Esempio n. 1
0
        public IActionResult AddBank([FromBody] BanksysBank Bank)
        {
            try
            {
                var userType = this.help.GetCurrentUserType(HttpContext);
                if (userType != 1)
                {
                    return(StatusCode(401, "لا تملك الصلاحية لإضافة المصرف"));
                }

                if (Bank == null)
                {
                    return(BadRequest("حذث خطأ في ارسال البيانات الرجاء إعادة الادخال"));
                }

                var userId = this.help.GetCurrentUser(HttpContext);

                if (userId <= 0)
                {
                    return(StatusCode(401, "الرجاء الـتأكد من أنك قمت بتسجيل الدخول"));
                }

                Bank.CreatedBy = userId;
                Bank.CreatedOn = DateTime.Now;
                Bank.Status    = 1;
                db.BanksysBank.Add(Bank);
                db.SaveChanges();

                return(Ok("لقد قمت بتسـجيل بيانات المصرف بنــجاح"));
            }
            catch (Exception e)
            {
                return(StatusCode(500, e.Message));
            }
        }
        public IActionResult AddBank([FromBody] BanksysBranch Branch)
        {
            try
            {
                if (Branch == null)
                {
                    return(BadRequest("حذث خطأ في ارسال البيانات الرجاء إعادة الادخال"));
                }

                var userId = this.help.GetCurrentUser(HttpContext);

                if (userId <= 0)
                {
                    return(StatusCode(401, "الرجاء الـتأكد من أنك قمت بتسجيل الدخول"));
                }

                Branch.CreatedBy = userId;
                Branch.CreatedOn = DateTime.Now;
                Branch.Status    = 1;
                db.BanksysBranch.Add(Branch);
                db.SaveChanges();

                return(Ok("لقد قمت بتسـجيل بيانات الفرع بنــجاح"));
            }
            catch (Exception e)
            {
                return(StatusCode(500, e.Message));
            }
        }
        public async Task <IActionResult> loginUser([FromBody] user loginUser)
        {
            try
            {
                if (loginUser == null)
                {
                    return(NotFound("There is an error in the email or password"));
                }

                //if (!Validation.IsValidEmail(loginUser.Email))
                //{
                //    return BadRequest("Please enter correct email address");
                //}
                if (string.IsNullOrWhiteSpace(loginUser.Email))
                {
                    return(BadRequest("Please enter your Login name"));
                }

                if (string.IsNullOrWhiteSpace(loginUser.Password))
                {
                    return(BadRequest("Please enter your Password"));
                }

                var cUser = (from p in db.BanksysUsers
                             where (p.Email == loginUser.Email || p.LoginName == loginUser.Email) && p.Status != 9
                             select p).SingleOrDefault();

                if (cUser == null)
                {
                    return(NotFound("There is an error in the email or password"));
                }

                if (cUser.UserType != 1 && cUser.UserType != 2 && cUser.UserType != 3)
                {
                    return(BadRequest("You are not authorized to access here"));
                }

                if (cUser.Status == 0)
                {
                    return(BadRequest("Please activate your account first"));
                }
                if (cUser.Status == 2)
                {
                    return(BadRequest("Your are account is suspended"));
                }

                if (!Security.VerifyHash(loginUser.Password, cUser.Password, HashAlgorithms.SHA512))
                {
                    cUser.LoginTryAttempts++;
                    if (cUser.LoginTryAttempts >= 5 && cUser.Status == 1)
                    {
                        cUser.Status = 2;
                    }
                    db.SaveChanges();
                    return(NotFound("There is an error in the email or password"));
                }


                cUser.LoginTryAttempts = 0;
                db.SaveChanges();


                // if he has one permission

                //var branchName = db.Branch.Where(h => h.BranchId == cUser.BranchId).SingleOrDefault();
                //var BankName = db.Bank.Where(h => h.BankId == cUser.).SingleOrDefault().Name;
                //   if (UserBranch.Count()>0)
                //   {



                //}
                //else
                //{
                //    var userInfo = new
                //    {
                //        userId = cUser.UserId,
                //        fullName = cUser.FullName,
                //        userType = cUser.UserType,
                //        LoginName = cUser.LoginName,
                //        DateOfBirth = cUser.DateOfBirth,
                //        Email = cUser.Email,
                //        Gender = cUser.Gender,
                //        Status = cUser.Status,

                //    };
                //}
                // if he has many permission
                const string Issuer = "http://www.sadad.ly";
                var          claims = new List <Claim>();
                claims.Add(new Claim("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/id", cUser.UserId.ToString(), ClaimValueTypes.Integer64, Issuer));
                claims.Add(new Claim(ClaimTypes.Name, cUser.FullName, ClaimValueTypes.String, Issuer));
                claims.Add(new Claim("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/UserType", cUser.UserType.ToString(), ClaimValueTypes.Integer64, Issuer));
                if (cUser.UserType != 1)
                {
                    claims.Add(new Claim("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/BranchId", cUser.BranchId.ToString(), ClaimValueTypes.Integer64, Issuer));
                }


                claims.Add(new Claim("userType", cUser.UserType.ToString(), ClaimValueTypes.Integer32, Issuer));
                var userIdentity = new ClaimsIdentity("thisisasecreteforauth");
                userIdentity.AddClaims(claims);
                var userPrincipal = new ClaimsPrincipal(userIdentity);

                await HttpContext.SignInAsync(
                    CookieAuthenticationDefaults.AuthenticationScheme,
                    userPrincipal,
                    new AuthenticationProperties
                {
                    ExpiresUtc   = DateTime.UtcNow.AddMinutes(20),
                    IsPersistent = true,
                    AllowRefresh = true
                });


                var userInfo = (dynamic)null;
                if (cUser.UserType != 1)
                {
                    var UserBranch = db.BanksysUserBranchs.Where(x => x.UserId == cUser.UserId && x.Status == 1);
                    var branch     = db.BanksysBranch.Where(h => h.BranchId == cUser.BranchId && cUser.Status == 1).SingleOrDefault();
                    var BankName   = db.BanksysBank.Where(h => h.BankId == branch.BankId && cUser.Status == 1).SingleOrDefault();
                    userInfo = new
                    {
                        userId      = cUser.UserId,
                        fullName    = cUser.FullName,
                        userType    = cUser.UserType,
                        LoginName   = cUser.LoginName,
                        DateOfBirth = cUser.DateOfBirth,
                        Email       = cUser.Email,
                        Gender      = cUser.Gender,
                        Status      = cUser.Status,
                        RM          = cUser.RegisterMaker,
                        RC          = cUser.RegisterChecker,
                        CM          = cUser.CashInMaker,
                        CC          = cUser.CashInChecker,
                        BranchId    = cUser.BranchId,
                        BranchName  = cUser.Branch.Name,
                        BankName    = cUser.Branch.Bank.Name,
                        BankId      = cUser.Branch.BankId,
                        UserBranch  = UserBranch.Select(t => new { t.Branch.Name, t.BranchId, t.RegisterMaker, t.RegisterChecker, t.CashInMaker, t.CashInChecker, t.UserBranchId }).ToList()
                    };
                }
                else
                {
                    //var UserBranch = db.UserBranchs.Where(x => x.UserId == cUser.UserId);
                    //var branch = db.Branch.Where(h => h.BranchId == cUser.BranchId).SingleOrDefault();
                    //var BankName = db.Bank.Where(h => h.BankId == branch.BankId).SingleOrDefault();
                    userInfo = new
                    {
                        userId      = cUser.UserId,
                        fullName    = cUser.FullName,
                        userType    = cUser.UserType,
                        LoginName   = cUser.LoginName,
                        DateOfBirth = cUser.DateOfBirth,
                        Email       = cUser.Email,
                        Gender      = cUser.Gender,
                        Status      = cUser.Status,
                        RM          = cUser.RegisterMaker,
                        RC          = cUser.RegisterChecker,
                        CM          = cUser.CashInMaker,
                        CC          = cUser.CashInChecker,
                        BranchId    = -1,
                        BranchName  = -1,
                        BankName    = -1,
                        BankId      = -1,
                        UserBranch  = -1
                    };
                }


                return(Ok(userInfo));
            }
            catch (Exception e)
            {
                return(StatusCode(500, e.Message));
            }
        }
        public IActionResult AddCashIn([FromBody] CashInObj CashInData)
        {
            using (var transaction = db.Database.BeginTransaction())
            {
                try
                {
                    if (CashInData == null)
                    {
                        transaction.Rollback();
                        return(BadRequest("حذث خطأ في ارسال البيانات الرجاء إعادة الادخال"));
                    }

                    var userId = this.help.GetCurrentUser(HttpContext);

                    if (userId <= 0)
                    {
                        transaction.Rollback();
                        return(StatusCode(401, "الرجاء الـتأكد من أنك قمت بتسجيل الدخول"));
                    }

                    var UserType = this.help.GetCurrentUserType(HttpContext);
                    if (UserType == 1)
                    {
                        transaction.Rollback();
                        return(StatusCode(401, "عفوا لايمكن اضافة قيمة نقدية الا عن طريق المصرف"));
                    }


                    CashIn Cash = new CashIn();
                    Cash.Status        = 1;
                    Cash.Refrence      = 3;
                    Cash.Valuedigits   = CashInData.Valuedigits;
                    Cash.DepositType   = 3;
                    Cash.Description   = CashInData.description;
                    Cash.NumInvoiceDep = CashInData.NumInvoiceDep;
                    Cash.PersonalId    = CashInData.PersonalId;
                    //Cash.BankId =(int) db.BanksysBranch.Where(x => x.BranchId == this.help.GetCurrentBranche(HttpContext)).SingleOrDefault().BankId;
                    db.CashIn.Add(Cash);
                    db.SaveChanges();

                    BanksysBankActions BA = new BanksysBankActions();
                    BA.ActionType  = 3;
                    BA.Description = "إنشاء عملية نقدية - تأكيد مبدئي";
                    BA.UserId      = userId;
                    BA.CashInId    = Cash.CashInId;
                    BA.BranchId    = this.help.GetCurrentBranche(HttpContext);
                    BA.UserType    = UserType;
                    BA.ActionDate  = DateTime.Now;
                    db.BanksysBankActions.Add(BA);
                    db.SaveChanges();
                    transaction.Commit();

                    return(Ok("لقد قمت بتسـجيل بيانات العملية النقدية"));
                }
                catch (Exception e)
                {
                    transaction.Rollback();
                    return(StatusCode(500, e.Message));
                }
            }
        }