public bool isValid()
{
bool RValue = true;
lstValidation.Clear();
if (string.IsNullOrWhiteSpace(TypeOfUser))
{
lstValidation.Add(new Validation()
{
Name = nameof(TypeOfUser), Message = string.Format(Message.BLL.Required_Data, nameof(TypeOfUser))
});
RValue = false;
}
else if (toList.Where(x => x.TypeOfUser.ToLower() == TypeOfUser.ToLower() && x.Id != Id).Count() > 0)
{
lstValidation.Add(new Validation()
{
Name = nameof(TypeOfUser), Message = string.Format(Message.BLL.Existing_Data, TypeOfUser)
});
RValue = false;
}
return(RValue);
}
public async Task <IActionResult> Create([Bind("TypeOfUserId,TypeOfUserName")] TypeOfUser typeOfUsers)
{
/*Check Session */
var page = "48";
var typeofuser = "";
var PermisionAction = "";
// CheckSession
if (string.IsNullOrEmpty(HttpContext.Session.GetString("Username")))
{
Alert("คุณไม่มีสิทธิ์ใช้งานหน้าดังกล่าว", NotificationType.error);
return(RedirectToAction("Index", "Home"));
}
else
{
typeofuser = HttpContext.Session.GetString("TypeOfUserId");
PermisionAction = HttpContext.Session.GetString("PermisionAction");
if (PermisionHelper.CheckPermision(typeofuser, PermisionAction, page) == false)
{
Alert("คุณไม่มีสิทธิ์ใช้งานหน้าดังกล่าว", NotificationType.error);
return(RedirectToAction("Index", "Home"));
}
}
/*Check Session */
if (ModelState.IsValid)
{
_context.Add(typeOfUsers);
await _context.SaveChangesAsync();
return(RedirectToAction(nameof(Index)));
}
return(View(typeOfUsers));
}
public async Task <IActionResult> Edit(int id, [Bind("TypeOfUserId,TypeOfUserName")] TypeOfUser typeOfUser)
{
if (id != typeOfUser.TypeOfUserId)
{
return(NotFound());
}
if (ModelState.IsValid)
{
try
{
_context.Update(typeOfUser);
await _context.SaveChangesAsync();
}
catch (DbUpdateConcurrencyException)
{
if (!TypeOfUserExists(typeOfUser.TypeOfUserId))
{
return(NotFound());
}
else
{
throw;
}
}
return(RedirectToAction(nameof(Index)));
}
return(View(typeOfUser));
}
public User(string firstName, string lastName, string email, TypeOfUser typeOfUser, string phone, string password, string branch)
{
FirstName = firstName;
LastName = lastName;
Email = email;
TypeOfUser = typeOfUser;
Phone = phone;
Password = password;
Branch = branch;
}
public IHttpActionResult GetTypeOfUser([FromUri] int id)
{
TypeOfUser typeOfUser = db.TypeOfUsers.Find(id);
if (typeOfUser == null)
{
return(NotFound());
}
return(Ok(typeOfUser));
}
public async Task <IActionResult> Create([Bind("TypeOfUserId,TypeOfUserName")] TypeOfUser typeOfUser)
{
if (ModelState.IsValid)
{
_context.Add(typeOfUser);
await _context.SaveChangesAsync();
return(RedirectToAction(nameof(Index)));
}
return(View(typeOfUser));
}
/// <summary>
/// Populates a <see cref="UserData"/> using email
/// as the key.
/// </summary>
/// <param name="userData">A <see cref="UserData"/> to populate and return.</param>
/// <param name="email">The email used to find the particular user.</param>
/// <returns></returns>
public bool GetUserData(out UserData userData, string email)
{
userData = new UserData();
try
{
SqlCommand cmd = new SqlCommand("SELECT * FROM [USER] WHERE Email=@Email", this.Connection);
cmd.Parameters.AddWithValue("@Email", email);
cmd.ExecuteScalar();
using (SqlDataReader reader = cmd.ExecuteReader())
{
if (reader.Read())
{
userData.FirstName = reader.GetString(0);
userData.LastName = reader.GetString(1);
userData.PhoneNumber = reader.GetString(2);
userData.Email = reader.GetString(3);
userData.Password = reader.GetString(4);
userData.SecurityQuestion = reader.GetString(5);
userData.SecurityQuestionAnswer = reader.GetString(6);
if (int.TryParse(reader.GetString(7), out int i))
{
bool b = (i == 1) ? true : false;
userData.IsLight = b;
}
UserSkill skill = (UserSkill)int.Parse(reader.GetString(8));
TypeOfUser type = (TypeOfUser)int.Parse(reader.GetString(9));
userData.IsAdvanced = skill;
userData.UserType = type;
// if it reads another comma.
if (reader.Read())
{
return(false);
}
}
}
}
catch
{
return(false);
}
return(true);
}
public async Task <IActionResult> Edit([Bind("TypeOfUserId,TypeOfUserName")] TypeOfUser typeOfUsers)
{
/*Check Session */
var page = "49";
var typeofuser = "";
var PermisionAction = "";
// CheckSession
if (string.IsNullOrEmpty(HttpContext.Session.GetString("Username")))
{
Alert("คุณไม่มีสิทธิ์ใช้งานหน้าดังกล่าว", NotificationType.error);
return(RedirectToAction("Index", "Home"));
}
else
{
typeofuser = HttpContext.Session.GetString("TypeOfUserId");
PermisionAction = HttpContext.Session.GetString("PermisionAction");
if (PermisionHelper.CheckPermision(typeofuser, PermisionAction, page) == false)
{
Alert("คุณไม่มีสิทธิ์ใช้งานหน้าดังกล่าว", NotificationType.error);
return(RedirectToAction("Index", "Home"));
}
}
/*Check Session */
if (ModelState.IsValid)
{
try
{
_context.Update(typeOfUsers);
await _context.SaveChangesAsync();
}
catch (DbUpdateConcurrencyException)
{
if (!TypeOfUserExists(typeOfUsers.TypeOfUserId))
{
return(NotFound());
}
else
{
throw;
}
}
return(RedirectToAction(nameof(Index)));
}
return(RedirectToAction("Index", "Home"));
}
///
/// <param name="userType">Type of user</param>
/// <param name="reqType">Type of request</param>
public static bool CheckAccess(TypeOfUser userType, TypeOfRequest reqType)
{
if (reqType == TypeOfRequest.addInfo && userType == TypeOfUser.administrator)
{
return(true);
}
if (reqType == TypeOfRequest.updateInfo && userType == TypeOfUser.university_worker)
{
return(true);
}
if (reqType == TypeOfRequest.getInfo)
{
return(true);
}
return(false);
}
public string View()
{
var result = string.Empty;
var allGames = new StringBuilder();
var counter = 0;
var lastCounter = 0;
foreach (var game in AllGames)
{
if (counter == 0)
{
allGames.Append(@"<div class=""card-group"">");
}
else if (counter == 2)
{
allGames.Append($@"<div class=""card col-4 thumbnail""> <img class=""card-image-top img-fluid img-thumbnail"" onerror=""this.src='{game.Thumbnail}';"" src=""{game.Thumbnail}""> <div class=""card-body""> <h4 class=""card-title"">{game.Title}</h4> <p class=""card-text""><strong>Price</strong> - {game.Price}€</p> <p class=""card-text""><strong>Size</strong> - {game.Size} GB</p> <p class=""card-text"">{game.Description}.</p> </div> <div class=""card-footer""> <a class=""card-button btn btn-outline-primary"" name=""info"" href=""#"">Info</a> <a class=""card-button btn btn-primary"" name=""buy"" href=""#"">Buy</a> </div> </div> ");
allGames.Append(@"</div>");
counter = 0;
continue;
}
allGames.Append($@"<div class=""card col-4 thumbnail""> <img class=""card-image-top img-fluid img-thumbnail"" onerror=""this.src='{game.Thumbnail}';"" src=""{game.Thumbnail}""> <div class=""card-body""> <h4 class=""card-title"">{game.Title}</h4> <p class=""card-text""><strong>Price</strong> - {game.Price}€</p> <p class=""card-text""><strong>Size</strong> - {game.Size} GB</p> <p class=""card-text"">{game.Description}.</p> </div> <div class=""card-footer""> <a class=""card-button btn btn-outline-primary"" name=""info"" href=""#"">Info</a> <a class=""card-button btn btn-primary"" name=""buy"" href=""#"">Buy</a> </div> </div> ");
counter++;
}
if (TypeOfUser.Equals("guest"))
{
result = File.ReadAllText(@".\GameApplication\Resources\guest-home.html");
result = result.Replace("<!--Games-->", allGames.ToString());
}
else if (TypeOfUser.Equals("logged-user"))
{
result = File.ReadAllText(@".\GameApplication\Resources\user-home.html");
result = result.Replace("<!--Games-->", allGames.ToString());
}
else if (TypeOfUser.Equals("logged-admin"))
{
result = File.ReadAllText(@".\GameApplication\Resources\admin-home.html");
result = result.Replace("<!--Games-->", allGames.ToString());
}
return(result);
}
public ObservableCollection <User> GetAll()
{
ObservableCollection <User> users = new ObservableCollection <User>();
string commandText = @"SELECT * FROM [User] WHERE Deleted = 0";
using (con = new SqlConnection(ConfigurationManager.ConnectionStrings["FurnitureStore"].ConnectionString))
{
con.Open();
SqlCommand command = con.CreateCommand();
command.CommandText = commandText;
SqlDataReader dataReader = command.ExecuteReader();
while (dataReader.Read())
{
string name = (string)dataReader["Name"];
string surname = (string)dataReader["Surname"];
string username = (string)dataReader["Username"];
string password = (string)dataReader["Password"];
TypeOfUser userType = (TypeOfUser)((int)(byte)dataReader["UserType"]);
bool deleted = (bool)dataReader["Deleted"];
users.Add(new User()
{
Name = name,
Surname = surname,
Username = username,
Password = password,
UserType = userType,
Deleted = deleted
});
}
dataReader.Close();
}
return(users);
}
public User GetByUsername(string username)
{
string commandText = @"SELECT * FROM [User] WHERE Deleted = 0 AND Username = @Username";
using (con = new SqlConnection(ConfigurationManager.ConnectionStrings["FurnitureStore"].ConnectionString))
{
con.Open();
SqlCommand command = con.CreateCommand();
command.CommandText = commandText;
command.Parameters.Add(new SqlParameter("@Username", username));
using (SqlDataReader dataReader = command.ExecuteReader())
{
if (dataReader.Read())
{
string name = (string)dataReader["Name"];
string surname = (string)dataReader["Surname"];
string password = (string)dataReader["Password"];
TypeOfUser userType = (TypeOfUser)((int)(byte)dataReader["UserType"]);
bool deleted = (bool)dataReader["Deleted"];
return(new User()
{
Name = name,
Surname = surname,
Username = username,
Password = password,
UserType = userType,
Deleted = deleted
});
}
return(null);
}
}
}
public User(string login, string password, int type)
{
Login = login;
Password = password;
Type = (TypeOfUser)Enum.GetValues(typeof(TypeOfUser)).GetValue(type - 1);
}
private void ChangeUser()
{
if (_typeOfUser == TypeOfUser.Employee)
{
_typeOfUser = TypeOfUser.Manager;
ChangeTypeUserButtonContent = TravelAgencySystem.Constants.Consts.TYPE_OF_LOGIN_CONTENT_AS_EMPLOYEE;
}
else
{
_typeOfUser = TypeOfUser.Employee;
ChangeTypeUserButtonContent = TravelAgencySystem.Constants.Consts.TYPE_OF_LOGIN_CONTENT_AS_MANAGER;
}
}
/// <summary>
/// This method updates the information for the an existing user
/// </summary>
/// <param name="user"></param>
internal void Change(User user)
{
this.UserName = user.UserName;
this.UserPassword = user.UserPassword;
this.UserType = user.UserType;
}
public UserTypeFilterAttribute(string claim, TypeOfUser value) : base(typeof(UserRoleFilter))
{
Arguments = new object[] { claim, value };
}
public UserRoleFilter(string claim, TypeOfUser value)
{
_claim = claim;
_value = value;
}
public RequiredUserType(TypeOfUser type) => ourType = type;
