protected void Page_Load(object sender, EventArgs e) { try { Nav1.Feedback.Text = String.Empty; Nav1.SideTabId = AssignmentManager.Common.constants.SIDE_NAV_COURSE_MANAGEMENT; Nav1.TopTabId = AssignmentManager.Common.constants.TOP_NAV_COURSE_INFO; Nav1.SubTitle = " "; Nav1.Title = " "; Nav1.relativeURL = @"../"; PermissionsID maxUserPermission; AssignmentManager.Common.Functions func = new AssignmentManager.Common.Functions(); if (!SharedSupport.SecurityIsAllowed(SecurityAction.COURSE_ADD, out maxUserPermission)) { // Note that Redirect ends page execution. Response.Redirect(@"../Error.aspx?ErrorDetail=" + "Global_Unauthorized"); } int vsversion = func.ValidateNumericQueryStringParameter(Request, "VSVersion"); if (vsversion < 7.1) { Response.Redirect(@"../Error.aspx?ErrorDetail=" + "AddCourse_WrongVSVersion", false); } if (!IsPostBack) { // // Evals true first time browser hits the page // if (Request["CourseID"] != null && Request["CourseID"] != String.Empty) { if (Request["CourseName"] != null && Request["CourseName"] != String.Empty) { // Load by GUID string CourseID = Request.QueryString.Get("CourseID").ToString(); courseGuid = new System.Guid(CourseID); txtCourseGUID.Value = courseGuid.ToString(); CourseM course = CourseM.Load(courseGuid); if (course.IsValid) { // course already exists courseExists(course); return; } else { // check the short name for uniqueness string courseShortName = Request.QueryString.Get("CourseName").ToString().Trim(); if (courseShortName == null || courseShortName == String.Empty) { Response.Redirect(@"../Error.aspx?ErrorDetail=" + "AddCourse_MissingCourseShortName", false); return; } else { course = CourseM.Load(courseShortName); if (course.IsValid) { // course short name already exists; prompt: work with? copy? courseExists(course); return; } } // insert bare min. course information course = new CourseM(); course.Name = courseShortName; course.CourseGuid = courseGuid; course.SendEmailRemindersFlag = false; course.LastUpdatedUserID = SharedSupport.GetUserIdentity(); course.StartDate = DateTime.Now.AddMonths(1); course.EndDate = DateTime.Now.AddMonths(1); string fileDir = SharedSupport.RemoveIllegalFilePathCharacters(course.Name).Replace(" ", String.Empty); fileDir = SharedSupport.AddBackSlashToDirectory(Constants.DEFAULT_COURSE_OFFERINGS_ROOT_STORAGE_PATH) + SharedSupport.AddBackSlashToDirectory(fileDir); if (!System.IO.Directory.Exists(fileDir)) { //create directory System.IO.Directory.CreateDirectory(fileDir); } course.RootStoragePath = SharedSupport.AddBackSlashToDirectory(Constants.DEFAULT_COURSE_OFFERINGS_ROOT_STORAGE_PATH) + SharedSupport.AddBackSlashToDirectory(SharedSupport.RemoveIllegalFilePathCharacters(course.Name).Replace(" ", String.Empty)); course.Add(); if (!Directory.Exists(course.RootStoragePath)) { Directory.CreateDirectory(course.RootStoragePath); } UserM user = UserM.Load(SharedSupport.GetUserIdentity()); user.AddToCourse(course.CourseID, maxUserPermission); // redirect for additional maintenance Response.Redirect("AddEditCourse.aspx?CourseID=" + course.CourseID, false); } } else { //Throw error, there was no ShortName on the query string Response.Redirect(@"../Error.aspx?ErrorDetail=" + "AddCourse_MissingCourseShortName", false); } } else { //Throw error, there was no CourseID on the query string Response.Redirect(@"../Error.aspx?ErrorDetail=" + "AddCourse_MissingCourseID", false); } } } catch (Exception ex) { Nav1.Feedback.Text = ex.Message.ToString(); } }
/// <summary> /// /// </summary> /// <param name="sender"> </param> /// <param name="e"> </param> public void btnUpdate_Click(object sender, System.EventArgs e) { try { //reset error handling label Nav1.Feedback.Text = String.Empty; checkErrorCases(); UserM user = null; //Save Updated or New User - check for UserID on query string if (userId != 0) { if (!SharedSupport.SecurityIsAllowed(courseId, SecurityAction.USER_EDIT)) { throw new Exception(SharedSupport.GetLocalizedString("Global_Unauthorized")); } //Update user = UserM.Load(userId); if (user.IsValid) { //Save updated user user.EmailAddress = txtEMailAddress.Text.ToString(); user.FirstName = txtFirstName.Text.ToString(); user.LastName = txtLastName.Text.ToString(); user.LastUpdatedDate = DateTime.Now; user.LastUpdatedUserID = SharedSupport.GetUserIdentity(); user.MiddleName = txtMiddleName.Text.ToString(); user.UniversityID = txtUniversityIdentifier.Text.ToString(); user.UserName = txtUserName.Text.ToString(); user.Update(); if (user.IsInCourse(courseId)) { if (SharedSupport.SecurityIsAllowed(courseId, SecurityAction.SECURITY_EDIT)) { int roleid = Convert.ToInt32(UserRolesList.SelectedItem.Value); RoleM currentUsersRole = RoleM.GetUsersRoleInCourse(SharedSupport.GetUserIdentity(), courseId); // The lower role => greater permissions if ((currentUsersRole.ID == (int)PermissionsID.Admin) || (currentUsersRole.ID < roleid)) { user.SetRoleInCourse(courseId, roleid); } else { throw new Exception(SharedSupport.GetLocalizedString("AddEditUser_ErrorRolePermissionDenied")); } } } else { // Add user to Course PermissionsID permission = PermissionsID.Student; if (SharedSupport.SecurityIsAllowed(courseId, SecurityAction.SECURITY_EDIT)) { int roleid = Convert.ToInt32(UserRolesList.SelectedItem.Value); RoleM currentUsersRole = RoleM.GetUsersRoleInCourse(SharedSupport.GetUserIdentity(), courseId); // The lower role => greater permissions // Note: Cannot change the permission of someone at your level. if ((currentUsersRole.ID == (int)PermissionsID.Admin) || (currentUsersRole.ID < roleid)) { permission = (PermissionsID)roleid; user.AddToCourse(courseId, permission); } else { throw new Exception(SharedSupport.GetLocalizedString("AddEditUser_ErrorRolePermissionDenied")); } } } btnUpdate.Text = SharedSupport.GetLocalizedString("AddEditUser_Update"); Nav1.Feedback.Text = SharedSupport.GetLocalizedString("AddEditUser_UserUpdated"); //"User has been Updated."; } else { throw new Exception(NO_USER_FOR_USERID_ERROR); } } else { if (!SharedSupport.SecurityIsAllowed(courseId, SecurityAction.USER_ADD)) { throw new Exception(SharedSupport.GetLocalizedString("Global_Unauthorized")); } //Insert user = new UserM(); user.EmailAddress = txtEMailAddress.Text.ToString(); user.FirstName = txtFirstName.Text.ToString(); user.LastName = txtLastName.Text.ToString(); user.LastUpdatedDate = DateTime.Now; user.LastUpdatedUserID = SharedSupport.GetUserIdentity(); user.MiddleName = txtMiddleName.Text.ToString(); user.UniversityID = txtUniversityIdentifier.Text.ToString(); user.UserName = txtUserName.Text.ToString(); user.ChangedPassword = false; // Does the user already exist? UserM userByName = UserM.LoadByUserName(user.UserName); if (!userByName.IsValid) { userId = user.Create(); btnUpdate.Text = SharedSupport.GetLocalizedString("AddEditUser_Update"); Nav1.Feedback.Text = SharedSupport.GetLocalizedString("AddEditUser_UserInserted"); //"User has been inserted."; PermissionsID permission = PermissionsID.Student; if (SharedSupport.SecurityIsAllowed(courseId, SecurityAction.SECURITY_EDIT)) { int roleid = Convert.ToInt32(UserRolesList.SelectedItem.Value); RoleM currentUsersRole = RoleM.GetUsersRoleInCourse(SharedSupport.GetUserIdentity(), courseId); // The lower role = greater permissions // Note: Can't change permissions of someone equal in level to you. if ((currentUsersRole.ID == (int)PermissionsID.Admin) || (currentUsersRole.ID < roleid)) { permission = (PermissionsID)roleid; } else { throw new Exception(SharedSupport.GetLocalizedString("AddEditUser_ErrorRolePermissionDenied")); } } user.AddToCourse(courseId, permission); } else { throw new Exception(SharedSupport.GetLocalizedString("User_UserNameMustBeUnique")); } } Response.Redirect("Users.aspx?UserID=" + userId.ToString() + "&" + Request.QueryString.ToString(), false); } catch (Exception ex) { Nav1.Feedback.Text = ex.Message.ToString(); } }