public void Test_GetPersonInformation_Found_SiteAdmin() { DBAccessor dba = new DBAccessor(); Person person = dba.GetPersonInformation(TestConstants.GETPERSONINFORMATION_VALIDEMAIL_ADMIN); Assert.AreEqual(TestConstants.GETPERSONINFORMATION_VALIDEMAIL_ADMIN, person.email); Assert.AreEqual(TestConstants.GETPERSONINFORMATION_PASSWORD_ADMIN, person.getUnencryptedPassword()); Assert.AreEqual(TestConstants.GETPERSONINFORMATION_FIRSTNAME_ADMIN, person.firstName); Assert.AreEqual(TestConstants.GETPERSONINFORMATION_LASTNAME_ADMIN, person.lastName); Assert.AreEqual(TestConstants.GETPERSONINFORMATION_USERID_ADMIN, person.ID); Assert.AreEqual(TestConstants.GETPERSONINFORMATION_COACHENABLED_ADMIN, person.permissions.coachEnabled); Assert.AreEqual(TestConstants.GETPERSONINFORMATION_SITEADMIN_ADMIN, person.permissions.siteAdmin); }
public ActionResult AddCoachRequest() { String result = "Coach permission has been requested."; DBAccessor dba = new DBAccessor(); // Add request to the DB string email = User.Identity.Name; Person requestee = dba.GetPersonInformation(email); if (requestee != null) { if (dba.AddNewRequest(requestee.ID, RequestType.COACH_PERMISSION)) { // Send email that a request was added try { // Form an email MailMessage newMessage = new MailMessage(); SmtpClient mailService = new SmtpClient(); //set the addresses newMessage.From = new MailAddress(AppConstants.EMAIL_ADMIN); newMessage.To.Add(AppConstants.EMAIL_ADMIN); //set the content newMessage.Subject = "Coach Permission Requested"; newMessage.Body = requestee.firstName + " " + requestee.lastName + " has requested coach access (email: " + requestee.email + ")."; //send the message mailService.UseDefaultCredentials = false; mailService.DeliveryMethod = SmtpDeliveryMethod.Network; mailService.Host = AppConstants.EMAIL_SMTP_ADDRESS; mailService.Credentials = new NetworkCredential(AppConstants.EMAIL_SMTP_USERNAME, AppConstants.EMAIL_SMTP_PASSWORD); mailService.Send(newMessage); } catch (Exception) { result = "Error notifying the site administrator."; } } else { result = "Couldn't add a request to the database."; } } else { result = "Couldn't find the user in the database."; } return Json( new { message = result }, JsonRequestBehavior.AllowGet ); }
// // GET: /Account/Edit public ActionResult Edit() { String userEmail = User.Identity.Name; DBAccessor dba = new DBAccessor(); Person user = dba.GetPersonInformation(userEmail); EditModel model = new EditModel(); if (user != null) { model.FirstName = user.firstName; model.LastName = user.lastName; model.Email = user.email; model.Birthday = user.birthday; model.Height = Convert.ToInt16(user.height); model.Weight = Convert.ToInt16(user.weight); model.ImageURL = user.imageURL; } else { return RedirectToAction("Index", "Home"); } return View(model); }
/// <summary> /// Sends an invite email to the given email with the given message. /// </summary> /// <param name="inviteEmail">The email of the person to invite.</param> /// <param name="inviteMessage">The message to send with the invitation.</param> /// <returns>Success of the call.</returns> public ActionResult AJAX_InviteUser(string inviteEmail, string inviteMessage, long teamID) { string successMessage = "Message sent to " + inviteEmail; // Make sure the request is authenticated if (Request.IsAuthenticated) { // Make sure the invite email is bound if (inviteEmail != null && !inviteEmail.Equals("")) { // Validate the request DBAccessor dba = new DBAccessor(); Person user = dba.GetPersonInformation(User.Identity.Name); string name = user.firstName + " " + user.lastName; Team team = dba.GetTeamDetails(teamID); if (team.coaches.Contains(user, new PersonComparer())) { try { // Add the invite to the database long inviteID = dba.AddInvite(inviteEmail, user.ID, teamID); // Form an email String body = ""; if (inviteMessage != null && !inviteMessage.Equals("")) { body += "See " + name + "'s message below:\n\n" + inviteMessage + "\n\n"; } body += "To join the " + team.name + " visit http://dugoutdigits.com/Team/Join?id=" + inviteID + "&email=" + inviteEmail + " and follow the instructions."; MailMessage newMessage = new MailMessage(); SmtpClient mailService = new SmtpClient(); //set the addresses newMessage.From = new MailAddress(AppConstants.EMAIL_ADMIN); newMessage.To.Add(inviteEmail); //set the content newMessage.Subject = name + " has invited you to join the " + team.name; newMessage.Body = body; //send the message mailService.UseDefaultCredentials = false; mailService.DeliveryMethod = SmtpDeliveryMethod.Network; mailService.Host = AppConstants.EMAIL_SMTP_ADDRESS; mailService.Credentials = new NetworkCredential(AppConstants.EMAIL_SMTP_USERNAME, AppConstants.EMAIL_SMTP_PASSWORD); mailService.Send(newMessage); } catch (Exception) { successMessage = "Error sending email to " + inviteEmail; } } else { successMessage = "Invalid attempt to invite user."; LogEntry entry = new LogEntry(LogType.INVALID_REQUEST, LogFunction.INVITE_USER, LogAction.NA); entry.User = user; entry.Message = "Attempt to invite "+inviteEmail+" to join "+team.name+" (ID "+team.ID+")."; dba.LogMessage(entry); } } else { successMessage = "Please enter the email of the person you are trying to invite."; } } else { successMessage = "The request was not authenticated."; } // Return the success message of the addition return Json( new { message = successMessage }, JsonRequestBehavior.AllowGet ); }
/// <summary> /// Returns a list of the pending requests associated with the authenticated user. /// </summary> /// <returns>HTML table containing a list of requests.</returns> public ActionResult AJAX_GetRequestTable() { string result = "<p>Could not authenticate the request.</p>\n"; if (Request.IsAuthenticated) { DBAccessor dba = new DBAccessor(); Person person = dba.GetPersonInformation(User.Identity.Name); if (person.permissions.coachEnabled) { result = ""; // Call the database to get pending requests List<Request> requests = dba.GetRequests(User.Identity.Name); // Form an HTML table with the retrieved information if (requests.Any()) { result += "<table>\n"; result += "<tr><th>Request From</th><th>Requests to Join</th><th>Action</th></tr>\n"; foreach (Request request in requests) { string playerName = request.requestee.firstName + " " + request.requestee.lastName; result += "<tr><td>" + playerName + "</td><td>" + request.team.name + "</td>"; result += "<td><img src='./../Content/images/accept.png' height='20' width='20' class='request-action-image' alt='accept' onClick='action_acceptrequest(" + request.ID + ")' />"; result += "<img src='./../Content/images/decline.png' height='20' width='20' class='request-action-image' margin-right='5px' alt='decline' onClick='action_declinerequest(" + request.ID + ")' />"; result += "<div onClick='action_detailsrequest(" + request.ID + ")' class='request-action-text clickable-text'>Details</div></td></tr>"; } result += "</table>\n"; } else { result += "<p>There are no pending requests at this time.</p>\n"; } } else { result = ""; } } return Json( new { message = result }, JsonRequestBehavior.AllowGet ); }
/// <summary> /// Returns an HTML table of the invites that the authenticated user has initiated /// and are still open. /// </summary> /// <returns></returns> public ActionResult AJAX_GetOpenInviteTable() { string result = "<p>Could not authenticate the request.</p>\n"; if (Request.IsAuthenticated) { DBAccessor dba = new DBAccessor(); Person user = dba.GetPersonInformation(User.Identity.Name); if (user.permissions.coachEnabled) { result = ""; // Call the database to get pending requests List<Invitation> invitations = dba.GetMyOpenInvites(User.Identity.Name); // Form an HTML table with the retrieved information if (invitations.Any()) { result += "<table>\n"; result += "<tr><th>Invited</th><th>To Join</th><th>Sent On</th><th>Remove</th></tr>\n"; foreach (Invitation invitation in invitations) { result += "<tr><td>" + invitation.invitee + "</td><td>" + invitation.team.name + "</td><td>" + invitation.timestamp.ToString("m") + "</td>"; result += "<td><div onClick='action_removeinvite(" + invitation.ID + ")' class='request-action-text clickable-text'>Remove</div></td></tr>"; } result += "</table>\n"; } else { result += "<p>You have no open invites at this time.</p>\n"; } } else { result = ""; } } return Json( new { message = result }, JsonRequestBehavior.AllowGet ); }
public ActionResult Join() { if (Request.IsAuthenticated) { string inviteEmail = Request.QueryString["email"]; if (User.Identity.Name == inviteEmail) { try { // Get the user information DBAccessor dba = new DBAccessor(); Person user = dba.GetPersonInformation(User.Identity.Name); ViewBag.FirstName = user.firstName; ViewBag.LastName = user.lastName; ViewBag.ImageURL = user.imageURL; // Perform the addition of the team member long inviteID = Convert.ToInt64(Request.QueryString["id"]); Team team = dba.AcceptInvite(User.Identity.Name, inviteID); ViewBag.TeamName = team.name; } catch { } return View(); } else { return RedirectToAction("Logoff", "Account"); } } else { return RedirectToAction("Logon", "Account"); } }
/// <summary> /// Removes a request entry from the database. /// </summary> /// <param name="requestID">The ID of the request entry to remove.</param> /// <returns>Success message of the request removal.</returns> public ActionResult AJAX_RemoveRequest(long requestID) { // Make sure the user is authenticated string result = "Request not authenticated."; if (Request.IsAuthenticated) { // Get the person id for the user currently logged in DBAccessor dba = new DBAccessor(); Person requestee = dba.GetPersonInformation(User.Identity.Name); // Get the request that's trying to be removed Request request = dba.GetRequest(requestID, RequestType.JOIN_TEAM); if (request.requestee.email == requestee.email || request.team.coaches.Contains(requestee, new PersonComparer())) { // Remove the request to the database result = "Error making the request."; if (dba.RemoveRequest(requestID)) { result = "Request removed."; } } else { result = "Invalid attempt to remove request."; String message = "Attempt to remove request from " + request.requestee.firstName + " " + request.requestee.lastName + " (ID " + request.requestee.ID + ") "; message += "to join " + request.team.name + " (ID " + request.team.ID + ")."; LogEntry entry = new LogEntry(LogType.INVALID_REQUEST, LogFunction.REMOVE_REQUEST_JOIN, LogAction.NA); entry.User = requestee; entry.Message = message; dba.LogMessage(entry); } } // Return the success message of the removal return Json( new { message = result }, JsonRequestBehavior.AllowGet ); }
public ActionResult LogOn(LogOnModel model, string returnUrl) { if (ModelState.IsValid) { // This should be a DB check instead of Membership.ValidateUser DBAccessor dba = new DBAccessor(); LogonResponse result = dba.CheckLoginCredentials(model.Email, model.Password); if (result.success == (int)LogonResults.SUCCESS) { Person user = dba.GetPersonInformation(model.Email); FormsAuthentication.SetAuthCookie(model.Email, model.RememberMe); // Add a name cookie HttpCookie cookie = new HttpCookie(AppConstants.COOKIE_NAME, result.user.firstName + " " + result.user.lastName); cookie.Expires = DateTime.Now.AddDays(1000); this.ControllerContext.HttpContext.Response.Cookies.Add(cookie); // Add a coach permission cookie string permission = "false"; if (user.permissions.coachEnabled) { permission = "true"; } cookie = new HttpCookie(AppConstants.COOKIE_COACH_PERMISSION, permission); cookie.Expires = DateTime.Now.AddDays(1000); this.ControllerContext.HttpContext.Response.Cookies.Add(cookie); if (Url.IsLocalUrl(returnUrl) && returnUrl.Length > 1 && returnUrl.StartsWith("/") && !returnUrl.StartsWith("//") && !returnUrl.StartsWith("/\\")) { return Redirect(returnUrl); } else { return RedirectToAction("Index", "Home"); } } else { ModelState.AddModelError("", result.errorMessage); } } // If we got this far, something failed, redisplay form return View(model); }
// // GET: /Admin/ public ActionResult Index() { if (Request.IsAuthenticated) { DBAccessor dba = new DBAccessor(); Person user = dba.GetPersonInformation(User.Identity.Name); if (user.permissions.siteAdmin) { ViewBag.SiteAdmin = true; return View(); } else { return RedirectToAction("Index", "Home"); } } return RedirectToAction("LogOn", "Account"); }
public void Test_GetPersonInformation_NotFound() { DBAccessor dba = new DBAccessor(); Person person = dba.GetPersonInformation(TestConstants.GETPERSONINFORMATION_INVALIDEMAIL_ADMIN); Assert.AreEqual(null, person); }