public ActionResult postLogin(String username, String password)
{
if (Session["username"] == null)
{
UsrService service = new UsrService();
USR user = service.findById(username);
if (user == null)
{
return(RedirectToAction("Login", "Home"));
}
AccessService loginService = new AccessService();
String role = loginService.Login(username, password);
FormsAuthentication.SetAuthCookie(username, true);
Session["username"] = username;
if (role == "CANDIDATE")
{
return(RedirectToAction("Index", "Test"));
}
else if (role == "MANAGER")
{
return(RedirectToAction("Index", "Manager"));
}
else
{
return(RedirectToAction("Login", "Home"));
}
}
else
{
return(RedirectToAction("Index", "Home"));
}
}
/*----------------------------------------------------------------------------
* %%Function: ReaderLastScanDateDelegate
* %%Qualified: UpcSvc.UpcSvc.ReaderLastScanDateDelegate
* %%Contact: rlittle
*
* ----------------------------------------------------------------------------*/
public static void ReaderLastScanDateDelegate(SqlReader sqlr, CorrelationID crid, ref USR_String usrs)
{
DateTime dttm = sqlr.Reader.GetDateTime(1);
usrs = USR_String.FromTCSR(USR.SuccessCorrelate(crid));
usrs.TheValue = dttm.ToString();
}
public IHttpActionResult Heartbeat()
{
USR_DiagnosticResult usrd = USR_DiagnosticResult.FromTCSR(USR.Success());
usrd.TheValue = DiagnosticResult.ServiceRunning;
return(Ok(usrd));
}
public String Login(String username, String password)
{
UsrService service = new UsrService();
USR usr = service.findByUsernameAndPassword(username, password);
if (usr != null)
{
return(usr.ROLE);
}
return("NULL");
}
public static USR UpdateUpcLastScanDate(string sScanCode, string sTitle)
{
if (String.IsNullOrEmpty(sTitle))
{
return(USR.Failed("title cannot be null or empty!"));
}
string sCmd = String.Format("sp_updatescan '{0}', '{1}', '{2}'", Sql.Sqlify(sScanCode), Sql.Sqlify(sTitle), DateTime.Now.ToString());
return(Shared.DoGenericQueryDelegateRead(sCmd, null, Shared.FromUSR));
}
/*----------------------------------------------------------------------------
* %%Function: ReaderGetDvdScanInfoDelegate
* %%Qualified: UpcSvc.UpcSvc.ReaderGetDvdScanInfoDelegate
* %%Contact: rlittle
*
* ----------------------------------------------------------------------------*/
public static void ReaderGetDvdScanInfoDelegate(SqlReader sqlr, CorrelationID crid, ref USR_DvdInfo usrd)
{
DvdInfo dvdi = new DvdInfo();
dvdi.Code = sqlr.Reader.GetString(0);
dvdi.LastScan = sqlr.Reader.GetDateTime(1);
dvdi.FirstScan = sqlr.Reader.GetDateTime(2);
dvdi.Title = sqlr.Reader.GetString(3);
usrd = USR_DvdInfo.FromTCSR(USR.SuccessCorrelate(crid));
usrd.TheValue = dvdi;
}
public ActionResult USR_Edit(USR post)
{
string adminid = (string)Session["uid"]; //管理員ID
string adminpw = post.upw; //管理員pw
string userid = (string)Session["select"]; //選擇的使用者
//要修改的資料
string email = post.email; //用戶email
string per = post.per; ///用戶群組
// 先確認管理者密碼
if (CheckPW(adminid, adminpw))
{
//執行修改
try
{
if (ModelState.IsValid)
{
using (NpgsqlConnection connection = new NpgsqlConnection(ConfigurationManager.AppSettings["DB"])) //連線 用web.config裡的地址
{
connection.Open();
string strSQL = @"UPDATE public.account SET str_permission= @per , str_email= @email WHERE str_userid= @account";
using (var cmd = new NpgsqlCommand(strSQL, connection))
{
cmd.Parameters.AddWithValue("@per", per);
cmd.Parameters.AddWithValue("@email", email);
cmd.Parameters.AddWithValue("@account", userid);
cmd.ExecuteNonQuery(); //執行修改
cmd.Dispose();
connection.Close();
}
}
//提示成功字樣
TempData["result"] = "修改成功";
//返回查詢頁
return(new RedirectResult(Url.Action("USR_Admin", "Admin")));
}
return(View());
}
catch (Exception ex)
{
string error = ex.ToString();
return(View());
}
}
else
{
//回報
ViewBag.Msg = "密碼輸入錯誤,請重新輸入";
return(View());
}
}
public async Task <ActionResult> GetWorkflowData([FromBody] USR user)
{
optionsBuilder = new DbContextOptionsBuilder <ApplicationDbContext>();
var context = new ApplicationDbContext(optionsBuilder.Options);
WorkflowDataRequest workflow =
context.workflowDataRequests.Where(
w => w.CRD_BY_NR == user.ID &&
w.WFL_STA_TE != (int)Enums.ATStatus.Inactive).FirstOrDefault();
return(Ok(workflow));
}
/*----------------------------------------------------------------------------
* %%Function: ReaderGetBookScanInfoDelegate
* %%Qualified: UpcSvc.UpcSvc.ReaderGetBookScanInfoDelegate
* %%Contact: rlittle
*
* ----------------------------------------------------------------------------*/
public static void ReaderGetBookScanInfoDelegate(SqlReader sqlr, CorrelationID crid, ref USR_BookInfo usrb)
{
BookInfo bki = new BookInfo();
bki.Code = sqlr.Reader.GetString(0);
bki.LastScan = sqlr.Reader.GetDateTime(1);
bki.FirstScan = sqlr.Reader.GetDateTime(2);
bki.Title = sqlr.Reader.GetString(3);
bki.Location = sqlr.Reader.GetString(4);
usrb = USR_BookInfo.FromTCSR(USR.SuccessCorrelate(crid));
usrb.TheValue = bki;
}
/*----------------------------------------------------------------------------
* %%Function: ReaderGetDvdScanInfoListDelegate
* %%Qualified: UpcSvc.UpcSvc.ReaderGetDvdScanInfoListDelegate
* %%Contact: rlittle
*
* ----------------------------------------------------------------------------*/
public static void ReaderGetDvdScanInfoListDelegate(SqlReader sqlr, CorrelationID crid, ref USR_DvdInfoList usrds)
{
DvdInfo dvdi = new DvdInfo();
dvdi.Code = sqlr.Reader.GetString(0);
dvdi.LastScan = sqlr.Reader.GetDateTime(1);
dvdi.FirstScan = sqlr.Reader.GetDateTime(2);
dvdi.Title = sqlr.Reader.GetString(3);
if (usrds == null)
{
usrds = USR_DvdInfoList.FromTCSR(USR.SuccessCorrelate(crid));
usrds.TheValue = new List <DvdInfo>();
}
usrds.TheValue.Add(dvdi);
}
/*----------------------------------------------------------------------------
* %%Function: ReaderGetDvdScanInfoExDelegate
* %%Qualified: UpcSvc.UpcSvc.ReaderGetDvdScanInfoExDelegate
* %%Contact: rlittle
*
* ----------------------------------------------------------------------------*/
public static void ReaderGetDvdScanInfoExDelegate(SqlReader sqlr, CorrelationID crid, ref USR_DvdInfoEx usrd)
{
USR_DvdInfo dvdInfo = null;
ReaderGetDvdScanInfoDelegate(sqlr, crid, ref dvdInfo);
DvdInfoEx dvdix = DvdInfoEx.FromDvdInfo(dvdInfo.TheValue);
dvdix.Summary = sqlr.Reader.IsDBNull(4) ? null : sqlr.Reader.GetString(4);
dvdix.Classification = sqlr.Reader.IsDBNull(5) ? null : sqlr.Reader.GetString(5);
dvdix.MediaType = sqlr.Reader.IsDBNull(6) ? null : sqlr.Reader.GetString(6);
dvdix.CoverSrc = sqlr.Reader.IsDBNull(7) ? null : sqlr.Reader.GetString(7);
usrd = USR_DvdInfoEx.FromTCSR(USR.SuccessCorrelate(crid));
usrd.TheValue = dvdix;
}
/*----------------------------------------------------------------------------
* %%Function: ReaderGetBookScanInfoDelegate
* %%Qualified: UpcSvc.UpcSvc.ReaderGetBookScanInfoDelegate
* %%Contact: rlittle
*
* ----------------------------------------------------------------------------*/
public static void ReaderGetWineScanInfoDelegate(SqlReader sqlr, CorrelationID crid, ref USR_WineInfo usrw)
{
WineInfo wni = new WineInfo();
wni.Code = sqlr.Reader.GetString(0);
wni.LastScan = sqlr.Reader.GetDateTime(1);
wni.FirstScan = sqlr.Reader.GetDateTime(2);
wni.Wine = sqlr.Reader.GetString(3);
wni.Vintage = sqlr.Reader.GetString(4);
wni.Notes = sqlr.Reader.IsDBNull(5) ? null : sqlr.Reader.GetString(5);
wni.Bin = sqlr.Reader.GetString(6);
wni.Location = sqlr.Reader.GetString(7);
usrw = USR_WineInfo.FromTCSR(USR.SuccessCorrelate(crid));
usrw.TheValue = wni;
}
public static void ReaderGetBookScanInfoExDelegate(SqlReader sqlr, CorrelationID crid, ref USR_BookInfoEx usrb)
{
USR_BookInfo bookInfo = null;
ReaderGetBookScanInfoDelegate(sqlr, crid, ref bookInfo);
BookInfoEx bkix = BookInfoEx.FromBookInfo(bookInfo.TheValue); // new BookInfoEx()); //bookInfo.TheValue);
bkix.Author = sqlr.Reader.IsDBNull(5) ? null : sqlr.Reader.GetString(5);
bkix.Summary = sqlr.Reader.IsDBNull(6) ? null : sqlr.Reader.GetString(6);
bkix.CoverSrc = sqlr.Reader.IsDBNull(7) ? null : sqlr.Reader.GetString(7);
bkix.ReleaseDate = sqlr.Reader.IsDBNull(8) ? (DateTime?)null : sqlr.Reader.GetDateTime(8);
bkix.Series = sqlr.Reader.IsDBNull(9) ? null : sqlr.Reader.GetString(9);
usrb = USR_BookInfoEx.FromTCSR(USR.SuccessCorrelate(crid));
usrb.TheValue = bkix;
}
/*----------------------------------------------------------------------------
* %%Function: ReaderGetDvdScanInfoListDelegate
* %%Qualified: UpcSvc.UpcSvc.ReaderGetDvdScanInfoListDelegate
* %%Contact: rlittle
*
* ----------------------------------------------------------------------------*/
public static void ReaderGetBookScanInfoListDelegate(SqlReader sqlr, CorrelationID crid, ref USR_BookInfoList usrbs)
{
BookInfo bki = new BookInfo();
bki.Code = sqlr.Reader.GetString(0);
bki.LastScan = sqlr.Reader.GetDateTime(1);
bki.FirstScan = sqlr.Reader.GetDateTime(2);
bki.Title = sqlr.Reader.GetString(3);
if (usrbs == null)
{
usrbs = USR_BookInfoList.FromTCSR(USR.SuccessCorrelate(crid));
usrbs.TheValue = new List <BookInfo>();
}
usrbs.TheValue.Add(bki);
}
//Mail the APPROVED candidates
public ActionResult Mail(int APPLY_ID, int TEST_ID)
{
try
{
ResultService resultService = new ResultService();
RESULT result = new RESULT();
result.APPLY_ID = APPLY_ID;
result.TEST_ID = TEST_ID;
//create result before mail
resultService.create(result);
}
catch (Exception)
{
}
try
{
//Mail
AptechSem3.Service.MailService mailService = new Service.MailService();
ApplicationService applyService = new ApplicationService();
JOB_APPLICATION apply = applyService.findById(APPLY_ID.ToString());
AptechSem3.Service.UsrService userService = new AptechSem3.Service.UsrService();
USR usr = userService.findUsrByApplyID(APPLY_ID);
TestService testService = new TestService();
TEST test = testService.findById(TEST_ID.ToString());
//message
String message = "<p>Dear " + apply.NAME + ",</p>" +
"<p>Thank you for applying for the position with The Webster Company.</p>" +
"<p>We would like to invite you to our online test for the position. Your test has been scheduled for " + test.START_TIME + " to " + test.END_TIME + ".</p>" +
"<p>Your account for this test:</p>" +
"<p>Username: "******"</p>" + "<p>Password: "******"</p>" +
"<p>Please reply if you have any question.</p>" +
"<p>Sincerly,</p>" +
"<p>The Webster Company</p>";
mailService.sendMail(apply.MAIL, test.TEST_NAME, message);
ViewBag.error = "Mail success";
}
catch (Exception ex)
{
ViewBag.error = ex.Message;
}
return(RedirectToAction("ApplicationDetail", "Manager", new { applyId = APPLY_ID }));
}
public ActionResult USR_Delete(USR post)
{
string adminid = (string)Session["uid"]; //管理員ID
string adminpw = post.upw; //管理員pw
string userid = (string)Session["select"]; //選擇的使用者
//驗證管理員密碼
if (CheckPW(adminid, adminpw))
{
//刪除帳號
try
{
using (NpgsqlConnection connection = new NpgsqlConnection(ConfigurationManager.AppSettings["DB"])) //連線 用web.config裡的地址
{
connection.Open();
string strSQL = @"DELETE FROM public.account WHERE str_userid = @account";
using (var cmd = new NpgsqlCommand(strSQL, connection))
{
cmd.Parameters.AddWithValue("@account", userid);
cmd.ExecuteNonQuery(); //刪除
cmd.Dispose();
connection.Close();
}
}
//提示成功字樣
TempData["result"] = "刪除成功";
//返回查詢頁
return(new RedirectResult(Url.Action("USR_Admin", "Admin")));
}
catch (Exception ex)
{
string error = ex.ToString();
return(View());
}
}
else
{
//回報
ViewBag.Msg = "密碼輸入錯誤,請重新輸入";
return(View());
}
}
public UserDataResponse SelectUserByUserIdAndPassword(String USR_ID_TE, String USR_PWD_TE)
{
optionsBuilder = new DbContextOptionsBuilder <ApplicationDbContext>();
userDataResponse = new UserDataResponse();
try
{
var context = new ApplicationDbContext(optionsBuilder.Options);
USR user = context.UserData.Where(u => u.USR_ID_TE == USR_ID_TE && u.USR_PWD_TE == USR_PWD_TE).FirstOrDefault();
userDataResponse.Success = false;
if (user != null)
{
userDataResponse.Success = true;
}
userDataResponse.User = user;
}
catch (Exception ex)
{
userDataResponse.Success = false;
userDataResponse.OperationException = ex;
}
return(userDataResponse);
}
//public WorkflowDataResponse CreateWorkflow(WorkflowDataRequest workflowData)
//{
//}
public WorkflowDataResponse SelectWorkflows(USR user)
{
WorkflowDataResponse workflowtDataResponse = new WorkflowDataResponse();
optionsBuilder = new DbContextOptionsBuilder <ApplicationDbContext>();
using (var context = new ApplicationDbContext(optionsBuilder.Options))
{
try
{
workflowtDataResponse.Workflows = context.workflowDataRequests.Where(w => w.CRD_BY_NR == user.ID).ToList();
workflowtDataResponse.Success = true;
return(workflowtDataResponse);
}
catch (Exception ex)
{
workflowtDataResponse.Success = false;
workflowtDataResponse.OperationException = ex;
}
}
return(workflowtDataResponse);
}
//Approve Apps
public ActionResult ApproveApplication(string applyId, int status)
{
ApplicationService applicationService = new ApplicationService();
ResultService resultService = new ResultService();
//Create a new Object APPLY TYPE
JOB_APPLICATION apply = new JOB_APPLICATION();
PostService postService = new PostService();
//get TestId by ApplyId
int testId = applicationService.getTestIdByApplyId(applyId);
//testid == 0 equal testid == null
if (testId == 0)
{
//redirect page
return(RedirectToAction("ApplicationDetail", "Manager", new { applyId = applyId }));
}
//find the APPLY with applyId
apply = applicationService.findById(applyId);
//get Now DateTime to compare
string created = DateTime.Now.ToString("ddMMyyyyHHmmss");
UserService userService = new UserService();
//Check Apply Existed
if (userService.findByApplyId(applyId))
{
ViewBag.error = "User has Existed";
return(RedirectToAction("ApplicationDetail", "Manager", new { applyId = applyId }));
}
//Check same status ?
if (apply.APPROVE_STATUS == status)
{
ViewBag.error = "Can't proceed the same Status";
return(RedirectToAction("ApplicationDetail", "Manager", new { applyId = applyId }));
}
else
//Status == 1 -> Status == "Approved"
if (status == 1)
{
RESULT result = new RESULT();
result.APPLY_ID = Int32.Parse(applyId);
result.TEST_ID = testId;
applicationService.apply(applyId, 1);
string username = "******" + created;
string decrypt = string.Join("", MD5.Create().ComputeHash(Encoding.ASCII.GetBytes(created)).Select(s => s.ToString("x2")));
string password = decrypt.Substring(2, 10);
USR user = new USR();
user.APPLY_ID = Int32.Parse(applyId);
user.ROLE = "CANDIDATE";
user.USERNAME = username;
user.PASSWORD = password;
//if create false => user existed
if (userService.create(user))
{
return(RedirectToAction("ApplicationDetail", "Manager", new { applyId = applyId }));
}
else
{
ViewBag.error = "User for this application existed";
return(RedirectToAction("ApplicationDetail", "Manager", new { applyId = applyId }));
}
}
else
//unapprove
{
//check delete the result
if (resultService.deleteResultByApply(Int32.Parse(applyId)))
{
}
//unapprove the apply
applicationService.apply(applyId, -1);
}
return(RedirectToAction("ApplicationDetail", "Manager", new { applyId = applyId }));
}
public int DeleteUser(USR userData)
{
throw new NotImplementedException();
}
/*----------------------------------------------------------------------------
* %%Function: DoGenericQueryDelegateRead
* %%Qualified: UpcSvc.UpcSvc.DoGenericQueryDelegateRead<T>
* %%Contact: rlittle
*
* Do a generic query and return the result for type T
* ----------------------------------------------------------------------------*/
public static T DoGenericQueryDelegateRead <T>(string sQuery, DelegateReader <T> delegateReader, DelegateFromUSR <T> delegateFromUsr)
{
LocalSqlHolder lsh = null;
CorrelationID crid = new CorrelationID();
SR sr = SR.Failed("unknown");
try
{
lsh = new LocalSqlHolder(null, crid, SqlConnectionStatic);
string sCmd = sQuery;
if (delegateReader == null)
{
// just execute as a command
return(delegateFromUsr(USR.FromSR(TCore.Sql.ExecuteNonQuery(lsh, sCmd, SqlConnectionStatic))));
}
else
{
SqlReader sqlr = new SqlReader(lsh);
try
{
sr = sqlr.ExecuteQuery(sQuery, SqlConnectionStatic);
sr.CorrelationID = crid;
if (sr.Succeeded)
{
T t = default(T);
bool fOnce = false;
while (sqlr.Reader.Read())
{
delegateReader(sqlr, crid, ref t);
fOnce = true;
}
if (!fOnce)
{
return(delegateFromUsr(USR.FromSR(SR.FailedCorrelate("scan code not found", crid))));
}
return(t);
}
}
catch (Exception e)
{
sqlr.Close();
return(delegateFromUsr(USR.FromSR(SR.FailedCorrelate(e, crid))));
}
}
}
catch (Exception e)
{
return(delegateFromUsr(USR.FromSR(SR.FailedCorrelate(e, crid))));
}
finally
{
lsh?.Close();
}
{
USR usr = USR.FromSR(sr);
usr.Reason += $"( fExecuteQuery returned false) (static={SqlConnectionStatic})";
return(delegateFromUsr(usr));
}
}
public UserDataResponse UpdateUser(USR userData)
{
string connectionString = AtServicesContext.ConnectionString;
throw new NotImplementedException();
}
public static USR FromUSR(USR usr)
{
return(usr);
}
