internal async Task ById(SearchByIdModel model, SqlConnection connection1, UsersByIdModel resultSeachByIdModel, bool isAdmin)
{
resultSeachByIdModel.email = "";
resultSeachByIdModel.firstname = "";
resultSeachByIdModel.lastname = "";
resultSeachByIdModel.direccion = "";
resultSeachByIdModel.colonia = "";
resultSeachByIdModel.ciudad = "";
resultSeachByIdModel.tel = "";
resultSeachByIdModel.menu = new List <GroupsUsersByIdMenuDetailsModel>();
resultSeachByIdModel.groups = new List <GroupsUsersByIdGroupsDetailsModel>();
resultSeachByIdModel.isrootadmin = Convert.ToInt32(isAdmin);
bool save = true;
if (model.id != "0")
{
if (!isAdmin)
{
save = await CheckisAdmin(connection1, model.id);
}
if (save)
{
await GetById(connection1, model, resultSeachByIdModel);
}
}
if (save)
{
await GetByMenu(connection1, model, resultSeachByIdModel);
await GetByGroups(connection1, model, resultSeachByIdModel);
}
}
private async Task GetById(SqlConnection connection1, SearchByIdModel model, UsersByIdModel data)
{
SqlCommand cmd = new SqlCommand();
string cmdString = "SELECT a.email, isnull(u.firstname,''), isnull(u.lastname,''), isnull(u.direccion,''), isnull(u.colonia,''), isnull(u.ciudad,''), isnull(u.tel,''), u.photo, " +
"r.name FROM AspNetUsers as a " +
"left join users u on a.id = u.id " +
"left join AspNetUserRoles ur on a.id = ur.UserId " +
"left join AspNetRoles r on ur.RoleId = r.id " +
"where a.id = @id";
cmd.CommandText = cmdString;
cmd.Connection = connection1;
SqlParameter parameter = new SqlParameter("@id", SqlDbType.VarChar);
parameter.Value = model.id;
cmd.Parameters.Add(parameter);
SqlDataReader reader = await cmd.ExecuteReaderAsync();
while (await reader.ReadAsync())
{
data.email = reader.GetString(0);
data.firstname = reader.GetString(1);
data.lastname = reader.GetString(2);
data.direccion = reader.GetString(3);
data.colonia = reader.GetString(4);
data.ciudad = reader.GetString(5);
data.tel = reader.GetString(6);
if (reader.IsDBNull(7))
{
data.photo = new byte[0];
}
else
{
data.photo = (byte[])reader["photo"];
}
if (!reader.IsDBNull(8))
{
data.isadmin = 1;
}
}
reader.Close();
}
public async Task <HttpResponseMessage> Users(UsersDataModel model)
{
Thread.CurrentThread.CurrentCulture = culture;
List <UsersQueryModel> resultSeachModel = null;
UsersByIdModel resultSeachByIdModel = null;
Users proxy = new Users();
try
{
bool isAdmin = false;
if (!await Authentication.isAdmin(User, Request))
{
Authentication auth = new Authentication();
if (!await auth.AccesRights(User.Identity.GetUserId(), "users", model.type))
{
return(Request.CreateResponse(System.Net.HttpStatusCode.Unauthorized));
}
auth = null;
}
else
{
isAdmin = true;
}
string idAdminrole = "";
if (isAdmin && (model.type == 3 || model.type == 4))
{
var rm = new RoleManager <IdentityRole>(new RoleStore <IdentityRole>(new ApplicationDbContext()));
idAdminrole = rm.FindByName("Administrador").Id;
}
if (model.type == 3)
{
return(Request.CreateResponse(System.Net.HttpStatusCode.OK,
await proxy.New(model.update, Request, connetionString, isAdmin, idAdminrole)));
}
else if (model.type == 5)
{
await proxy.UpdateIsActive(model.isActive, Request);
}
else if (model.type == 6)
{
await proxy.ChangePassword(model.changePassword, Request);
}
else
{
using (TransactionScope scope = new TransactionScope(TransactionScopeAsyncFlowOption.Enabled))
{
using (SqlConnection connection1 = new SqlConnection(connetionString))
{
await connection1.OpenAsync();
if (model.type == 1)
{
resultSeachModel = new List <UsersQueryModel>();
await proxy.SearchQuery(model.search, resultSeachModel, connection1, isAdmin);
}
else if (model.type == 2)
{
resultSeachByIdModel = new UsersByIdModel();
await proxy.ById(model.byId, connection1, resultSeachByIdModel, isAdmin);
}
else if (model.type == 4)
{
await proxy.Update(model.update, connection1, isAdmin, idAdminrole);
}
}
scope.Complete();
}
}
}
catch (TransactionAbortedException ex)
{
ErrorModel _errors = new ErrorModel();
_errors.message = ex.Message;
return(Request.CreateResponse(System.Net.HttpStatusCode.InternalServerError, _errors));
}
catch (Exception ex)
{
ErrorModel _errors = new ErrorModel();
_errors.message = ex.Message;
return(Request.CreateResponse(System.Net.HttpStatusCode.InternalServerError, _errors));
}
if (model.type == 1)
{
return(Request.CreateResponse(System.Net.HttpStatusCode.OK, resultSeachModel));
}
else if (model.type == 2)
{
return(Request.CreateResponse(System.Net.HttpStatusCode.OK, resultSeachByIdModel));
}
return(Request.CreateResponse(System.Net.HttpStatusCode.OK));
}
private async Task GetByGroups(SqlConnection connection1, SearchByIdModel model, UsersByIdModel data)
{
SqlCommand cmd = new SqlCommand();
string cmdString = "select m.id, m.name, g.ischecked from groups m " +
"left join usersgroups g on m.id = g.idgroup and g.iduser = @id " +
"left join users gr on g.iduser = gr.id and gr.id = @id " +
"where m.status = 1 " +
"order by m.name";
cmd.CommandText = cmdString;
cmd.Connection = connection1;
SqlParameter parameter = new SqlParameter("@id", SqlDbType.VarChar);
parameter.Value = model.id;
cmd.Parameters.Add(parameter);
SqlDataReader reader = await cmd.ExecuteReaderAsync();
while (await reader.ReadAsync())
{
GroupsUsersByIdGroupsDetailsModel details = new GroupsUsersByIdGroupsDetailsModel();
details.id = reader.GetString(0);
details.name = reader.GetString(1);
if (reader.IsDBNull(2))
{
details.ischecked = false;
details.isEdit = 0;
}
else
{
details.ischecked = reader.GetBoolean(2);
details.isEdit = 1;
}
data.groups.Add(details);
}
reader.Close();
}
private async Task GetByMenu(SqlConnection connection1, SearchByIdModel model, UsersByIdModel data)
{
SqlCommand cmd = new SqlCommand();
string cmdString = "select m.id, m.menu, g.isquery, g.isedit, g.isnew, g.isdelete from menu m " +
"left join usersmenu g on m.id = g.idmenu and g.iduser = @id " +
"left join users gr on g.iduser = gr.id and gr.id = @id " +
"where m.status = 1 " +
"order by m.menu";
cmd.CommandText = cmdString;
cmd.Connection = connection1;
SqlParameter parameter = new SqlParameter("@id", SqlDbType.VarChar);
parameter.Value = model.id;
cmd.Parameters.Add(parameter);
SqlDataReader reader = await cmd.ExecuteReaderAsync();
while (await reader.ReadAsync())
{
GroupsUsersByIdMenuDetailsModel details = new GroupsUsersByIdMenuDetailsModel();
details.id = reader.GetString(0);
details.name = reader.GetString(1);
details.isEdit = 0;
if (reader.IsDBNull(2))
{
details.isquery = 0;
}
else
{
details.isquery = reader.GetInt32(2);
details.isEdit = 1;
}
if (reader.IsDBNull(3))
{
details.iseditField = 0;
}
else
{
details.iseditField = reader.GetInt32(3);
details.isEdit = 1;
}
if (reader.IsDBNull(4))
{
details.isnew = 0;
}
else
{
details.isnew = reader.GetInt32(4);
details.isEdit = 1;
}
if (reader.IsDBNull(5))
{
details.isdelete = 0;
}
else
{
details.isdelete = reader.GetInt32(5);
details.isEdit = 1;
}
data.menu.Add(details);
}
reader.Close();
}
