationModel));
}
else
{
TempData["ErrorMsg"] = "This account already exists. Please try again.";
return(View("Error"));
}
}
/* If we had a successful login and the Invitee has a CompanyID that is different than the InvitationIMIS_ID, then reassociate the account. */
else if (invitationModel.InviteeCompanyID != invitationModel.InvitationIMIS_ID)
{
//DO NOT pass Username/Password here because it will auto-generate a bogus email with plain text username/password telling the user that their info has been changed (even when it hasn't, because we're using SetCredentials to do that)
result = Shared.UpdateContact(invitationModel.InviteeIMIS_ID,
invitationModel.FirstName,
invitationModel.MiddleName,
invitationModel.LastName,
invitationModel.Email,
String.Empty, //invitationModel.Username,
String.Empty, //invitationModel.Password,
invitationModel.WorkPhone,
invitationModel.HomePhone,
invitationModel.InstituteName,
invitationModel.InvitationIMIS_ID);
isValid = IsATSResultOK(result);
}
else
{
//valid member type and not changing company ID
isValid = true;
}
if (!isValid)
{
return(View("Error"));
}
else
{
//Update the invitation's Received flag here (in case there was any problem before/during the account creation process, then the user can attempt to use the invitation again until the account is created and logged in).
InvitationRepository.UpdateInvitationReceived(Invitation);
string storeAuthURL = "http://members.brewersassociation.org/store/StoreAuth.aspx?name1=" + invitationModel.Username +
"&name2=" + invitationModel.Password +
"&RedirectToAccount=1";
#if DEBUG
storeAuthURL += "&useDEV=1";
#endif
return(View("AddedToRoster"));
//return new RedirectResult(storeAuthURL);
}
}
else
{
return(View("LoginFailed"));
}
}
}
else
{
return(RedirectToAction("NotAuthorized"));
}
}
public ActionResult CreateAccount(InvitationModel model)
{
Person person = new Person();
string customerType = string.Empty;
switch (model.MemberType)
{
case "SHOP":
customerType = "AHAE";
break;
case "NSHOP":
customerType = "NAHAE";
break;
default:
customerType = "EMP"; //model.MemberType.StartsWith("N") ? "NEMP" : "EMP";
break;
}
person.CustomerType = customerType;
person.FirstName = model.FirstName;
person.MiddleName = model.MiddleName ?? String.Empty;
person.LastName = model.LastName;
person.EmailAddress = model.Email;
person.Username = model.Username;
person.Password = model.Password;
person.WorkPhone = model.WorkPhone;
person.HomePhone = model.HomePhone ?? String.Empty;
person.InstituteName = model.InstituteName;
person.InstituteContactID = model.InvitationIMIS_ID;
BAResult baResult = new BAResult();
ATSResult result = new ATSResult();
if (Shared.CanAddContact(model.InvitationIMIS_ID, model.FirstName, model.LastName, model.Email))
{
if (model.ATSMethod == ATS.Methods.CreateContact)
{
//this is the first time through (NotInitialized) so we know we have to do a Create
baResult = Shared.PostMyrcene("person", person);
//result = Shared.CreateContact(model.FirstName,
// model.MiddleName ?? String.Empty,
// model.LastName,
// model.Email,
// model.Username,
// model.Password,
// model.WorkPhone,
// model.HomePhone ?? String.Empty,
// model.InstituteName,
// model.InvitationIMIS_ID
// );
}
}
else if (model.ATSMethod == ATS.Methods.UpdateContact)
{
/* ATS wsContacts went ahead and created an account, even though one or more properties (such as "login id is already in use") were incorrect,
* so now we have to call it again and do an update. BUT....to do this, we need to find the ContactID from the account just created via an IQA.
*/
string updateContactID = SQL.GetContactID(model.InvitationIMIS_ID, model.FirstName, model.LastName, model.Email);
person.ContactID = updateContactID;
//((GenericEntityData)SOA.GetIQAResults("$/JoinNow/FindContactID",
// model.InvitationIMIS_ID,
// model.FirstName,
// model.LastName,
// model.Email).FirstOrDefault()).GetEntityProperty("ContactID");
baResult = Shared.PutMyrcene("person", person);
//Shared.UpdateContact(updateContactID,
// model.FirstName,
// model.MiddleName ?? String.Empty,
// model.LastName,
// model.Email,
// model.Username,
// model.Password,
// model.WorkPhone,
// model.HomePhone ?? String.Empty,
// model.InstituteName,
// model.InvitationIMIS_ID
// );
}
else
{
TempData["ErrorMsg"] = "This account already exists. Please try again.";
model.ATSMethod = ATS.Methods.CreateContact;
}
if (baResult.ResultData == null)
{
TempData["ErrorMsg"] = baResult.ResultMessage; //"An unexpected error was encountered while creating a new account. Please try again.";
model.ATSMethod = ATS.Methods.CreateContact;
}
//reapply bandaid
else if (baResult.ResultMessage != String.Empty)
{
string resultMessage = Shared.GetMyrcene("person/email?email=" + person.EmailAddress).ResultMessage;
if (Shared.GetMyrcene("person/email?email=" + person.EmailAddress).ResultMessage != "Not Found")
{
return(View("AddedToRoster"));
}
}
//else if (result.ResultCode != 0 && result.ResultMessage != String.Empty)
//{
// /* BEW BAND AID! I have intermittently seen "The operation has timed out", but this may have had something to do with the Shared.GetWebResponse request.Timeout not being set to
// * Timeout.Infinite, which it now IS set to. So what we'll do just in case it happens again, is assume that the ATS web service went ahead and created the account, so we're going
// * to check to see if it actually happened, and if so, we'll attempt to login.
// * The worst that should happen is that the login will fail.
// */
// if (result.ResultMessage.ToLower().Contains("The operation has timed out"))
// {
// if (Shared.FindContactID(model.InvitationIMIS_ID, model.FirstName, model.LastName, model.Email) != String.Empty)
// {
// return RedirectToAction("Login", model);
// }
// }
// /* Otherwise, so far it looks like a non-zero ResultCode with a populated ResultMessage is the result of such cases as when a login ID is already in use,
// * so redirect to UpdateAccount since the ATS webservice goes ahead and creates the account anyway.
// * And then all the user should need to do, for example, is update their loginID.
// */
// TempData["ErrorMsg"] = result.ResultMessage;
// model.ATSMethod = ATS.Methods.UpdateContact;
//}
else
{
return(View("AddedToRoster"));
}
return(RedirectToAction("NewAccount", model));
}
