public async Task <IActionResult> Create([Bind("Id,Email,InAdminGroup,InSellerGroup")] AuthorizedMember authorizedMember)
{
if (User.Identity.Name != AuthorizeManager.SuperAdmin)
{
return(NotFound());
}
// 檢查這個郵件是否為已註冊的會員
var user = _context.Users.FirstOrDefault(m => m.Email == authorizedMember.Email);
if (user == null)
{
TempData["Exception"] = "此欄位必須是已註冊的會員";
return(View(authorizedMember));
}
if (ModelState.IsValid)
{
_context.Add(authorizedMember);
await _context.SaveChangesAsync();
AuthorizeManager.UpdateAuthority("UpdateHashTableByAuthorizedMember", _context, null, null, authorizedMember);
return(RedirectToAction(nameof(Index)));
}
return(View(authorizedMember));
}
protected void gViewMembers_RowUpdating(object sender, GridViewUpdateEventArgs e)
{
int index = e.RowIndex;
AuthorizedMember member = new AuthorizedMember();
member.Firstname = (gViewMembers.Rows[index].FindControl("txtFirstname") as TextBox).Text;
member.Lastname = (gViewMembers.Rows[index].FindControl("txtLastname") as TextBox).Text;
member.RelationToAccountOwner = (gViewMembers.Rows[index].FindControl("txtRelationToAccountOwner") as TextBox).Text;
member.ModifiedDate = DateTime.Now.ToLocalTime();
member.AccountID = Convert.ToInt32((gViewMembers.Rows[index].FindControl("hdnAccountID") as HiddenField).Value);
member.AuthMemberID = Convert.ToInt32(gViewMembers.DataKeys[index].Value);
member.ModifiedBy = User.Identity.Name.ToString();
AuthorizedMemberManager.Save(member);
gViewMembers.EditIndex = -1;
// reload the data
Account a = new Account();
a.AccountID = member.AccountID;
DisplayAuthorizedMembers(a);
//show the edit and delete column
gViewMembers.Columns[4].Visible = true; //edit
gViewMembers.Columns[5].Visible = true; //delete
//hide the update and cancel column
gViewMembers.Columns[6].Visible = false; //update
gViewMembers.Columns[7].Visible = false; //cancel
}
/// <summary>
/// helper method
/// </summary>
/// <param name="dr"></param>
/// <returns></returns>
private static AuthorizedMember FillDataRecord(IDataRecord dr)
{
AuthorizedMember aMember = new AuthorizedMember();
aMember.AuthMemberID = dr.GetInt32(dr.GetOrdinal("AuthMemberID"));
aMember.Firstname = dr.GetString(dr.GetOrdinal("Firstname"));
aMember.Lastname = dr.GetString(dr.GetOrdinal("Lastname"));
aMember.RelationToAccountOwner = dr.GetString(dr.GetOrdinal("RelationToAccountOwner"));
aMember.AccountID = dr.GetInt32(dr.GetOrdinal("AccountID"));
aMember.CreatedDate = dr.GetDateTime(dr.GetOrdinal("CreatedDate"));
aMember.ModifiedDate = dr.GetDateTime(dr.GetOrdinal("ModifiedDate"));
aMember.CreatedBy = dr.GetString(dr.GetOrdinal("CreatedBy"));
return(aMember);
}
public static int Save(AuthorizedMember aMember)
{
int result;
MyDBConnection myConn = new MyDBConnection();
SqlConnection conn = new SqlConnection();
try
{
conn = myConn.OpenDB();
SqlCommand cmd = new SqlCommand();
cmd.Connection = conn;
cmd.CommandType = CommandType.StoredProcedure;
cmd.CommandText = "dbo.InsertUpdateAuthorizedMember";
if (aMember.AuthMemberID == -1)
{
cmd.Parameters.Add("@AuthMemberID", SqlDbType.Int).Value = DBNull.Value;
}
else
{
cmd.Parameters.Add("@AuthMemberID", SqlDbType.Int).Value = aMember.AuthMemberID;
}
cmd.Parameters.Add("@Firstname", SqlDbType.VarChar).Value = aMember.Firstname;
cmd.Parameters.Add("@Lastname", SqlDbType.VarChar).Value = aMember.Lastname;
cmd.Parameters.Add("@RelationToAccountOwner", SqlDbType.VarChar).Value = aMember.RelationToAccountOwner;
cmd.Parameters.Add("@AccountID", SqlDbType.Int).Value = aMember.AccountID;
cmd.Parameters.Add("@CreatedDate", SqlDbType.DateTime).Value = aMember.CreatedDate;
cmd.Parameters.Add("@ModifiedDate", SqlDbType.DateTime).Value = aMember.ModifiedDate;
cmd.Parameters.Add("@CreatedBy", SqlDbType.VarChar).Value = aMember.CreatedBy;
cmd.Parameters.Add("@ModifiedBy", SqlDbType.VarChar).Value = aMember.ModifiedBy;
DbParameter returnValue = cmd.CreateParameter();
returnValue.Direction = ParameterDirection.ReturnValue;
cmd.Parameters.Add(returnValue);
cmd.ExecuteNonQuery();
result = Convert.ToInt32(returnValue.Value);
}
finally
{
myConn.CloseDB(conn);
}
return(result);
}
protected void lnkAddAuthMember_OnCommand(object sender, CommandEventArgs e)
{
AuthorizedMember aMember = new AuthorizedMember();
aMember.AccountID = _accountID;
aMember.Firstname = (fviewAuthorizedMember.FindControl("txtFname") as TextBox).Text.Trim();
aMember.Lastname = (fviewAuthorizedMember.FindControl("txtLname") as TextBox).Text.Trim();
aMember.RelationToAccountOwner = (fviewAuthorizedMember.FindControl("txtRelation") as TextBox).Text.Trim();
aMember.CreatedBy = User.Identity.Name.ToString();
//save
AuthorizedMemberManager.Save(aMember);
//clear the fields
(fviewAuthorizedMember.FindControl("txtLname") as TextBox).Text = "";
(fviewAuthorizedMember.FindControl("txtFname") as TextBox).Text = "";
(fviewAuthorizedMember.FindControl("txtRelation") as TextBox).Text = "";
//display in gridview
gViewMembers.DataSource = AuthorizedMemberManager.GetListByAccountID(_accountID);
gViewMembers.DataBind();
}
public static AuthorizedMember GetMemberByMemberID(int memberID)
{
AuthorizedMember authorizedMember = new AuthorizedMember();
MyDBConnection myConn = new MyDBConnection();
SqlConnection conn = new SqlConnection();
SqlDataReader dr;
SqlCommand cmd = null;
string sql = "Select * from AquaOne.dbo.Account where AuthMemberID = @AuthMemberID";
// Open the connection
conn = myConn.OpenDB();
cmd = new SqlCommand(sql, conn);
cmd.Parameters.Add("@AuthMemberID", SqlDbType.Int).Value = memberID;
dr = cmd.ExecuteReader();
if (dr.Read())
{
authorizedMember = FillDataRecord(dr);
}
cmd.Dispose();
//close the connection
myConn.CloseDB(conn);
return(authorizedMember);
}
public async Task <IActionResult> Edit(int id, [Bind("Id,Email,InAdminGroup,InSellerGroup")] AuthorizedMember authorizedMember)
{
if (User.Identity.Name != AuthorizeManager.SuperAdmin)
{
return(NotFound());
}
// 令超級管理員無法被編輯
if (authorizedMember.Email == AuthorizeManager.SuperAdmin)
{
return(NotFound());
}
if (id != authorizedMember.Id)
{
return(NotFound());
}
if (ModelState.IsValid)
{
try
{
_context.Update(authorizedMember);
await _context.SaveChangesAsync();
AuthorizeManager.UpdateAuthority("UpdateHashTableByAuthorizedMember", _context, null, null, authorizedMember);
return(RedirectToAction(nameof(Index)));
}
catch (DbUpdateConcurrencyException e)
{
_logger.LogError(e.ToString());
return(RedirectToAction(nameof(Index)));
}
}
return(View(authorizedMember));
}
public static int Save(AuthorizedMember authorizedMember)
{
return(AuthorizedMemberDB.Save(authorizedMember));//AccountDB.Save(account);
}
