public ActionResult Create([Bind(Include = "Id,BoxName,UserName,Password,Client,ServerAddress,IsAvailable,UpdateDt,IsPrivate")] Account account)
{
if (ModelState.IsValid)
{
var user = InternalAttribute.GetUser();
var accoutNum = db.Accounts.Where(c => c.BoxName == account.BoxName).Count();
if (accoutNum > 0)
{
ViewBag.ErrorMessage = string.Format("The Box {0} has already exist in DB, please choose another one", account.BoxName);
return View(account);
}
if (user != null)
{
if (account.Id == 0)
{
AccountUser au = new AccountUser()
{
CreateDt = DateTime.Now,
IsOwner = true,
IsPrimary = true,
Uid = user.Id,
Account = account
};
account.UpdateDt = DateTime.Now;
account.AccountUsers.Add(au);
db.Accounts.Add(account);
db.SaveChanges();
}
else
{
var myAct = from at in db.Accounts
join au in db.AccountUsers on at.Id equals au.AcctId
where at.Id == account.Id && au.IsOwner && au.Uid == user.Id
select at;
if (myAct.Count() > 0)
{
db.Entry(account).State = EntityState.Modified;
account.UpdateDt = DateTime.Now;
db.SaveChanges();
}
}
}
return RedirectToAction("MyAccounts");
}
return View(account);
}
public IHttpActionResult UpdateAccountUser(AccountUser acctUser)
{
if (!ModelState.IsValid)
return BadRequest();
if (u != null && u.Id != acctUser.Uid)
{
if (db.AccountUsers.Any(o => o.AcctId == acctUser.AcctId && o.Uid == u.Id && o.IsOwner))
{
acctUser.CreateDt = DateTime.Now;
var entity = db.Entry(acctUser);
entity.State = EntityState.Modified;
entity.Property(p => p.IsOwner).IsModified = true;
entity.Property(p => p.CreateDt).IsModified = true;
entity.Property(p => p.IsPrimary).IsModified = false;
db.SaveChanges();
}
}
return Ok(acctUser);
}
public IHttpActionResult UpdateAccount(Account account)
{
if (!ModelState.IsValid)
{
return BadRequest(ModelState);
}
var request = Request.RequestUri;
var user = getUser();
if (user != null)
{
if (account.Id == 0)
{
AccountUser au = new AccountUser()
{
CreateDt = DateTime.Now,
IsOwner = true,
IsPrimary = true,
Uid = user.Id,
Account = account
};
account.AccountUsers.Add(au);
db.Accounts.Add(account);
db.SaveChanges();
//if not clear accout users, it will throw an Serializable error.
account.AccountUsers.Clear();
return Ok(account);
}
else
{
var myAct = from at in db.Accounts
join au in db.AccountUsers on at.Id equals au.AcctId
where at.Id == account.Id && au.IsOwner && au.Uid == user.Id
select at;
if (myAct.Count() > 0)
{
db.Entry(account).State = EntityState.Modified;
account.UpdateDt = DateTime.Now;
db.SaveChanges();
return Ok(account);
}
else
{
return NotFound();
}
}
}
return StatusCode(HttpStatusCode.NoContent);
}
public IHttpActionResult RemoveUser(AccountUser acctUser)
{
if (!ModelState.IsValid)
return BadRequest();
if (u != null && u.Id != acctUser.Uid)
{
if (db.AccountUsers.Any(o => o.AcctId == acctUser.AcctId && o.Uid == u.Id && o.IsOwner))
{
db.Entry(acctUser).State = EntityState.Modified;
db.AccountUsers.Remove(acctUser);
db.SaveChanges();
}
}
return Ok();
}
public ActionResult SetAccess(int id)
{
var u = InternalAttribute.GetUser();
if (u != null)
{
var access = db.Accesses.Where(c => c.Id == id).FirstOrDefault();
if (access != null)
{
var aus = db.AccountUsers.Include(a => a.User).Include(a => a.Account).Where(a => a.AcctId == access.AcctId && a.IsOwner).ToList();
if (aus.Exists(a => a.Uid == u.Id))
{
AccountUser newAu = new AccountUser();
newAu.Uid = access.Uid;
newAu.AcctId = access.AcctId;
newAu.CreateDt = DateTime.Now;
db.AccountUsers.Add(newAu);
db.Accesses.Remove(access);
db.SaveChanges();
var targetUser = db.Users.Find(access.Uid);
ViewBag.UserName = targetUser.UserName;
ViewBag.BoxName = aus.First().Account.BoxName;
MailMessage msg = new MailMessage();
msg.From = new MailAddress("*****@*****.**");
msg.To.Add(targetUser.Email);
foreach (var au in aus)
{
msg.CC.Add(au.User.Email);
}
MailHelper.AddAdminMail(msg);
msg.Subject = "You now have access to SAP Box:" + aus.First().Account.BoxName;
msg.Body = "<p>Hi,</p>";
msg.Body += "<P>" + u.UserName + " has granted the access to SAP Box for you</p>";
msg.IsBodyHtml = true;
MailHelper.SendMail(msg);
}
else
{
ViewBag.ErrorMessage = "You don't have permisson to do this";
}
}
else
{
ViewBag.ErrorMessage = "Can not find the request.";
}
}
else
{
ViewBag.ErrorMessage = "Invaild User";
}
return View();
}
