/* A user's status updates shown when other people are viewing the user's profile.
* This view prevents another user from deleting a user's status update*/
public ActionResult PublicStatusUpdates(int id = 0)
{
//prevents user from accessing their updates if they are not logged in
if (userSession.LoggedIn == false)
{
return(Content("You are not logged in ! Please login to access status updates."));
}
/*
* Fetches account passed in to the browser and fetches the updates for that account.
* If the account doesn't exist an error message is shown to the user and the user is
* redirected back to their homepage based on the type of user they are i.e admin, non-admin etc..
*/
Account _account = GetAccount();
Account account = accountDAO.FetchById(id);
if (account == null)
{
var adminUser = accountPermissionDAO.FetchByEmail(_account.email);
if (adminUser != null)
{
TempData["errorMessage"] = "This user does not exist";
return(RedirectToAction("SiteActivity", "Alert"));
}
else if (adminUser == null)
{
TempData["errorMessage"] = "This user does not exist";
return(RedirectToAction("NewsFeed", "Alert"));
}
}
//lists out the status updates and returns it in a partial view.
List <StatusUpdate> statusUpdates = statusUpdateDAO.FetchStatusUpdatesByAccountID(account.accountID);
return(PartialView(statusUpdates));
}
public ActionResult SendRequest(int id = 0)
{
Account account = userSession.CurrentUser;
var accountToInvite = accountDAO.FetchById(id);
var invitation = friendInvitationDAO.FetchSentInvitation(account, accountToInvite);
if (invitation == null)
{
SendInvitation(accountToInvite);
TempData["successMessage"] = "Network Request has been sent";
}
else if (invitation != null)
{
TempData["errorMessage"] = "There is already a pending invitation between you and this user";
}
return(RedirectToAction("UserProfileHomepage", "Profile", new { id = accountToInvite.accountID }));
}
public ActionResult MyActivity()
{
//prevents users from accessing the page if they are not logged in
if (userSession.LoggedIn == false)
{
return(Content("You are not logged in ! Please login to view this page"));
}
//prevents access from non admin users
Account account = userSession.CurrentUser;
var adminUser = accountPermissionDAO.FetchByEmail(account.email);
if (adminUser == null)
{
return(Content("This page is restricted to admin users."));
}
//fetches the account of the admin user and wraps it into the model
else if (adminUser != null)
{
var _account = accountDAO.FetchById(account.accountID);
ActivityViewModel model = new ActivityViewModel(_account);
if (userSession.LoggedIn == true)
{
model.userSession = true;
}
else if (userSession.LoggedIn == false)
{
model.userSession = false;
}
model.adminUser = true;
model.loggedInAccount = account;
model.loggedInAccountID = account.accountID;
model.permissionType = adminUser.Permission.name;
return(View(model));
}
return(View());
}
//fetches the profile details of a user
public ActionResult ProfileDetails(int id = 0)
{
if (userSession.LoggedIn == false)
{
return(Content("You are not logged in ! Please Login to view this page"));
}
Account account = GetAccount();
Account _account = accountDAO.FetchById(id); //fetches user account by its accountID based on the id passed into this method.
//An error message is shown if a profile does not exist for the account
Profile profile = profileDAO.fetchByAccountID(id);
if (profile == null)
{
return(Content("Sorry that profile does not exist"));
}
//Admin users have a different functionality in the admin controller for viewing user details.
var adminUser = accountPermissionDAO.FetchByEmail(account.email);
if (adminUser != null)
{
TempData["errorMessage"] = "To view a user's details go to User Accounts/View details";
return(RedirectToAction("SiteActivity", "Alert"));
//return Content("To view a user's details go to User Accounts/View details");
}
DetailsViewModel model = new DetailsViewModel(profile);
model.fullName = string.Format("{0} {1}", model.Account.firstName, model.Account.lastName);
model.loggedInAccountID = account.accountID;
model.LoggedInAccount = account;
model.userSession = userSession.LoggedIn;
model.userAccount = _account.accountID;
model.adminUser = false;
return(View(model));
}
public ActionResult Login(LoginViewModel model, string email, string password)
{
model.userSession = false;
if (ModelState.IsValid)
{
email = model.email;
password = model.password.Encrypt(email);
Account account = accountDAO.FetchByEmail(email);
var adminUser = accountPermissionDAO.FetchByEmail(email);
//if there is only one account returned - good
if (account != null)
{
//password matches
if (account.password == password)
{
if (account.emailVerified)
{
userSession.LoggedIn = true;
userSession.Email = email;
userSession.CurrentUser = accountDAO.FetchById(account.accountID);
//redirects users to their appropriate pages
if (adminUser != null)
{
return(RedirectToAction("SiteActivity", "Alert"));
}
else if (adminUser == null)
{
var profile = profileDAO.fetchByAccountID(userSession.CurrentUser.accountID);
if (profile != null)
{
return(RedirectToAction("NewsFeed", "Alert"));
}
else
{
return(RedirectToAction("Create", "Profile"));
}
}
}
//if user attempts to login without verifying theiremail account
else
{
emails.SendEmailAddressVerificationEmail(account.email, account.email);
TempData["errorMessage"] = @"The login information you provided was correct
but your email address has not yet been verified.
We just sent another email verification email to you.
Please follow the instructions in that email.";
}
}
else
{
TempData["errorMessage"] = @"We were unable to log you in with that information!";
return(RedirectToAction("Login", "Account"));
}
}
TempData["errorMessage"] = @"We were unable to log you in with that information!";
return(RedirectToAction("Login", "Account"));
}
return(View(model));
}