public ActionResult CreateAccountPermission(AccountPermissionCreateViewModel model)
{
if (ModelState.IsValid)
{
AccountPermission accountPermission = new AccountPermission()
{
permissionID = model.permissionID,
email = model.email,
createDate = DateTime.Now,
};
//admin permissions cannot be added to an account that does not exist on the system
var existingMember = accountDAO.FetchByEmail(model.email);
if (existingMember == null)
{
TempData["errorMessage"] = "This user does not exist in the system";
return(RedirectToAction("AccountPermissionIndex"));
}
//admin permissions cannot be given to a user who has a profile
if (existingMember != null)
{
var profile = profileDAO.fetchByAccountID(existingMember.accountID);
if (profile != null)
{
TempData["errorMessage"] = "This user is a site member. Site members cannot be admin also !.";
return(RedirectToAction("AccountPermissionIndex"));
}
else if (profile == null)
{
//admin permissions cannot be given to a user who is already admin
var existingAdmin = accountPermissionDAO.FetchByEmail(model.email);
if (existingAdmin != null)
{
TempData["errorMessage"] = "This user is already admin. You can change their permission in Admin Users/Change Permission !";
return(RedirectToAction("AccountPermissionIndex"));
}
else if (existingAdmin == null)
{
//adds the admin user to the database
accountPermission.accountID = existingMember.accountID;
accountPermissionDAO.CreateAccountPermission(accountPermission);
alertService.AddAdminUserCreatedAlert(accountPermission); //creates alert for admin news feed
TempData["successMessage"] = "Success. You have created a new admin user !";
return(RedirectToAction("AccountPermissionIndex"));
}
}
}
}
model.Permissions = accountPermissionDAO.FetchAllPermissions();
model.adminUser = true;
return(View(model));
}
public ActionResult CreateAccountPermission()
{
//prevents users from accessing the page if they are not logged in
if (userSession.LoggedIn == false)
{
return(Content("You are not logged in ! Please login to view this page"));
}
//allows only admin users to access this method
Account account = userSession.CurrentUser;
var adminUser = accountPermissionDAO.FetchByEmail(account.email);
if (adminUser == null)
{
return(Content("Only Super Admin users are permitted to view this page"));
}
if (adminUser.Permission.name != "SuperAdmin")
{
return(Content("Only Super Admin users are permitted to view this page"));
}
AccountPermissionCreateViewModel model = new AccountPermissionCreateViewModel(accountPermissionDAO.FetchAllPermissions());
model.Permissions = accountPermissionDAO.FetchAllPermissions();
if (userSession.LoggedIn == true)
{
model.userSession = true;
}
else if (userSession.LoggedIn != true)
{
model.userSession = false;
}
model.loggedInAccount = account;
model.loggedInAccountID = account.accountID;
model.permissionType = adminUser.Permission.name;
model.adminUser = true;
return(View(model));
}
