public ActionResult CreateUser(CreateUserVM user) { if (ModelState.IsValid) { using (var db = new ADWebDB()) { ADWeb.Core.Models.User newUser = Mapper.Map <User>(user); ADDomain domain = new ADDomain(); // Get User Template Settings so that we can use it to create // the user. UserTemplate userTemplate = db.UserTemplate .Find(user.UserTemplateID); UserTemplateSettings userTemplateSettings = new UserTemplateSettings(); userTemplateSettings.ChangePasswordAtNextLogon = userTemplate.ChangePasswordAtNextLogon; userTemplateSettings.UserCannotChangePassword = userTemplate.UserCannotChangePassword; userTemplateSettings.PasswordNeverExpires = userTemplate.PasswordNeverExpires; userTemplateSettings.AccountExpires = userTemplate.AccountExpires; userTemplateSettings.ExpirationRange = userTemplate.ExpirationRange; userTemplateSettings.ExpirationValue = userTemplate.ExpirationValue; userTemplateSettings.DomainOU = userTemplate.DomainOU.DistinguishedName; // When getting the groups associated with a user template, we // are only interested in getting those groups that are active (i.e. // they have not been removed by the admins of the application). If this is // not done, then there will be an error if a group happens to have been // added, removed and then added again by one of the administrators. This should // be a rare occurrance, but we have to check just to make sure no errors occur // when creating user accounts. foreach (var group in userTemplate.Groups.Where(u => u.Enabled == true).ToList()) { userTemplateSettings.Groups.Add(group.Name); } domain.CreateUserWithTemplate(newUser, userTemplateSettings); ADUser currentUser = domain.GetUserByID(User.Identity.Name); // Insert the account to the Database. Note: we are only // interested in basic information DomainUser newDomainUser = new DomainUser(); newDomainUser.DateCreated = DateTime.Now; newDomainUser.CreatedBy = currentUser.GivenName + " " + currentUser.Surname; newDomainUser.Username = newUser.Username; db.DomainUsers.Add(newDomainUser); db.SaveChanges(); TempData["user_created_successfully"] = newUser.FirstName + " " + newUser.LastName + " has been created successfully!"; return(RedirectToAction("ViewUser", new { user = user.Username })); } } return(View()); }
public ActionResult UpdateUser(UserViewModel user) { if (ModelState.IsValid) { ADDomain domain = new ADDomain(); StringBuilder msg = new StringBuilder(); bool userInfoUpdate = false; msg.Append("<ul class=\"update-details\">"); // We first need to record what was changed on the user // account by comparing what the user currently has on // Active Directory to what is being passed to this method ADUser currentUser = domain.GetUserByID(user.SamAccountName); // Now we compare the values that are currently stored in the domain // with what's being passed to this method. If there are any changes, // then these are recorded and will be stored in the database. if (!currentUser.GivenName.Equals(user.GivenName)) { userInfoUpdate = true; msg.Append("<li>First Name Changed from '" + currentUser.GivenName + "' to '" + user.GivenName + "'</li>"); } if (!currentUser.Surname.Equals(user.Surname)) { userInfoUpdate = true; msg.Append("<li>Last Name Changed from '" + currentUser.Surname + "' to '" + user.Surname + "'</li>"); } if (!currentUser.MiddleName.Equals(user.MiddleName)) { if (!String.IsNullOrEmpty(user.MiddleName)) { userInfoUpdate = true; msg.Append("<li>Middle Name Changed from '" + currentUser.MiddleName + "' to '" + user.MiddleName + "'</li>"); } } if (!currentUser.DisplayName.Equals(user.DisplayName)) { userInfoUpdate = true; msg.Append("<li>Display Name Changed from '" + currentUser.DisplayName + "' to '" + user.DisplayName + "'</li>"); } if (!currentUser.EmailAddress.Equals(user.EmailAddress)) { userInfoUpdate = true; msg.Append("<li>Email Address Changed from '" + currentUser.EmailAddress + "' to '" + user.EmailAddress + "'</li>"); } if (!currentUser.PhoneNumber.Equals(user.PhoneNumber)) { if (!String.IsNullOrEmpty(user.PhoneNumber)) { userInfoUpdate = true; msg.Append("<li>Phone Number Changed from '" + currentUser.PhoneNumber + "' to '" + user.PhoneNumber + "'</li>"); } } if (!currentUser.Title.Equals(user.Title)) { userInfoUpdate = true; msg.Append("<li>Title Changed from '" + currentUser.Title + "' to '" + user.Title + "'</li>"); } if (!currentUser.Company.Equals(user.Company)) { userInfoUpdate = true; msg.Append("<li>Company Changed from '" + currentUser.Company + "' to '" + user.Company + "'</li>"); } if (!currentUser.Department.Equals(user.Department)) { userInfoUpdate = true; msg.Append("<li>Department Changed from '" + currentUser.Department + "' to '" + user.Department + "'</li>"); } if (!currentUser.Notes.Equals(user.Notes)) { if (!String.IsNullOrEmpty(user.Notes)) { userInfoUpdate = true; msg.Append("<li>Notes Changed from '" + currentUser.Notes + "' to '" + user.Notes + "'</li>"); } } msg.Append("</ul>"); ADWeb.Core.Models.User userModel = Mapper.Map <User>(user); domain.UpdateUser(userModel); // There is a possiblity that a user may accidentally hit the update // button but nothing has changed in the user's information. If this // happens, we don't want anything to be written to the database. The // following condition checks for this scenario. if (userInfoUpdate) { using (var db = new ADWebDB()) { ADUser loggedInUser = domain.GetUserByID(User.Identity.Name); // Before adding a new update history for this user, we first have // to check to see if this account has an entry in the DomainUsers // table. If it doesn't then we'll go ahead and create one. If it does, // then we'll just insert the update history to the table. var userDbInfo = db.DomainUsers.Find(user.SamAccountName); if (userDbInfo == null) { // If we have reached this part of the code then it means that // we have come accross a user that was not created thru the // application and thus has no entry in the DomainUsers table. // We are going to be creating an entry into the DomainUser table, // but we are not going to use the currently logged in user who is // viewing this account as the person that created the account. // The reason I don't want to store the username is because the // entry was not created by the user, instead it was created // outside the application. I am going to be making this a unique // value just in case we need to use this later on for reports. string createdBy = "Outside of Application"; DomainUser newUser = new DomainUser(); newUser.CreatedBy = createdBy; newUser.Username = currentUser.SamAccountName; newUser.DateCreated = currentUser.WhenCreated; // Entry that identifies this as a user who we just inserted // an entry to the DomainUsers table for. UserUpdateHistory newUserHistory = new UserUpdateHistory(); newUserHistory.UpdatedBy = createdBy; newUserHistory.Username = user.SamAccountName; newUserHistory.UpdateType = UserUpdateType.CreatedDBEntry; newUserHistory.DateUpdated = DateTime.Now; newUserHistory.Notes = "<ul class=\"update-details\"><li>New User Added to table by the system.</li></ul>"; // This is the actual changes that were made for this user // when the update user button was clicked on and submitted for // this request. UserUpdateHistory userChange = new UserUpdateHistory(); userChange.UpdatedBy = loggedInUser.GivenName + " " + loggedInUser.Surname; userChange.Username = user.SamAccountName; userChange.UpdateType = UserUpdateType.UserInfo; // I am adding 10 milli seconds to this value so that when we // retrieve it from the database this will show up later on // as we order the results from this table based on the // date updated field! userChange.DateUpdated = DateTime.Now.AddMilliseconds(10); userChange.Notes = msg.ToString(); db.DomainUsers.Add(newUser); db.UserUpdateHistory.Add(newUserHistory); db.UserUpdateHistory.Add(userChange); db.SaveChanges(); } else { UserUpdateHistory userChange = new UserUpdateHistory(); userChange.UpdatedBy = loggedInUser.GivenName + " " + loggedInUser.Surname; userChange.Username = user.SamAccountName; userChange.UpdateType = UserUpdateType.UserInfo; userChange.DateUpdated = DateTime.Now; userChange.Notes = msg.ToString(); db.UserUpdateHistory.Add(userChange); } db.SaveChanges(); } TempData["user_updated_successfully"] = user.GivenName + " " + user.Surname + "'s account has been successfully updated!"; } else { TempData["user_updated_successfully"] = "No updates were done for " + user.GivenName + " " + user.Surname + "'s account."; } return(RedirectToAction("ViewUser", new { user = user.SamAccountName })); } return(View()); }