public static LPHSUser GetUser(bool fromTicket = true) { try { LPHSUser user = null; if (fromTicket) { user = new LPHSUser { ID = Convert.ToInt32(Security.CurrentIdentity.UserData["ID"]), EmailAddress = Security.CurrentIdentity.UserData["Email"] as string, DisplayName = Security.CurrentIdentity.UserData["DisplayName"] as string, Active = Convert.ToBoolean(Security.CurrentIdentity.UserData["Active"]), SchoolID = Convert.ToInt32(Security.CurrentIdentity.UserData["SchoolID"]), UserType = (LPHSUserTypes)Enum.Parse(typeof(LPHSUserTypes), Security.CurrentIdentity.UserData["UserType"] as string), Name = Security.CurrentIdentity.Name, Sid = Security.CurrentIdentity.SID, SumTotalID = Security.CurrentIdentity.UserData["SumTotalID"] as string }; } else { user = LPHSUser.GetBySid(Security.CurrentIdentity.SID); } if (user.SchoolID == -1) user.SchoolID = null; return user; } catch (Exception) { return new LPHSUser(); } }
public ActionResult Edit(LPHSUser user) { using (new LogScope("/User/Edit")) { try { var u = LPHSUser.Get(user.ID); //var u = LPHSUser.LookupInternal(user.Name); u.DisplayName = user.DisplayName; u.UserType = user.UserType; u.Active = user.Active; u.SchoolID = user.SchoolID; //if (u == null) //{ // ModelState.AddModelError("Name", "Employee not found."); // ViewBag.Schools = LPHSSchool.List(); // return View(user); //} //user.Name = u.Name; //user.DisplayName = u.DisplayName; //user.EmailAddress = u.EmailAddress; //user.Sid = u.Sid; //if (user.UserType == LPHSUserTypes.Admin) // user.SchoolID = null; LPHSUser.Update(u); return RedirectToAction("Index", new { msg = string.Format("Updated user '{0}'.", user.DisplayName) }); } catch (Exception ex) { Log.Write(ex, Log.Mask.Failure); ViewBag.Schools = LPHSSchool.List(); ModelState.AddModelError("", "Unable to update user information."); return View(user); } } }
/// <summary> /// Reads the user. /// </summary> /// <param name="reader">The reader.</param> /// <returns></returns> internal static LPHSUser ReadUser(OracleDataReader reader) { var user = new LPHSUser() { ID = (int)OracleDatabase.GetDecimal(reader, 0, 0), UserType = (LPHSUserTypes)(int)OracleDatabase.GetDecimal(reader, 1, 4), Name = OracleDatabase.GetString(reader, 2, null), DisplayName = OracleDatabase.GetString(reader, 3, null), EmailAddress = OracleDatabase.GetString(reader, 4, null), Active = OracleDatabase.GetBooleanFromString(reader, 5), LastLoggedOn = reader.IsDBNull(6) ? null : new Nullable<DateTime>(reader.GetDateTime(6)), SchoolID = (int?)OracleDatabase.GetDecimalNullable(reader, 7, null), Sid = (string)OracleDatabase.GetString(reader, 8, null) }; if (reader.VisibleFieldCount > 9) user.SumTotalUserName = reader.IsDBNull(9) ? null : reader.GetString(9); if (reader.VisibleFieldCount > 10) user.SumTotalPassword = reader.IsDBNull(10) ? null : reader.GetString(10); if (user.SumTotalPassword != null && user.SumTotalPassword.Length > 10) user.SumTotalPassword = user.SumTotalPassword; //if (user.SumTotalPassword != null) // user.SumTotalPassword = Security.Decrypt(user.SumTotalPassword); if (reader.VisibleFieldCount > 11) user.SumTotalID = reader.IsDBNull(11) ? null : reader.GetString(11); if (!user.SchoolID.HasValue) { user.SchoolID = -1; } //set default school return user; }
public static void Update(LPHSUser user) { const string sql = @"UPDATE LPHSDB.LPHS_USER SET USER_TYPE_ID = :usertype ,USER_NAME = :username ,USER_DISPLAY_NAME = :displayname ,USER_EMAIL_ADDRESS = :emailaddress ,USER_STATUS = :userstatus ,USER_LAST_LOGGED_ON = :lastloggedon ,SCHOOL_ID = :schoolid ,USER_SID = :sid ,SUMTOTAL_USER_NAME = :sumtotalname ,SUMTOTAL_USER_PWD = :sumtotalpwd ,SUMTOTAL_USER_ID = :sumtotalid WHERE USER_ID = :userid "; using (new LogScope("LPHSUser.Update")) { Database.Oracle.Execute("LPHS", (conn) => { using (OracleCommand command = new OracleCommand(sql, conn)) { try { command.BindByName = true; command.Parameters.Add("userid", OracleDbType.Int32).Value = user.ID; command.Parameters.Add("usertype", OracleDbType.Int32).Value = (int)user.UserType; command.Parameters.Add("username", OracleDbType.Varchar2).Value = user.Name; command.Parameters.Add("displayname", OracleDbType.Varchar2).Value = user.DisplayName; command.Parameters.Add("emailaddress", OracleDbType.Varchar2).Value = user.EmailAddress; command.Parameters.Add("userstatus", OracleDbType.Varchar2).Value = OracleDatabase.GetBooleanStringFromBoolean(user.Active); command.Parameters.Add("lastloggedon", OracleDbType.Date).Value = user.LastLoggedOn; command.Parameters.Add("schoolid", OracleDbType.Int32).Value = (user.SchoolID.HasValue && user.SchoolID > 0) ? (object)user.SchoolID.Value : DBNull.Value; command.Parameters.Add("sid", OracleDbType.Varchar2).Value = user.Sid; command.Parameters.Add("sumtotalname", OracleDbType.Varchar2).Value = user.SumTotalUserName; command.Parameters.Add("sumtotalpwd", OracleDbType.Varchar2).Value = user.SumTotalPassword; command.Parameters.Add("sumtotalid", OracleDbType.Varchar2).Value = user.SumTotalID; foreach (OracleParameter p in command.Parameters) if (p.Value == null) p.Value = DBNull.Value; command.ExecuteNonQuery(); } catch (Exception ex) { Log.Write(ex, Log.Mask.Failure); throw; } } }); } }
public static void CreateTeacherWebAuthAccount(LPHSUser user) { using (new LogScope("LPHSUser.CreateTeacherWebAuthAccount")) { try { SouthernIdentity ident = null; if (Authenticator.Login(Settings.Instance.AccountCreationCredentials.Namespace, Settings.Instance.AccountCreationCredentials.UserName, Settings.Instance.AccountCreationCredentials.Password, 7, ref ident) == 0) { var profiles = Util.CreateUsers(ident.SecurityToken, new List<User> { new User { UserId = user.Name, Email = user.Name + "@learningpowerhs.georgiapower.com", FirstName = user.DisplayName, LastName = "LPHS" } }); Profile p = profiles[0]; if (p.Status != Status.Success) throw new Exception("Failed: " + p.Status.ToString() + ": " + p.StatusMessage); else { // var msg = string.Format() // Log.Write("UserID: "+ p.Sid + " password: "******" userid:" + p.UserId, Log.Mask.Diagnostic); user.Sid = p.Sid; user.Password = p.Password; } } else { throw new Exception("Not authorized."); } } catch (Exception ex) { Log.Write(ex, Log.Mask.Failure); throw; } } }
public static void CreateSumTotalAccount(LPHSUser user) { SumTotal.SumTotal.CreateSumTotalAccount(user); }
//public static void DeleteSumTotalAccount(string id) //{ // //user.SumTotalID // SumTotal.SumTotal.DeleteSumTotalAccount(id); //} #endregion #region Create public static LPHSUser Create(LPHSUser user) { const string sql = @"INSERT INTO LPHSDB.LPHS_USER (user_id,USER_TYPE_ID,USER_NAME,USER_DISPLAY_NAME,USER_EMAIL_ADDRESS,USER_STATUS,USER_LAST_LOGGED_ON,SCHOOL_ID,USER_SID) VALUES (LPHSDB.SEQ_USER_ID.NEXTVAL,:usertype,:username,:displayname,:emailaddress,:status,:lastloggedon,:schoolid,:sid) RETURNING user_id INTO :lastID"; using (new LogScope("LPHSUser.Create")) { Database.Oracle.Execute("LPHS", (conn) => { using (OracleCommand command = new OracleCommand(sql, conn)) { try { //:role, :username, :displayname, :email, :status, :schoolid, :sid command.BindByName = true; command.Parameters.Add("usertype", OracleDbType.Int32).Value = (int)user.UserType; command.Parameters.Add("username", OracleDbType.Varchar2).Value = user.Name; command.Parameters.Add("displayname", OracleDbType.Varchar2).Value = user.DisplayName; command.Parameters.Add("emailaddress", OracleDbType.Varchar2).Value = user.EmailAddress; command.Parameters.Add("status", OracleDbType.Varchar2).Value = OracleDatabase.GetBooleanStringFromBoolean(user.Active); command.Parameters.Add("lastloggedon", OracleDbType.Date).Value = user.LastLoggedOn; command.Parameters.Add("schoolid", OracleDbType.Int32).Value = user.SchoolID.HasValue ? (object)user.SchoolID.Value : DBNull.Value; command.Parameters.Add("sid", OracleDbType.Varchar2).Value = user.Sid; command.Parameters.Add("lastId", OracleDbType.Decimal, System.Data.ParameterDirection.Output); foreach (OracleParameter p in command.Parameters) if (p.Value == null) p.Value = DBNull.Value; command.ExecuteNonQuery(); // I really hate doing this... another way? user.ID = Convert.ToInt32(command.Parameters["lastId"].Value.ToString()); } catch (Exception ex) { Log.Write(ex, Log.Mask.Failure); throw; } } }); } return user; }
// public static List<LPHSUser> ListWithUserActivitiesByClass(int classId) // { // const string oracleQuery = @" // select U.USER_ID, U.USER_TYPE_ID, U.USER_NAME, U.USER_DISPLAY_NAME, U.USER_EMAIL_ADDRESS, // U.USER_STATUS, U.USER_LAST_LOGGED_ON, U.SCHOOL_ID, U.USER_SID, U.SUMTOTAL_USER_NAME, U.SUMTOTAL_USER_PWD, // c.class_id, c.class_name, a.activity_id, a.activity_name, uar.activity_status // from lphsdb.CLASS c // JOIN lphsdb.CLASS_STUDENTS cs on c.class_id = cs.class_id // join lphsdb.LPHS_USER u on cs.student_id = u.user_id // LEFT JOIN lphsdb.USER_ACTIVITY_RESULT UAR on u.user_id = uar.user_id // LEFT join lphsdb.activity a on uar.activity_id = a.activity_id // LEFT join lphsdb.module m on a.module_id = m.module_id // where c.class_id = :classId // order by u.user_display_name, m.module_name, a.activity_Name"; // var users = new List<LPHSUser>(); // Database.Oracle.Execute("LPHS", (conn) => // { // using (OracleCommand command = new OracleCommand(oracleQuery, conn)) // { // command.BindByName = true; // command.Parameters.Add("classId", classId); // using (var reader = command.ExecuteReader(System.Data.CommandBehavior.CloseConnection)) // { // LPHSUser lphsUser = null; // while (reader.Read()) // { // int userId = OracleDatabase.GetInt(reader, 0, 0); // // Get this records activity (will be added to the user) // // ToDo: replace 'status' with 'registered' when available // LPHSActivity activity = new LPHSActivity() // { // ID = OracleDatabase.GetInt(reader, 13, 0), // Name = OracleDatabase.GetString(reader, 14, string.Empty), // Registered = OracleDatabase.GetBooleanFromString(reader, 15) // }; // // If first user or user ID does not = previous user id, create new user // if (lphsUser == null || userId != lphsUser.ID) // { // // Add existing user to users list // if (lphsUser != null) users.Add(lphsUser); // // Create new user, read user, module, company info, add activity. // lphsUser = ReadUser(reader); // lphsUser.Class = new LPHSClass() // { // ID = OracleDatabase.GetInt(reader, 11, 0), // Name = OracleDatabase.GetString(reader, 12, string.Empty) // }; // lphsUser.Activities = new List<LPHSActivity>(); // lphsUser.Activities.Add(activity); // } // else // User Id has not changed, only add activity // { // lphsUser.Activities.Add(activity); // } // } // if (lphsUser != null) { users.Add(lphsUser); } // } // } // }); // return users; // } #region Get/Lookup /// <summary> /// Get a specific user with the user id. /// </summary> /// <param name="userId">The user id.</param> /// <returns></returns> public static LPHSUser Get(int userId) { const string sql = @"SELECT U.USER_ID, U.USER_TYPE_ID, U.USER_NAME, U.USER_DISPLAY_NAME, U.USER_EMAIL_ADDRESS, U.USER_STATUS, U.USER_LAST_LOGGED_ON, U.SCHOOL_ID, U.USER_SID, U.SUMTOTAL_USER_NAME, U.SUMTOTAL_USER_PWD, U.SUMTOTAL_USER_ID FROM LPHSDB.LPHS_USER U WHERE (USER_ID = :userid)"; using (new LogScope("LPHSUser.Get")) { try { var user = new LPHSUser(); Database.Oracle.Execute("LPHS", (conn) => { using (OracleCommand command = new OracleCommand(sql, conn)) { command.BindByName = true; command.Parameters.Add("userid", userId); using (var reader = command.ExecuteReader(System.Data.CommandBehavior.CloseConnection)) { if (reader.HasRows) { while (reader.Read()) { user = ReadUser(reader); } } } } }); return user; } catch (Exception ex) { Log.Write(ex, Log.Mask.Failure); return null; } } }
public ActionResult EditStudent(LPHSUser student) { using (new LogScope("/Class/EditStudent[POST]")) { try { // Update Student, changing only the student display name LPHSUser s = LPHSUser.Get(student.ID); s.DisplayName = student.DisplayName; s.Active = student.Active; LPHSUser.Update(s); return RedirectToAction("Index", new { msg = string.Format("Student '{0}' updated.", s.DisplayName) }); } catch (Exception ex) { Log.Write(ex, Log.Mask.Failure); ModelState.AddModelError("", "Unable to update student."); return View(new LPHSUser()); } } }
public ActionResult Create(LPHSUser user) { using (new LogScope("/User/Create[POST]")) { try { var u = LPHSUser.LookupInternal(user.Name); //NRJ: do not remove this important validation!!! if (u == null) { ModelState.AddModelError("Name", "Employee not found."); //ViewBag.Schools = LPHSSchool.List(); return View(user); } else if (LPHSUser.GetBySid(u.Sid) != null) { ModelState.AddModelError("Name", "There is already an account for this employee."); return View(user); } user.Name = u.Name.ToUpper(); user.DisplayName = u.DisplayName; user.EmailAddress = u.EmailAddress; user.Sid = u.Sid; var newuser = LPHSUser.Create(user); newuser.SumTotalUserName = "******" + newuser.ID; newuser.SumTotalPassword = LPHSUser.GeneratePassword(); LPHSUser.CreateSumTotalAccount(newuser); LPHSUser.Update(newuser); return RedirectToAction("Index", new { msg = string.Format("Added user '{0}'.", user.DisplayName) }); } catch (Exception ex) { Log.Write(ex, Log.Mask.Failure); //ViewBag.Schools = LPHSSchool.List(); ModelState.AddModelError("", "Unable to add user."); return View(user); } } }