/// <summary>
/// Ryan Blake
/// Created: 2015/02/12
/// Method takes in a parameter of newEmployee
/// Database is queried using stored procedure and looks for matching
/// information from the object passed to the method
/// </summary>
/// <remarks>
/// Miguel Santana
/// Updated: 2015/02/26
/// Renamed stored procedure to spInsertEmployee
/// </remarks>
/// <param name="newEmployee">Employee object to add to databse</param>
/// <exception cref="ApplicationException">Exception is thrown if no rows affected were returned</exception>
/// /// <returns>Number of rows affected</returns>
public static int AddEmployee(Employee newEmployee)
{
int rowsAffected = 0;
var conn = DatabaseConnection.GetDatabaseConnection();
var cmdText = "spInsertEmployee";
var cmd = new SqlCommand(cmdText, conn);
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.AddWithValue("@firstName", newEmployee.FirstName);
cmd.Parameters.AddWithValue("@lastName", newEmployee.LastName);
cmd.Parameters.AddWithValue("@empPassword", newEmployee.Password);
cmd.Parameters.AddWithValue("@empLevel", newEmployee.Level);
cmd.Parameters.AddWithValue("@active", newEmployee.Active);
try
{
conn.Open();
rowsAffected = cmd.ExecuteNonQuery();
if (rowsAffected == 0)
{
throw new ApplicationException("There was a problem adding the employee to the database. Please try again.");
}
}
catch (Exception)
{
throw;
}
return rowsAffected;
}
/// <summary>
/// Ryan Blake
/// Created: 2015/02/12
/// Method takes in new and old employee parameters and then submits them to the Data Access Layer method to update the employee record for oldEmploy
/// This will also take the place of a 'Delete' method
/// The user will simply mark the employee inactive which will change the
/// bit value in the table to a 0 to represent false
/// </summary>
/// <remarks>
/// Tony Noel
/// Updated: 2015/04/13
/// Updated to comply with the ResultsEdit class of error codes.
/// </remarks>
/// <param name="oldEmployee">The Employee object containing old information</param>
/// <param name="newEmployee">The Employee object with the new information</param>
/// <exception cref="Exception">EmployeeAccessor method will throw exception to Manager saying that the employee could not be found to edit</exception>
/// <returns>Employee information is updatd in the table and an integer is returned to represent rows affected</returns>
public ResultsEdit EditCurrentEmployee(Employee oldEmployee, Employee newEmployee)
{
try
{
if (oldEmployee.Active && !newEmployee.Active)
{
newEmployee.Password = "";
}
if (!oldEmployee.Active && newEmployee.Active)
{
if (newEmployee.Password == null || string.IsNullOrWhiteSpace(newEmployee.Password))
{
throw new ApplicationException("You must set a password");
}
}
int result = EmployeeAccessor.UpdateEmployee(oldEmployee, newEmployee);
if (result == 1)
{
return ResultsEdit.Success;
}
}
catch (Exception ex)
{
throw ex;
}
return ResultsEdit.DatabaseError;
}
/// <summary>
/// Miguel Santana
/// Created: 2015/02/20
/// Constructs a form with data from employee to update
/// </summary>
/// <param name="employee">Employee to update</param>
/// <param name="readOnly">Make the form ReadOnly.</param>
/// <exception cref="WanderingTurtleException">Occurrs making components readonly</exception>
public AddEmployee(Employee employee, bool readOnly = false)
{
InitializeComponent();
CurrentEmployee = employee;
Title = "Editing Employee: " + CurrentEmployee.GetFullName;
ReloadComboBox();
SetFields();
if (readOnly) { (Content as Panel).MakeReadOnly(BtnCancel); }
}
public string employeeHash(Employee emp, string input)
{
string hash = "";
string salt = ((int)emp.EmployeeID * emp.Level.GetHashCode()).ToString();
SHA256 mySHA256 = SHA256Managed.Create();
byte[] bytes = Encoding.UTF8.GetBytes(input + salt);
var temphash = mySHA256.ComputeHash(bytes);
foreach (byte x in temphash)
{
hash += String.Format("{0:x2}", x);
}
return hash;
}
/// <summary>
/// Ryan Blake
/// Created: 2015/02/12
/// Method takes in newEmployee and passes it as a parameter into the AddEmployee method of the EmployeeAccessor class
/// </summary>
/// <remarks>
/// Tony Noel
/// Updated: 2015/04/13
/// Updated to comply with the ResultsEdit class of error codes.
/// </remarks>
/// <param name="newEmployee">The Employee object containing the new employee information to be added</param>
/// <exception cref="Exception">Exception is thrown if database is not available or new employee cannot be created in the database for any reason</exception>
/// <returns>Success: A ResultsEdit.Success value is returned</returns>
public ResultsEdit AddNewEmployee(Employee newEmployee)
{
try
{
int worked = EmployeeAccessor.AddEmployee(newEmployee);
if (worked == 1)
{
return ResultsEdit.Success;
}
}
catch (Exception ex)
{
throw ex;
}
return ResultsEdit.DatabaseError;
}
/// <summary>
/// Ryan Blake
/// Created: 2015/02/12
/// Method takes in originalEmployee and updatedEmployee
/// the parameters are inserted into the stored procedure and update the
/// information from orignalEmployee with updatedEmployee
/// </summary>
/// <remarks>
/// Miguel Santana
/// Updated: 2015/02/26
/// Renamed stored procedure to spEmployeeUpdate
///
/// Pat Banks
/// Updated: 2015/04/14
/// Renamed stored procedure
/// </remarks>
/// <param name="originalEmployee">Original employee object, should match information stored in database</param>
/// <param name="updatedEmployee">Employee object containing new information to update</param>
/// <exception cref="ApplicationException">Exception is thrown if the original employee object information does not match information stored in database (Concurrency Error)</exception>
/// <returns>Returns number of rows affected</returns>
public static int UpdateEmployee(Employee originalEmployee, Employee updatedEmployee)
{
int rowsAffected = 0;
var conn = DatabaseConnection.GetDatabaseConnection();
var cmdText = "spUpdateEmployee";
var cmd = new SqlCommand(cmdText, conn);
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.AddWithValue("@firstName", updatedEmployee.FirstName);
cmd.Parameters.AddWithValue("@lastName", updatedEmployee.LastName);
cmd.Parameters.AddWithValue("@password", updatedEmployee.Password);
cmd.Parameters.AddWithValue("@level", updatedEmployee.Level);
cmd.Parameters.AddWithValue("@active", updatedEmployee.Active);
cmd.Parameters.AddWithValue("@original_employeeID", originalEmployee.EmployeeID);
cmd.Parameters.AddWithValue("@original_firstName", originalEmployee.FirstName);
cmd.Parameters.AddWithValue("@original_lastName", originalEmployee.LastName);
cmd.Parameters.AddWithValue("@original_level", originalEmployee.Level);
cmd.Parameters.AddWithValue("@original_active", originalEmployee.Active);
try
{
conn.Open();
rowsAffected = cmd.ExecuteNonQuery();
if (rowsAffected == 0)
{
throw new ApplicationException("Employee Update Concurrency Error");
}
}
catch (Exception)
{
throw;
}
return rowsAffected;
}
/// <summary>
/// Arik Chadima
/// Created: 2015/03/03
/// Checks an employee's ID and password against the database.
/// </summary>
/// <param name="employeeId">The employee's unique ID</param>
/// <param name="employeePassword">The employee's password</param>
/// <returns>The employee with the given credentials</returns>
public static Employee GetEmployeeLogin(int employeeId, string employeePassword)
{
var conn = DatabaseConnection.GetDatabaseConnection();
var cmdText = "spSelectEmployeeByIDPassword";
var cmd = new SqlCommand(cmdText, conn);
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.AddWithValue("@employeeId", employeeId);
cmd.Parameters.AddWithValue("@empPassword", employeePassword);
Employee tempEmployee = null;
try
{
conn.Open();
SqlDataReader reader = cmd.ExecuteReader();
if (reader.HasRows)
{
reader.Read();
tempEmployee = new Employee((int)reader.GetValue(0), reader.GetValue(1).ToString(), reader.GetValue(2).ToString(), (int)reader.GetValue(3));
}
else
{
throw new ApplicationException("Invalid User ID or Password.");
}
}
catch (Exception)
{
throw;
}
finally
{
conn.Close();
}
return tempEmployee;
}
/// <summary>
/// Tony Noel
/// Created: 2015/03/27
///
/// Helper class to cleanup or select records from the database for test use only.
/// </summary>
/// <remarks>
/// Updated: 2015/04/10
/// Updated: 2015/05/01
/// Updated: 2015/05/05
///
/// Added new method to get fake EmpID
/// </remarks>
/// <param name="testEmp">The Employee object to be tested with</param>
public static void testEmp(Employee testEmp)
{
//establish connection
SqlConnection conn = DatabaseConnection.GetDatabaseConnection();
//write some query text
string query = "DELETE FROM Employee WHERE firstName = 'Test' AND lastName = 'Passman'";
//create a Sql Command
SqlCommand cmd = new SqlCommand(query, conn);
try
{
//this part must be in the try as it is attempting to establish connection.
//open connection
conn.Open();
//execute the command and capture the results to a SqlDataReader
SqlDataReader reader = cmd.ExecuteReader();
if (reader.HasRows == true)
{
reader.Read();
}
/*else
{
var up = new ApplicationException("Your record could not be made.");
throw up;
}*/
}
catch (Exception)
{
throw;
}
finally
{
conn.Close();
}
}
/// <summary>
/// Miguel Santana
/// Created: 2015/04/18
///
/// Opens employee UI as read only or with edit capability
/// </summary>
/// <param name="selectedItem"></param>
/// <param name="readOnly"></param>
private void OpenEmployee(Employee selectedItem = null, bool readOnly = false)
{
try
{
if (selectedItem == null)
{
if (new AddEmployee().ShowDialog() == false) return;
RefreshEmployeeList();
}
else
{
if (new AddEmployee(selectedItem, readOnly).ShowDialog() == false) return;
if (readOnly) return;
RefreshEmployeeList();
}
}
catch (Exception ex)
{
throw new WanderingTurtleException(this, ex);
}
}
public void EmployeeUpdateEmployeeAccess()
{
//Grabs the fake emp ID
int ID = TestCleanupAccessor.getTestEmp();
//Grabs the entire Employee record from Accessor
Employee orig = EmployeeAccessor.GetEmployee(ID);
//Creates the new employee record with all of the original, changes the active property to false.
Employee newEmp = new Employee(orig.FirstName, orig.LastName, orig.Password, (int)orig.Level, false);
int changed = EmployeeAccessor.UpdateEmployee(orig, newEmp);
//Asserts that the update went through with one row affected.
Assert.AreEqual(1, changed);
}
public void EmployeeAccessTestSetup()
{
//creating new dummy Employee object
testEmp = new Employee(FirstName, LastName, Password, (int)Level, Active);
addEMP();
}
