public ActionResult ViewUserbyID(long UserID) { ActionResult oResponse = null; if (Session["Username"] == null) //Guest { oResponse = RedirectToAction("Index", "Home"); } else { UserVM newVM = new UserVM(); //creating new instance try { //Uses method from DAL then assigns to variable IUserDO userInfo = UserAccess.ViewUsersByID(UserID); //Mapping assigned to variable newVM.User = UserMap.MapDOtoPO(userInfo); //Return this view oResponse = View(newVM); } catch (Exception e) { newVM.ErrorMessage = "Sorry we cannot process your request at this time"; ErrorLog.LogError(e); oResponse = View(newVM); } finally { //Onshore standards } } return(oResponse); }
///<summary> /// Sends request to database for creating a new team /// </summary> public ActionResult CreateUser(UserViewModel newUser) { ActionResult oResponse = null; // Ensure user is authenticated if (ModelState.IsValid) { try { // Map UserLogin properties from presentation to data objects IUserDO newUserDO = Mapper.Map <IUserPO, IUserDO>(newUser.User); // new User sent to UserCredDAL to add _uda.CreateUser(newUserDO, newUser.TeamPO.TeamID); oResponse = View("ViewUserByUserID", newUser); } catch (Exception ex) { ErrorLogger.LogError(ex, "CreateUser", "Account"); newUser.ErrorMessage = "There was an issue with creating a new employee. Please try again. If the problem persists contact your IT department."; oResponse = View(newUser); } } else { // User doesn't have access oResponse = RedirectToAction("Index", "Home"); } return(oResponse); }
public ActionResult Register(UserVM iUser) { ActionResult oResponse = null; if (ModelState.IsValid) //if info correct { try { //Maping assigned into a variable IUserDO Userform = UserMap.MapPOtoDO(iUser.User); //Method used from DAL UserAccess.Register(Userform); //Return to login view oResponse = RedirectToAction("Login", "User"); } catch (Exception e) { iUser.ErrorMessage = "Sorry we can preform that task at the moment, try again later"; ErrorLog.LogError(e); oResponse = View(iUser); } finally { //Onshore standards } } else //if incorrect info { oResponse = View(iUser); } return(oResponse); }
//updates User info and takes in OldTeamID to update in SP where UserID & OldTeamID equal in TeamManagement table public bool UpdateUser(IUserDO iUser) { bool result = false; try { using (SqlConnection conn = new SqlConnection(ConnectionParms)) { using (SqlCommand updateComm = new SqlCommand("sp_UpdateUser", conn)) { try { updateComm.Parameters.AddWithValue("@UserID", iUser.UserID); updateComm.Parameters.AddWithValue("@ModifiedByUserId", iUser.UserID); updateComm.Parameters.AddWithValue("@RoleId", iUser.RoleID_FK); updateComm.Parameters.AddWithValue("@Email", iUser.Email); updateComm.Parameters.AddWithValue("@FName", iUser.FirstName); updateComm.Parameters.AddWithValue("@LName", iUser.LastName); updateComm.Parameters.AddWithValue("@TeamId", iUser.TeamID); // updateComm.Parameters.AddWithValue("@TeamManagementId", iUser.TeamManagementID); result = true; } catch (Exception ex) { ErrorLogger.LogError(ex, "UpdateUser", "nothing"); } } } } catch (Exception ex) { ErrorLogger.LogError(ex, "UpdateUser", "nothing"); } return(result); }
public bool CreateUser(IUserDO iUser, int TeamID) { bool result = false; try { using (SqlConnection conn = new SqlConnection(ConnectionParms)) { using (SqlCommand createComm = new SqlCommand("sp_MakeUser", conn)) { createComm.CommandType = CommandType.StoredProcedure; createComm.CommandTimeout = 35; createComm.Parameters.AddWithValue("@CreatedByUserId", SqlDbType.Int).Value = iUser.UserID; createComm.Parameters.AddWithValue("@TeamId", SqlDbType.Int).Value = TeamID; createComm.Parameters.AddWithValue("@RoleId", SqlDbType.Int).Value = iUser.RoleID_FK; createComm.Parameters.AddWithValue("@Email", SqlDbType.VarChar).Value = iUser.Email; createComm.Parameters.AddWithValue("@FName", SqlDbType.VarChar).Value = iUser.FirstName; createComm.Parameters.AddWithValue("@LName", SqlDbType.VarChar).Value = iUser.LastName; conn.Open(); createComm.ExecuteNonQuery(); result = true; } } } catch (Exception ex) { ErrorLogger.LogError(ex, "CreateUser", "nothing"); } return(result); }
public ActionResult DeleteUser(long UserID) { IUserDO user = UserAccess.ViewUsersByID(UserID); //Use of method from DAL assigned to variable ActionResult oResponse = null; if (Session["Username"] == null || (Int16)Session["Role"] != 1) { //Everyone, but admin oResponse = RedirectToAction("Index", "Home"); } else if (user.Role != 1) //stops an admin from deleting them self { UserVM newVM = new UserVM(); //creating a new instance try { //Uses method from DAL UserAccess.DeleteUsers(UserID); //Return view to see the change oResponse = RedirectToAction("ViewUsers", "User"); } catch (Exception e) { newVM.ErrorMessage = "Sorry we can not process your request at this time"; ErrorLog.LogError(e); oResponse = RedirectToAction("ViewUsers", "User"); } finally { //Onshore standards } } return(oResponse); }
public void UpdateUser(IUserDO iUser) { try //Exception handling { //Create connection using (SqlConnection connectionToSql = new SqlConnection(_ConnectionString)) { //Create command using (SqlCommand command = new SqlCommand("UPDATE_USERS", connectionToSql)) { try { //interpret command command.CommandType = CommandType.StoredProcedure; command.CommandTimeout = 30; //30 second #region Parameters //Passing parameters in from Sql command.Parameters.AddWithValue("@UserID", iUser.UserID); command.Parameters.AddWithValue("@FirstName", iUser.FirstName); command.Parameters.AddWithValue("@LastName", iUser.LastName); command.Parameters.AddWithValue("@PhoneNumber", iUser.PhoneNumber); command.Parameters.AddWithValue("@HouseAptNumber", iUser.HouseAptNumber); command.Parameters.AddWithValue("@StreetName", iUser.StreetName); command.Parameters.AddWithValue("@City", iUser.City); command.Parameters.AddWithValue("@State", iUser.State); command.Parameters.AddWithValue("@Zip", iUser.Zip); command.Parameters.AddWithValue("@Role", iUser.Role); command.Parameters.AddWithValue("@UserName", iUser.Username); command.Parameters.AddWithValue("@Password", iUser.Password); #endregion connectionToSql.Open(); command.ExecuteNonQuery(); //no info returned } catch (Exception e) { throw (e); //throw to outside try catch } finally { connectionToSql.Close(); //Saftey connectionToSql.Dispose(); } } } } catch (Exception e) { LogError.Log(e); throw (e); //throw to controller } finally { //Onshore standards } }
public void CreateUser(IUserDO iUser) { try { //create connection using (SqlConnection connectionToSql = new SqlConnection(_ConnectionString)) { //create command using (SqlCommand storedCommand = new SqlCommand("CREATE_USER", connectionToSql)) { try { storedCommand.CommandType = CommandType.StoredProcedure; storedCommand.CommandTimeout = 30; //seconds before timeout //Add the value of our parmeters storedCommand.Parameters.AddWithValue("@FirstName", iUser.FirstName); storedCommand.Parameters.AddWithValue("@LastName", iUser.LastName); storedCommand.Parameters.AddWithValue("@PhoneNumber", iUser.PhoneNumber); storedCommand.Parameters.AddWithValue("@HouseAptNumber", iUser.HouseAptNumber); storedCommand.Parameters.AddWithValue("@StreetName", iUser.StreetName); storedCommand.Parameters.AddWithValue("@City", iUser.City); storedCommand.Parameters.AddWithValue("@State", iUser.State); storedCommand.Parameters.AddWithValue("@Zip", iUser.Zip); storedCommand.Parameters.AddWithValue("@Role", iUser.Role); storedCommand.Parameters.AddWithValue("@Username", iUser.Username); storedCommand.Parameters.AddWithValue("@Password", iUser.Password); connectionToSql.Open(); storedCommand.ExecuteNonQuery(); } catch (Exception e) { throw (e); //throw to outer try catch } finally { connectionToSql.Close(); //safftey closing & disposing connectionToSql.Dispose(); } } } } catch (Exception e) { LogError.Log(e); throw (e); //throw to the controller } finally { //Onshore standards } }
public static UserPO MapUserDOtoPO(IUserDO userDO) { var oUser = new UserPO(); oUser.UserID = userDO.UserID; oUser.FirstName = userDO.FirstName; oUser.LastName = userDO.LastName; oUser.RoleID_FK = userDO.RoleID_FK; oUser.Email = userDO.Email; oUser.Active = userDO.Active; return(oUser); }
public void Register(IUserDO iUser) { try //Catch Exceptions { //Create connection using (SqlConnection connectionToSql = new SqlConnection(_ConnectionString)) { //Create command using (SqlCommand storedCommand = new SqlCommand("CREATE_USER", connectionToSql)) { try { //Command properties storedCommand.CommandType = CommandType.StoredProcedure; storedCommand.CommandTimeout = 60; //Add value to the Parameter storedCommand.Parameters.AddWithValue("@FirstName", iUser.FirstName); storedCommand.Parameters.AddWithValue("@LastName", iUser.LastName); storedCommand.Parameters.AddWithValue("@PhoneNumber", iUser.PhoneNumber); storedCommand.Parameters.AddWithValue("@HouseAptNumber", iUser.HouseAptNumber); storedCommand.Parameters.AddWithValue("@StreetName", iUser.StreetName); storedCommand.Parameters.AddWithValue("@City", iUser.City); storedCommand.Parameters.AddWithValue("@State", iUser.State); storedCommand.Parameters.AddWithValue("@Zip", iUser.Zip); storedCommand.Parameters.AddWithValue("@Role", iUser.Role); storedCommand.Parameters.AddWithValue("@Username", iUser.Username); storedCommand.Parameters.AddWithValue("@Password", iUser.Password); connectionToSql.Open(); storedCommand.ExecuteNonQuery(); } catch (Exception e) { throw (e); //Throw to outer try catch } finally { connectionToSql.Close(); //Saftey connectionToSql.Dispose(); } } } } catch (Exception e) { LogError.Log(e); throw (e); } finally { //Onshore standards } }
public IUserBO CheckUserLogin(string email, string password) { password = HashPassword(password); if ((_dbUser = _ucda.GetUserLoginInformation(email, password)) != null) { _loginUser = Mapper.Map <IUserDO, IUserBO>(_dbUser); return(_loginUser); } else { return(_loginUser); } }
public ActionResult UpdateUser(UserVM iUser) { ActionResult oResponse = null; if (Session["Username"] == null || (Int16)Session["Role"] == 3) { //Guest, User oResponse = RedirectToAction("Index", "Home"); } else //Admin { if (ModelState.IsValid) //if correct info { try { //give mapping a variable to be used IUserDO update = UserMap.MapPOtoDO(iUser.User); //Call the method to be used UserAccess.UpdateUser(update); if ((Int16)Session["Role"] != 1) { //if not admin //redirect to profile oResponse = RedirectToAction("ViewUserbyID", "User", new { UserID = (long)Session["UserID"] }); //Return to the view to see changes } else { //admin views all users oResponse = RedirectToAction("ViewUsers", "User"); } } catch (Exception e) { //for the errors thrown below iUser.ErrorMessage = "Sorry your request cannot be processed"; ErrorLog.LogError(e); oResponse = View(iUser); } finally { //Onshore standards } } else //if it isn't valid information { oResponse = View(iUser); //Return to the Update page to fill out info again } } return(oResponse); }
public IUserDO GetUserByID(int iUserID) { IUserDO user = null; try { using (SqlConnection con = new SqlConnection(ConnectionParms)) { using (SqlCommand getUserComm = new SqlCommand("sp_GetUserById", con)) { getUserComm.CommandType = CommandType.StoredProcedure; getUserComm.CommandTimeout = 35; getUserComm.Parameters.AddWithValue("@UserId", iUserID); con.Open(); using (SqlDataReader reader = getUserComm.ExecuteReader()) { while (reader.Read()) { user = new UserDO { UserID = reader.GetInt32(reader.GetOrdinal("UserID")), FirstName = (string)reader["FirstName"], LastName = (string)reader["LastName"], RoleID_FK = reader.GetInt32(reader.GetOrdinal("RoleID")), Email = (string)reader["Email"], TeamID = reader.GetInt32(reader.GetOrdinal("TeamID")) //user.TeamManagementID = reader.GetInt32(reader.GetOrdinal("TeamManagementID")); }; } } } } } catch (Exception ex) { ErrorLogger.LogError(ex, "GetUserByID", "nothing"); } return(user); }
public static UserPO MapDOtoPO(IUserDO iFrom) { UserPO oTo = new UserPO(); //creating a new instance //PO //DO oTo.UserID = iFrom.UserID; oTo.FirstName = iFrom.FirstName; oTo.LastName = iFrom.LastName; oTo.PhoneNumber = iFrom.PhoneNumber; oTo.HouseAptNumber = iFrom.HouseAptNumber; oTo.StreetName = iFrom.StreetName; oTo.City = iFrom.City; oTo.State = iFrom.State; oTo.Zip = iFrom.Zip; oTo.Role = iFrom.Role; oTo.Username = iFrom.Username; oTo.Password = iFrom.Password; return(oTo); //return PO }
///// <summary> ///// ///// </summary> ///// <returns></returns> //public List<IUserLoginDO> GetAllUsersLogin() //{ // List<IUserLoginDO> _list = new List<IUserLoginDO>(); // // TODO - implement database call here // using (SqlConnection conn = new SqlConnection(_ConnectionString)) // { // // create a sqlcommand // using (SqlCommand command = new SqlCommand("sp_GetAllUserLogin", conn)) // { // // details to the select command // command.CommandType = CommandType.StoredProcedure; // conn.Open(); // // need a loop to get users from the database // using (SqlDataReader reader = command.ExecuteReader()) // { // while (reader.Read()) // { // UserLoginDO _userLoginDO = new UserLoginDO(); // _userLoginDO.UserID = (int)reader["UserID"]; // _userLoginDO.FirstName = (string)reader["FirstName"]; // _userLoginDO.LastName = (string)reader["LastName"]; // _userLoginDO.Password = (string)reader["Password"]; // _userLoginDO.Salt = (string)reader["Salt"]; // _userLoginDO.Email = (string)reader["Email"]; // _userLoginDO.RoleID_FK = (int)reader["RoleID"]; // _userLoginDO.RoleNameShort = (string)reader["RoleNameShort"]; // _userLoginDO.RoleNameLong = (string)reader["RoleNameLong"]; // //if ((string)reader["Role"] == RoleType.ADMINISTRATOR.ToString()) // //{ // // _userDO.Role = RoleType.ADMINISTRATOR; // //} // //else // //{ // // _userDO.Role = RoleType.CUSTOMER; // //} // _list.Add(_userLoginDO); // } // } // } // } // return _list; //} // <summary> /// Company: Onshore Outsourcing, https://www.onshoreoutsourcing.com/ /// Author: Giancarlo Rhodes /// Description: Database access methods for user credentials /// <param name="username"></param> /// <param name="userpassword"></param> /// <returns></returns> public IUserDO GetUserLoginInformation(string username, string userpassword) { //TODO GSR - make this a db call IUserDO _userLoginDO = null; try { using (SqlConnection conn = new SqlConnection(_ConnectionString)) { using (SqlCommand viewComm = new SqlCommand("sp_UserCredentialCheckReturnUserInfo", conn)) { viewComm.CommandType = CommandType.StoredProcedure; viewComm.CommandTimeout = 35; viewComm.Parameters.AddWithValue("@parmUserEmail", SqlDbType.VarChar).Value = username; viewComm.Parameters.AddWithValue("@parmUserPassword", SqlDbType.VarChar).Value = userpassword; conn.Open(); using (SqlDataReader reader = viewComm.ExecuteReader()) { while (reader.Read()) { _userLoginDO = new UserDO(); _userLoginDO.UserID = (int)reader["UserID"]; _userLoginDO.FirstName = (string)reader["FirstName"]; _userLoginDO.LastName = (string)reader["LastName"]; _userLoginDO.Email = (string)reader["Email"]; _userLoginDO.RoleID_FK = (int)reader["RoleID"]; _userLoginDO.RoleName = (string)reader["RoleNameShort"]; } } } } } catch (Exception ex) { ErrorLogger.LogError(ex, "GetUserLoginInformation", "nothing"); } return(_userLoginDO); }
public ActionResult CreateUser(UserVM iUser) { ActionResult oResponse = null; if (Session["Username"] == null || (Int16)Session["Role"] != 1) { //Guest,Power User, User oResponse = RedirectToAction("Index", "Home"); } else { //Admin if (ModelState.IsValid) //if info correct { try { //Mapping assigned to variable IUserDO Userform = UserMap.MapPOtoDO(iUser.User); //Use of method from DAL UserAccess.CreateUser(Userform); //Redirect to list of users oResponse = RedirectToAction("ViewUsers", "User", new { UserID = Session["UserID"] }); } catch (Exception e) { iUser.ErrorMessage = "Sorry we can preform that task at the moment, try again later"; ErrorLog.LogError(e); oResponse = View(iUser); } finally { //Onshore standards } } else //if info incorrect { oResponse = View(iUser); } } return(oResponse); }
public ActionResult UpdateUser(long UserID) { ActionResult oResponse = null; if (Session["Username"] == null || (Int16)Session["Role"] == 3) { //Guest, User oResponse = RedirectToAction("Index", "Home"); } else //Admin { //Create a new instance of the object UserVM newVM = new UserVM(); //set the method to a variable to be used IUserDO user = UserAccess.ViewUsersByID(UserID); //set mapping to a variable newVM.User = UserMap.MapDOtoPO(user); //return view oResponse = View(newVM); } return(oResponse); }