/**
* Receives a password reset token sent from email in order to redirect to
* the proper password reset page.
*
* @receives - request link from email with embedded one time password
*/
public ActionResult Reset()
{
try {
var userOtp = DatabaseOtpService.GetByCode(RouteData.Values["otp"].ToString());
var user = DatabaseUserService.GetById(userOtp.UserId);
if (userOtp.IsActive())
{
if (user.Enabled)
{
return(View("../Login/Reset", new LoginController.ResetData {
Email = user.Email, OTP = userOtp.Code
}));
}
else
{
return(ResetFailure());
}
}
else
{
return(ExpiredOtp());
}
} catch (Exception) {
return(BadLink());
}
}
public ActionResult SavePharmacist(Pharmacist m, String command)
{
// if id's are default, get actual id's for the (new) pharmacist
// use sql to save pharmacist to db
if (m.PharmacistId == 0)
{
m.Type = Models.User.UserType.Pharmacist;
var phid = DatabaseUserService.Insert(m);
m.UserId = phid;
m.PharmacistId = DatabasePharmacistService.Insert(m);
var login = new Login();
login.LoginToken = "";
login.UserId = m.UserId;
login.SetPassword(Login.GetUniqueKey(32));
DatabaseLoginService.Insert(login);
EmailService.SendReset(m);
}
else
{
DatabaseUserService.Update(m);
DatabasePharmacistService.Update(m);
}
if (DatabaseUserService.GetById((long)Session["user_id"]).Type == Models.User.UserType.PPOkAdmin)
{
return(RedirectToAction("AddorEditPharmacy", "PpokAdmin", new { id = m.PharmacyId }));
}
return(RedirectToAction("Admin", "Pharmacy"));
}
public ActionResult DeletePharmacist(long id)
{
long pharmacyId = DatabasePharmacistService.GetById(id).PharmacyId;
DatabasePharmacistService.Disable((int)id);
if (DatabaseUserService.GetById((long)Session["user_id"]).Type == Models.User.UserType.PPOkAdmin)
{
return(RedirectToAction("AddorEditPharmacy", "PpokAdmin", new { id = pharmacyId }));
}
return(RedirectToAction("Admin", "Pharmacy"));
}
public User LoadUserData()
{
var user = DatabaseUserService.GetById(UserId);
LastName = user.LastName;
FirstName = user.FirstName;
Phone = user.Phone;
Email = user.Email;
Type = user.Type;
Enabled = user.Enabled;
return(this);
}
private ActionResult RedirectToProperPage(long userId)
{
var user = DatabaseUserService.GetById(userId);
if (user.Type == Models.User.UserType.PPOkAdmin)
{
return(Redirect("/PpokAdmin/PharmacyListView"));
}
if (user.Type == Models.User.UserType.Pharmacist)
{
Session["pharm_id"] = DatabasePharmacistService.GetByUserId(user.UserId).PharmacyId;
return(Redirect("/Pharmacy/RefillListView"));
}
return(null);
}
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
if (SkipAuthorization(filterContext))
{
return;
}
var userId = HttpContext.Current.Session[Login.UserIdSession];
if (userId == null)
{
filterContext.Result = new RedirectResult("/Login/Index");
return;
}
var user = DatabaseUserService.GetById((long)userId);
if (user == null)
{
filterContext.Result = new RedirectResult("/Login/Index");
return;
}
switch (user.Type)
{
case User.UserType.Pharmacist:
var pharmacist = DatabasePharmacistService.GetByUserId((long)userId);
if (pharmacist.IsAdmin)
{
if (!_groups.Contains(Group.PharmacyAdmin))
{
filterContext.Result = new RedirectResult("/Login/Index");
return;
}
}
else
{
if (!_groups.Contains(Group.Pharmacist))
{
filterContext.Result = new RedirectResult("/Login/Index");
return;
}
}
break;
case User.UserType.PPOkAdmin:
if (!_groups.Contains(Group.PPOkAdmin))
{
filterContext.Result = new RedirectResult("/Login/Index");
return;
}
break;
case User.UserType.Patient:
if (!_groups.Contains(Group.Patient))
{
filterContext.Result = new RedirectResult("/Login/Index");
return;
}
break;
}
base.OnActionExecuting(filterContext);
}