public void TestSetPasswordFail()
{
// Arrange
LoginController lc = new LoginController();
bool expected = false;
Staff expectedStaff = new Staff();
expectedStaff.StaffID = 100;
expectedStaff.FirstName = "test staff";
expectedStaff.LastName = "test";
expectedStaff.DateOfBirth = new DateTime(2013, 2, 5);
expectedStaff.Gender = PersonGender.Male;
expectedStaff.TelephoneNumber = "00000000000";
expectedStaff.EmailAddress = "test";
expectedStaff.AddressLine1 = "test";
expectedStaff.AddressLine2 = "test";
expectedStaff.City = "test";
expectedStaff.County = "test";
expectedStaff.PostCode = "test";
expectedStaff.MaritalStatus = "single";
expectedStaff.Permissions = PermissionsFlag.Doctor;
// Act
bool actual = lc.SetStaffPassword(expectedStaff, "test");
// Assert
Assert.AreEqual(expected, actual);
}
// Update a specific member of staff based on user entered data
public bool ModifyStaff(Staff oldStaff, int ID, string firstName, string lastName, int genderInt, string dob, string status,
string telNo, string address1, string address2, string city, string county,
string postCode, string email)
{
Staff staff = new Staff();
// set all attris
PersonGender gender;
Enum.TryParse<PersonGender>(genderInt.ToString(), out gender);
DateTime dateOfBirth = Convert.ToDateTime(dob);
staff.StaffID = ID;
staff.FirstName = firstName;
staff.LastName = lastName;
staff.Gender = gender;
staff.DateOfBirth = dateOfBirth;
staff.MaritalStatus = status;
staff.TelephoneNumber = telNo;
staff.AddressLine1 = address1;
staff.AddressLine2 = address2;
staff.City = city;
staff.County = county;
staff.PostCode = postCode;
staff.EmailAddress = email;
return BusinessMetaLayer.ModifyStaffDetails(oldStaff, staff);
}
public void TestModifyStaffSuccess()
{
// Arrange
ManagementController managementController = new ManagementController();
bool expected = true;
Staff oldStaff = new Staff();
oldStaff.StaffID = 1;
oldStaff.FirstName = "test";
oldStaff.LastName = "test";
oldStaff.Gender = PersonGender.Male;
oldStaff.DateOfBirth = new DateTime(2013, 02, 05);
oldStaff.MaritalStatus = "single";
oldStaff.TelephoneNumber = "00000000000";
oldStaff.AddressLine1 = "test";
oldStaff.AddressLine2 = "test";
oldStaff.City = "test";
oldStaff.County = "test";
oldStaff.PostCode = "test";
oldStaff.EmailAddress = "test";
oldStaff.Permissions = PermissionsFlag.Doctor;
// Act
bool actual = managementController.ModifyStaff(oldStaff, 1, "test subject 12", "test", 0, "05/02/2013", "single", "00000000000", "test", "test", "test", "test", "test", "test");
// Assert
Assert.AreEqual(expected, actual);
}
public void TestFindStaffOnID()
{
// Arrange
AdminController adminController = new AdminController();
Staff expectedStaff = new Staff();
expectedStaff.StaffID = 1;
expectedStaff.FirstName = "test";
expectedStaff.LastName = "test";
expectedStaff.DateOfBirth = new DateTime(2013, 2, 5);
expectedStaff.Gender = PersonGender.Male;
expectedStaff.TelephoneNumber = "00000000000";
expectedStaff.EmailAddress = "test";
expectedStaff.AddressLine1 = "test";
expectedStaff.AddressLine2 = "test";
expectedStaff.City = "test";
expectedStaff.County = "test";
expectedStaff.PostCode = "test";
expectedStaff.MaritalStatus = "single";
expectedStaff.Permissions = PermissionsFlag.Doctor;
// Act
Staff actualStaff = adminController.GetStaffDetails(1);
// Assert
Assert.AreEqual(expectedStaff, actualStaff);
}
// Create a new appointment and pass it to the meta layer for insertion into the database
public bool AddAppointment(DateTime startDate, DateTime endDate, Staff staff, Patient patient)
{
Appointment newAppointment = new Appointment();
newAppointment.PatientID = patient.PatientID;
newAppointment.StaffID = staff.StaffID;
newAppointment.StartDate = startDate;
newAppointment.EndDate = endDate;
return BusinessMetaLayer.AddAppointment(newAppointment);
}
public FormTestDetails(Patient patient)
{
InitializeComponent();
_patient = patient;
_patient.Tests = _adminController.GetPatientTests(_patient.PatientID);
_staff = UserSession.Instance().CurrentUser;
testTypeCmb.DataSource = Enum.GetValues(typeof(TestType));
RefreshForm();
}
public FormMedical()
{
InitializeComponent();
_medicalController = new MedicalController();
_staff = UserSession.Instance().CurrentUser;
_medicines = new List<Medicine>();
FormRefreshCalendar();
// Shows the currently logged in user's name in the status bar.
loggedInLabel.Text = "Logged In As: " + UserSession.Instance().CurrentUser.ToString();
testTypeCmb.DataSource = Enum.GetValues(typeof(TestType));
}
public FormAddAbsence(Staff staff)
{
InitializeComponent();
_adminController = new AdminController();
_staff = staff;
// Create the management controls if the current user can use them
if (UserSession.Instance().CurrentUser.Permissions == PermissionsFlag.Management)
{
_managementController = new ManagementController();
}
RefreshForm();
}
public void TestAddAppointmentExists()
{
// Arrange
AdminController adminController = new AdminController();
bool expected = false;
Staff staff = new Staff();
staff.StaffID = 1;
Patient patient = new Patient();
patient.PatientID = 1;
// Act
bool actual = adminController.AddAppointment(new DateTime(2000, 1, 1, 9, 0, 0), new DateTime(2000, 1, 1, 9, 15, 0), staff, patient);
// Assert
Assert.AreEqual(expected, actual);
}
// Update the staff password
public bool SetStaffPassword(Staff staff, string password)
{
staff.FirstName = EncodeMySql(staff.FirstName);
staff.LastName = EncodeMySql(staff.LastName);
staff.AddressLine1 = EncodeMySql(staff.AddressLine1);
staff.AddressLine2 = EncodeMySql(staff.AddressLine2);
staff.City = EncodeMySql(staff.City);
staff.County = EncodeMySql(staff.County);
staff.PostCode = EncodeMySql(staff.PostCode);
staff.DateOfBirth = staff.DateOfBirth;
staff.EmailAddress = EncodeMySql(staff.EmailAddress);
staff.TelephoneNumber = EncodeMySql(staff.TelephoneNumber);
staff.MaritalStatus = EncodeMySql(staff.MaritalStatus);
staff.Gender = staff.Gender;
staff.Permissions = staff.Permissions;
return BusinessMetaLayer.SetStaffPassword(staff, GetSHAHash(password));
}
public FormAddAppointment(DateTime date, TimeSpan startTime, TimeSpan endTime, Staff staff)
{
InitializeComponent();
_adminController = new AdminController();
// Set the appointment details
_staff = staff;
_startDate = date.Add(startTime);
_endDate = date.Add(endTime);
// Add the event handle for the find patient control
patientSearch.PatientSelected += SelectPatient;
// Pass the admin controller to the patient search
patientSearch.AdminController = _adminController;
RefreshForm();
}
public void TestStaffAvailability()
{
// Arrange
ManagementController managerController = new ManagementController();
Staff newStaff = new Staff();
newStaff.StaffID = 1;
List<Appointment> expected = new List<Appointment>();
expected.Add(new Appointment());
expected[0].AppointmentID = 1;
expected[0].PatientID = 1;
expected[0].StaffID = 1;
expected[0].StartDate = new DateTime(2000, 1, 1, 9, 0, 0);
expected[0].EndDate = new DateTime(2000, 1, 1, 9, 15, 0);
// Act
newStaff.Appointments = managerController.GetStaffAvailability(newStaff, new DateTime(2000, 1, 1));
// Assert
CollectionAssert.AreEqual(expected, newStaff.Appointments);
}
// Add a new member of staff based on user entered data
public bool AddStaff(int staffID, String firstName,
String lastName,
String addressLine1,
String addressLine2,
String city,
String county,
String postCode,
DateTime dateOfBirth,
String emailAddress,
PersonGender gender,
String maritalStatus,
String telephoneNumber,
PermissionsFlag permissions,
String password)
{
// Create a new member of staff with all of their details
Staff newStaff = new Staff();
newStaff.StaffID = staffID;
newStaff.FirstName = EncodeMySql(firstName);
newStaff.LastName = EncodeMySql(lastName);
newStaff.AddressLine1 = EncodeMySql(addressLine1);
newStaff.AddressLine2 = EncodeMySql(addressLine2);
newStaff.City = EncodeMySql(city);
newStaff.County = EncodeMySql(county);
newStaff.PostCode = EncodeMySql(postCode);
newStaff.DateOfBirth = dateOfBirth;
newStaff.EmailAddress = EncodeMySql(emailAddress);
newStaff.TelephoneNumber = EncodeMySql(telephoneNumber);
newStaff.MaritalStatus = EncodeMySql(maritalStatus);
newStaff.Gender = gender;
newStaff.Permissions = permissions;
SavePasswordFile(newStaff, password);
return BusinessMetaLayer.AddStaffDetails(newStaff, GetSHAHash(password));
}
public void TestAddAppointmentDoesntExist()
{
// Arrange
AdminController adminController = new AdminController();
// Create basic a staff
Staff staff = new Staff();
staff.StaffID = 1;
// Create a basic patient
Patient patient = new Patient();
patient.PatientID = 1;
// Expected result
bool expected = true;
// Need to clear the appointments table
// Act
bool actual = adminController.AddAppointment(new DateTime(2002, 1, 1, 9, 0, 0), new DateTime(2002, 1, 1, 9, 15, 0), staff, patient);
// Assert
Assert.AreEqual(expected, actual);
}
// Update a staff password and unflag for change
public static bool SetStaffPassword(Staff staff, string password)
{
Database db = Database.Instance();
if (db.OpenConnection())
{
if (StaffExists(staff))
{
// Build the query string
String newPatientQuery;
// Create the query string to be inserted
newPatientQuery = "UPDATE stafflogin SET password='******', resetFlag=0 " +
"WHERE staffID=" + staff.StaffID + ";";
// Insert the entry into the database
db.Update(newPatientQuery);
// Close the connection
db.CloseConnection();
return true;
}
db.CloseConnection();
}
return false;
}
// Check if a staff member already exists in the database
public static bool StaffExists(Staff staff)
{
Database db = Database.Instance();
String sqlFormattedDate = staff.DateOfBirth.Date.ToString("yyyy-MM-dd HH:mm:ss");
// Check the number of rows that are returned
int numRows = db.Count("SELECT COUNT(*) FROM staff WHERE firstName='" + staff.FirstName +
"'and lastName='" + staff.LastName +
"'and DoB='" + sqlFormattedDate +
"'and gender='" + (int)staff.Gender +
"'and telNo='" + staff.TelephoneNumber +
"'and email='" + staff.EmailAddress +
"'and addressLine1='" + staff.AddressLine1 +
"'and addressLine2='" + staff.AddressLine2 +
"'and city='" + staff.City +
"'and county='" + staff.County +
"'and postCode='" + staff.PostCode +
"'and maritalStatus='" + staff.MaritalStatus + "';");
// If a user exists and there's one row
if (numRows > 0)
{
// The person exists already
return true;
}
return false;
}
public void SavePasswordFile(Staff staff, string password)
{
using (StreamWriter fs = new StreamWriter(staff.StaffID + " temp password.txt"))
{
fs.WriteLine("ID: " + staff.StaffID);
fs.WriteLine("Password: " + password);
}
}
// Query the meta layer for a staff's appointment
public List<Appointment> GetStaffAvailability(Staff staff, DateTime date)
{
return BusinessMetaLayer.GetStaffAvailability(staff, date);
}
// Get all of the details of a staff based on search criteria
public static List<Staff> GetStaffDetails(List<String> queryStrings)
{
Database db = Database.Instance();
List<Staff> staffList = new List<Staff>();
// Open the connection
if (db.OpenConnection())
{
if (queryStrings.Count > 0)
{
String query = "";
for (int i = 0; i < queryStrings.Count; ++i)
{
query += queryStrings[i];
if (i != queryStrings.Count - 1) query += " AND ";
}
DbDataReader dr;
dr = db.Select("SELECT * FROM staff WHERE " + query + ";");
// Create the staff data
//Read the data and store them in the list
while (dr.Read())
{
Staff matchedStaff = new Staff();
matchedStaff.StaffID = dr.GetInt32(0);
matchedStaff.FirstName = dr.GetString(1);
matchedStaff.LastName = dr.GetString(2);
matchedStaff.DateOfBirth = dr.GetDateTime(3);
matchedStaff.Gender = (PersonGender)dr.GetInt32(4);
matchedStaff.TelephoneNumber = dr.GetString(5);
matchedStaff.EmailAddress = dr.GetString(6);
matchedStaff.AddressLine1 = dr.GetString(7);
matchedStaff.AddressLine2 = dr.GetString(8);
matchedStaff.City = dr.GetString(9);
matchedStaff.County = dr.GetString(10);
matchedStaff.PostCode = dr.GetString(11);
matchedStaff.MaritalStatus = dr.GetString(12);
matchedStaff.Permissions = (PermissionsFlag)dr.GetInt32(13);
staffList.Add(matchedStaff);
}
//close Data Reader
dr.Close();
}
db.CloseConnection();
}
// Return the newly created patient instance
return staffList;
}
// Get a list of staff members at work on a set day
public static List<Staff> CheckOnDutyStaff(DateTime date)
{
Database db = Database.Instance();
List<Staff> _onDutyStaff = new List<Staff>();
if (db.OpenConnection())
{
String query;
String sqlFormattedDate = date.Date.ToString("yyyy-MM-dd HH:mm:ss");
query = "SELECT s.* " +
"FROM staff s " +
"LEFT OUTER JOIN " +
"(SELECT * " +
"FROM absence a " +
"WHERE '" + sqlFormattedDate + "' BETWEEN a.startDate AND a.endDate) y " +
"ON s.staffID=y.staffID WHERE y.staffID IS NULL AND (s.role=" + (int)PermissionsFlag.Doctor + " OR s.role=" + (int)PermissionsFlag.Nurse + ");";
DbDataReader dr = db.Select(query);
// Create the staff data
//Read the data and store them in the list
while (dr.Read())
{
Staff newStaff = new Staff();
newStaff.StaffID = dr.GetInt32(0);
newStaff.FirstName = dr.GetString(1);
newStaff.LastName = dr.GetString(2);
newStaff.DateOfBirth = dr.GetDateTime(3);
newStaff.Gender = (PersonGender)dr.GetInt32(4);
newStaff.TelephoneNumber = dr.GetString(5);
newStaff.EmailAddress = dr.GetString(6);
newStaff.AddressLine1 = dr.GetString(7);
newStaff.AddressLine2 = dr.GetString(8);
newStaff.City = dr.GetString(9);
newStaff.County = dr.GetString(10);
newStaff.PostCode = dr.GetString(11);
newStaff.MaritalStatus = dr.GetString(12);
newStaff.Permissions = (PermissionsFlag)dr.GetInt32(13);
_onDutyStaff.Add(newStaff);
}
dr.Close();
db.CloseConnection();
}
return _onDutyStaff;
}
private void SelectStaff(object sender, DataGridViewCellEventArgs e)
{
if (e.RowIndex > -1)
{
_selectedIndex = e.RowIndex;
_foundStaff = staffSearch.Staff[_selectedIndex];
_foundStaff.Appointments = _adminController.GetStaffAppointments(_foundStaff.StaffID);
foreach (Appointment a in _foundStaff.Appointments)
{
a.Patient = BusinessMetaLayer.GetPatientDetails(a.PatientID);
a.Staff = _foundStaff;
}
firstNameTxt.ReadOnly = true;
lastNameTxt.ReadOnly = true;
genderCmb.Enabled = false;
dobTxt.ReadOnly = true;
statusTxt.ReadOnly = true;
telTxt.ReadOnly = true;
address1Txt.ReadOnly = true;
address2Txt.ReadOnly = true;
cityTxt.ReadOnly = true;
countyTxt.ReadOnly = true;
postCodeTxt.ReadOnly = true;
emailTxt.ReadOnly = true;
saveBtn.Enabled = false;
BindingSource appointmentBinding = appointmentBindingSource;
appointmentBinding.DataSource = _foundStaff.Appointments;
dataGridView1.DataSource = appointmentBinding;
dataGridView1.Refresh();
}
RefreshForm();
}
// Get a list of appointments for a member of staff on a set day
public static List<Appointment> GetStaffAvailability(Staff staff, DateTime date)
{
Database db = Database.Instance();
List<Appointment> _appointments = new List<Appointment>();
if (db.OpenConnection())
{
String query;
String sqlFormattedDate = date.Date.ToString("yyyy-MM-dd HH:mm:ss");
query = "SELECT apps.* FROM appointments apps " +
"INNER JOIN staff s " +
"ON s.staffID=apps.staffID " +
"WHERE s.staffID=" + staff.StaffID + " AND (s.role=" + (int)PermissionsFlag.Doctor + " OR s.role=" + (int) PermissionsFlag.Nurse + ") AND date(apps.date)='" + sqlFormattedDate + "';";
DbDataReader dr = db.Select(query);
// Create the staff data
// Read the data and store them in the list
while (dr.Read())
{
Appointment newAppointment = new Appointment();
newAppointment.AppointmentID = dr.GetInt32(0);
newAppointment.PatientID = dr.GetInt32(1);
newAppointment.StaffID = dr.GetInt32(2);
newAppointment.StartDate = dr.GetDateTime(3);
newAppointment.EndDate = dr.GetDateTime(4);
newAppointment.AppointmentNotes = dr.IsDBNull(5) ? "" : dr.GetString(5);
_appointments.Add(newAppointment);
}
dr.Close();
db.CloseConnection();
}
return _appointments;
}
// Update the details of a member of staff
public static bool ModifyStaffDetails(Staff oldStaff, Staff staff)
{
Database db = Database.Instance();
if (db.OpenConnection())
{
if (StaffExists(oldStaff))
{
// Build the query string
String newPatientQuery;
String sqlFormattedDate = staff.DateOfBirth.Date.ToString("yyyy-MM-dd HH:mm:ss");
// Create the query string to be inserted
newPatientQuery = "UPDATE staff SET firstName='" + staff.FirstName +
"', lastName='" + staff.LastName +
"', DoB='" + sqlFormattedDate +
"', gender='" + (int)staff.Gender +
"', telNo='" + staff.TelephoneNumber +
"', email='" + staff.EmailAddress +
"', addressLine1='" + staff.AddressLine1 +
"', addressLine2='" + staff.AddressLine2 +
"', city='" + staff.City +
"', county='" + staff.County +
"', postCode='" + staff.PostCode +
"', maritalStatus='" + staff.MaritalStatus + "' WHERE staffID=" + staff.StaffID + ";";
// Insert the entry into the database
db.Update(newPatientQuery);
// Close the connection
db.CloseConnection();
return true;
}
db.CloseConnection();
}
return false;
}
// Return a member of staff and all of the details associated with it (includes login information)
public static Staff GetStaffDetails(int staffID)
{
Database db = Database.Instance();
Staff matchedStaff = new Staff();
// Open the connection
if (db.OpenConnection())
{
// Access the stafflogin table, get the appropriate record and then join to the staff details table
DbDataReader dr = db.Select("SELECT staff.*, stafflogin.resetFlag FROM staff INNER JOIN stafflogin ON staff.staffID=stafflogin.staffID " +
"WHERE staff.staffID='" + staffID.ToString() + "';");
// Create the staff data
//Read the data and store them in the list
while (dr.Read())
{
matchedStaff.StaffID = dr.GetInt32(0);
matchedStaff.FirstName = dr.GetString(1);
matchedStaff.LastName = dr.GetString(2);
matchedStaff.DateOfBirth = dr.GetDateTime(3);
matchedStaff.Gender = (PersonGender) dr.GetInt32(4);
matchedStaff.TelephoneNumber = dr.GetString(5);
matchedStaff.EmailAddress = dr.GetString(6);
matchedStaff.AddressLine1 = dr.GetString(7);
matchedStaff.AddressLine2 = dr.GetString(8);
matchedStaff.City = dr.GetString(9);
matchedStaff.County = dr.GetString(10);
matchedStaff.PostCode = dr.GetString(11);
matchedStaff.MaritalStatus = dr.GetString(12);
matchedStaff.Permissions = (PermissionsFlag)dr.GetInt32(13);
matchedStaff.ResetPasswordFlag = dr.GetBoolean(14);
}
//close Data Reader
dr.Close();
db.CloseConnection();
}
// Return the newly created staff instance
return matchedStaff;
}
public void TestGetStaffAbsences()
{
// Arrange
ManagementController controller = new ManagementController();
Staff expectedStaff = new Staff();
expectedStaff.Absences = new List<Absence>();
expectedStaff.Absences.Add(new Absence());
expectedStaff.Absences[0].StaffID = 1;
expectedStaff.Absences[0].AbsenceType = AbsenceType.Holiday;
expectedStaff.Absences[0].StartDate = new DateTime(2013, 12, 25);
expectedStaff.Absences[0].EndDate = new DateTime(2013, 12, 26);
// Act
Staff actualPatient = new Staff();
actualPatient.Absences = controller.GetStaffAbsences(1);
// Assert
CollectionAssert.AreEqual(expectedStaff.Absences, actualPatient.Absences);
}
// Store the new staff member in the database
public static bool AddStaffDetails(Staff newStaff, String password)
{
Database db = Database.Instance();
if (db.OpenConnection())
{
// Check if the user details currently exist
if (!StaffExists(newStaff))
{
// Build the query string
String newStaffQuery, newStaffLoginQuery;
String sqlFormattedDate = newStaff.DateOfBirth.Date.ToString("yyyy-MM-dd HH:mm:ss");
// Create the query string to be inserted
newStaffQuery = "INSERT INTO staff VALUES(NULL, '" + newStaff.FirstName + "'," +
"'" + newStaff.LastName + "'," +
"'" + sqlFormattedDate + "'," +
"'" + (int)newStaff.Gender + "'," +
"'" + newStaff.TelephoneNumber + "'," +
"'" + newStaff.EmailAddress + "'," +
"'" + newStaff.AddressLine1 + "'," +
"'" + newStaff.AddressLine2 + "'," +
"'" + newStaff.City + "'," +
"'" + newStaff.County + "'," +
"'" + newStaff.PostCode + "'," +
"'" + newStaff.MaritalStatus + "', " +
(int)newStaff.Permissions +
"); SELECT @@IDENTITY;";
// Insert the entry into the database and return the new staffID
int staffID = db.InsertScalar(newStaffQuery);
// Insert the entry into the login table with the new staffID
newStaffLoginQuery = "INSERT INTO staffLogin VALUES(" + staffID + ",'" + password + "', 1);";
db.Insert(newStaffLoginQuery);
// Close the connection
db.CloseConnection();
return true;
}
db.CloseConnection();
}
return false;
}
public void TestGetStaffAppointmentsSuccess()
{
// Arrange
AdminController adminController = new AdminController();
Staff staff = new Staff();
staff.Appointments = new List<Appointment>();
staff.Appointments.Add(new Appointment());
staff.Appointments[0].AppointmentID = 1;
staff.Appointments[0].PatientID = 1;
staff.Appointments[0].StaffID = 1;
staff.Appointments[0].StartDate = new DateTime(2000, 01, 01, 9, 0, 0);
staff.Appointments[0].EndDate = new DateTime(2000, 01, 01, 9, 15, 0);
Staff actualStaff = new Staff();
// Act
actualStaff.Appointments = adminController.GetStaffAppointments(1);
// Assert
CollectionAssert.AreEqual(staff.Appointments, actualStaff.Appointments);
}