public static string adminUpdateUserInfo(CustomDBUser user) { try { string updateUserStatement = "UPDATE AspNetUsers SET Email = @Email, PhoneNumber = @Phone WHERE Id=@UserId"; string updateRoleStatement = "UPDATE AspNetUserRoles SET RoleId = @Role WHERE UserId = @UserId"; using (SqlConnection sqlConn = new SqlConnection(connectionString)) { sqlConn.Open(); SqlCommand cmd = new SqlCommand(updateUserStatement, sqlConn); cmd.Parameters.Add("@Email", SqlDbType.NChar).Value = user.Email; cmd.Parameters.Add("@Phone", SqlDbType.NChar).Value = user.Phone; cmd.Parameters.Add("@UserId", SqlDbType.NChar).Value = user.ID; cmd.ExecuteReader(); SqlCommand cmd1 = new SqlCommand(updateRoleStatement, sqlConn); cmd1.Parameters.Add("@Role", SqlDbType.NChar).Value = user.CurrentRole.ID; cmd1.Parameters.Add("@UserId", SqlDbType.NChar).Value = user.ID; cmd1.ExecuteReader(); } return("success"); } catch (SqlException e) { return(e.ToString()); } }
public ActionResult UserInfo(string userID) { var user = UserManager.FindById(userID); var roles = SQLController.adminListRoles(); CustomDBUser userInfo = SQLController.adminGetUserInfo(userID); ViewData.Add("user", userInfo); ViewData.Add("roles", roles); ViewData.Add("portfolios", _PortfolioRepository.GetPortfolios(user.CustomerID)); return(PartialView("_PartialUserInfo", userInfo)); }
public string UpdateUser(CustomDBUser userInfo) { string success = SQLController.adminUpdateUserInfo(userInfo); return(JsonConvert.SerializeObject(success)); }