public IActionResult SignUp(string fullname, string email, string username, string password, string password2, string listRole)
{
List <MRole> lstRole = new List <MRole>();
string errMsg;
MUser objMuser = new MUser()
{
FullName = fullname,
Email = email,
Username = username,
Password = password,
IsActive = true,
IsLocked = false
};
errMsg = ValidateUserData(objMuser, password, listRole, ref lstRole);
if (errMsg == "")
{
MUserVM obju = new MUserVM();
obju.ListRole = new List <TuserRole>();
foreach (var role in lstRole)
{
obju.ListRole.Add(new TuserRole()
{
Username = username,
RoleID = role.RoleID
});
}
obju.objUser = objMuser;
errMsg = acc.Register(obju, password2);
return(Z_Result.SetResult(errMsg));
}
return(Z_Result.SetResult(errMsg));
}
public static bool insert(MUserVM model)
{
bool result = false;
using (AppEntities db = new AppEntities())
{
model.isActive = true;
m_user data = new m_user()
{
m_employee_id = model.mEmployeeId,
m_role_id = model.mRoleId,
username = model.username,
password = model.password,
created_by = model.createdBy,
created_date = DateTime.Now,
is_active = model.isActive
};
db.m_user.Add(data);
try
{
db.SaveChanges();
result = true;
}
catch (Exception)
{
throw;
}
}
return(result);
}
public JsonResult Delete(int id = 0)
{
UserInfoModel userInfo = (UserInfoModel)GeneralFunctions.GetSession(Configs.session);
MUserVM user = new MUserVM();
user.UserID = id;
user.UserCreated = userInfo.UserName;
user.UserModified = userInfo.UserName;
ResultStatusModel result = new ResultStatusModel();
ModelState.Clear();
try
{
string id_out = "";
result = uow.UserRepository.CUD_User(user, "d", out id_out);
if (!result.issuccess)
{
ModelState.AddModelError("Failed", result.msg);
}
}
catch (Exception e)
{
ModelState.AddModelError("Failed", e.Message);
}
List <string> Error = (from m in ModelState
where m.Value.Errors.Any()
select m.Value.Errors[0].ErrorMessage).ToList();
return(Json(new { Error = Error, data = id }, JsonRequestBehavior.DenyGet));
}
public static bool update(MUserVM model)
{
bool result = false;
using (AppEntities db = new AppEntities())
{
var data = db.m_user.Find(model.id);
data.id = model.id;
data.m_employee_id = model.mEmployeeId;
data.m_role_id = model.mRoleId;
data.username = model.username;
data.password = model.password;
data.updated_by = model.updatedBy;
data.updated_date = DateTime.Now;
data.is_active = true;
try
{
db.SaveChanges();
result = true;
}
catch (Exception)
{
throw;
}
}
return(result);
}
public IActionResult Authenticate(string username, string password)
{
string errMsg;
int? sessioninputTimes = HttpContext.Session.GetInt32(Helpers.SessionKeyUser.KeyOfInputPass);
if (sessioninputTimes == null)
{
errMsg = string.IsNullOrEmpty(username) || string.IsNullOrEmpty(password) ? "Username or Password can't be empty" : "";
HttpContext.Session.SetInt32(Helpers.SessionKeyUser.KeyOfInputPass, 1);
}
else
{
int?locked = HttpContext.Session.GetInt32(Helpers.SessionKeyUser.KeyOfLockedUser);
if (locked == 1)
{
errMsg = "account is locked";
}
else if (sessioninputTimes >= 5)
{
if (locked != 1)
{
HttpContext.Session.SetInt32(Helpers.SessionKeyUser.KeyOfLockedUser, 1);
}
errMsg = "incorrect username or pass 5 times";
}
else
{
errMsg = string.IsNullOrEmpty(username) || string.IsNullOrEmpty(password) ? "Username or Password can't be empty" : "";
HttpContext.Session.SetInt32(Helpers.SessionKeyUser.KeyOfInputPass, (int)sessioninputTimes + 1);
}
}
if (errMsg == "")
{
MUserVM obj = acc.Login(username, password, out errMsg);
if (errMsg == "")
{
HttpContext.Session.SetInt32(Helpers.SessionKeyUser.KeyOfInputPass, 0);
MUser result = obj.objUser;
UserSessionModel userSessionModel = new UserSessionModel();
userSessionModel.username = result.Username;
userSessionModel.roleid = obj.ListRole;
userSessionModel.fullname = result.FullName;
HttpContext.Session.SetString(Helpers.SessionKeyUser.Key, JsonConvert.SerializeObject(userSessionModel));
HttpContext.Session.SetInt32(Helpers.SessionKeyUser.KeyOfInputPass, 0);
}
}
return(Z_Result.SetResult(errMsg));
}
public ActionResult Delete(MUserVM model)
{
if (MUserRepo.delete(model.id))
{
var result = new
{
success = true,
message = "Data Deleted! Data User with Username" + model.username + " has been deleted!",
vclass = "alert alert-info"
};
return(Json(result, JsonRequestBehavior.AllowGet));
}
return(PartialView("_Delete", model));
}
private string AddOrUpdateUser(bool isUpdate, MUserVM objMuservm, string ConfirmationPassword = "")
{
MUserRPO muserRPO = new MUserRPO(imap_);
MUser objMuser = objMuservm.objUser;
string message = "";
bool validPass =
objMuser.Password.Any(c => char.IsLetter(c)) &&
objMuser.Password.Any(c => char.IsDigit(c));
message = validPass ? "" : "Password must contain at least one letter and one numeric digit";
validPass = objMuser.Password == ConfirmationPassword;
message = validPass ? "" : "Password didn't match";
if (validPass)
{
objMuser.Password = Helpers.Crypto.EncryptPassword(objMuser.Password);
if (objMuser.Password == "")
{
//todo log
return("Error Encrypt");
}
muserRPO.BeginTrans();
if (isUpdate)
{
muserRPO.Conditions(nameof(objMuser.IsActive), Operator.Equals("true"));
muserRPO.Update(objMuser, ref exec);
AddUpdateUserRole(isUpdate, objMuservm, muserRPO.ObjConn, ref exec);
}
else
{
muserRPO.Conditions(nameof(objMuser.Username), Operator.Equals(objMuser.Username));
if (muserRPO.ReadList(ref exec))
{
if (muserRPO.Result.AffectedRow > 0)
{
message = "username already Exist!";
}
else
{
muserRPO.Insert(objMuser, ref exec);
AddUpdateUserRole(isUpdate, objMuservm, muserRPO.ObjConn, ref exec);
}
}
}
message = exec.Message;
muserRPO.EndTrans(exec);
}
return(message);
}
public MUserVM Login(string username, string password, out string message)
{
string encodedPassFromDB;
bool matchPass = false;
MUser objRetUser = new MUser();
MUserVM objUser = new MUserVM();
MUserRPO muserRPO = new MUserRPO(imap_);
Conditions cnd = new Conditions();
cnd.AddFilter(nameof(MUser.Username), Operator.Equals(username));
cnd.AddFilter(nameof(MUser.IsActive), Operator.Equals(1));
cnd.AddFilter(nameof(MUser.IsLocked), Operator.Equals(0));
muserRPO.Conditions(cnd);
//muserRPO.Where(nameof(MUser.IsActive)).Equals(1);
//muserRPO.Where(nameof(MUser.IsLocked)).Equals(0);
if (muserRPO.ReadOne(ref exec) && muserRPO.Result.AffectedRow > 0)
{
encodedPassFromDB = muserRPO.Result.Row.Password;
matchPass = Helpers.Crypto.ValidateKey(password, encodedPassFromDB);
objRetUser = matchPass ? muserRPO.Result.Row : null;
if (matchPass)
{
objUser.objUser = objRetUser;
objUser.ListRole = new List <TuserRole>();
TUserRoleRPO objUrole = new TUserRoleRPO(imap_);
objUrole.Conditions(nameof(TuserRole.Username), Operator.Equals(objRetUser.Username));
//objUrole.Where(nameof(TUserRole.Username)).Equals(objRetUser.Username);
if (objUrole.ReadList(ref exec))
{
objUser.ListRole = objUrole.Result.Collection;
}
message = exec.Message;
}
else
{
message = "Incorrect Username or Password";
}
}
else
{
message = exec.Message;
}
return(objUser);
}
public ActionResult Add(MUserVM model)
{
if (ModelState.IsValid && MUserRepo.insert(model))
{
var result = new
{
success = true,
message = "Data Saved! New User has been add with username " + model.username,
vclass = "alert alert-info"
};
return(Json(result, JsonRequestBehavior.AllowGet));
}
ViewBag.Title = "Add User";
ViewBag.ListRole = new SelectList(MRoleRepo.get(), "id", "name");
ViewBag.ListEmployee = new SelectList(MEmployeeRepo.getDataNonUser(), "id", "FullName");
return(PartialView("_Add", model));
}
public ActionResult Edit(MUserVM model)
{
var data = MUserRepo.getById(model.id);
if (ModelState.IsValid && MUserRepo.update(model))
{
var result = new
{
success = true,
message = "Data Updated! Data User has been updated !",
vclass = "alert alert-info"
};
return(Json(result, JsonRequestBehavior.AllowGet));
}
ViewBag.Title = "Edit User - " + data.firtsName + " " + data.lastName + "(" + data.username + ")";
ViewBag.ListRole = new SelectList(MRoleRepo.get(), "id", "name");
ViewBag.ListEmployee = new SelectList(MEmployeeRepo.getDataNonUser(), "id", "FullName");
return(PartialView("_Edit", model));
}
private void AddUpdateUserRole(bool isUpdate, MUserVM objMuser, ObjectConnection objc, ref ExecResult exec)
{
TUserRoleRPO trpo = new TUserRoleRPO(imap_);
trpo.SetObjConn(objc);
if (isUpdate)
{
trpo.Conditions(nameof(TuserRole.Username), Operator.Equals(objMuser.objUser.Username));
trpo.Delete(ref exec);
//trpo.Where(nameof(TUserRole.Username)).Equals(objMuser.objUser.Username);
//trpo.Delete(null,ref exec);
}
foreach (var obj in objMuser.ListRole)
{
if (!exec.Success)
{
break;
}
trpo.Insert(obj, ref exec);
}
}
public static MUserVM getById(int id)
{
var data = new MUserVM();
using (AppEntity db = new AppEntity())
{
data = db.m_user.Select(x => new MUserVM()
{
id = x.id,
username = x.username,
password = x.password,
mRoleId = x.m_role_id,
mEmployeeId = x.m_employee_id,
nameRole = x.m_role.name,
firtsName = x.m_employee.first_name,
lastName = x.m_employee.last_name
})
.Where(x => x.id == id)
.FirstOrDefault();
}
return(data);
}
public ResultStatusModel CUD_User(MUserVM item, string mode, out string ID)
{
SqlParameter id_out = new SqlParameter("id_out", 0)
{
Direction = ParameterDirection.Output
};
SqlParameter[] sqlParams =
{
new SqlParameter("UserID", SqlDbType.Int)
{
Value = item.UserID
},
new SqlParameter("OfficialName", string.IsNullOrEmpty(item.OfficialName) ? (object)DBNull.Value : item.OfficialName),
new SqlParameter("UserName", string.IsNullOrEmpty(item.UserName) ? (object)DBNull.Value : item.UserName),
new SqlParameter("Password", string.IsNullOrEmpty(item.Password) ? (object)DBNull.Value : item.Password),
new SqlParameter("Nik", string.IsNullOrEmpty(item.Nik) ? (object)DBNull.Value : item.Nik),
new SqlParameter("Email", string.IsNullOrEmpty(item.Email) ? (object)DBNull.Value : item.Email),
new SqlParameter("IsDeleted", item.IsDeleted),
new SqlParameter("UserCreated", string.IsNullOrEmpty(item.UserCreated) ? (object)DBNull.Value : item.UserCreated),
new SqlParameter("UserModified", string.IsNullOrEmpty(item.UserModified) ? (object)DBNull.Value : item.UserModified),
new SqlParameter("DateCreated", item.DateCreated == null ? (object)DBNull.Value : item.DateCreated),
new SqlParameter("DateModified", item.DateModified == null ? (object)DBNull.Value : item.DateModified),
new SqlParameter("GroupUserID", item.GroupUserID == null ? (object)DBNull.Value : item.GroupUserID),
new SqlParameter("Mode", mode),
id_out
};
List <ResultStatusModel> result =
Db.Database.SqlQuery <ResultStatusModel>(
"exec sp_CUD_MUser " +
"@UserID, @OfficialName, @UserName, @Password, @Nik, @Email, @IsDeleted" +
", @UserCreated, @UserModified, @DateCreated, @DateModified, @GroupUserID, @Mode, @id_out output"
, sqlParams).ToList();
ID = id_out.Value.ToString();
return(result.FirstOrDefault());
}
public string ResetPassword(string newPass, string newPassAuth, string token)
{
MUserVM objMuser = new MUserVM();
if (string.IsNullOrEmpty(newPass) || string.IsNullOrEmpty(newPassAuth))
{
return("new password or old password can't be empty.");
}
else
{
bool isValidRequest = false;
string encryptedToken = Helpers.Crypto.DecryptStringAES(token);
try
{
ResetPassParam dic = JsonConvert.DeserializeObject <ResetPassParam>(encryptedToken);
objMuser.objUser.Password = newPass;
objMuser.objUser.Username = dic.Email;
isValidRequest = DateTime.Now <= dic.CreatedDate.AddMinutes(5);
}
catch
{
//TODO Log error
return("invalid Token Request");
}
if (isValidRequest)
{
return(AddOrUpdateUser(true, objMuser));
}
else
{
return("invalid Token Request");
}
}
}
public string UpdateUserInfo(MUserVM objMuser, string ConfirmationPassword)
{
//todo check user session
return(AddOrUpdateUser(true, objMuser, ConfirmationPassword));
}
public async Task <JsonResult> Manage(UserModel item)
{
UserInfoModel userInfo = (UserInfoModel)GeneralFunctions.GetSession(Configs.session);
ResultStatusModel result = new ResultStatusModel();
item.UserCreated = userInfo.UserName;
item.UserModified = userInfo.UserName;
if (item.UserID == 0 && string.IsNullOrEmpty(item.Password))
{
ModelState.AddModelError("Password", "Password wajib diisi!");
}
//try
//{
// using (HttpClient client = new HttpClient())
// {
// client.BaseAddress = new Uri("http://10.126.20.22/ws_NIKSAP/Service1.asmx/");
// HttpResponseMessage response = new HttpResponseMessage();
// response = await client.GetAsync("GetNIKSAP?employee_code=" + item.Nik + "&userparam=sap&passparam=JOYketC0rdA/F4MBzx5BEA==");
// var data = await response.Content.ReadAsStringAsync();
// XElement convertXml = XElement.Parse(data);
// if (string.IsNullOrEmpty(convertXml.Value))
// {
// ModelState.AddModelError("Nik", "Nik tidak ditemukan!");
// }
// }
//}
//catch (Exception ex)
//{
// ModelState.AddModelError("User", ex.Message);
//}
if (ModelState.IsValid)
{
try
{
MUserVM user = new MUserVM();
user.UserID = item.UserID;
user.Email = item.Email;
user.GroupUserID = item.GroupUserID.ToString();
user.GroupUserName = item.GroupUserName;
user.IsDeleted = false;
user.Nik = item.Nik;
user.OfficialName = item.OfficialName;
user.UserName = item.UserName;
if (item.UserID == 0)
{
user.Password = Helper.Encryption.EncryptRegular(Configs.KeyEncrypt, item.Password);
}
user.UserCreated = userInfo.UserName;
user.UserModified = userInfo.UserName;
string id_out = "";
if (item.UserID == 0)
{
result = uow.UserRepository.CUD_User(user, "c", out id_out);
}
else
{
result = uow.UserRepository.CUD_User(user, "u", out id_out);
}
if (!result.issuccess)
{
ModelState.AddModelError("Failed", result.err_msg);
}
}
catch (Exception e)
{
ModelState.AddModelError("Failed", e.Message);
}
}
List <string> Error = (from m in ModelState
where m.Value.Errors.Any()
select m.Value.Errors[0].ErrorMessage).ToList();
return(Json(new { Error = Error, data = item }, JsonRequestBehavior.DenyGet));
}
public string Register(MUserVM objMuser, string ConfirmationPassword)
{
return(AddOrUpdateUser(false, objMuser, ConfirmationPassword));
}
