public ActionResult EditUser(int id, UserFilterModel filter, FormCollection collection) { var user = EmployeeServices.GetUser(id); try { UpdateModel(user, "User"); EmployeeServices.UpdateUser(user); return(RedirectToAction("UserListing", filter.GenerateUserAccessRoute())); } catch (Exception ex) { // Invalid - redisplay with errors Logger.Error(ex.ToString()); ModelState.AddModelError(String.Empty, Constants.ServerError); var model = new UserDetailModel() { Action = "EditUser", User = user, Filter = filter, Roles = LookupServices.GetRoleOptions(user.RoleName) }; ViewBag.Locations = LocationServices.GetLocationLookup(true, model.User.LocationId); return(View("UserDetail", model)); } }
public ActionResult NewUser(UserModel user, UserFilterModel filter) { try { if (ModelState.IsValid) { EmployeeServices.CreateUser(user); return(RedirectToAction("UserListing", filter.GenerateUserAccessRoute())); } } catch (Exception ex) { Logger.Error(ex.ToString()); ModelState.AddModelError(String.Empty, Constants.ServerError); } // Invalid - redisplay with errors var model = new UserDetailModel() { Action = "NewUser", User = user, Filter = filter, Roles = LookupServices.GetRoleOptions(user.RoleName) }; ViewBag.Locations = LocationServices.GetLocationLookup(true, -1); return(View("UserDetail", model)); }
//TODO: exclude from token validation public ActionResult Index(string returnUrl) { var model = new LoginModel() { ReturnUrl = returnUrl }; ViewBag.Locations = LocationServices.GetLocationLookup(); return(View(model)); }
public ActionResult EditUser(int id, UserFilterModel filter) { var user = EmployeeServices.GetUser(id); var model = new UserDetailModel() { Action = "EditUser", User = user, Filter = filter, Roles = LookupServices.GetRoleOptions(user.RoleName) }; ViewBag.Locations = LocationServices.GetLocationLookup(true, model.User.LocationId); return(View("UserDetail", model)); }
public ActionResult NewUser(UserFilterModel filter) { var model = new UserDetailModel() { Action = "NewUser", User = new UserModel(), Filter = filter, Roles = LookupServices.GetRoleOptions("Employee") }; model.User.PasswordString = PasswordGenerator.GeneratePassword(); ViewBag.Locations = LocationServices.GetLocationLookup(true, -1); return(View("UserDetail", model)); }
// TODO: test? public ActionResult InvoiceDetail(InvoiceFilterModel filter) { var detail = AdministrationServices.GetInvoiceAdministrationDetail(filter); ViewBag.Filter = "InvoiceDetail"; ViewBag.Locations = LocationServices.GetLocationLookup(true, filter.LocationId); ViewBag.Paid = LookupServices.GetPaidOptions(filter.HasBeenPaid, true); if (detail.InvoiceList.Count == 0) { return(View("InvoiceDetailNoData", detail)); } else { return(View("InvoiceDetail", detail)); } }
public ActionResult SecurityLog(SecurityLogFilterModel filter) { var listing = SecurityServices.GetSecurityLog(filter); ViewBag.Locations = LocationServices.GetLocationLookup(true, filter.LocationId); ViewBag.Result = LookupServices.GetLoginResultOptions(filter.ResultFlag, true); ViewBag.Size = LookupServices.GetSizeOptions(filter.Size); if (listing.SecurityLog.Count == 0) { return(View("SecurityLogNoData", listing)); } else { return(View("SecurityLog", listing)); } }
// TODO: test? public ActionResult InvoiceListing(InvoiceFilterModel filter) { var listing = AdministrationServices.GetInvoiceListing(filter); ViewBag.Filter = "InvoiceListing"; ViewBag.Locations = LocationServices.GetLocationLookup(true, filter.LocationId); ViewBag.Paid = LookupServices.GetPaidOptions(filter.HasBeenPaid, true); ViewBag.Size = LookupServices.GetSizeOptions(filter.Size); if (listing.InvoiceList.Count == 0) { return(View("InvoiceListingNoData", listing)); } else { return(View("InvoiceListing", listing)); } }
public ActionResult ValidateLogin(LoginModel login) { try { if (ModelState.IsValid) { var user = SecurityServices.ValidateUser(login.Name, login.Password); if (user == null) { SecurityServices.RecordFailedLoginAttempt(login, HttpContext.Request.UserHostAddress, string.Format("Invalid credentials: {0} - {1}", login.Name, login.Password)); ModelState.AddModelError(String.Empty, "The login name or password is invalid."); } if (user != null && !user.CanLogin) { SecurityServices.RecordFailedLoginAttempt(login, HttpContext.Request.UserHostAddress, "User login disabled"); ModelState.AddModelError(String.Empty, "Access denied."); } if (user != null && !IsIpValid(user.RoleName, login.LocationId)) { SecurityServices.RecordFailedLoginAttempt(login, HttpContext.Request.UserHostAddress, "Invalid IP address"); ModelState.AddModelError(String.Empty, "Access denied."); } if (ModelState.IsValid) { if (login.DowngradeRole) { user.RoleName = "Employee"; SecurityServices.RecordSuccessfulLoginAttempt(login, HttpContext.Request.UserHostAddress, "Downgraded to Employee role"); } else if (user.RoleName == "Manager" && login.LocationId != user.LocationId) { user.RoleName = "Employee"; var message = string.Format("Manager downgraded to Employee role"); SecurityServices.RecordSuccessfulLoginAttempt(login, HttpContext.Request.UserHostAddress, message); } else { SecurityServices.RecordSuccessfulLoginAttempt(login, HttpContext.Request.UserHostAddress); } var token = CreateToken(user.Id, user.RoleName, login.LocationId); var auth = TokenSerializer.GetCookieFromToken(token); if (HttpContext.Request.IsLocal) //local development overrides { auth.Domain = null; auth.Secure = false; } HttpContext.Response.Cookies.Add(auth); if (Url.IsLocalUrl(login.ReturnUrl) && user.RoleName == "Administrator") { return(Redirect(login.ReturnUrl)); } else { return(RedirectToAction("Index", "ShopFloor")); } } } else { SecurityServices.RecordFailedLoginAttempt(login, HttpContext.Request.UserHostAddress, string.Format("Invalid model state: {0}", ModelState.ToString())); } } catch (Exception ex) { Logger.Error(ex.ToString()); ModelState.AddModelError(String.Empty, Constants.ServerError); } // Invalid - redisplay with errors ViewBag.Locations = LocationServices.GetLocationLookup(); return(View("Index", login)); }