// GET: /Account/AddItem
// Add an item. Just returns the view.
public ActionResult AddItem()
{
AddItemModel model = new AddItemModel();
Dictionary<string, int> itemClassGateway = new Dictionary<string, int>();
using (var db = new CopiosisEntities())
{
itemClassGateway = FetchItemClassTemplates(db);
}
model.ItemClassTemplates = itemClassGateway;
return View(model);
}
public ActionResult AddClass(AddClassModel m)
{
if (ModelState.IsValid)
{
itemClass newItemClass = new itemClass();
using (var db = new CopiosisEntities())
{
itemClass conflictingItemClass = db.itemClasses.Where(ic => ic.name == m.name).FirstOrDefault();
if (conflictingItemClass != null)
{
ModelState.AddModelError("name", "There is already a class of this name");
return View(m);
}
else
{
newItemClass.name = m.name;
newItemClass.suggestedGateway = m.suggestedGateway;
newItemClass.cPdb = m.cPdb;
newItemClass.a = m.a;
newItemClass.aMax = m.aMax;
newItemClass.d = m.d;
newItemClass.aPrime = m.aPrime;
newItemClass.cCb = m.cCb;
newItemClass.m1 = m.m1;
newItemClass.pO = m.pO;
newItemClass.m2 = m.m2;
newItemClass.cEb = m.cEb;
newItemClass.s = m.s;
newItemClass.m3 = m.m3;
newItemClass.sE = m.sE;
newItemClass.m4 = m.m4;
newItemClass.sH = m.sH;
newItemClass.m5 = m.m5;
//save changes
db.itemClasses.Add(newItemClass);
db.SaveChanges();
TempData["AddClass"] = newItemClass.name;
return RedirectToAction("ViewClasses");
}
}
}
else
{
return View(m);
}
}
public SimpleMembershipInitializer()
{
Database.SetInitializer<CopiosisEntities>(null);
try
{
using (var context = new CopiosisEntities())
{
if (!context.Database.Exists())
{
// Create the SimpleMembership database without Entity Framework migration schema
((IObjectContextAdapter)context).ObjectContext.CreateDatabase();
}
}
WebSecurity.InitializeDatabaseConnection("CopiosisConnection", "user", "userID", "username", autoCreateTables: true);
}
catch (Exception ex)
{
throw new InvalidOperationException("The ASP.NET Simple Membership database could not be initialized. For more information, please see http://go.microsoft.com/fwlink/?LinkId=256588", ex);
}
}
public ActionResult ViewClasses()
{
ViewBag.savedChanges = false;
ViewBag.noEdit = false;
ViewClassesModel model = new ViewClassesModel();
//Handle cases for success banner in the Admin/ViewClasses view
if (TempData["AddClass"] != null || TempData["EditClass"] != null)
{
//Case 1: The admin adds a new class and it is successful
if (TempData["AddClass"] != null)
{
ViewBag.newClass = true;
ViewBag.className = TempData["AddClass"];
}
//Case 2: The admin edits a class and it is successful
else if (TempData["EditClass"] != null)
{
ViewBag.newClass = false;
ViewBag.className = TempData["EditClass"];
}
ViewBag.savedChanges = true;
}
//Case 3: The admin presses the submit button from the EditClass page but changes nothing
else if (TempData["NoEdit"] != null)
{
ViewBag.noEdit = true;
ViewBag.className = TempData["NoEdit"];
}
using (var db = new CopiosisEntities())
{
model.ItemClassTemplates = db.itemClasses.Select(t => new ViewClassModel
{
classID = t.classID,
className = t.name,
numUsing = db.products.Where(p => p.itemClass == t.classID).Count()
}).OrderByDescending(t => t.className).ToList();
}
return View(model);
}
// GET: /Account/View
// View a specific transaction. Probably takes some kind of GUID.
public ActionResult View(Guid tranId)
{
ACCOUNTERROR.ErrorSubject = "Error while trying to retrieve a transaction";
if(tranId == null)
{
throw new ArgumentNullException("Transaction ID must be specified");
}
TransactionModel model = new TransactionModel();
using(var db = new CopiosisEntities())
{
// Get transaction data
var transaction = db.transactions.Where(t => t.transactionID == tranId).FirstOrDefault();
// Make sure a transaction was found.
if(transaction == null)
{
throw new ArgumentNullException(string.Format("Transaction with ID does not exist", tranId));
}
// Check permissions to view this transaction.
if ((WebSecurity.CurrentUserId == transaction.providerID) ||
(WebSecurity.CurrentUserId == transaction.receiverID) ||
(System.Web.Security.Roles.IsUserInRole(ADMINROLE))
)
{
// Various transaction data expected to be displayed
model.transactionID = transaction.transactionID;
model.date = transaction.date.HasValue ? transaction.date.Value.ToString() : string.Empty; // Date the transaction took place on.
model.dateAdded = transaction.dateAdded; // Date transaction added to system. How long pending??
model.dateClosed = transaction.dateClosed ?? // Date transaction was Confirmed or Rejected.
DateTime.MinValue; // Replaces dateAdded when not null.
model.nbr = transaction.nbr ?? 0.0; // NBR earned from this transaction
model.status = transaction.status; // Pending, Confirmed, or Rejected
model.satisfaction = transaction.satisfaction;
// Product info expected to be displayed.
model.productGuid = transaction.product.guid;
model.productName = transaction.product.name;
model.productDesc = transaction.productDesc;
model.productGateway = transaction.productGateway;
// Provider info expected to be displayed.
model.providerFirstName = transaction.provider.firstName;
model.providerLastName = transaction.provider.lastName;
model.providerUsername = transaction.provider.username;
model.providerNotes = transaction.providerNotes;
// Receiver info expected to be displayed.
model.receiverFirstName = transaction.receiver.firstName;
model.receiverLastName = transaction.receiver.lastName;
model.receiverUsername = transaction.receiver.username;
model.receiverNotes = transaction.receiverNotes;
// For calculatons
model.providerID = transaction.providerID;
model.receiverID = transaction.receiverID;
model.isPendingUser = (transaction.dateClosed == null &&
transaction.createdBy != WebSecurity.CurrentUserId &&
(transaction.providerID == WebSecurity.CurrentUserId ||
transaction.receiverID == WebSecurity.CurrentUserId)
) ? true : false;
}
else
{
throw new ArgumentException("Current user not authorized to view this transaction");
}
}
return View(model);
}
public ActionResult AddItem(AddItemModel m)
{
if (ModelState.IsValid)
{
//ValidateItemModel(model);
if (!m.ItemType.Equals("Product", StringComparison.OrdinalIgnoreCase) && !m.ItemType.Equals("Service", StringComparison.OrdinalIgnoreCase))
{
ACCOUNTERROR.ErrorSubject = "Error while trying to add an item";
throw new ArgumentException("Items can only be of type Product or Service");
}
product p = new product();
using (var db = new CopiosisEntities())
{
int? itemClassId = db.itemClasses.Where(ic => ic.name == m.ItemClass).Select(i => i.classID).FirstOrDefault();
if (itemClassId == null)
{
ACCOUNTERROR.ErrorSubject = "Error while trying to add an item";
throw new ArgumentException("Product item class not found");
}
int existing = db.products.Where(i => i.name == m.Name && i.ownerID == WebSecurity.CurrentUserId).Count();
if (existing > 0)
{
m.ItemClassTemplates = FetchItemClassTemplates(db);
ModelState.AddModelError("name", "There is already an item of this name. Please try again.");
return View(m);
}
p.name = m.Name;
p.ownerID = WebSecurity.CurrentUserId;
p.guid = Guid.NewGuid();
p.gateway = m.Gateway;
p.description = m.Description;
p.createdDate = DateTime.Now;
p.itemClass = (int)itemClassId;
p.type = m.ItemType;
db.products.Add(p);
db.SaveChanges();
TempData["currentItem"] = p.name;
TempData["addSuccess"] = true;
}
return RedirectToAction("Items");
}
else
{
return View(m);
}
}
// GET: /Account/Overview
// Overview of transactions for the current user
public ActionResult Overview()
{
TransactionOverviewModel model = new TransactionOverviewModel();
using (var db = new CopiosisEntities())
{
int userId = WebSecurity.CurrentUserId;
DateTime? userLastLogin = db.users.Where(u => u.userID == userId).Select(u => u.prevLastLogin).FirstOrDefault();
model.pendingUser = db.transactions.Where(
a =>
(a.providerID == userId || a.receiverID == userId) &&
a.dateClosed == null &&
a.createdBy != userId
).Select(t => new TransactionModel {
newSinceLogin = userLastLogin.HasValue ? (userLastLogin.Value.CompareTo(t.dateAdded) < 0) : false,
transactionID = t.transactionID,
date = t.date.ToString(),
status = t.status,
dateAdded = t.dateAdded,
dateClosed = t.dateClosed ?? DateTime.MinValue,
nbr = t.nbr??0.0,
otherParty = t.providerID == userId ? (t.receiver.firstName + " " + t.receiver.lastName) : (t.provider.firstName + " " + t.provider.lastName),
productName = t.product.name,
productDesc = t.productDesc,
productGateway = t.productGateway,
}).OrderByDescending(t => t.dateAdded).ToList();
model.pendingOther = db.transactions.Where(
a =>
(a.providerID == userId || a.receiverID == userId) &&
a.dateClosed == null &&
userId == a.createdBy
).Select(t => new TransactionModel
{
newSinceLogin = userLastLogin.HasValue ? (userLastLogin.Value.CompareTo(t.dateAdded) < 0) : false,
transactionID = t.transactionID,
date = t.date.ToString(),
status = t.status,
dateAdded = t.dateAdded,
dateClosed = t.dateClosed ?? DateTime.MinValue,
nbr = (t.providerID == userId) ? ((t.nbr == null) ? 0.0 : t.nbr) : t.productGateway,
otherParty = t.providerID == userId ? (t.receiver.lastName + ", " + t.receiver.firstName) : (t.provider.lastName + ", " + t.provider.firstName),
productName = t.product.name,
productDesc = t.productDesc,
productGateway = t.productGateway,
}).OrderByDescending(t => t.dateAdded).ToList();
model.completed = db.transactions.Where(
a =>
(a.providerID == userId || a.receiverID == userId) &&
a.dateClosed != null
).Select(t => new TransactionModel
{
transactionID = t.transactionID,
date = t.date.ToString(),
status = t.status,
dateAdded = t.dateAdded,
dateClosed = t.dateClosed ?? DateTime.MinValue,
nbr = t.nbr ?? 0.0,
otherParty = t.providerID == userId ? (t.receiver.firstName + " " + t.receiver.lastName) : (t.provider.firstName + " " + t.provider.lastName),
productName = t.product.name,
productDesc = t.productDesc,
productGateway = t.productGateway,
isProducer = t.providerID == userId ? true : false,
}).OrderByDescending(t => t.dateClosed).ToList();
}
return View(model);
}
public ActionResult Manage(AccountManagerModel model)
{
if (ModelState.IsValid)
{
using (var db = new CopiosisEntities())
{
var dbCurrentUser = db.users.Where(p => p.userID == WebSecurity.CurrentUserId).FirstOrDefault();
if (dbCurrentUser == null)
{
ACCOUNTERROR.ErrorSubject = "Error while trying to retrieve your user account";
throw new Exception(string.Format("No match for the current user with user name {0}", WebSecurity.CurrentUserId));
}
ViewBag.isValidatedUser = true;
string passwordTemp;
bool changePassword;
bool noPwProvided;
validateManageAccountForm(model, db, dbCurrentUser, out passwordTemp, out changePassword, out noPwProvided);
if (ModelState.IsValid == true)
{
if (changePassword == true)
{
// ChangePassword will throw an exception rather than return false in certain failure scenarios.
bool changePasswordSucceeded = true;
try
{
changePasswordSucceeded = WebSecurity.ChangePassword(User.Identity.Name, passwordTemp, model.newPassword);
}
catch (Exception)
{
changePasswordSucceeded = false;
}
if (changePasswordSucceeded == false)
{
ACCOUNTERROR.ErrorSubject = "Error while trying to update your account";
throw new Exception("Could not change your password");
}
else
{
try
{
WebSecurity.Login(dbCurrentUser.username, passwordTemp);
passwordTemp = model.newPassword;
}
catch (Exception e)
{
ACCOUNTERROR.ErrorSubject = "Error when logging you in";
throw new Exception(e.Message);
}
}
}
db.SaveChanges();
ViewBag.changesSaved = true;
return RedirectToAction("Manage", new { Message = ManageMessageId.AccountChangesSaved });
}
else
{
//there was at least one error:
ViewBag.changesSaved = false;
return View(model);
}
}
}
// If we got this far, something failed, redisplay form
ViewBag.changesSaved = false;
return View(model);
}
public ActionResult Login(LoginModel model, string returnUrl)
{
string sanitizedun = Regex.Replace(model.UserName, @"\s+", "");
if (ModelState.IsValid && WebSecurity.Login(sanitizedun, model.Password, persistCookie: model.RememberMe))
{
using (var db = new CopiosisEntities())
{
var x = db.users.Where(u => u.username == model.UserName).First();
x.prevLastLogin = x.lastLogin.HasValue ? x.lastLogin.Value : (DateTime?)null;
x.lastLogin = DateTime.Now;
db.SaveChanges();
}
return RedirectToAction("Overview");
}
// If we got this far, something failed, redisplay form
ModelState.AddModelError("", "The user name or password provided is incorrect.");
return View(model);
}
public ActionResult FetchProducerItems(string name, string username)
{
List<string> products = new List<string>();
bool result = true;
/* Note: this is not a great way to be doing this, relying soley on the first name last name as these may not be unique. But the only solution
* seems to be to include the username which has been stated that they do not want */
string[] producerName = name.Split('|');
string currentUserName = producerName != null ? producerName[1].Trim() : "";
using (var db = new CopiosisEntities())
{
int? producerID = db.users.Where(u => u.username == currentUserName).Select(uID => uID.userID).FirstOrDefault();
if (producerID == null)
{
ACCOUNTERROR.ErrorSubject = "Error while trying to retrieve item(s)";
throw new ArgumentNullException(string.Format("No user found with name {0}", name));
}
products = db.products.Where(po => po.ownerID == producerID && po.deletedDate == null).Select(p => p.name + " | Gateway: " + p.gateway).Distinct().ToList();
if (products == null)
{
result = false;
}
}
return Json(new { success = result, products = result ? products : null }, JsonRequestBehavior.AllowGet);
}
/// <summary>
/// Get the items for the currently logged in user
/// </summary>
/// <returns>List of Items</returns>
private List<ItemsModel> CurrenUserItems()
{
List<ItemsModel> model = new List<ItemsModel>();
using (var db = new CopiosisEntities())
{
int userId = WebSecurity.CurrentUserId;
var items = db.products.Where(a => a.ownerID == userId && a.deletedDate == null).ToList();
foreach (var value in items)
{
ItemsModel item = new ItemsModel();
item.ProductName = value.name;
item.Description = value.description;
item.Gateway = value.gateway;
item.ItemClass = value.itemClass1.name;
item.ItemGuid = value.guid;
item.ItemType = value.type;
model.Add(item);
}
}
return model;
}
/// <summary>
/// Calculate NBR will calculate the NBR that a producer is to receive based on the
/// satisfaction rating the consumer has provided for the transaction.
/// </summary>
/// <param name="satisfactionRating">Satisfaction Rating the consumer provided for the transaction</param>
/// <param name="productId">The ID# of the product involved in the transaction</param>
/// <param name="providerId">The ID# of the producer in the transaction</param>
/// <returns>A float for the NBR calculated</returns>
private float CalculateNBR(int satisfactionRating, int productId, int providerId)
{
using (var db = new CopiosisEntities())
{
var product = db.products.Where(a => a.productID == productId && a.ownerID == providerId).FirstOrDefault();
ACCOUNTERROR.ErrorSubject = "Error while calculating the NBR";
if(product == null)
{
throw new ArgumentException("Product not found for this provider");
}
var item = db.itemClasses.Where(a => a.classID == product.itemClass).FirstOrDefault();
if(item == null)
{
throw new ArgumentException("Item class not found for this product");
}
float Cpdb = (float)item.cPdb;
float Ccb = (float)item.cCb;
float Ceb = (float)item.cEb;
int D = (int)item.d;
int P0 = (int)item.pO;
float A = (float)item.a;
int Aprime = (int)item.aPrime;
int Amax = (int)item.aMax;
float M1 = (float)item.m1;
float M2 = (float)item.m2;
float M3 = (float)item.m3;
float M4 = (float)item.m4;
float M5 = (float)item.m5;
int S = (int)item.s;
int Se = (int)item.sE;
int Sh = (int)item.sH;
float nbr = Cpdb * (D / Aprime - A / Amax) + (Ccb * (satisfactionRating / M1 + P0 / M2) + Ceb * (S / M3 + Se / M4 + Sh / M5));
return nbr;
}
}
//List<SelectListItem>
private void FetchUserRoles(CopiosisEntities db, ViewUsersModel model)
{
List<UserModel> adminUsers = new List<UserModel>();
List<int> adminIds = new List<int>();
List<UserModel> nonAdminUsers = new List<UserModel>();
var items = db.webpages_Roles.ToList();
if (items != null)
{
foreach (var item in items)
{
if (item.RoleName == "ADMIN")
{
foreach (var user in item.users)
{
UserModel temp = new UserModel();
temp.firstName = user.firstName;
temp.lastName = user.lastName;
temp.status = user.status;
temp.userId = user.userID;
temp.userName = user.username;
if (temp.userId != WebSecurity.CurrentUserId)
{
adminIds.Add(temp.userId);
adminUsers.Add(temp);
}
}
}
else if (item.RoleName == "USER")
{
foreach (var user in item.users)
{
if (!adminIds.Contains(user.userID))
{
UserModel temp = new UserModel();
temp.firstName = user.firstName;
temp.lastName = user.lastName;
temp.status = user.status;
temp.userId = user.userID;
temp.userName = user.username;
nonAdminUsers.Add(temp);
}
}
}
} // end Foreach
} // if (items != null)
model.adminUsers = adminUsers;
model.nonadminUsers = nonAdminUsers;
}
private List<SelectListItem> FetchItemClassTemplates(CopiosisEntities db)
{
List<SelectListItem> itemClasses = new List<SelectListItem>();
var items = db.itemClasses.ToList();
if (items != null)
{
foreach (var item in items)
{
itemClasses.Add(
new SelectListItem { Text = item.name, Value = item.name }
);
}
}
return itemClasses;
}
public ActionResult ViewUsers()
{
ViewUsersModel model = new ViewUsersModel();
using (var db = new CopiosisEntities())
{
FetchUserRoles(db, model);
}
return View(model);
}
public ActionResult EditItem(Guid itemId)
{
AddItemModel model = new AddItemModel();
using (var db = new CopiosisEntities())
{
var item = db.products.Where(p => p.guid == itemId && p.ownerID == WebSecurity.CurrentUserId).FirstOrDefault();
if (item == null)
{
ACCOUNTERROR.ErrorSubject = "Error while trying to edit an item";
throw new ArgumentException(string.Format("Product with ID {0} not found", itemId));
}
else
{
model.Name = item.name;
model.ItemClass = item.itemClass1.name;
model.Description = item.description;
model.Gateway = item.gateway;
model.ItemClassTemplates = FetchItemClassTemplates(db);
model.ItemType = item.type;
}
}
return View(model);
}
public ActionResult EditItem(AddItemModel model, Guid itemId)
{
using (var db = new CopiosisEntities())
{
var item = db.products.Where(p => p.guid == itemId && p.ownerID == WebSecurity.CurrentUserId).FirstOrDefault();
int itemClassId = db.itemClasses.Where(ic => ic.name == model.ItemClass).Select(i => i.classID).First();
int existing = db.products.Where(i => i.name == model.Name && i.ownerID == WebSecurity.CurrentUserId).Count();
if (item == null)
{
ACCOUNTERROR.ErrorSubject = "Error while trying to edit an item";
throw new ArgumentException(string.Format("Product with ID {0} not found", itemId));
}
else if (existing > 0 && model.Name != item.name)
{
model.ItemClassTemplates = FetchItemClassTemplates(db);
ModelState.AddModelError("name", "There is already an item of this name. Please try again.");
return View(model);
}
else
{
item.name = model.Name;
item.description = model.Description;
item.gateway = model.Gateway;
item.itemClass = itemClassId;
item.type = model.ItemType;
db.SaveChanges();
TempData["currentItem"] = item.name;
TempData["editSuccessful"] = true;
}
}
return RedirectToAction("Items");
}
/// <summary>
/// Generate the initial list of producer items for NewTransaction
/// </summary>
/// <param name="currentID">ID of the first producer</param>
/// <returns>List of Items</returns>
private List<ItemsModel> FetchInitialProducerItems(int currentID)
{
List<ItemsModel> model = new List<ItemsModel>();
using (var db = new CopiosisEntities())
{
var items = db.products.Where(a => a.ownerID == currentID && a.deletedDate == null).ToList();
foreach (var value in items)
{
ItemsModel item = new ItemsModel();
item.ProductName = value.name;
item.Description = value.description;
item.Gateway = value.gateway;
item.ItemClass = value.itemClass1.name;
item.ItemGuid = value.guid;
model.Add(item);
}
}
return model;
}
public ActionResult GatewayNBR(string name)
{
double? defaultGateway = 0;
bool result = true;
using (var db = new CopiosisEntities())
{
defaultGateway = db.itemClasses.Where(ic => ic.name == name).Select(i => i.suggestedGateway).FirstOrDefault();
if (defaultGateway == null)
{
result = false;
defaultGateway = 0;
}
}
return Json(new { success = result, defaultGateway = result ? defaultGateway : null }, JsonRequestBehavior.AllowGet);
}
private Dictionary<string, int> FetchItemClassTemplates(CopiosisEntities db)
{
Dictionary<string, int> itemClasses = new Dictionary<string, int>();
var items = db.itemClasses.ToList();
if (items != null)
{
foreach (var item in items)
{
try
{
itemClasses.Add(item.name, (int)item.suggestedGateway);
}
catch (Exception)
{
ACCOUNTERROR.ErrorSubject = "Error while trying to retrieve a list of item classes";
throw new Exception("Ensure that the item classes in the database have unique names");
}
}
}
return itemClasses;
}
//
// GET: /Account/Manage
public ActionResult Manage(ManageMessageId? message)
{
ViewBag.StatusMessage =
message == ManageMessageId.AccountChangesSaved ? "Your account changes were saved"
: "";
ViewBag.HasLocalPassword = OAuthWebSecurity.HasLocalAccount(WebSecurity.GetUserId(User.Identity.Name));
ViewBag.ReturnUrl = Url.Action("Manage");
if (message == ManageMessageId.ChangePasswordSuccess)
{
ViewBag.changesSaved = true;
}
else
{
ViewBag.changesSaved = false;
}
try
{
if (WebSecurity.IsAuthenticated == false)
{
//Current user is not authorized to manage this account
WebSecurity.Logout();
return RedirectToAction("Login");
}
using (var db = new CopiosisEntities())
{
var dbCurrentUser = db.users.Where(p => p.userID == WebSecurity.CurrentUserId).FirstOrDefault();
if (dbCurrentUser == null)
{
ACCOUNTERROR.ErrorSubject = "Error while trying to retrieve your user account";
throw new Exception(string.Format("No match for the current user with user name {0}", WebSecurity.CurrentUserId));
}
AccountManagerModel model = new AccountManagerModel();
model.errorList = new Dictionary<string, string>();
user CurrentUser = db.users.Where(p => p.userID == WebSecurity.CurrentUserId).FirstOrDefault();
model.currentEmail = CurrentUser.email;
model.currentFirstName = CurrentUser.firstName;
model.currentLastName = CurrentUser.lastName;
ViewBag.isValidatedUser = true;
return View(model);
}
}
catch (Exception e)
{
ACCOUNTERROR.ErrorSubject = "Error when trying to access your account";
if (e.InnerException is InvalidOperationException)
{
throw new Exception("You do not have an account. Please register with Copiosis.");
}
throw new Exception(e.Message);
}
}
private void PopulateNewTransactionModel(string type, NewTransactionModel model)
{
if (type == "consumer")
{
model.IsProducer = false;
List<string> producers = new List<string>();
List<string> products = new List<string>();
List<string> usernames = new List<string>();
using (var db = new CopiosisEntities())
{
var usersWithProducts = db.products.Where(p => p.ownerID != WebSecurity.CurrentUserId && p.user.status == 1 && p.deletedDate == null).Select(u => u.user).Distinct().ToList();
if (usersWithProducts.Count > 0)
{
foreach (var pro in usersWithProducts)
{
producers.Add(string.Format("{0} {1} | {2}", pro.firstName, pro.lastName, pro.username));
usernames.Add(pro.username);
}
var initialProducer = usersWithProducts.First();
var initialItemList = FetchInitialProducerItems(initialProducer.userID);
foreach (var item in initialItemList)
{
products.Add(item.ProductName + " | Gateway: " + item.Gateway);
}
}
}
model.Usernames = usernames;
model.Products = products;
model.Producers = producers;
}
else if (type == "producer")
{
model.IsProducer = true;
var producerItems = CurrenUserItems();
List<string> products = new List<string>();
foreach (var item in producerItems)
{
products.Add(item.ProductName + " | Gateway: " + item.Gateway);
}
model.Products = products;
List<string> usernames = new List<string>();
List<string> consumers = new List<string>();
using (var db = new CopiosisEntities())
{
var c = db.users.Where(u => u.status == 1 && u.userID != WebSecurity.CurrentUserId)
.Select(s => new { FirstName = s.firstName, LastName = s.lastName, Username = s.username, Email = s.email, NBR = s.nbr}).ToList();
foreach (var con in c)
{
consumers.Add(string.Format("{0} {1} (NBR: {2}) | {3}", con.FirstName, con.LastName, Math.Round(con.NBR.HasValue ? con.NBR.Value : 0, 2), con.Username));
usernames.Add(string.Format("{0}", con.Username));
}
}
model.Usernames = usernames;
model.Consumers = consumers;
}
else
{
ACCOUNTERROR.ErrorSubject = "Error while trying to retrieve a transaction";
throw new ArgumentException("Transaction type not recognized");
}
return;
}
//Helper method to validate the Manage Account form for the Account/Manage view
private void validateManageAccountForm(AccountManagerModel model, CopiosisEntities db, user dbCurrentUser, out string passwordTemp, out bool changePassword, out bool noPwProvided)
{
string email = model.emailAddress;
string firstName = model.firstName;
string lastName = model.lastName;
string newPassword = model.newPassword;
string confirmPassword = model.confirmPassword;
string currentPassword = model.currentPassword ?? "";
passwordTemp = new string(currentPassword.ToCharArray());
changePassword = false;
noPwProvided = false;
model.currentEmail = dbCurrentUser.email;
model.currentFirstName = dbCurrentUser.firstName;
model.currentLastName = dbCurrentUser.lastName;
user conflictUser = null;
if (email != null)
{
conflictUser = db.users.Where(m => m.email == email).FirstOrDefault();
if (conflictUser != null && conflictUser.email.Equals(email))
{
ModelState.AddModelError("emailAddress", "That e-mail address is already being used. Please use a different one");
}
else
{
dbCurrentUser.email = email;
}
}
if (firstName != null)
{
if (firstName.Equals(dbCurrentUser.firstName))
{
ModelState.AddModelError("firstName", "Enter a different first name");
}
else
{
dbCurrentUser.firstName = firstName;
}
}
if (lastName != null)
{
if (lastName.Equals(dbCurrentUser.lastName))
{
ModelState.AddModelError("lastName", "Enter a different last name");
}
else
{
dbCurrentUser.lastName = lastName;
}
}
if (newPassword != null)
{
if (confirmPassword == null)
{
ModelState.AddModelError("confirmPassword", "Confirmation password cannot be empty");
}
else if (!newPassword.Equals(confirmPassword))
{
ModelState.AddModelError("confirmPassword", "Confirmation password and new password do not match");
}
else if (newPassword.Equals(model.currentPassword))
{
ModelState.AddModelError("newPassword", "Your new password cannot be the same as your current password");
}
else
{
changePassword = true;
}
}
if (model.currentPassword == null)
{
ModelState.AddModelError("currentPassword", "Please enter your current password to commit to the change(s)");
noPwProvided = false;
}
else if ((Membership.Provider.ValidateUser(db.users.Where(m => m.userID == WebSecurity.CurrentUserId).FirstOrDefault().username, model.currentPassword) == false))
{
ModelState.AddModelError("currentPassword", "You entered the wrong current password");
}
//build the error list
if (model.errorList == null)
{
model.errorList = new Dictionary<string, string>();
}
if (ModelState.IsValid == false)
{
int i = 0;
foreach (ModelState state in ModelState.Values)
{
if (state.Errors.Count >= 1)
{
model.errorList.Add(ModelState.Keys.ElementAt(i), state.Errors[0].ErrorMessage);
}
++i;
}
}
}
public ActionResult AddNotes(string participant, string notes, Guid tranId, short? newSatisfaction)
{
using (var db = new CopiosisEntities())
{
int userId = WebSecurity.CurrentUserId;
var trans = db.transactions.Where(a => a.transactionID == tranId).FirstOrDefault();
if(participant == null)
{
return Json(new { success = false });
}
if(participant.Equals("producer", StringComparison.OrdinalIgnoreCase))
{
if(trans.providerID == userId)
{
trans.providerNotes = notes;
}
else
{
return Json(new { success = false });
}
}
else if (participant.Equals("consumer", StringComparison.OrdinalIgnoreCase))
{
if (trans.receiverID == userId)
{
if (newSatisfaction != null)
{
trans.satisfaction = newSatisfaction;
}
trans.receiverNotes = notes;
}
else
{
return Json(new { success = false });
}
}
else
{
return Json(new { success = false });
}
db.SaveChanges();
}
return Json(new { success = true });
}
public ActionResult Register(RegisterModel model)
{
if (ModelState.IsValid)
{
location location;
List<int> existingVendorCodes = new List<int>();
// Check if signup code is valid.
using (var db = new CopiosisEntities())
{
existingVendorCodes = db.users.Where(u => u.vendorCode != -1).Select(u => u.vendorCode).ToList();
var keyCheck = db.locations.Where(s => s.signupKey.Equals(model.Token));
location = keyCheck.FirstOrDefault();
if (keyCheck.Any() == false)
{
ModelState.AddModelError("", "Invalid signup code.");
return View(model);
}
}
// Attempt to register the user
try
{
//Make sure admin role is created in the roles table, if not create it
//Do not ever assign a user to admin role via the application, this should be done via a sql query
if (!Roles.RoleExists(ADMINROLE))
{
Roles.CreateRole(ADMINROLE);
}
//Make sure user role is created in the roles table, if not create it
if (!Roles.RoleExists(USERROLE))
{
Roles.CreateRole(USERROLE);
}
//Generate a random vendor code that is not already assigned to a user
Random rand = new Random();
int vc = rand.Next(1000, 9999);
while(existingVendorCodes.Contains(vc))
{
vc = rand.Next(1000, 9999);
}
string sanitizedun = Regex.Replace(model.UserName, @"\s+", ""); //model.UserName.Replace(" ", "");
// Make calls for .NET to handle authentication.
WebSecurity.CreateUserAndAccount(
sanitizedun,
model.Password,
new
{
firstName = model.FirstName,
lastName = model.LastName,
email = model.Email,
status = 1,
nbr = 0,
lastLogin = DateTime.Now,
locationID = location.locationID,
vendorCode = vc
}
);
Roles.AddUserToRole(sanitizedun, USERROLE);
WebSecurity.Login(sanitizedun, model.Password);
return RedirectToAction("Overview", "Account");
}
catch (MembershipCreateUserException e)
{
ModelState.AddModelError("", ErrorCodeToString(e.StatusCode));
}
}
// If we got this far, something failed, redisplay form
return View(model);
}
public ActionResult Create(string type, NewTransactionModel model)
{
ACCOUNTERROR.ErrorSubject = "Error while trying create a transaction";
if (type == null)
{
throw new ArgumentNullException("Type of transaction must be specified");
}
string typeLower = type.ToLower();
if(type == "consumer")
{
string[] producerName = model.Producer.Split('|');
string producerUN = producerName != null ? producerName[1].Trim() : "";
string[] productName = model.ProductProvided.Split('|');
string productUN = productName[0] != null ? productName[0].TrimEnd() : "";
using(var db = new CopiosisEntities())
{
var producer = db.users.Where(u => u.username == producerUN && u.status == 1).FirstOrDefault();
string producerFirstLast = db.users.Where(m => m.username == producerUN).Select(u => u.firstName).FirstOrDefault()
+ " " + db.users.Where(m => m.username == producerUN).Select(u => u.lastName).FirstOrDefault();
if (producer == null)
{
throw new ArgumentException(string.Format("Producer {0} not found", producerUN));
}
var product = db.products.Where(p => p.ownerID == producer.userID && p.name == productUN && p.deletedDate == null).FirstOrDefault();
if(product == null)
{
throw new ArgumentException(string.Format("Product {0} not found", productUN));
}
double? currentUserNBR = db.users.Where(u => u.userID == WebSecurity.CurrentUserId).Select(u => u.nbr).FirstOrDefault();
if(!currentUserNBR.HasValue || currentUserNBR.Value < product.gateway)
{
ModelState.AddModelError("Producer", "You do not have enough NBR for this good or service");
PopulateNewTransactionModel(type, model);
return View(model);
}
if (model.SatisfactionRating < -2 || model.SatisfactionRating > 2)
{
ModelState.AddModelError("Satisfaction", "You must select a satisfaction rating by selecting an icon.");
PopulateNewTransactionModel(type, model);
return View(model);
}
transaction consumerTran = new transaction();
consumerTran.transactionID = Guid.NewGuid();
consumerTran.createdBy = WebSecurity.CurrentUserId;
consumerTran.dateAdded = DateTime.Now;
consumerTran.providerID = producer.userID;
consumerTran.productID = product.productID;
consumerTran.productDesc = product.description;
consumerTran.receiverID = WebSecurity.CurrentUserId;
consumerTran.status = "PENDING";
consumerTran.receiverNotes = model.Notes;
consumerTran.satisfaction = (short)model.SatisfactionRating;
consumerTran.productGateway = product.gateway;
db.transactions.Add(consumerTran);
db.SaveChanges();
TempData["consumerAdd"] = true;
TempData["producerIs"] = producerFirstLast;
}
}
else if(type == "producer")
{
string[] consumerName = model.Consumer.Split('|');
string consumerUN = consumerName[1] != null ? consumerName[1].Trim(): "";
string[] productName = model.ProductProvided.Split('|');
string productUN = productName[0] != null ? productName[0].TrimEnd() : "";
using(var db = new CopiosisEntities())
{
var consumer = db.users.Where(u => u.username == consumerUN && u.status == 1).FirstOrDefault();
TempData["consumerIs"] = db.users.Where(m => m.username == consumerUN).Select(u => u.firstName).FirstOrDefault()
+ " " + db.users.Where(m => m.username == consumerUN).Select(u => u.lastName).FirstOrDefault();
if(consumer == null)
{
throw new ArgumentException(string.Format("Consumer {0} not found", consumerUN));
}
var product = db.products.Where(p => p.ownerID == WebSecurity.CurrentUserId && p.name == productUN && p.deletedDate == null).FirstOrDefault();
if(product == null)
{
throw new ArgumentException(string.Format("Product {0} not found", productUN));
}
double? consumerNBR = db.users.Where(u => u.userID == consumer.userID).Select(u => u.nbr).FirstOrDefault();
if (!consumerNBR.HasValue || consumerNBR.Value < product.gateway)
{
ModelState.AddModelError("Consumer", "The consumer " + TempData["consumerIs"] + " does not have enough NBR for this good or service");
PopulateNewTransactionModel(type, model);
return View(model);
}
transaction producerTran = new transaction();
producerTran.transactionID = Guid.NewGuid();
producerTran.createdBy = WebSecurity.CurrentUserId;
producerTran.dateAdded = DateTime.Now;
producerTran.providerID = WebSecurity.CurrentUserId;
producerTran.productID = product.productID;
producerTran.productDesc = product.description;
producerTran.receiverID = consumer.userID;
producerTran.status = "PENDING";
producerTran.providerNotes = model.Notes;
producerTran.productGateway = product.gateway;
db.transactions.Add(producerTran);
db.SaveChanges();
TempData["producerAdd"] = true;
}
}
else
{
throw new ArgumentException("Transaction type not recognized");
}
return RedirectToAction("Overview");
}
public ActionResult UsersNBR()
{
double? nbr = 0;
bool result = true;
using (var db = new CopiosisEntities())
{
var user = db.users.Where(u => u.userID == WebSecurity.CurrentUserId).FirstOrDefault();
if (user == null)
{
result = false;
}
nbr = user.nbr.HasValue ? Math.Round(user.nbr.Value, 2) : 0;
}
return Json(new { success = result, nbr = result ? nbr : null }, JsonRequestBehavior.AllowGet);
}
// POST: /Account/DeleteItem
// Deactivate an item. Take the GUID of the item as a parameter
public ActionResult DeleteItem(Guid itemId)
{
bool result = true;
using(var db = new CopiosisEntities())
{
var item = db.products.Where(p => p.guid == itemId && p.ownerID == WebSecurity.CurrentUserId && p.deletedDate == null).FirstOrDefault();
if(item == null)
{
result = false;
}
else
{
item.deletedDate = DateTime.Now;
db.SaveChanges();
TempData["itemDeleted"] = item.name;
}
}
if(result)
{
return RedirectToAction("Items");
}
else
{
ModelState.AddModelError("DeletionError", "Unable to delete item");
return View("Items", CurrenUserItems());
}
}
public ActionResult View(string act, TransactionModel model)
{
ACCOUNTERROR.ErrorSubject = "Error while trying to add a transaction";
if (model.transactionID == null)
{
throw new ArgumentNullException("Transaction GUID must be specified");
}
if (!(model.result == "Confirmed" || model.result == "Rejected"))
{
throw new ArgumentNullException("A transaction must be specified as Confirmed or Rejected");
}
using (var db = new CopiosisEntities())
{
// Get transaction data
var transaction = db.transactions.Where(t => t.transactionID == model.transactionID).FirstOrDefault();
// Make sure a transaction was found.
if(transaction == null)
{
throw new ArgumentNullException(string.Format("Transaction with ID does not exist", model.transactionID));
}
/////////////////////////////////////////////////
// Check permissions to update this transaction.
/////////////////////////////////////////////////
bool update = false;
// User is the provider and the transaction is waiting on their confirmation.
if (WebSecurity.CurrentUserId == transaction.providerID && transaction.dateClosed == null)
{
// These are the only things being updated. Anything else sent along in the POST (even if it's in the model)
// will be ignored.
transaction.providerNotes = model.providerNotes;
transaction.dateClosed = DateTime.Now;
transaction.status = model.result;
// Make sure the DB gets updated below
update = true;
}
// User is the receiver and the transaction is waiting on their confirmation.
else if (WebSecurity.CurrentUserId == transaction.receiverID && transaction.dateClosed == null)
{
// Satisfaction must be specified!
if (model.satisfaction == null)
{
this.ModelState.AddModelError("Satisfaction", "Your satisfaction with this transaction must be specified.");
return View(model.transactionID);
}
transaction.receiverNotes = model.receiverNotes;
transaction.satisfaction = (short)model.satisfaction;
transaction.dateClosed = DateTime.Now;
transaction.status = model.result;
// Make sure DB gets updated below.
update = true;
}
if (update)
{
// Only modify NBRs if the transaction was actually confirmed, and not rejected.
if (model.result == "Confirmed")
{
// Deduct product cost (NBR) from receiver.
transaction.receiver.nbr -= transaction.productGateway;
transaction.receiver.nbr += 2;
// Credit provider with NBR. Bind the NBR to the transaction for records purposes.
float providerReward = CalculateNBR((int)transaction.satisfaction, transaction.productID, transaction.providerID);
transaction.provider.nbr += providerReward;
transaction.nbr = providerReward;
}
db.SaveChanges();
}
}
return RedirectToAction("View", new { tranId = model.transactionID });
}
public ActionResult Rejected()
{
RejectedModel model = new RejectedModel();
using (var db = new CopiosisEntities())
{
model.rejected = db.transactions.Where(a => (a.status == "Rejected")).Select(t => new RejectedTransactionModel
{
transactionID = t.transactionID,
dateRejected = t.dateClosed ?? DateTime.MinValue,
producer = db.users.Where(u => u.userID == t.providerID).Select(u => u.username).FirstOrDefault(),
consumer = db.users.Where(u => u.userID == t.receiverID).Select(u => u.username).FirstOrDefault(),
name = t.product.name,
gateway = t.product.gateway
}).OrderByDescending(t => t.dateRejected).ToList();
}
return View(model);
}