// GET: Role
public ActionResult Create()
{
// Ensures logged in
if (Session["loggedInState"] == null)
{
return Redirect("/403.html");
}
// Checks if logged in
bool state = (bool)Session["loggedInState"];
if (state == true)
{
// Establishes role model
RoleModel roleModel = new RoleModel();
// Holds the new role
Role newRole = new Role();
// Stored details for the role
newRole.Title = Request.Form[0];
// Adds the object to the database
roleModel.CreateRole(newRole);
// Returns the created role to view
return View(newRole);
}
else
{
// If not logged in
return Redirect("/login.html");
}
}
public int CreateRole(Role r)
{
int ret = 0;
using (connect = new MySqlConnection(_connectionString))
{
connect.Open();
using (MySqlTransaction transaction = connect.BeginTransaction())
{
try
{
string query = "NewRole";
var cmd = new MySqlCommand(query, connect) { CommandType = CommandType.StoredProcedure };
cmd.Parameters.AddWithValue("RoleTile", r.Title);
cmd.Parameters.AddWithValue("AccessLevel", r.AccessLevel);
ret = int.Parse(cmd.ExecuteScalar().ToString());
transaction.Commit();
connect.Close();
}
catch (InvalidOperationException ioException)
{
transaction.Rollback();
connect.Close();
}
}
}
return ret;
}
// Controller for modification of a role
public ActionResult EditRole()
{
// Null handling
if (Session["loggedInState"] == null)
{
return Redirect("/403.html");
}
// Checks if logged in
bool state = (bool)Session["loggedInState"];
if (state == true)
{
// Creates a role placeholder
var role = new Role();
// Setup role edit
role.Id = int.Parse(Request.Form["id"]);
role.Title = Request.Form["title"];
// Establishes role model
var roleModel = new RoleModel();
// Conduct edit
roleModel.EditRole(role);
// Passes back to the view
return Redirect("/Role/");
}
else
{
// If not logged in
return Redirect("/login.html");
}
}
public void EditRole(Role r)
{
using (connect = new MySqlConnection(_connectionString))
{
connect.Open();
using (MySqlTransaction transaction = connect.BeginTransaction())
{
try
{
string query = "EditRole";
var cmd = new MySqlCommand(query, connect) { CommandType = CommandType.StoredProcedure };
cmd.Parameters.AddWithValue("RoleID", r.Id);
cmd.Parameters.AddWithValue("RoleTitle", r.Title);
cmd.Parameters.AddWithValue("AccessLevel", r.AccessLevel);
cmd.ExecuteNonQuery();
transaction.Commit();
connect.Close();
}
catch (InvalidOperationException ioException)
{
transaction.Rollback();
connect.Close();
}
}
}
}
// Function calls main method for getting roles.
public Role SearchRoles(Role r)
{
return SearchRoles(r.Id);
}
// The main method that gets a role from the database.
public Role SearchRoles(int ID)
{
var r = new Role();
using (connect = new MySqlConnection(_connectionString))
{
try
{
string query = "GetRole";
var cmd = new MySqlCommand(query, connect) { CommandType = CommandType.StoredProcedure };
cmd.Parameters.AddWithValue("RoleID", ID);
connect.Open();
var reader = cmd.ExecuteReader();
while (reader.Read())
{
try
{
r.Id = int.Parse(reader["Role_ID"].ToString());
r.Title = reader["Role_Title"].ToString();
r.AccessLevel = reader["Access_Level"].ToString();
}catch(Exception e){}
}
connect.Close();
}
catch (InvalidOperationException ioException)
{
connect.Close();
}
return r;
}
}
public List<Role> ListRoles()
{
var roleList = new List<Role>();
using (connect = new MySqlConnection(_connectionString))
{
try
{
string query = "ListRole";
var cmd = new MySqlCommand(query, connect) { CommandType = CommandType.StoredProcedure };
connect.Open();
var reader = cmd.ExecuteReader();
while (reader.Read())
{
var role = new Role();
role.Id = (int)reader["Role_ID"];
role.Title = reader["Role_Title"].ToString();
role.AccessLevel = reader["Access_Level"].ToString();
roleList.Add(role);
}
connect.Close();
}
catch (InvalidOperationException ioException)
{
connect.Close();
}
return roleList;
}
}