public ActionResult ChangePass(string oldPass, string newPass)
{
oldPass = Common.Md5Hash(oldPass);
newPass = Common.Md5Hash(newPass);
var res = "failed";
var curUser = new UserDto();
var acc = Session["Account"];
if (acc != null)
{
var a = (UserDto)acc;
curUser = a;
if (oldPass == curUser.Password)
{
var userBo = new HelperBo();
curUser.Password = newPass;
var result = userBo.UpdateWhere(tableName, curUser, "ID=" + curUser.ID);
if (result.success)
{
res = result.message;
}
}
}
return(Content(JsonConvert.SerializeObject(new
{
isSuccess = res
}), "application/json"));
}
public ActionResult GetId(int id)
{
var ubo = new HelperBo();
var a = ubo.SelectWhere("*", "users", "ID=" + id.ToString(), null);
return(View(a.data));
}
public ActionResult Add(string NAME, int IS_NEW, int STATUS, int POSITION, int MODULE_ID, string LINKURL)
{
string res = "Failed";
var a = (UserDto)Session["Account"];
var helperBo = new HelperBo();
var resExist = helperBo.IsExistWhere(tableName, "NAME='" + NAME + "'");
var statusVal = STATUS == 1 ? true : false;
var isNewVal = IS_NEW == 1 ? true : false;
if (resExist.message == "0")
{
var dto = new FunctionDto()
{
NAME = NAME,
STATUS = statusVal,
IS_NEW = isNewVal,
POSITION = POSITION,
MODULE_ID = MODULE_ID,
LINKURL = LINKURL,
MODIFIED_BY = Int32.Parse(a.Username),
MODIFIED_AT = DateTime.Now.FormatYYYYMMDD()
};
// not exist
var resultAdd = helperBo.Add(tableName, dto);
if (resultAdd.success == true)
{
res = "success";
}
}
return(Content(JsonConvert.SerializeObject(new
{
isSuccess = res
}), "application/json"));
}
public ActionResult ToggleAllowexport(int id, int idGroup)
{
var helperBo = new HelperBo();
var res = helperBo.IsExistWhere(tableName, "ID_GROUP=" + idGroup + " AND ID_FUNCTION=" + id);
var result = "failed";
if (res.success)
{
// not exist => add new
if (res.message == "0")
{
var g2f = new GroupToFunctionDto()
{
ID_FUNCTION = id,
ID_GROUP = idGroup,
ALLOW_ADD = 0,
ALLOW_DEL = 0,
ALLOW_EDIT = 0,
ALLOW_EXPORT = 1,
ALLOW_VIEW = 0
};
helperBo.Add(tableName, g2f);
}
//exist => update
else
{
helperBo.ToggleWhere(tableName, "ALLOW_EXPORT", "ID_GROUP=" + idGroup + " AND ID_FUNCTION=" + id);
}
result = "success";
}
return(Content(JsonConvert.SerializeObject(new
{
isSuccess = result
}), "application/json"));
}
public ActionResult UpdatePassword(int id, string password)
{
var userBo = new HelperBo();
var UserDto = new UserDto();
var res = userBo.SelectWhere("*", "users", " ID=" + id, null);
if (res.data != null)
{
foreach (var i in res.data)
{
UserDto.ID = i.ID;
UserDto.Name = i.Name;
UserDto.CreatedDate = i.CreatedDate;
UserDto.Username = i.Username;
UserDto.Password = i.Password;
}
}
if (UserDto.Username != null)
{
UserDto.Password = Common.Md5Hash(password);
}
var result = userBo.UpdateWhere("users", UserDto, null);
if (result.success)
{
}
return(Content(JsonConvert.SerializeObject(new
{
isSuccess = result.message
}), "application/json"));
}
/// <summary>
/// Login
/// </summary>
/// <param name="staff"></param>
/// <returns></returns>
public UserDto GetUserByName(UserDto staff)
{
var dbConnection = new DBConnection();
dbConnection.conn.Open();
HelperBo helper = new HelperBo();
var list = new List <ProcedureParams>();
list.Add(new ProcedureParams("@uname", staff.Username, ParameterDirection.Input));
//list.Add(new ProcedureParams("@pword", staff.Password, ParameterDirection.Input));
var result = helper.CallStoreProcedure("Login", list, dbConnection.conn).ExecuteReader();
UserDto staffResult = new UserDto();
if (result.Read())
{
staffResult.ID = (Int32)result["ID"];
staffResult.Name = result["Name"].ToString();
staffResult.Username = result["Username"].ToString();
staffResult.Password = result["Password"].ToString();
staffResult.CreatedDate = result["CreatedDate"].ToString();
}
dbConnection.conn.Close();
return(staffResult);
}
public ActionResult Edit(int id)
{
var helper = new HelperBo();
var res = helper.SelectWhere(null, tableName, "ID=" + id, null);
var userDto = res.data[0];
return(View(userDto));
}
public ActionResult MovePosition(int id, string val)
{
var helperBo = new HelperBo();
var res = helperBo.MovePosition(id.ToString(),tableName, val);
return Content(JsonConvert.SerializeObject(new
{
isSuccess = res
}), "application/json");
}
public ResponseBase <ScheduleReponse> GetScheduleListById(RequestBase request)
{
var response = new ResponseBase <ScheduleReponse>();
var data = JsonConvert.DeserializeObject <ScheduleRequestDto>(request.data.ToString());
data.StaffId = data.StaffId.ToString().Replace(" ", String.Empty).RemoveCharacterUnicode().Trim();
List <ScheduleDto> listData = new List <ScheduleDto>();
var helperBo = new HelperBo();
response.data = new ScheduleReponse();
response.data.data = new List <dynamic>();
var result = new ResponseBase <List <dynamic> >();
var totalCount = new ResponseBase <List <dynamic> >();
if (String.IsNullOrEmpty(data.StaffId))
{
result = helperBo.SelectWhere("*", tableName, null, data.PageIndex + "," + data.PageSize);
totalCount = helperBo.SelectWhere("count(*) as totalrows", tableName, null, null);
}
else
{
result = helperBo.SelectWhere("*", tableName, " StaffId like '%" + data.StaffId + "%'", data.PageIndex + "," + data.PageSize);
totalCount = helperBo.SelectWhere("count(*) as totalrows", tableName, " StaffId like '%" + data.StaffId + "%'", null);
}
if (result.success)
{
var dataReponse = new ScheduleReponse();
response.data = dataReponse;
dataReponse.data = new List <dynamic>();
foreach (var r in result.data)
{
dataReponse.data.Add(r);
}
long countItem = 0;
if (totalCount != null)
{
countItem = totalCount.data[0].totalrows;
}
dataReponse.currentPage = data.PageIndex;
dataReponse.total = countItem;
response.message = "Success";
response.success = true;
return(response);
}
response.message = "No found";
response.success = false;
return(response);
}
public ActionResult MovePosition(int id, string val)
{
var helperBo = new HelperBo();
var res = helperBo.MovePisitionFunction(id, tableName, Int32.Parse(val));
return(Content(JsonConvert.SerializeObject(new
{
isSuccess = res
}), "application/json"));
}
public ActionResult Delete(int id)
{
var helperBo = new HelperBo();
var res = helperBo.DeleteWhere(tableName, "ID=" + id);
return(Content(JsonConvert.SerializeObject(new
{
isSuccess = res
}), "application/json"));
}
public ActionResult Update(int ID, int ID_GROUP, int ID_FUNCTION, int ALLOW_VIEW, int ALLOW_ADD, int ALLOW_EDIT, int ALLOW_DEL, int ALLOW_EXPORT)
{
string res = "Failed";
var groupToFunctionBo = new HelperBo();
if (ID == 0)
{
var obj = new GroupToFunctionDto()
{
ALLOW_VIEW = ALLOW_VIEW,
ALLOW_EXPORT = ALLOW_EXPORT,
ALLOW_EDIT = ALLOW_EDIT,
ALLOW_DEL = ALLOW_DEL,
ALLOW_ADD = ALLOW_ADD,
ID_FUNCTION = ID_FUNCTION,
ID_GROUP = ID_GROUP
};
// not exist
var resultAdd = groupToFunctionBo.Add(tableName, obj);
if (resultAdd.success == true)
{
res = "success";
}
}
else
{
var obj = new GroupToFunctionDto()
{
ALLOW_VIEW = ALLOW_VIEW,
ALLOW_EXPORT = ALLOW_EXPORT,
ALLOW_EDIT = ALLOW_EDIT,
ALLOW_DEL = ALLOW_DEL,
ALLOW_ADD = ALLOW_ADD,
ID_FUNCTION = ID_FUNCTION,
ID_GROUP = ID_GROUP
};
var result = groupToFunctionBo.UpdateWhere(tableName, obj, "ID=" + ID);
if (result.success)
{
res = result.message;
}
else
{
_log.Error("ERROR", result.error.exception);
}
}
return(Content(JsonConvert.SerializeObject(new
{
isSuccess = res
}), "application/json"));
}
//
// GET: /User/
public ActionResult Index()
{
var helperBo = new HelperBo();
var listStatus = helperBo.SelectWhere(null, "documentstatusdetail", null, null);
if (listStatus.success)
{
ViewBag.listStatus = listStatus.data;
}
return(View());
}
public ActionResult GetMaxPosition()
{
var functionBo = new HelperBo();
var res = functionBo.SelectWhere("MODULE_ID,MAX(POSITION) as MPOSITION", tableName, "1=1 GROUP BY MODULE_ID", null);
return(Content(JsonConvert.SerializeObject(new
{
isSuccess = res.success,
data = res.data,
message = res.message
}), "application/json"));
}
//
// GET: /User/
public ActionResult Index()
{
var userBo = new HelperBo();
var listGroup = userBo.SelectWhere(null, "groupusers", null, null);
if (listGroup.success)
{
ViewBag.listGroup = listGroup.data;
}
return(View());
}
public ActionResult ChangeGroup(string group_id, int id)
{
HelperBo helperBo = new HelperBo();
var UserDto = new UserDto();
UserDto.GroupId = group_id;
var resp = helperBo.UpdateWhere(tableName, UserDto, "ID=" + id);
return(Content(JsonConvert.SerializeObject(new
{
data = resp.message
}), "application/json"));
}
public ActionResult LogOn(string username, string password)
{
var isTrue = false;
var passEncrypted = BCrypt.Net.BCrypt.HashPassword(password);
_log.Info("logon");
string result = "";
var user = new HelperBo();
var userDto = new UserDto();
var staffHelperBo = new StaffHelperBo();
userDto.Username = username;
userDto.Password = password;
var resultUser = user.SelectWhere(null, "users", "Username="******"application/json"));
}
var infouser = user.SelectWhere("*", "users", " Username='******' AND GroupId!=4", null);
if (infouser.data != null)
{
var item = infouser.data[0];
userDto.Name = item.Name.ToString();
userDto.Username = item.Username.ToString();
userDto.ID = item.ID;
userDto.CreatedDate = item.CreatedDate.ToString();
userDto.Password = item.Password.ToString();
userDto.GroupId = item.GroupId.ToString();
result = Common.Success;
Common.SetAuthenticationCookie(userDto.ID, username, userDto.Password, true);
Session["Account"] = userDto;
// Trường hợp ko nhớ tài khoản
}
else
{
result = Common.Failed;
}
return(Content(JsonConvert.SerializeObject(new
{
isSuccess = result
}), "application/json"));
}
protected override void Initialize(RequestContext requestContext)
{
base.Initialize(requestContext);
#region init user session
var authCookie = System.Web.HttpContext.Current.Request.Cookies[FormsAuthentication.FormsCookieName];
if (authCookie == null)
{
return;
}
if (Session[ModuleConstant.SessionMySessionUserID] != null &&
Session[ModuleConstant.SessionMySessionUserLoginname] != null &&
Session[ModuleConstant.SessionMySessionUserFullName] != null)
{
return;
}
var encTicket = authCookie.Value;
if (String.IsNullOrEmpty(encTicket))
{
return;
}
var ticket = FormsAuthentication.Decrypt(encTicket);
var id = new UserIdentity(ticket);
var accountBo = new HelperBo();
var member = accountBo.SelectWhere(null, "users", "ID=" + id.Id.ToString(), null);
var UserDto = new UserDto();
if (member.data != null && member.data.Count > 0)
{
UserDto.ID = member.data[0].ID;
string GroupId = member.data[0].GroupId.ToString();
if (GroupId != "")
{
UserDto.GroupId = member.data[0].GroupId;
}
UserDto.CreatedDate = member.data[0].CreatedDate.ToString();
UserDto.Name = member.data[0].Name;
UserDto.Password = member.data[0].Password;
UserDto.Username = member.data[0].Username;
}
string actionName = this.ControllerContext.RouteData.Values["action"].ToString();
string controllerName = this.ControllerContext.RouteData.Values["controller"].ToString();
if (UserDto != null && UserDto.Username != null)
{
Session[ModuleConstant.SessionMySessionUserLoginname] = UserDto.Username;
Session[ModuleConstant.SessionMySessionUserFullName] = UserDto.Username;
Session[ModuleConstant.SessionMySessionUserID] = UserDto;
}
#endregion
}
public ActionResult ToggleStatus(int id)
{
var helperBo = new HelperBo();
var res = helperBo.ToggleWhere(tableName, "Status", "ID=" + id);
var result = "failed";
if (res.success)
{
result = "success";
}
return(Content(JsonConvert.SerializeObject(new
{
isSuccess = result
}), "application/json"));
}
public ActionResult Edit(int id)
{
var helperBo = new HelperBo();
var listStaff = helperBo.SelectWhere(null, "users", null, null);
dynamic list = null;
if (listStaff.success)
{
list = listStaff.data;
}
ViewBag.list = list;
var res = helperBo.SelectWhere(null, tableName, "ID=" + id, null);
var userDto = res.data[0];
return(View(userDto));
}
/// <summary>
/// Add User using UserDto obj
/// </summary>
/// <param name="dto"></param>
/// <returns></returns>
public bool Add(UserDto dto)
{
var dbConnection = new DBConnection();
dbConnection.conn.Open();
var helper = new HelperBo();
var list = new List <ProcedureParams>();
list.Add(new ProcedureParams("@name", dto.Name, ParameterDirection.Input));
list.Add(new ProcedureParams("@staffId", dto.Username, ParameterDirection.Input));
list.Add(new ProcedureParams("@password", dto.Password, ParameterDirection.Input));
list.Add(new ProcedureParams("@result", "", ParameterDirection.Output));
var result = helper.CallStoreProcedure("SignUp", list, dbConnection.conn).ExecuteNonQuery();
dbConnection.conn.Close();
return(result == 1?true:false);
}
/// <summary>
/// Inquiry staff via staffId
/// </summary>
/// <param name="staffId"></param>
/// <returns></returns>
public bool IsExist(String staffId)
{
var dbConnection = new DBConnection();
dbConnection.conn.Open();
HelperBo helper = new HelperBo();
var list = new List <ProcedureParams>();
list.Add(new ProcedureParams("@uname", staffId, ParameterDirection.Input));
var result = helper.CallStoreProcedure("IsExist", list, dbConnection.conn).ExecuteScalar().ToString();
dbConnection.conn.Close();
return(result == "1"?true:false);
}
public ActionResult GetListGroup()
{
HelperBo helperBo = new HelperBo();
var listGroup = helperBo.SelectWhere(null, "groupusers", null, null);
if (listGroup.success)
{
return(Content(JsonConvert.SerializeObject(new
{
data = listGroup.data
}), "application/json"));
}
return(Content(JsonConvert.SerializeObject(new
{
data = String.Empty
}), "application/json"));
}
public ActionResult Add()
{
var helperBo = new HelperBo();
// tìm danh sách khách hàng
var listCustomers = helperBo.SelectWhere(null, "customer", null, null);
var list = new List <CustomerDto>();
if (listCustomers.success && listCustomers.data.Count > 0)
{
// tìm tích kê theo của từng khách hàng
var curDate = DateUtils.FormatYYYYMMDD(DateTime.Now.ToShortDateString());
foreach (var customer in listCustomers.data)
{
var c = new CustomerDto();
c.ID = customer.ID;
c.NAME = customer.NAME;
c.NUMBER_PHONE = customer.NUMBER_PHONE;
c.TYPE = customer.TYPE;
c.AGE = customer.AGE.ToString();
c.ADDRESS = customer.ADDRESS;
var listTichKe = helperBo.SelectWhere(null, "contract", "DATE>='" + curDate + "' and CUSTOMER_ID=" + customer.ID, null);
if (listTichKe.success && listTichKe.data.Count > 0)
{
List <ContractDto> listContract = new List <ContractDto>();
foreach (var contract in listTichKe.data)
{
var Contract = new ContractDto()
{
CUSTOMER_ID = contract.CUSTOMER_ID,
DATE = contract.DATE,
ID = contract.ID,
PRODUCT_ID = contract.PRODUCT_ID,
RATIO = contract.RATIO,
TYPE = contract.TYPE
};
listContract.Add(Contract);
}
c.SetList(listContract);
list.Add(c);
}
}
}
return(View(list));
}
public ActionResult Edit(int id)
{
var helperBo = new HelperBo();
var t = new GroupDto();
var res1 = helperBo.SelectWhere("*", tableName, "ID=" + id, "LIMIT 1");
if (res1.data != null)
{
var res = res1.data[0];
t.ID = res.ID;
t.GroupName = res.data.GroupName;
t.Description = res.data.Description;
t.Status = res.data.Status;
t.ModifiedBy = res.data.ModifiedBy;
t.ModifiedDate = res.data.ModifiedDate;
}
return(View(t));
}
public ActionResult Add()
{
var list = new List <ModuleDto>();
var helperBo = new HelperBo();
var res = helperBo.SelectWhere(null, "module", null, null);
if (res.data != null)
{
foreach (var item in res.data)
{
var dto = new ModuleDto();
dto.ID = item.Id;
dto.Name = item.Name;
list.Add(dto);
}
}
return(View(list));
}
/// <summary>
/// Add User using UserDto obj
/// </summary>
/// <param name="dto"></param>
/// <returns></returns>
public bool Add(CustomerDto dto)
{
var dbConnection = new DBConnection();
dbConnection.conn.Open();
var helper = new HelperBo();
var list = new List <ProcedureParams>();
list.Add(new ProcedureParams("@name", dto.Name, ParameterDirection.Input));
list.Add(new ProcedureParams("@idnumber", dto.IdNumber, ParameterDirection.Input));
list.Add(new ProcedureParams("@staffid", dto.StaffId, ParameterDirection.Input));
list.Add(new ProcedureParams("@CIF", dto.CIF, ParameterDirection.Input));
list.Add(new ProcedureParams("@urlpath", dto.UrlPath, ParameterDirection.Input));
var result = helper.CallStoreProcedure("AddCustomer", list, dbConnection.conn).ExecuteNonQuery();
dbConnection.conn.Close();
return(result == 1 ? true : false);
}
public ActionResult Edit(int id)
{
var list = new List <ModuleDto>();
var helperBo = new HelperBo();
var rest = helperBo.SelectWhere(null, "module", null, null);
if (rest.data != null)
{
var tmp = rest.data[0];
var t1 = new ModuleDto();
t1.ID = tmp.Id;
t1.Name = tmp.Name;
t1.Description = tmp.Description;
t1.Status = tmp.Status == 1 ? true : false;
t1.ModifiedBy = tmp.ModifiedBy;
t1.ModifiedDate = tmp.ModifiedDate.ToString();
t1.position = tmp.position;
t1.Icon = tmp.Icon;
list.Add(t1);
}
else
{
_log.Error("Error", rest.error.exception);
}
ViewBag.listModule = list;
var t = new FunctionDto();
var res2 = helperBo.SelectWhere(null, tableName, "ID=" + id, null);
if (res2.data != null)
{
var res = res2.data[0];
t.ID = res.ID;
t.NAME = res.NAME;
t.MODULE_ID = res.MODULE_ID;
t.STATUS = res.STATUS == 1?true:false;
t.MODIFIED_BY = Int32.Parse(res.MODIFIED_BY);
t.MODIFIED_AT = res.MODIFIED_AT.ToString();
t.POSITION = res.POSITION;
t.IS_NEW = res.IS_NEW == 1?true:false;
t.LINKURL = res.LINKURL;
}
return(View(t));
}
public ActionResult AjaxGetDataPaging(JQueryDataTableParamModel param)
{
var values = JsonConvert.DeserializeObject <Dictionary <string, string> >(param.ExtendCondition);
param.sortColumnIndex = Convert.ToInt32(Request["iSortCol_0"]);
param.sortDirection = Request["sSortDir_0"];
var ID_GROUP = Int32.Parse(values["ID_GROUP"]);
var startDate = Convert.ToDateTime(values["StartDate"]).ToString("yyyy-MM-dd");
var endDate = Convert.ToDateTime(values["EndDate"]).ToString("yyyy-MM-dd");
var helperBo = new HelperBo();
var query = " (ID_GROUP=" + ID_GROUP + ") and gf.ID_GROUP=g.ID and gf.ID_FUNCTION=f.ID order by gf.ID";
var result = helperBo.SelectWhere("g.GROUP_NAME as GNAME,gf.ID,gf.*,f.NAME as FNAME", tableName + " gf,groupusers g,modulefunctions f", query, null);
if (result.message == "error")
{
_log.Error("ERROR:" + result.error.message, result.error.exception);
return(null);
}
else
{
var totalCount = helperBo.SelectWhere("count(*) as totalrows", tableName + " gf,groupusers g,modulefunctions f", query, null);
long countItem = 0;
if (totalCount != null)
{
countItem = totalCount.data[0].totalrows;
}
if (param.sSearch != null)
{
result.data = result.data.Where(x => x.GNAME.Contains(param.sSearch) || x.FNAME.Contains(param.sSearch)).ToList();
;
}
var str = JsonConvert.SerializeObject(new
{
draw = param.sEcho,
recordsTotal = countItem,
recordsFiltered = countItem,
data = result.data,
});
return(Content(str, "application/json"));
}
}
public ActionResult Edit(int ID, string GROUP_NAME, string DESCRIPTION, int STATUS)
{
var a = (UserDto)Session["Account"];
var groupBo = new HelperBo();
var statusVal = STATUS == 1 ? true : false;
var groupDto = new GroupDto()
{
ID = ID,
GroupName = GROUP_NAME,
Description = DESCRIPTION,
Status = statusVal
};
var res = groupBo.UpdateWhere(tableName, groupDto, "ID=" + ID);
return(Content(JsonConvert.SerializeObject(new
{
isSuccess = res
}), "application/json"));
}
