public async Task <IActionResult> EditPermission(Models.Permission model)
{
string json = await PutAsync(model, _urlSettings.Permission.EditPermission);
Response.StatusCode = JsonConvert.DeserializeObject <ResultModel>(json).Status;
return(Content(json, "application/json", Encoding.UTF8));
}
public JsonResult GetTicket(int id)
{
using (var context = new Data.ApplicationDbContext()) {
String authUserId = User.GetClaim(OpenIdConnectConstants.Claims.Subject);
Models.User authUser = context.Users.AsNoTracking().FirstOrDefault(u => u.Id.ToString().Equals(authUserId));
if (authUser == null)
{
return(Json(new { status_code = 2, status = "User '" + authUserId + "' does not exist" }));
}
Models.Ticket ticket = context.Tickets.AsNoTracking().FirstOrDefault(t => t.Id == id);
if (ticket == null)
{
return(Json(new { status_code = 2, status = "Ticket '" + id + "' does not exist" }));
}
if (authUser.Level >= 4)
{
return(Json(new { status_code = 0, ticket }));
}
else
{
Models.Permission permission = context.Permissions.AsNoTracking().FirstOrDefault(p => p.UserId == authUser.Id && p.SiteId == id);
if (permission == null || permission.Access == 0)
{
return(Json(new { status_code = 1, status = "User does not have permission to view this ticket" }));
}
return(Json(new { status_code = 0, ticket }));
}
}
}
/// <summary>Sets a user's permission to view a site</summary>
/// <param name="userId">The user to give/take permission from</param>
/// <param name="siteId">The site to give/take permission from</param>
/// <param name="hasAccess">Sets whether user has access to site or not</param>
/// <returns>Json object with <code>status_code</code> of event (0 = success)</returns>
private JsonResult SetPermission(int userId, int siteId, int?access)
{
using (var context = new Data.ApplicationDbContext()) {
Models.User user = context.Users.AsNoTracking().FirstOrDefault(u => u.Id == userId);
if (user == null)
{
return(Json(new { status_code = 2, status = "Cannot create permission for user '" + userId + "'; user doesn't exist" }));
}
Models.Permission permission = context.Permissions.FirstOrDefault(p => p.UserId == userId && p.SiteId == siteId);
if (permission != null && (access.HasValue && access.Value == 0))
{
context.Permissions.Remove(permission);
}
else if (permission == null && (access.HasValue && access.Value == 1))
{
permission = new Models.Permission {
UserId = userId,
SiteId = siteId,
Access = 1,
};
context.Permissions.Add(permission);
}
context.SaveChanges();
return(Json(new { status_code = 0, permission }));
}
}
public JsonResult GetSite(int siteId)
{
using (var context = new Data.ApplicationDbContext()) {
String authUserId = User.GetClaim(OpenIdConnectConstants.Claims.Subject);
Models.User authUser = context.Users.AsNoTracking().FirstOrDefault(u => u.Id.ToString().Equals(authUserId));
if (authUser == null)
{
return(Json(new { status_code = 2, status = "User '" + authUserId + "' does not exist" }));
}
if (Helpers.PermissionChecker.IsTechOrAdmin(authUser) || Helpers.PermissionChecker.IsBillingDepartment(authUser))
{
return(SiteInfo(siteId));
}
else
{
Models.Permission permission = context.Permissions.AsNoTracking().FirstOrDefault(p => p.UserId == authUser.Id && p.SiteId == siteId);
if (permission != null)
{
return(SiteInfo(siteId));
}
return(Json(new { status_code = 1, status = "User does not have permission to view site '" + siteId + "'" }));
}
}
}
public async Task <IActionResult> EditPermission(long id)
{
ResultModel model = await GetAsync <ResultModel>("?id=" + id, _urlSettings.Permission.GetPermissionById);
if (model.Status != 200)
{
return(Redirect("/Home/ErrorView"));
}
Models.Permission permission = JsonConvert.DeserializeObject <Models.Permission>(model.Data.ToString());
return(View(permission));
}
public JsonResult Update([FromBody] Models.Site site)
{
using (var context = new Data.ApplicationDbContext()) {
String authUserId = User.GetClaim(OpenIdConnectConstants.Claims.Subject);
Models.User authUser = context.Users.AsNoTracking().FirstOrDefault(u => u.Id.ToString().Equals(authUserId));
if (authUser == null)
{
return(Json(new { status_code = 2, status = "User '" + authUserId + "' does not exist" }));
}
if (!Helpers.PermissionChecker.CanModifySite(authUser) && authUser.Id != site.SiteDistributor)
{
return(Json(new { status_code = 1, status = "User '" + authUser.UserName + "' does not have permission to edit site" }));
}
Models.Permission permission = context.Permissions.AsNoTracking().FirstOrDefault(p => p.UserId == authUser.Id && p.SiteId == site.SiteId);
if (permission != null || Helpers.PermissionChecker.CanModifySite(authUser))
{
Models.Site dbSite = context.Sites.FirstOrDefault(s => s.SiteId == site.SiteId);
if (dbSite == null)
{
return(Json(new { status_code = 2, status = "Site '" + site.SiteId + "' does not exist" }));
}
List <Models.Log.Variance> variances = dbSite.Compare(site);
if (variances.Count == 0)
{
return(Json(new { status_code = 0, status = "No changes made (given object same as database row)" }));
}
dbSite.Copy(site, true);
String changes = "";
foreach (Models.Log.Variance var in variances)
{
changes += "[(" + var.Property + "=" + (var.New != null ? var.New.ToString() : "null") + ")]";
if (var.Property.Equals("SiteEnabled"))
{
dbSite.Comment = authUser.UserName + " " + ((bool)var.New ? "enabled" : "disabled") + " site last at " + DateTime.UtcNow.ToString("M/dd h:mm tt");
}
}
context.SaveChanges();
Helpers.LogHelper.LogAction(Models.Log.ActionType.ModifySite, authUser.Id, dbSite.SiteId,
String.Format("{0} (id: {1}) modified site '{2}' (site number: {3})", authUser.UserName, authUser.Id, dbSite.SiteName, dbSite.SiteNumber), changes);
return(Json(new { status_code = 0, site = dbSite }));
}
return(Json(new { status_code = 1, status = "User does not have permission to update site '" + site.SiteId + "'" }));
}
}
public async Task <IActionResult> OnGetAsync(int id)
{
Permission = await _context.Permision
.Include(x => x.PermissionType)
.FirstOrDefaultAsync(x => x.Id == id);
if (Permission is null)
{
return(NotFound());
}
return(Page());
}
public JsonResult LopHoc(Guid?id_lop)
{
string r = "";
IEnumerable <CoursesJournalObjects> data;
if (id_lop.HasValue)
{
data = new CoursesJournalBCL().GetJoin().Where(q => q.CoursesJoin.CoId == id_lop.Value).OrderByDescending(m => m.DayOf.Value);
}
else
{
data = new CoursesJournalBCL().GetJoin().OrderByDescending(m => m.DayOf.Value);
}
var per = new Models.Permission();
foreach (var item in data)
{
r += string.Format(@"
<tr>
<td>
{2}
</td>
<td>
{0} - {1}
</td>
<td>
{3}
</td>
<td>
{4}
</td>
<td>
{5}
{6}
{7}
</td>
</tr>
", item.CoursesJoin.CourseId
, item.CoursesJoin.CourseName
, item.DayOf.Value.ToString("dd/MM/YYYY")
, item.Contents
, item.Description
, per.IsAllow(eAction.Search, eFea.QLCTHV) ? "<a href='" + @Url.Action("Index", "CoursesStudentDetailt", new { ID = item.CJId }) + "' class='btn btn-info'>DSHV Vắng</a>" : ""
, per.IsAllow(eAction.Edit, eFea.QLNKGD) ? "<a href=" + Url.Action("Edit", "CoursesJournal", new { ID = item.CJId }) + " class='btn btn-default'>Sửa</a>" : ""
, per.IsAllow(eAction.Delete, eFea.QLNKGD) ? "<span class='btn btn-warning btn-delete' data-value='" + item.CJId + "'>Xóa</span>" : ""
);
}
r += @"<div class='modal fade' id='myModal' role='dialog'>
<div class='modal-dialog'>
<!-- Modal content-->
<div class='modal-content'>
<div class='modal-header'>
<button type='button' class='close' data-dismiss='modal'>×</button>
<h4 class='modal-title'><i class='fa fa-warning'>Chú ý</i></h4>
</div>
<div class='modal-body'>
<div class='modal-body-contents'>
</div>
</div>
<div class='modal-footer'>
<button type='button' class='btn btn-warning btn-ajax'>Xác nhận</button>
<button type='button' class='btn btn-default' data-dismiss='modal'>Hủy</button>
</div>
</div>
</div>
</div>
<script>
$('.btn-delete').click(function () {
if(confirm('Bạn có chắc chắn xóa?')!=true) return;
let elementDelete = $(this);
myAjax('Delete', { ID: $('this'.data('value')) }, function (d, xhr, r) {
if(d){
if (elementDelete) {
$(elementDelete).parents('tr').first().hide();
elementDelete = undefined;
}
else{
alert('Xảy ra lỗi, Trang sẽ được tải lại')
}
}else{
alert('Xóa thất bại');
}
}, function (d) {
alert('Xảy ra lỗi, Trang sẽ được tải lại')
window.location.reload();
}, function (d) {
});
});
</script>";
return(Json(r));
}
/// <summary>
/// Gets a list of tickets. The list generated depends on the status given.
///
/// 0 = All tickets
/// 1 = All open tickets
/// 2 = All tickets for a given site
/// </summary>
/// <param name="status">The status code to determine which list of tickets are returned</param>
/// <param name="id">(Only needed for status = 2)The site to get all tickets from</param>
/// <returns>A list of tickets</returns>
private JsonResult GetAllTickets(int status, int id, Models.User authUser)
{
using (var context = new Data.ApplicationDbContext()) {
if (status == 0)
{
// Get ALL tickets
// Get list of sites user has permission to view, then return list of tickets from those sites
List <object> report = new List <object>();
#if LOCAL
using (MySqlConnection conn = new MySqlConnection(Startup.Configuration.GetConnectionString("LocalDatabase"))) {
#else
using (MySqlConnection conn = new MySqlConnection(Startup.Configuration.GetConnectionString("Database"))) {
#endif
conn.Open();
string command = (authUser.Level >= 4 ?
"SELECT * FROM `tickets` as t " +
"JOIN(SELECT user_id as u_user_id, user_name as u_user_name, contact_fname as u_contact_fname, contact_lname as u_contact_lname FROM `user`) as u " +
"ON u_user_id = t.created_by " +
"LEFT JOIN(SELECT user_id as a_user_id, user_name as a_user_name, contact_fname as a_contact_fname, contact_lname as a_contact_lname FROM `user`) as a " +
"ON a_user_id = t.assigned_to " +
"JOIN(SELECT site_name, site_id FROM `sites`) as s " +
"ON t.site_id = s.site_id;"
:
String.Format(
"SELECT * FROM `tickets` as t " +
"JOIN " +
" (SELECT " +
" user_id as u_user_id, user_name as u_user_name, contact_fname as u_contact_fname, contact_lname as u_contact_lname "+
" FROM `user`) as u " +
"ON u_user_id = t.created_by " +
"LEFT JOIN " +
" (SELECT " +
" user_id as a_user_id, user_name as a_user_name, contact_fname as a_contact_fname, contact_lname as a_contact_lname "+
" FROM `user`) as a " +
"ON a_user_id = t.assigned_to " +
"JOIN " +
" (SELECT " +
" s.site_id, s.site_name "+
" FROM `sites` as s " +
" JOIN " +
" (SELECT * FROM `permission` "+
" WHERE `user_id` = {0}) as p "+
" ON s.site_id = p.site_id) as sp " +
"ON sp.site_id = t.site_id;", authUser.Id));
MySqlCommand ticketCmd = new MySqlCommand(command, conn);
using (var reader = ticketCmd.ExecuteReader())
while (reader.Read())
{
Models.Ticket.PriortiyLevel priority;
Models.Ticket.TicketStatus tStatus;
Models.Ticket.TicketCategory tCategory;
int ticketId, ticketSiteId;
string ticketSubject, ticketComments;
ticketId = DBNull.Value.Equals(reader["id"]) ? -1 : Convert.ToInt32(reader["id"]);
ticketSiteId = DBNull.Value.Equals(reader["site_id"]) ? -1 : Convert.ToInt32(reader["site_id"]);
ticketSubject = DBNull.Value.Equals(reader["subject"]) ? "" : Convert.ToString(reader["subject"]);
ticketComments = DBNull.Value.Equals(reader["comments"]) ? "" : Convert.ToString(reader["comments"]);
// Something is wrong with this ticket, so ignore it & don't add it to list
if (ticketId == -1 || ticketSiteId == -1 || ticketSubject.Length == 0 || ticketComments.Length == 0)
{
continue;
}
if (!DBNull.Value.Equals(reader["priority"]) && Convert.ToInt32(reader["priority"]) >= 0 && Convert.ToInt32(reader["priority"]) <= 3)
{
priority = (Models.Ticket.PriortiyLevel)Convert.ToInt32(reader["priority"]);
}
else
{
priority = Models.Ticket.PriortiyLevel.LOW;
}
if (!DBNull.Value.Equals(reader["status"]) && Convert.ToInt32(reader["status"]) >= 0 && Convert.ToInt32(reader["status"]) <= 4)
{
tStatus = (Models.Ticket.TicketStatus)Convert.ToInt32(reader["status"]);
}
else
{
tStatus = Models.Ticket.TicketStatus.NEW;
}
if (!DBNull.Value.Equals(reader["category"]) && Convert.ToInt32(reader["category"]) >= 0 && Convert.ToInt32(reader["category"]) <= 6)
{
tCategory = (Models.Ticket.TicketCategory)Convert.ToInt32(reader["category"]);
}
else
{
tCategory = Models.Ticket.TicketCategory.SOFTWARE;
}
var ticket = new {
Id = ticketId,
SiteId = ticketSiteId,
Subject = ticketSubject,
Comments = ticketComments,
Priority = (int)priority,
PriorityName = priority.ToString(),
Status = (int)tStatus,
StatusName = tStatus.ToString(),
Category = (int)tCategory,
CategoryName = tCategory.ToString().Replace('_', ' '),
SiteName = DBNull.Value.Equals(reader["site_name"]) ? "" : Convert.ToString(reader["site_name"]),
AssignedTo = DBNull.Value.Equals(reader["assigned_to"]) ? -1 : Convert.ToInt32(reader["assigned_to"]),
CreatedBy = DBNull.Value.Equals(reader["created_by"]) ? -1 : Convert.ToInt32(reader["created_by"]),
CreatedDate = DBNull.Value.Equals(reader["created_date"]) ? new DateTime(2000, 1, 1) : Convert.ToDateTime(reader["created_date"]),
Creator = new {
UserName = DBNull.Value.Equals(reader["u_user_name"]) ? "" : Convert.ToString(reader["u_user_name"]),
FName = DBNull.Value.Equals(reader["u_contact_fname"]) ? "" : Convert.ToString(reader["u_contact_fname"]),
LName = DBNull.Value.Equals(reader["u_contact_lname"]) ? "" : Convert.ToString(reader["u_contact_lname"])
},
Assignee = new {
UserName = DBNull.Value.Equals(reader["a_user_name"]) ? "" : Convert.ToString(reader["a_user_name"]),
FName = DBNull.Value.Equals(reader["a_contact_fname"]) ? "" : Convert.ToString(reader["a_contact_fname"]),
LName = DBNull.Value.Equals(reader["a_contact_lname"]) ? "" : Convert.ToString(reader["a_contact_lname"])
},
DueDate = DBNull.Value.Equals(reader["due_date"]) ? new DateTime(2000, 1, 1) : Convert.ToDateTime(reader["due_date"]),
LastUpdated = DBNull.Value.Equals(reader["last_updated"]) ? new DateTime(2000, 1, 1) : Convert.ToDateTime(reader["last_updated"])
};
report.Add(ticket);
}
return(Json(new { status_code = 0, report }));
}
}
else if (status == 1)
{
// Get all open tickets
if (authUser.Level >= 4)
{
return(Json(new { status_code = 0, report = context.Tickets.AsNoTracking().Where(t => t.Status != Models.Ticket.TicketStatus.CLOSED).ToList() }));
}
else
{
// Get list of sites user has permission to view, then return list of open tickets from those sites
List <object> report = new List <object>();
MySqlCommand ticketCmd = new MySqlCommand(
String.Format("SELECT * " +
"FROM " +
" `tickets` as t " +
" JOIN " +
" (SELECT "+
" s.site_id, s.site_name "+
" FROM "+
" `sites` as s "+
" JOIN "+
" (SELECT "+
" * "+
" FROM "+
" `permission` "+
" WHERE "+
" `user_id` = {0}) "+
" as p "+
" ON s.site_id = p.site_id) "+
" as sp "+
" ON sp.site_id = t.site_id AND t.status != 4; ", authUser.Id));
using (var reader = ticketCmd.ExecuteReader())
while (reader.Read())
{
Models.Ticket.PriortiyLevel priority;
Models.Ticket.TicketStatus tStatus;
Models.Ticket.TicketCategory tCategory;
int ticketId, ticketSiteId;
string ticketSubject, ticketComments;
ticketId = DBNull.Value.Equals(reader["id"]) ? -1 : Convert.ToInt32(reader["id"]);
ticketSiteId = DBNull.Value.Equals(reader["site_id"]) ? -1 : Convert.ToInt32(reader["site_id"]);
ticketSubject = DBNull.Value.Equals(reader["subject"]) ? "" : Convert.ToString(reader["subject"]);
ticketComments = DBNull.Value.Equals(reader["comments"]) ? "" : Convert.ToString(reader["comments"]);
// Something is wrong with this ticket, so ignore it & don't add it to list
if (ticketId == -1 || ticketSiteId == -1 || ticketSubject.Length == 0 || ticketComments.Length == 0)
{
continue;
}
if (!DBNull.Value.Equals(reader["priority"]) && Convert.ToInt32(reader["priority"]) >= 0 && Convert.ToInt32(reader["priority"]) <= 3)
{
priority = (Models.Ticket.PriortiyLevel)Convert.ToInt32(reader["priority"]);
}
else
{
priority = Models.Ticket.PriortiyLevel.LOW;
}
if (!DBNull.Value.Equals(reader["status"]) && Convert.ToInt32(reader["status"]) >= 0 && Convert.ToInt32(reader["status"]) <= 4)
{
tStatus = (Models.Ticket.TicketStatus)Convert.ToInt32(reader["status"]);
}
else
{
tStatus = Models.Ticket.TicketStatus.NEW;
}
if (!DBNull.Value.Equals(reader["category"]) && Convert.ToInt32(reader["category"]) >= 0 && Convert.ToInt32(reader["category"]) <= 6)
{
tCategory = (Models.Ticket.TicketCategory)Convert.ToInt32(reader["category"]);
}
else
{
tCategory = Models.Ticket.TicketCategory.SOFTWARE;
}
var ticket = new {
Id = ticketId,
SiteId = ticketSiteId,
Subject = ticketSubject,
Comments = ticketComments,
Priority = (int)priority,
PriorityName = priority.ToString(),
Category = (int)tCategory,
CategoryName = tCategory.ToString().Replace('_', ' '),
Status = (int)tStatus,
StatusName = tStatus.ToString(),
SiteName = DBNull.Value.Equals(reader["site_name"]) ? "" : Convert.ToString(reader["site_name"]),
AssignedTo = DBNull.Value.Equals(reader["assigned_to"]) ? -1 : Convert.ToInt32(reader["assigned_to"]),
CreatedBy = DBNull.Value.Equals(reader["created_by"]) ? -1 : Convert.ToInt32(reader["created_by"]),
CreatedDate = DBNull.Value.Equals(reader["created_date"]) ? new DateTime(2000, 1, 1) : Convert.ToDateTime(reader["created_date"]),
DueDate = DBNull.Value.Equals(reader["due_date"]) ? new DateTime(2000, 1, 1) : Convert.ToDateTime(reader["due_date"]),
LastUpdated = DBNull.Value.Equals(reader["last_updated"]) ? new DateTime(2000, 1, 1) : Convert.ToDateTime(reader["last_updated"])
};
report.Add(ticket);
}
return(Json(new { status_code = 0, report }));
}
}
else if (status == 2)
{
if (authUser.Level >= 4)
{
return(Json(new { status_code = 0, report = context.Tickets.AsNoTracking().Where(t => t.SiteId == id).ToList() }));
}
else
{
Models.Permission permission = context.Permissions.AsNoTracking().FirstOrDefault(p => p.UserId == authUser.Id && p.SiteId == id);
if (permission == null || permission.Access == 0)
{
return(Json(new { status_code = 1, status = "User does not have permission to view this ticket" }));
}
return(Json(new { status_code = 0, report = context.Tickets.AsNoTracking().Where(t => t.SiteId == id).ToList() }));
}
}
}
// If this return statement is reached, request has invalid status type
return(Json(new { status_code = 5, status = "Unknown status code: " + status }));
}
public JsonResult Create([FromBody] Models.ActivationForm form, [RequiredFromQuery] int type)
{
if (type == 0)
{
// Create new site & activation
using (var context = new Data.ApplicationDbContext()) {
// Verify user exists & has permission
String authUserId = User.GetClaim(OpenIdConnectConstants.Claims.Subject);
Models.User authUser = context.Users.AsNoTracking().FirstOrDefault(u => u.Id.ToString().Equals(authUserId));
if (authUser == null)
{
return(Json(new { status_code = 2, status = "User '" + authUserId + "' does not exist" }));
}
if (!Helpers.PermissionChecker.CanAddSite(authUser))
{
return(Json(new { status_code = 3, status = "User '" + authUser.UserName + "' does not have permission to activate sites" }));
}
// Used to check if installer object and/or manager object need to be added to database
bool InstallerCreated = false, ManagerCreated = false, OwnerCreated = false;
// #1 - Check installer //
// if Id is 0, create new installer. Otherwise, verify installer exists
if (form.SiteInstaller.Id != 0)
{
Models.Installer installer = context.Installers.AsNoTracking().FirstOrDefault(i => i.Id == form.SiteInstaller.Id);
if (installer == null)
{
return(Json(new { status_code = 5, status = "Installer '" + form.SiteInstaller.Id + "' does not exist" }));
}
}
else
{
if (form.SiteInstaller.FName.Length == 0 && form.SiteInstaller.LName.Length == 0)
{
return(Json(new { status_code = 5, status = "Installer must have at least a first or last name" }));
}
else if (form.SiteInstaller.Phone.Length == 0)
{
return(Json(new { status_code = 5, status = "Installer must have a phone number" }));
}
context.Installers.Add(form.SiteInstaller);
InstallerCreated = true;
}
// #2 - Check manager //
// Same logic as installer (0 = new, otherwise use existing)
if (form.SiteManager.Id != 0)
{
Models.Manager manager = context.Managers.AsNoTracking().FirstOrDefault(m => m.Id == form.SiteManager.Id);
if (manager == null)
{
return(Json(new { status_code = 5, status = "Manager '" + form.SiteManager.Id + "' does not exist" }));
}
}
else
{
if (form.SiteManager.FName.Length == 0 && form.SiteManager.LName.Length == 0)
{
return(Json(new { status_code = 5, status = "Manager must have at least a first or last name" }));
}
else if (form.SiteManager.Phone.Length == 0)
{
return(Json(new { status_code = 5, status = "Manager must have a phone number" }));
}
context.Managers.Add(form.SiteManager);
ManagerCreated = true;
}
// #3 - Verify new owner info //
if (form.NewOwner.Id == 0)
{
if (context.Users.AsNoTracking().FirstOrDefault(u => form.NewOwner.UserName != null && u.UserName != null && form.NewOwner.UserName.ToLower().Equals(u.UserName.ToLower())) != null)
{
return(Json(new { status_code = 3, status = "User '" + form.NewOwner.UserName + "' already exists" }));
}
if (String.IsNullOrWhiteSpace(form.NewOwner.UserName) || String.IsNullOrWhiteSpace(form.NewOwner.Password))
{
return(Json(new { status_code = 4, status = "Invalid user creation body" }));
}
form.NewOwner.Active = true;
form.NewOwner.Level = 2; // force user to be owner
form.NewOwner.UserLastLogin = new DateTime(2000, 1, 1);
OwnerCreated = true;
}
else
{
form.NewOwner = context.Users.AsNoTracking().FirstOrDefault(u => u.Id == form.NewOwner.Id);
if (form.NewOwner == null)
{
return(Json(new { status_code = 2, status = "Owner '" + form.NewOwner.Id + "' does not exist" }));
}
}
if (!form.PreApproved && (String.IsNullOrWhiteSpace(form.NewOwner.UserName) || String.IsNullOrWhiteSpace(form.NewOwner.Password)))
{
return(Json(new { status_code = 5, status = "Invalid user creation body" }));
}
// #4 - Create new site //
// note: if site is pre-approved, new site will not be created
// Verify site info
Models.System system = context.Systems.AsNoTracking().FirstOrDefault(s => s.Id == form.NewSite.SystemId);
if (system == null)
{
return(Json(new { status_code = 5, status = "Invalid system given", id = form.NewSite.SystemId }));
}
Models.User distrib = context.Users.AsNoTracking().FirstOrDefault(u => u.Id == form.NewSite.SiteDistributor);
if (distrib == null)
{
return(Json(new { status_code = 5, status = "Invalid distributor given" }));
}
if (form.NewSite.SiteName.Length == 0)
{
return(Json(new { status_code = 5, status = "No site name given" }));
}
if (!form.NewSite.SiteInstallDate.HasValue)
{
return(Json(new { status_code = 5, status = "Invalid install date" }));
}
if (form.NewSite.SiteAddress.Length == 0 || form.NewSite.SiteCity.Length == 0 || form.NewSite.SiteState.Length == 0 ||
form.NewSite.SiteCountry.Length == 0 || form.NewSite.SiteZip.Length < 5 || form.NewSite.SiteZip.Length > 10)
{
return(Json(new { status_code = 5, status = "Invalid site address given" }));
}
if (form.NewSite.SiteOwnerName.Length == 0)
{
return(Json(new { status_code = 5, status = "No owner name given" }));
}
if (form.NewSite.SiteOwnerEmail.Length == 0 && form.NewSite.SiteOwnerPhone.Length == 0)
{
return(Json(new { status_code = 5, status = "Need at least one way to contact owner (none given)" }));
}
// Generate site info if not pre-approved
if (!form.PreApproved)
{
List <Models.Site> sites = context.Sites.AsNoTracking().OrderByDescending(s => s.SiteNumber).ToList();
int maxSiteNum = -1;
foreach (Models.Site s in sites)
{
if (s.SiteNumber.HasValue)
{
maxSiteNum = (int)s.SiteNumber;
break;
}
}
form.NewSite.SiteNumber = ++maxSiteNum;
form.NewSite.SiteActive = true;
form.NewSite.SiteEnabled = true;
form.NewSite.SiteLastPing = new DateTime(2000, 1, 1);
form.NewSite.SiteLastIp = "127.0.0.1";
}
// #5 - New activation row //
// Need to save these to database to generate any IDs (in case new installer/manager is used, and for new site/owner) if site isn't pre-approved
if (!form.PreApproved)
{
if (form.NewOwner.Id == 0)
{
context.Users.Add(form.NewOwner);
}
context.Sites.Add(form.NewSite);
context.SaveChanges();
}
// Verify that distributor has access to site
// (because users can create distributors when activating site)
Models.Permission permission = context.Permissions.FirstOrDefault(p => form.NewSite.SiteDistributor.HasValue &&
p.UserId == form.NewSite.SiteDistributor && p.SiteId == form.NewSite.SiteId);
if (permission == null)
{
permission = new Models.Permission {
UserId = (int)form.NewSite.SiteDistributor,
SiteId = form.NewSite.SiteId,
Access = 1,
};
context.Permissions.Add(permission);
}
else if (permission.Access.HasValue && (int)permission.Access != 1)
{
permission.Access = 1;
}
// Set some default values for newly created sites
form.NewSite.LastCommunityDrop = new DateTime(1970, 1, 1, 0, 0, 0);
form.NewSite.LastGrandDrop = new DateTime(1970, 1, 1, 0, 0, 0);
// Activation form needs to save what was submitted, not reflect current information
// therefore, activation table essentially acts as a merged version of multiple tables
form.ActivationInfo.SiteId = form.NewSite.SiteId;
form.ActivationInfo.RoomName = form.NewSite.SiteName;
form.ActivationInfo.SystemId = system.Id;
form.ActivationInfo.StorePhone = form.NewSite.StorePhone;
form.ActivationInfo.InstallerId = form.SiteInstaller.Id;
form.ActivationInfo.InstallerFName = form.SiteInstaller.FName;
form.ActivationInfo.InstallerLName = form.SiteInstaller.LName;
form.ActivationInfo.InstallerEmail = form.SiteInstaller.Email;
form.ActivationInfo.InstallerPhone = form.SiteInstaller.Phone;
form.ActivationInfo.ManagerId = form.SiteManager.Id;
form.ActivationInfo.ManagerFName = form.SiteManager.FName;
form.ActivationInfo.ManagerLName = form.SiteManager.LName;
form.ActivationInfo.ManagerEmail = form.SiteManager.Email;
form.ActivationInfo.ManagerPhone = form.SiteManager.Phone;
form.ActivationInfo.OwnerId = form.NewOwner.Id;
form.ActivationInfo.OwnerFName = form.NewOwner.FName;
form.ActivationInfo.OwnerLName = form.NewOwner.LName;
form.ActivationInfo.OwnerEmail = form.NewOwner.Email;
form.ActivationInfo.OwnerPhone = form.NewOwner.Phone;
form.ActivationInfo.OwnerUserName = form.NewOwner.UserName;
form.ActivationInfo.DistributorId = distrib.Id;
form.ActivationInfo.DistributorFName = distrib.FName;
form.ActivationInfo.DistributorLName = distrib.LName;
form.ActivationInfo.SiteAddress = form.NewSite.SiteAddress;
form.ActivationInfo.SiteCity = form.NewSite.SiteCity;
form.ActivationInfo.SiteState = form.NewSite.SiteState;
form.ActivationInfo.SiteCountry = form.NewSite.SiteCountry;
form.ActivationInfo.SiteZip = form.NewSite.SiteZip;
form.ActivationInfo.SubmissionDate = DateTime.UtcNow;
// #6 - Create permission for new site
if (!form.PreApproved)
{
Models.Permission newSitePermission = new Models.Permission {
Access = 1,
SiteId = form.NewSite.SiteId,
UserId = form.NewOwner.Id
};
context.Permissions.Add(newSitePermission);
}
// Since these objects aren't being created through their respective controllers, need to manually log them
if (InstallerCreated)
{
Helpers.LogHelper.LogAction(Models.Log.ActionType.CreateInstaller, authUser.Id, form.SiteInstaller.Id,
String.Format("{0} (id: {1}) created installer '{2}' (id: {3})", authUser.UserName, authUser.Id,
form.SiteInstaller.FName + " " + form.SiteInstaller.LName, form.SiteInstaller.Id));
}
if (ManagerCreated)
{
Helpers.LogHelper.LogAction(Models.Log.ActionType.CreateManager, authUser.Id, form.SiteManager.Id,
String.Format("{0} (id: {1}) created manager '{2}' (id: {3})", authUser.UserName, authUser.Id,
form.SiteManager.FName + " " + form.SiteManager.LName, form.SiteManager.Id));
}
if (!form.PreApproved)
{
Helpers.LogHelper.LogAction(Models.Log.ActionType.CreateUser, authUser.Id, form.NewOwner.Id,
String.Format("{0} (id: {1}) created user {2} (id: {3})", authUser.UserName, authUser.Id,
form.NewOwner.UserName, form.NewOwner.Id));
Helpers.LogHelper.LogAction(Models.Log.ActionType.CreateSite, authUser.Id, form.NewSite.SiteId,
String.Format("{0} (id: {1}) created site '{2}' (site number: {3})", authUser.UserName, authUser.Id,
form.NewSite.SiteName, form.NewSite.SiteNumber));
}
// #7 - Save all final info to database (all information has been verified by this point) //
context.Activations.Add(form.ActivationInfo);
context.SaveChanges();
// #8 - Logging and alerting
// log
Helpers.LogHelper.LogAction(Models.Log.ActionType.ActivateSite, authUser.Id, form.NewSite.SiteId,
String.Format("{0} (id: {1}) activated site '{2}' (site number: {3})", authUser.UserName, authUser.Id, form.NewSite.SiteName, form.NewSite.SiteNumber));
// send to Zapier to handle proper notification
var json = new {
SiteId = form.NewSite.SiteNumber,
form.NewSite.SiteName,
SystemName = system.Name,
form.ActivationInfo.SystemId,
form.NewSite.StorePhone,
form.SiteInstaller,
form.SiteManager,
NewOwner = new { form.NewOwner.Active, form.NewOwner.Email, form.NewOwner.FName, form.NewOwner.LName, form.NewOwner.Phone, form.NewOwner.UserName },
SiteDistributor = new { distrib.Active, distrib.Email, distrib.FName, distrib.LName, distrib.Phone, distrib.UserName },
form.NewSite.SiteAddress,
form.NewSite.SiteCity,
form.NewSite.SiteState,
form.NewSite.SiteCountry,
form.NewSite.SiteZip,
SubmissionDate = form.ActivationInfo.SubmissionDate.ToString("yyyy-MM-ddTHH:mm:ss.fffZ"),
form.ActivationInfo.ActivationNotes
};
Helpers.LogHelper.NotifyAction(Models.Log.ActionType.ActivateSite, json);
}
return(Json(new { status_code = 0, form.NewSite.SiteId }));
}
else if (type == 1)
{
// Just create new activation. Site was already approved through old report portal.
using (var context = new Data.ApplicationDbContext()) {
// Verify user exists & has permission
String authUserId = User.GetClaim(OpenIdConnectConstants.Claims.Subject);
Models.User authUser = context.Users.AsNoTracking().FirstOrDefault(u => u.Id.ToString().Equals(authUserId));
if (authUser == null)
{
return(Json(new { status_code = 2, status = "User '" + authUserId + "' does not exist" }));
}
if (!Helpers.PermissionChecker.CanAddSite(authUser))
{
return(Json(new { status_code = 1, status = "User '" + authUser.UserName + "' does not have permission to activate sites" }));
}
bool InstallerCreated = false, ManagerCreated = false, OwnerCreated = false;
// #1 - Check installer //
// if Id is 0, create new installer. Otherwise, verify installer exists
if (form.SiteInstaller.Id != 0)
{
Models.Installer installer = context.Installers.AsNoTracking().FirstOrDefault(i => i.Id == form.SiteInstaller.Id);
if (installer == null)
{
return(Json(new { status_code = 2, status = "Installer '" + form.SiteInstaller.Id + "' does not exist" }));
}
}
else
{
if (form.SiteInstaller.FName.Length == 0 && form.SiteInstaller.LName.Length == 0)
{
return(Json(new { status_code = 4, status = "Installer must have at least a first or last name" }));
}
else if (form.SiteInstaller.Phone.Length == 0)
{
return(Json(new { status_code = 4, status = "Installer must have a phone number" }));
}
context.Installers.Add(form.SiteInstaller);
InstallerCreated = true;
}
// #2 - Check manager //
// Same logic as installer (0 = new, otherwise use existing)
if (form.SiteManager.Id != 0)
{
Models.Manager manager = context.Managers.AsNoTracking().FirstOrDefault(m => m.Id == form.SiteManager.Id);
if (manager == null)
{
return(Json(new { status_code = 2, status = "Manager '" + form.SiteManager.Id + "' does not exist" }));
}
}
else
{
if (form.SiteManager.FName.Length == 0 && form.SiteManager.LName.Length == 0)
{
return(Json(new { status_code = 4, status = "Manager must have at least a first or last name" }));
}
else if (form.SiteManager.Phone.Length == 0)
{
return(Json(new { status_code = 4, status = "Manager must have a phone number" }));
}
context.Managers.Add(form.SiteManager);
ManagerCreated = true;
}
// #3 - Verify new owner info //
if (form.NewOwner.Id == 0)
{
if (context.Users.AsNoTracking().FirstOrDefault(u => form.NewOwner.UserName != null && u.UserName != null && form.NewOwner.UserName.ToLower().Equals(u.UserName.ToLower())) != null)
{
return(Json(new { status_code = 3, status = "User '" + form.NewOwner.UserName + "' already exists" }));
}
if (String.IsNullOrWhiteSpace(form.NewOwner.UserName) || String.IsNullOrWhiteSpace(form.NewOwner.Password))
{
return(Json(new { status_code = 4, status = "Invalid user creation body" }));
}
form.NewOwner.Active = true;
form.NewOwner.Level = 2; // force user to be owner
form.NewOwner.UserLastLogin = new DateTime(2000, 1, 1);
OwnerCreated = true;
}
else
{
form.NewOwner = context.Users.AsNoTracking().FirstOrDefault(u => u.Id == form.NewOwner.Id);
if (form.NewOwner == null)
{
return(Json(new { status_code = 2, status = "Owner '" + form.NewOwner.Id + "' does not exist" }));
}
}
// #4 - Create new site //
// Verify site info
Models.System system = context.Systems.AsNoTracking().FirstOrDefault(s => s.Id == form.NewSite.SystemId);
if (system == null)
{
return(Json(new { status_code = 4, status = "Invalid system given", id = form.NewSite.SystemId }));
}
Models.User distrib = context.Users.AsNoTracking().FirstOrDefault(u => u.Id == form.NewSite.SiteDistributor);
if (distrib == null)
{
return(Json(new { status_code = 4, status = "Invalid distributor given" }));
}
if (form.NewSite.SiteName.Length == 0)
{
return(Json(new { status_code = 4, status = "No site name given" }));
}
if (!form.NewSite.SiteInstallDate.HasValue || form.NewSite.SiteInstallDate > DateTime.UtcNow)
{
return(Json(new { status_code = 4, status = "Invalid install date" }));
}
if (form.NewSite.SiteAddress.Length == 0 || form.NewSite.SiteCity.Length == 0 || form.NewSite.SiteState.Length == 0 ||
form.NewSite.SiteCountry.Length == 0 || form.NewSite.SiteZip.Length < 5 || form.NewSite.SiteZip.Length > 10)
{
return(Json(new { status_code = 4, status = "Invalid site address given" }));
}
if (form.NewSite.SiteOwnerName.Length == 0)
{
return(Json(new { status_code = 4, status = "No owner name given" }));
}
if (form.NewSite.SiteOwnerEmail.Length == 0 && form.NewSite.SiteOwnerPhone.Length == 0)
{
return(Json(new { status_code = 4, status = "Need at least one way to contact owner (none given)" }));
}
// Copy over any modified info if site is pre-approved
if (form.PreApproved)
{
Models.Site currentSite = context.Sites.FirstOrDefault(s => s.SiteId == form.NewSite.SiteId);
currentSite.Copy(form.NewSite, false);
context.SaveChanges();
}
// #5 - New activation row //
// Need to save these to database to generate any IDs (in case new installer/manager is used, and for new site/owner)
if (form.NewOwner.Id == 0)
{
context.Users.Add(form.NewOwner);
context.SaveChanges();
}
// Activation form needs to save what was submitted, not reflect current information
// therefore, activation table essentially acts as a merged version of multiple tables
form.ActivationInfo.SiteId = form.NewSite.SiteId;
form.ActivationInfo.RoomName = form.NewSite.SiteName;
form.ActivationInfo.SystemId = system.Id;
form.ActivationInfo.StorePhone = form.NewSite.StorePhone;
form.ActivationInfo.InstallerId = form.SiteInstaller.Id;
form.ActivationInfo.InstallerFName = form.SiteInstaller.FName;
form.ActivationInfo.InstallerLName = form.SiteInstaller.LName;
form.ActivationInfo.InstallerEmail = form.SiteInstaller.Email;
form.ActivationInfo.InstallerPhone = form.SiteInstaller.Phone;
form.ActivationInfo.ManagerId = form.SiteManager.Id;
form.ActivationInfo.ManagerFName = form.SiteManager.FName;
form.ActivationInfo.ManagerLName = form.SiteManager.LName;
form.ActivationInfo.ManagerEmail = form.SiteManager.Email;
form.ActivationInfo.ManagerPhone = form.SiteManager.Phone;
form.ActivationInfo.OwnerId = form.NewOwner.Id;
form.ActivationInfo.OwnerFName = form.NewOwner.FName;
form.ActivationInfo.OwnerLName = form.NewOwner.LName;
form.ActivationInfo.OwnerEmail = form.NewOwner.Email;
form.ActivationInfo.OwnerPhone = form.NewOwner.Phone;
form.ActivationInfo.OwnerUserName = form.NewOwner.UserName;
form.ActivationInfo.DistributorId = distrib.Id;
form.ActivationInfo.DistributorFName = distrib.FName;
form.ActivationInfo.DistributorLName = distrib.LName;
form.ActivationInfo.SiteAddress = form.NewSite.SiteAddress;
form.ActivationInfo.SiteCity = form.NewSite.SiteCity;
form.ActivationInfo.SiteState = form.NewSite.SiteState;
form.ActivationInfo.SiteCountry = form.NewSite.SiteCountry;
form.ActivationInfo.SiteZip = form.NewSite.SiteZip;
form.ActivationInfo.SubmissionDate = DateTime.UtcNow;
// #6 - Create permission for new site
Models.Permission sitePermission = context.Permissions.AsNoTracking().FirstOrDefault(p => p.UserId == form.NewOwner.Id && p.SiteId == form.NewSite.SiteId);
if (sitePermission == null)
{
sitePermission = new Models.Permission {
Access = 1,
SiteId = form.NewSite.SiteId,
UserId = form.NewOwner.Id
};
context.Permissions.Add(sitePermission);
}
// Since these objects aren't being created through their respective controllers, need to manually log them
if (InstallerCreated)
{
Helpers.LogHelper.LogAction(Models.Log.ActionType.CreateInstaller, authUser.Id, form.SiteInstaller.Id,
String.Format("{0} (id: {1}) created installer '{2}' (id: {3})", authUser.UserName, authUser.Id,
form.SiteInstaller.FName + " " + form.SiteInstaller.LName, form.SiteInstaller.Id));
}
if (ManagerCreated)
{
Helpers.LogHelper.LogAction(Models.Log.ActionType.CreateManager, authUser.Id, form.SiteManager.Id,
String.Format("{0} (id: {1}) created manager '{2}' (id: {3})", authUser.UserName, authUser.Id,
form.SiteManager.FName + " " + form.SiteManager.LName, form.SiteManager.Id));
}
if (OwnerCreated)
{
Helpers.LogHelper.LogAction(Models.Log.ActionType.CreateUser, authUser.Id, form.NewOwner.Id,
String.Format("{0} (id: {1}) created user {2} (id: {3})", authUser.UserName, authUser.Id,
form.NewOwner.UserName, form.NewOwner.Id));
}
// #7 - Save all final info to database (all information has been verified by this point) //
// check if form is pre-approved thru old RP
if (form.PreApproved)
{
form.ActivationInfo.ApprovedBy = -1;
form.ActivationInfo.ApprovalNotes = "This site was pre-approved through old report portal.";
}
context.Activations.Add(form.ActivationInfo);
context.SaveChanges();
// #8 - Logging and alerting
// log
Helpers.LogHelper.LogAction(Models.Log.ActionType.ActivateSite, authUser.Id, form.NewSite.SiteId,
String.Format("{0} (id: {1}) reactivated site '{2}' (site number: {3})", authUser.UserName, authUser.Id, form.NewSite.SiteName, form.NewSite.SiteNumber));
// send to Zapier to handle proper notification
var json = new {
SiteId = form.NewSite.SiteNumber,
form.NewSite.SiteName,
SystemName = system.Name,
form.ActivationInfo.SystemId,
form.NewSite.StorePhone,
form.SiteInstaller,
form.SiteManager,
NewOwner = new { form.NewOwner.Active, form.NewOwner.Email, form.NewOwner.FName, form.NewOwner.LName, form.NewOwner.Phone, form.NewOwner.UserName },
SiteDistributor = new { distrib.Active, distrib.Email, distrib.FName, distrib.LName, distrib.Phone, distrib.UserName },
form.NewSite.SiteAddress,
form.NewSite.SiteCity,
form.NewSite.SiteState,
form.NewSite.SiteCountry,
form.NewSite.SiteZip,
SubmissionDate = form.ActivationInfo.SubmissionDate.ToString("yyyy-MM-ddTHH:mm:ss.fffZ"),
form.ActivationInfo.ActivationNotes
};
Helpers.LogHelper.NotifyAction(Models.Log.ActionType.ActivateSite, json);
}
return(Json(new { status_code = 0 }));
}
else
{
return(Json(new { status_code = 5, status = "Unknown status code '" + type + "'" }));
}
}
