public ActionResult Create(USERTABLEVIEW2 userTableView2)
{
//cek role user
if (Session["userRole"].ToString() != "admin")
{
return(RedirectToAction("Index", "CONTENTTABLEs", new { area = "" }));
}
//cek ketersediaan username
if (db.USERTABLEs.Where(m => m.USERNAME == userTableView2.userName).FirstOrDefault() != null)
{
//username tidak tersedia
ViewBag.USERNAMENOT = "Username exists";
var Results = from r in db.ROLETABLEs
select new
{
r.ROLEID,
r.ROLENAME,
Checked = false
};
var myCheckBoxList = new List <CHECKBOXVIEW>();
foreach (var item in Results)
{
myCheckBoxList.Add(new CHECKBOXVIEW {
Id = item.ROLEID, Name = item.ROLENAME, Checked = item.Checked
});
}
userTableView2.userRole = myCheckBoxList;
return(View(userTableView2));
}
else
{
//username tersedia
//hashing
var hashed_pw = PasswordHelper.ComputeHash(userTableView2.userPassword, "SHA512", GetBytes("my_secret"));
db.USERTABLEs.Add(new USERTABLE()
{
USERNAME = userTableView2.userName, USERPASSWORD = hashed_pw, STATUSID = 1
});
db.SaveChanges();
var newUser = db.USERTABLEs.Where(m => m.USERNAME == userTableView2.userName).Select(m => m.USERID).FirstOrDefault();
//insert role user
foreach (var item in userTableView2.userRole)
{
if (item.Checked)
{
db.USERROLEs.Add(new USERROLE()
{
USERID = newUser, ROLEID = item.Id
});
}
}
db.SaveChanges();
return(RedirectToAction("Index"));
}
}
public ActionResult Create()
{
//cek session login
if (Session["userId"] == null)
{
return(RedirectToAction("Login", "USERTABLEs", new { area = "" }));
}
//cek role user
if (Session["userRole"].ToString() != "admin")
{
return(RedirectToAction("Index", "CONTENTTABLEs", new { area = "" }));
}
USERTABLE uSERTABLE = new USERTABLE();
//masukkan data dari model role ke view model user
var Results = from r in db.ROLETABLEs
select new
{
r.ROLEID,
r.ROLENAME,
Checked = false
};
var myViewModel = new USERTABLEVIEW2();
ViewBag.STATUSID = new SelectList(db.STATUSTABLEs, "STATUSID", "STATUSNAME", uSERTABLE.STATUSID);
var myCheckBoxList = new List <CHECKBOXVIEW>();
foreach (var item in Results)
{
myCheckBoxList.Add(new CHECKBOXVIEW {
Id = item.ROLEID, Name = item.ROLENAME, Checked = item.Checked
});
}
myViewModel.userRole = myCheckBoxList;
return(View(myViewModel));
}
// GET: USERTABLEs/Details/5
public ActionResult Details(int?id)
{
// cek id
if (id == null)
{
return(new HttpStatusCodeResult(HttpStatusCode.BadRequest));
}
//cek session login
if (Session["userId"] == null)
{
return(RedirectToAction("Login", "USERTABLEs", new { area = "" }));
}
//cek user role
if (Session["userRole"].ToString() != "admin")
{
//bukan admin, lempar
return(RedirectToAction("Index", "CONTENTTABLEs", new { area = "" }));
}
USERTABLE uSERTABLE = db.USERTABLEs.Where(m => m.USERID == id).Include(m => m.STATUSTABLE).FirstOrDefault();
//cek hasil query
if (uSERTABLE == null)
{
return(HttpNotFound());
}
//alasan keamanan
uSERTABLE.USERPASSWORD = null;
//cek role user
var Results = from r in db.ROLETABLEs
select new
{
r.ROLEID,
r.ROLENAME,
Checked = ((from ur in db.USERROLEs
where (ur.USERID == id) & (ur.ROLEID == r.ROLEID)
select ur).Count() > 0)
};
var myViewModel = new USERTABLEVIEW2();
myViewModel.userId = id.Value;
myViewModel.userName = uSERTABLE.USERNAME;
myViewModel.userPassword = null;
myViewModel.STATUSNAME = uSERTABLE.STATUSTABLE.STATUSNAME;
ViewBag.STATUSID = new SelectList(db.STATUSTABLEs, "STATUSID", "STATUSNAME", uSERTABLE.STATUSID);
//memasukkan role user ke checkbox
var myCheckBoxList = new List <CHECKBOXVIEW>();
foreach (var item in Results)
{
myCheckBoxList.Add(new CHECKBOXVIEW {
Id = item.ROLEID, Name = item.ROLENAME, Checked = item.Checked
});
}
myViewModel.userRole = myCheckBoxList;
return(View(myViewModel));
}
public ActionResult Edit(USERTABLEVIEW2 uSERTABLE)
{
//cek role user, apabila bukan user maka tidak diperbolehkan
if (Session["userRole"].ToString() != "admin")
{
return(RedirectToAction("Index", "CONTENTTABLEs", new { area = "" }));
}
//cek ketersediaan username
if (db.USERTABLEs.Where(m => m.USERNAME == uSERTABLE.userName && m.USERID != uSERTABLE.userId).FirstOrDefault() != null)
{
ViewBag.USERNAMENOT = "Username exists";
ViewBag.STATUSID = new SelectList(db.STATUSTABLEs, "STATUSID", "STATUSNAME", uSERTABLE.STATUSID);
uSERTABLE.userPassword = null;
return(View(uSERTABLE));
}
if (ModelState.IsValid)
{
//cek row lama di database
var myUser = db.USERTABLEs.Find(uSERTABLE.userId);
myUser.USERNAME = uSERTABLE.userName;
//hashing
myUser.USERPASSWORD = PasswordHelper.ComputeHash(uSERTABLE.userPassword, "SHA512", GetBytes("my_secret"));
//opsional, user ber-ID 1 akan selalu berstatus aktif
if (myUser.USERID == 1)
{
myUser.STATUSID = 1;
}
else
{
//user ber-ID selain 1 akan mengikuti status yang telah dipilih di form sebelumnya
myUser.STATUSID = uSERTABLE.STATUSID.Value;
}
//hapus role user di database
foreach (var item in db.USERROLEs)
{
if (item.USERID == uSERTABLE.userId)
{
db.Entry(item).State = EntityState.Deleted;
}
}
//masukkan role user yang baru
foreach (var item in uSERTABLE.userRole)
{
if (item.Checked)
{
db.USERROLEs.Add(new USERROLE()
{
USERID = uSERTABLE.userId, ROLEID = item.Id
});
}
}
db.SaveChanges();
return(RedirectToAction("Index"));
}
ViewBag.STATUSID = new SelectList(db.STATUSTABLEs, "STATUSID", "STATUSNAME", uSERTABLE.STATUSID);
return(View(uSERTABLE));
}
// GET: USERTABLEs/Edit/5
public ActionResult Edit(int?id)
{
//cek session login
if (Session["userId"] == null)
{
return(RedirectToAction("Login", "USERTABLEs", new { area = "" }));
}
//cek role user
if (Session["userRole"].ToString() != "admin")
{
//bukan admin, dilempar ke index content
return(RedirectToAction("Index", "CONTENTTABLEs", new { area = "" }));
}
//cek parameter id
if (id == null)
{
return(new HttpStatusCodeResult(HttpStatusCode.BadRequest));
}
//cari user melalui id
USERTABLE uSERTABLE = db.USERTABLEs.Find(id);
//cek user id di database
if (uSERTABLE == null)
{
return(HttpNotFound());
}
//user ber-ID 1 adalah super admin sehingga tidak diperbolehkan diedit kecuali dari user ber-ID 1 itu sendiri
if (Convert.ToInt32(Session["userId"]) != 1 && id == 1)
{
return(RedirectToAction("Index", "USERTABLEs"));
}
//simpan data dari tabel role ke view model user
var Results = from r in db.ROLETABLEs
select new
{
r.ROLEID,
r.ROLENAME,
Checked = ((from ur in db.USERROLEs
where (ur.USERID == id) & (ur.ROLEID == r.ROLEID)
select ur).Count() > 0)
};
var myViewModel = new USERTABLEVIEW2();
myViewModel.userId = id.Value;
myViewModel.userName = uSERTABLE.USERNAME;
myViewModel.userPassword = null;
ViewBag.STATUSID = new SelectList(db.STATUSTABLEs, "STATUSID", "STATUSNAME", uSERTABLE.STATUSID);
//madusukkan role ke checkbox
var myCheckBoxList = new List <CHECKBOXVIEW>();
foreach (var item in Results)
{
myCheckBoxList.Add(new CHECKBOXVIEW {
Id = item.ROLEID, Name = item.ROLENAME, Checked = item.Checked
});
}
myViewModel.userRole = myCheckBoxList;
return(View(myViewModel));
}
