public JsonResult UpsertForm([FromBody] TempFormModel tfm)
{
using (var dbContext = new SarahIncContext())
{
var curForm = (from f in dbContext.Form
where f.TempId == tfm.TempId
select f).FirstOrDefault();
if (curForm == null)
{
return(Json(false));
}
var fm = new FormModel(_mapper);
_mapper.Map(tfm, fm);
_mapper.Map(fm, curForm);
dbContext.SaveChanges();
return(Json(true));
}
}
public ActionResult DeleteUsers(TemplateVariableModel tpl)
{
if (!ModelState.IsValid)
{
return(Json(ModelState));
}
using (var dbContext = new SarahIncContext())
{
var tmplVar = (from t in dbContext.TemplateVariable
where t.TmplId == tpl.TmplId
select t).FirstOrDefault();
if (tmplVar == null)
{
return(Json(ModelState));
}
dbContext.TemplateVariable.Remove(tmplVar);
dbContext.SaveChanges();
}
// Return the updated tpl. Also return any validation errors.
return(Json(ModelState));
}
public ActionResult DeleteFormVars(FormVariableModel frm)
{
if (!ModelState.IsValid)
{
return(Json(ModelState));
}
using (var dbContext = new SarahIncContext())
{
var frmVar = (from f in dbContext.FormVariable
where f.FormDataId == frm.Id
select f).FirstOrDefault();
if (frmVar == null)
{
return(Json(ModelState));
}
dbContext.FormVariable.Remove(frmVar);
dbContext.SaveChanges();
}
// Return the updated frm. Also return any validation errors.
return(Json(ModelState));
}
public JsonResult GetFormsBase()
{
var dbUserId = HttpContext.Session.GetInt32("UserId");
var modelForms = new List <TempFormModel>();
using (var dbContext = new SarahIncContext())
{
var forms = (from f in dbContext.Form
orderby f.CreatedOn descending
select f);
if (forms.Any())
{
var formsList = forms.ToList();
foreach (var form in formsList)
{
var timeDiff = DateTime.Now - form.LastSaved.Value;
var b = DateTime.Now;
var c = form.LastSaved.Value;
if (form.Status || timeDiff.TotalMinutes < 3)
{
if (timeDiff.TotalMinutes < 3 && dbUserId != form.LastUserId)
{
continue;
}
}
var user = (from u in dbContext.User
where u.UserId == form.LastUserId
select u).First();
if (timeDiff.TotalDays > 14 && !form.Status)
{
SendEmail(user.Email, "Form overdue", "It has been over two weeks since you last accessed a form regarding " + form.Firstname + " " + form.Lastname + ". Please finish it at your convenience.");
form.LastSaved = DateTime.Now;
dbContext.SaveChanges();
}
var mf = new TempFormModel
{
TempId = form.TempId,
MagicNo = form.MagicNo,
Firstname = form.Firstname,
Lastname = form.Lastname,
Dob = form.Dob,
EvalDate = form.EvalDate,
Status = form.Status,
LastSaved = form.LastSaved,
LastUserId = form.LastUserId,
LastUser = user.Firstname + " " + user.Lastname,
CreatedOn = form.CreatedOn,
ReportReady = form.ReportReady,
ReportPrinted = form.ReportPrinted
};
modelForms.Add(mf);
}
}
}
return(Json(modelForms));
}
public async Task <ActionResult> Index(LoginViewModel model, string returnUrl)
{
if (ModelState.IsValid)
{
var hashedPassword = "";
var userId = 0;
var role = "";
using (var dbContext = new SarahIncContext())
{
var pass = (from u in dbContext.User
where u.Username == model.UserName
select u).FirstOrDefault();
if (pass != null && !pass.Lockedout)
{
hashedPassword = pass.Password;
UserData.RoleId = pass.RoleId;
role = pass.RoleId == Constants.RoleGuest ? "Guest" : pass.RoleId == Constants.RoleUser ? "User" : "Admin";
userId = pass.UserId;
}
}
var validPassword = !string.IsNullOrEmpty(hashedPassword) && UserData.ValidatePassword(model.Password, hashedPassword);
if (validPassword)
{
var claims = new[] { new Claim(ClaimTypes.Name, model.UserName),
new Claim(ClaimTypes.Role, role) };
var claimsIdentity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme);
var authProperties = new AuthenticationProperties {
IsPersistent = model.RememberMe
};
await HttpContext.SignInAsync(
CookieAuthenticationDefaults.AuthenticationScheme,
new ClaimsPrincipal(claimsIdentity), authProperties);
HttpContext.Session.SetString("Role", role);
HttpContext.Session.SetInt32("UserId", userId);
using (var dbContext = new SarahIncContext())
{
var aud = new Audit();
dbContext.Audit.Add(aud);
aud.TableType = Constants.AuditTableTypeUser;
aud.ActionType = Constants.AuditActionTypeLoginSuccess;
aud.DateTime = DateTime.Now;
aud.ActionId = userId;
dbContext.SaveChanges();
}
return(RedirectToAction("Index", "Admin"));
}
else if (hashedPassword != "")
{
using (var dbContext = new SarahIncContext())
{
var aud = new Audit();
dbContext.Audit.Add(aud);
aud.TableType = Constants.AuditTableTypeUser;
aud.ActionType = Constants.AuditActionTypeLoginFail;
aud.DateTime = DateTime.Now;
aud.ActionId = userId;
dbContext.SaveChanges();
var lockoutCheck = (from a in dbContext.Audit
where
a.ActionId == userId && a.TableType == Constants.AuditTableTypeUser &&
a.ActionType == Constants.AuditActionTypeLoginFail &&
a.DateTime > DateTime.UtcNow.AddMinutes(-15)
select a);
if (lockoutCheck.Count() > 3)
{
var user = (from u in dbContext.User
where u.UserId == userId
select u).First();
user.Lockedout = true;
dbContext.SaveChanges();
}
}
}
}
// If we got this far, something failed, redisplay form
ModelState.AddModelError("", "Incorrect username, password or this account has been locked out.");
UserData.RoleId = -1;
return(View(model));
}
