public ActionResult ViewUserbyID(long UserID)
{
ActionResult oResponse = null;
if (Session["Username"] == null) //Guest
{
oResponse = RedirectToAction("Index", "Home");
}
else
{
UserVM newVM = new UserVM(); //creating new instance
try
{
//Uses method from DAL then assigns to variable
IUserDO userInfo = UserAccess.ViewUsersByID(UserID);
//Mapping assigned to variable
newVM.User = UserMap.MapDOtoPO(userInfo);
//Return this view
oResponse = View(newVM);
}
catch (Exception e)
{
newVM.ErrorMessage = "Sorry we cannot process your request at this time";
ErrorLog.LogError(e);
oResponse = View(newVM);
}
finally
{
//Onshore standards
}
}
return(oResponse);
}
///<summary>
/// Sends request to database for creating a new team
/// </summary>
public ActionResult CreateUser(UserViewModel newUser)
{
ActionResult oResponse = null;
// Ensure user is authenticated
if (ModelState.IsValid)
{
try
{
// Map UserLogin properties from presentation to data objects
IUserDO newUserDO = Mapper.Map <IUserPO, IUserDO>(newUser.User);
// new User sent to UserCredDAL to add
_uda.CreateUser(newUserDO, newUser.TeamPO.TeamID);
oResponse = View("ViewUserByUserID", newUser);
}
catch (Exception ex)
{
ErrorLogger.LogError(ex, "CreateUser", "Account");
newUser.ErrorMessage = "There was an issue with creating a new employee. Please try again. If the problem persists contact your IT department.";
oResponse = View(newUser);
}
}
else
{
// User doesn't have access
oResponse = RedirectToAction("Index", "Home");
}
return(oResponse);
}
public ActionResult Register(UserVM iUser)
{
ActionResult oResponse = null;
if (ModelState.IsValid) //if info correct
{
try
{
//Maping assigned into a variable
IUserDO Userform = UserMap.MapPOtoDO(iUser.User);
//Method used from DAL
UserAccess.Register(Userform);
//Return to login view
oResponse = RedirectToAction("Login", "User");
}
catch (Exception e)
{
iUser.ErrorMessage = "Sorry we can preform that task at the moment, try again later";
ErrorLog.LogError(e);
oResponse = View(iUser);
}
finally
{
//Onshore standards
}
}
else //if incorrect info
{
oResponse = View(iUser);
}
return(oResponse);
}
//updates User info and takes in OldTeamID to update in SP where UserID & OldTeamID equal in TeamManagement table
public bool UpdateUser(IUserDO iUser)
{
bool result = false;
try
{
using (SqlConnection conn = new SqlConnection(ConnectionParms))
{
using (SqlCommand updateComm = new SqlCommand("sp_UpdateUser", conn))
{
try
{
updateComm.Parameters.AddWithValue("@UserID", iUser.UserID);
updateComm.Parameters.AddWithValue("@ModifiedByUserId", iUser.UserID);
updateComm.Parameters.AddWithValue("@RoleId", iUser.RoleID_FK);
updateComm.Parameters.AddWithValue("@Email", iUser.Email);
updateComm.Parameters.AddWithValue("@FName", iUser.FirstName);
updateComm.Parameters.AddWithValue("@LName", iUser.LastName);
updateComm.Parameters.AddWithValue("@TeamId", iUser.TeamID);
// updateComm.Parameters.AddWithValue("@TeamManagementId", iUser.TeamManagementID);
result = true;
}
catch (Exception ex)
{
ErrorLogger.LogError(ex, "UpdateUser", "nothing");
}
}
}
}
catch (Exception ex)
{
ErrorLogger.LogError(ex, "UpdateUser", "nothing");
}
return(result);
}
public bool CreateUser(IUserDO iUser, int TeamID)
{
bool result = false;
try
{
using (SqlConnection conn = new SqlConnection(ConnectionParms))
{
using (SqlCommand createComm = new SqlCommand("sp_MakeUser", conn))
{
createComm.CommandType = CommandType.StoredProcedure;
createComm.CommandTimeout = 35;
createComm.Parameters.AddWithValue("@CreatedByUserId", SqlDbType.Int).Value = iUser.UserID;
createComm.Parameters.AddWithValue("@TeamId", SqlDbType.Int).Value = TeamID;
createComm.Parameters.AddWithValue("@RoleId", SqlDbType.Int).Value = iUser.RoleID_FK;
createComm.Parameters.AddWithValue("@Email", SqlDbType.VarChar).Value = iUser.Email;
createComm.Parameters.AddWithValue("@FName", SqlDbType.VarChar).Value = iUser.FirstName;
createComm.Parameters.AddWithValue("@LName", SqlDbType.VarChar).Value = iUser.LastName;
conn.Open();
createComm.ExecuteNonQuery();
result = true;
}
}
}
catch (Exception ex)
{
ErrorLogger.LogError(ex, "CreateUser", "nothing");
}
return(result);
}
public ActionResult DeleteUser(long UserID)
{
IUserDO user = UserAccess.ViewUsersByID(UserID); //Use of method from DAL assigned to variable
ActionResult oResponse = null;
if (Session["Username"] == null || (Int16)Session["Role"] != 1)
{
//Everyone, but admin
oResponse = RedirectToAction("Index", "Home");
}
else if (user.Role != 1) //stops an admin from deleting them self
{
UserVM newVM = new UserVM(); //creating a new instance
try
{
//Uses method from DAL
UserAccess.DeleteUsers(UserID);
//Return view to see the change
oResponse = RedirectToAction("ViewUsers", "User");
}
catch (Exception e)
{
newVM.ErrorMessage = "Sorry we can not process your request at this time";
ErrorLog.LogError(e);
oResponse = RedirectToAction("ViewUsers", "User");
}
finally
{
//Onshore standards
}
}
return(oResponse);
}
public void UpdateUser(IUserDO iUser)
{
try //Exception handling
{ //Create connection
using (SqlConnection connectionToSql = new SqlConnection(_ConnectionString))
{ //Create command
using (SqlCommand command = new SqlCommand("UPDATE_USERS", connectionToSql))
{
try
{ //interpret command
command.CommandType = CommandType.StoredProcedure;
command.CommandTimeout = 30; //30 second
#region Parameters
//Passing parameters in from Sql
command.Parameters.AddWithValue("@UserID", iUser.UserID);
command.Parameters.AddWithValue("@FirstName", iUser.FirstName);
command.Parameters.AddWithValue("@LastName", iUser.LastName);
command.Parameters.AddWithValue("@PhoneNumber", iUser.PhoneNumber);
command.Parameters.AddWithValue("@HouseAptNumber", iUser.HouseAptNumber);
command.Parameters.AddWithValue("@StreetName", iUser.StreetName);
command.Parameters.AddWithValue("@City", iUser.City);
command.Parameters.AddWithValue("@State", iUser.State);
command.Parameters.AddWithValue("@Zip", iUser.Zip);
command.Parameters.AddWithValue("@Role", iUser.Role);
command.Parameters.AddWithValue("@UserName", iUser.Username);
command.Parameters.AddWithValue("@Password", iUser.Password);
#endregion
connectionToSql.Open();
command.ExecuteNonQuery(); //no info returned
}
catch (Exception e)
{
throw (e); //throw to outside try catch
}
finally
{
connectionToSql.Close(); //Saftey
connectionToSql.Dispose();
}
}
}
}
catch (Exception e)
{
LogError.Log(e);
throw (e); //throw to controller
}
finally
{
//Onshore standards
}
}
public void CreateUser(IUserDO iUser)
{
try
{ //create connection
using (SqlConnection connectionToSql = new SqlConnection(_ConnectionString))
{ //create command
using (SqlCommand storedCommand = new SqlCommand("CREATE_USER", connectionToSql))
{
try
{
storedCommand.CommandType = CommandType.StoredProcedure;
storedCommand.CommandTimeout = 30; //seconds before timeout
//Add the value of our parmeters
storedCommand.Parameters.AddWithValue("@FirstName", iUser.FirstName);
storedCommand.Parameters.AddWithValue("@LastName", iUser.LastName);
storedCommand.Parameters.AddWithValue("@PhoneNumber", iUser.PhoneNumber);
storedCommand.Parameters.AddWithValue("@HouseAptNumber", iUser.HouseAptNumber);
storedCommand.Parameters.AddWithValue("@StreetName", iUser.StreetName);
storedCommand.Parameters.AddWithValue("@City", iUser.City);
storedCommand.Parameters.AddWithValue("@State", iUser.State);
storedCommand.Parameters.AddWithValue("@Zip", iUser.Zip);
storedCommand.Parameters.AddWithValue("@Role", iUser.Role);
storedCommand.Parameters.AddWithValue("@Username", iUser.Username);
storedCommand.Parameters.AddWithValue("@Password", iUser.Password);
connectionToSql.Open();
storedCommand.ExecuteNonQuery();
}
catch (Exception e)
{
throw (e);
//throw to outer try catch
}
finally
{
connectionToSql.Close(); //safftey closing & disposing
connectionToSql.Dispose();
}
}
}
}
catch (Exception e)
{
LogError.Log(e);
throw (e); //throw to the controller
}
finally
{
//Onshore standards
}
}
public static UserPO MapUserDOtoPO(IUserDO userDO)
{
var oUser = new UserPO();
oUser.UserID = userDO.UserID;
oUser.FirstName = userDO.FirstName;
oUser.LastName = userDO.LastName;
oUser.RoleID_FK = userDO.RoleID_FK;
oUser.Email = userDO.Email;
oUser.Active = userDO.Active;
return(oUser);
}
public void Register(IUserDO iUser)
{
try //Catch Exceptions
{ //Create connection
using (SqlConnection connectionToSql = new SqlConnection(_ConnectionString))
{ //Create command
using (SqlCommand storedCommand = new SqlCommand("CREATE_USER", connectionToSql))
{
try
{ //Command properties
storedCommand.CommandType = CommandType.StoredProcedure;
storedCommand.CommandTimeout = 60;
//Add value to the Parameter
storedCommand.Parameters.AddWithValue("@FirstName", iUser.FirstName);
storedCommand.Parameters.AddWithValue("@LastName", iUser.LastName);
storedCommand.Parameters.AddWithValue("@PhoneNumber", iUser.PhoneNumber);
storedCommand.Parameters.AddWithValue("@HouseAptNumber", iUser.HouseAptNumber);
storedCommand.Parameters.AddWithValue("@StreetName", iUser.StreetName);
storedCommand.Parameters.AddWithValue("@City", iUser.City);
storedCommand.Parameters.AddWithValue("@State", iUser.State);
storedCommand.Parameters.AddWithValue("@Zip", iUser.Zip);
storedCommand.Parameters.AddWithValue("@Role", iUser.Role);
storedCommand.Parameters.AddWithValue("@Username", iUser.Username);
storedCommand.Parameters.AddWithValue("@Password", iUser.Password);
connectionToSql.Open();
storedCommand.ExecuteNonQuery();
}
catch (Exception e)
{
throw (e); //Throw to outer try catch
}
finally
{
connectionToSql.Close(); //Saftey
connectionToSql.Dispose();
}
}
}
}
catch (Exception e)
{
LogError.Log(e);
throw (e);
}
finally
{
//Onshore standards
}
}
public IUserBO CheckUserLogin(string email, string password)
{
password = HashPassword(password);
if ((_dbUser = _ucda.GetUserLoginInformation(email, password)) != null)
{
_loginUser = Mapper.Map <IUserDO, IUserBO>(_dbUser);
return(_loginUser);
}
else
{
return(_loginUser);
}
}
public ActionResult UpdateUser(UserVM iUser)
{
ActionResult oResponse = null;
if (Session["Username"] == null || (Int16)Session["Role"] == 3)
{
//Guest, User
oResponse = RedirectToAction("Index", "Home");
}
else //Admin
{
if (ModelState.IsValid) //if correct info
{
try
{
//give mapping a variable to be used
IUserDO update = UserMap.MapPOtoDO(iUser.User);
//Call the method to be used
UserAccess.UpdateUser(update);
if ((Int16)Session["Role"] != 1)
{
//if not admin
//redirect to profile
oResponse = RedirectToAction("ViewUserbyID", "User", new { UserID = (long)Session["UserID"] }); //Return to the view to see changes
}
else
{
//admin views all users
oResponse = RedirectToAction("ViewUsers", "User");
}
}
catch (Exception e)
{ //for the errors thrown below
iUser.ErrorMessage = "Sorry your request cannot be processed";
ErrorLog.LogError(e);
oResponse = View(iUser);
}
finally
{
//Onshore standards
}
}
else //if it isn't valid information
{
oResponse = View(iUser); //Return to the Update page to fill out info again
}
}
return(oResponse);
}
public IUserDO GetUserByID(int iUserID)
{
IUserDO user = null;
try
{
using (SqlConnection con = new SqlConnection(ConnectionParms))
{
using (SqlCommand getUserComm = new SqlCommand("sp_GetUserById", con))
{
getUserComm.CommandType = CommandType.StoredProcedure;
getUserComm.CommandTimeout = 35;
getUserComm.Parameters.AddWithValue("@UserId", iUserID);
con.Open();
using (SqlDataReader reader = getUserComm.ExecuteReader())
{
while (reader.Read())
{
user = new UserDO
{
UserID = reader.GetInt32(reader.GetOrdinal("UserID")),
FirstName = (string)reader["FirstName"],
LastName = (string)reader["LastName"],
RoleID_FK = reader.GetInt32(reader.GetOrdinal("RoleID")),
Email = (string)reader["Email"],
TeamID = reader.GetInt32(reader.GetOrdinal("TeamID"))
//user.TeamManagementID = reader.GetInt32(reader.GetOrdinal("TeamManagementID"));
};
}
}
}
}
}
catch (Exception ex)
{
ErrorLogger.LogError(ex, "GetUserByID", "nothing");
}
return(user);
}
public static UserPO MapDOtoPO(IUserDO iFrom)
{
UserPO oTo = new UserPO(); //creating a new instance
//PO //DO
oTo.UserID = iFrom.UserID;
oTo.FirstName = iFrom.FirstName;
oTo.LastName = iFrom.LastName;
oTo.PhoneNumber = iFrom.PhoneNumber;
oTo.HouseAptNumber = iFrom.HouseAptNumber;
oTo.StreetName = iFrom.StreetName;
oTo.City = iFrom.City;
oTo.State = iFrom.State;
oTo.Zip = iFrom.Zip;
oTo.Role = iFrom.Role;
oTo.Username = iFrom.Username;
oTo.Password = iFrom.Password;
return(oTo); //return PO
}
///// <summary>
/////
///// </summary>
///// <returns></returns>
//public List<IUserLoginDO> GetAllUsersLogin()
//{
// List<IUserLoginDO> _list = new List<IUserLoginDO>();
// // TODO - implement database call here
// using (SqlConnection conn = new SqlConnection(_ConnectionString))
// {
// // create a sqlcommand
// using (SqlCommand command = new SqlCommand("sp_GetAllUserLogin", conn))
// {
// // details to the select command
// command.CommandType = CommandType.StoredProcedure;
// conn.Open();
// // need a loop to get users from the database
// using (SqlDataReader reader = command.ExecuteReader())
// {
// while (reader.Read())
// {
// UserLoginDO _userLoginDO = new UserLoginDO();
// _userLoginDO.UserID = (int)reader["UserID"];
// _userLoginDO.FirstName = (string)reader["FirstName"];
// _userLoginDO.LastName = (string)reader["LastName"];
// _userLoginDO.Password = (string)reader["Password"];
// _userLoginDO.Salt = (string)reader["Salt"];
// _userLoginDO.Email = (string)reader["Email"];
// _userLoginDO.RoleID_FK = (int)reader["RoleID"];
// _userLoginDO.RoleNameShort = (string)reader["RoleNameShort"];
// _userLoginDO.RoleNameLong = (string)reader["RoleNameLong"];
// //if ((string)reader["Role"] == RoleType.ADMINISTRATOR.ToString())
// //{
// // _userDO.Role = RoleType.ADMINISTRATOR;
// //}
// //else
// //{
// // _userDO.Role = RoleType.CUSTOMER;
// //}
// _list.Add(_userLoginDO);
// }
// }
// }
// }
// return _list;
//}
// <summary>
/// Company: Onshore Outsourcing, https://www.onshoreoutsourcing.com/
/// Author: Giancarlo Rhodes
/// Description: Database access methods for user credentials
/// <param name="username"></param>
/// <param name="userpassword"></param>
/// <returns></returns>
public IUserDO GetUserLoginInformation(string username, string userpassword)
{
//TODO GSR - make this a db call
IUserDO _userLoginDO = null;
try
{
using (SqlConnection conn = new SqlConnection(_ConnectionString))
{
using (SqlCommand viewComm = new SqlCommand("sp_UserCredentialCheckReturnUserInfo", conn))
{
viewComm.CommandType = CommandType.StoredProcedure;
viewComm.CommandTimeout = 35;
viewComm.Parameters.AddWithValue("@parmUserEmail", SqlDbType.VarChar).Value = username;
viewComm.Parameters.AddWithValue("@parmUserPassword", SqlDbType.VarChar).Value = userpassword;
conn.Open();
using (SqlDataReader reader = viewComm.ExecuteReader())
{
while (reader.Read())
{
_userLoginDO = new UserDO();
_userLoginDO.UserID = (int)reader["UserID"];
_userLoginDO.FirstName = (string)reader["FirstName"];
_userLoginDO.LastName = (string)reader["LastName"];
_userLoginDO.Email = (string)reader["Email"];
_userLoginDO.RoleID_FK = (int)reader["RoleID"];
_userLoginDO.RoleName = (string)reader["RoleNameShort"];
}
}
}
}
}
catch (Exception ex)
{
ErrorLogger.LogError(ex, "GetUserLoginInformation", "nothing");
}
return(_userLoginDO);
}
public ActionResult CreateUser(UserVM iUser)
{
ActionResult oResponse = null;
if (Session["Username"] == null || (Int16)Session["Role"] != 1)
{
//Guest,Power User, User
oResponse = RedirectToAction("Index", "Home");
}
else
{ //Admin
if (ModelState.IsValid) //if info correct
{
try
{
//Mapping assigned to variable
IUserDO Userform = UserMap.MapPOtoDO(iUser.User);
//Use of method from DAL
UserAccess.CreateUser(Userform);
//Redirect to list of users
oResponse = RedirectToAction("ViewUsers", "User", new { UserID = Session["UserID"] });
}
catch (Exception e)
{
iUser.ErrorMessage = "Sorry we can preform that task at the moment, try again later";
ErrorLog.LogError(e);
oResponse = View(iUser);
}
finally
{
//Onshore standards
}
}
else //if info incorrect
{
oResponse = View(iUser);
}
}
return(oResponse);
}
public ActionResult UpdateUser(long UserID)
{
ActionResult oResponse = null;
if (Session["Username"] == null || (Int16)Session["Role"] == 3)
{
//Guest, User
oResponse = RedirectToAction("Index", "Home");
}
else //Admin
{
//Create a new instance of the object
UserVM newVM = new UserVM();
//set the method to a variable to be used
IUserDO user = UserAccess.ViewUsersByID(UserID);
//set mapping to a variable
newVM.User = UserMap.MapDOtoPO(user);
//return view
oResponse = View(newVM);
}
return(oResponse);
}
