public ActionResult AddUser(RepoEditModel model)
{
int repoId = model.Repo;
if(model.NewUser==null)
{
ModelState.AddModelError("", "Enter username!!");
return RedirectToAction("Edit", routeValues: new { id = repoId, model = model });
}
string connStr = @"Data Source=(LocalDb)\v11.0;AttachDbFilename=|DataDirectory|\aspnet-WebApplication2-20160108044733.mdf;Initial Catalog=aspnet-WebApplication2-20160108044733;Integrated Security=True";
SqlConnection conn = new SqlConnection(connStr);
try
{
//пробуем подключится
conn.Open();
}
catch (SqlException se)
{
ModelState.AddModelError("", "can't open connection" + se);
return RedirectToAction("Edit", routeValues: new { id = repoId, model = model });
}
var manager = new UserManager<ApplicationUser>(new UserStore<ApplicationUser>(new ApplicationDbContext()));
var currentUser = manager.FindByName(model.NewUser);
string query = "INSERT INTO Connection (Users,Repos)" +
"VALUES (@Users, @Repos);";
SqlCommand cmd = new SqlCommand(query, conn);
SqlParameter param = new SqlParameter();
param.ParameterName = "@Users";
param.Value = currentUser.Id;
param.SqlDbType = SqlDbType.NVarChar;
cmd.Parameters.Add(param);
param = new SqlParameter();
param.ParameterName = "@Repos";
param.Value = repoId;
param.SqlDbType = SqlDbType.Int;
cmd.Parameters.Add(param);
try
{
cmd.ExecuteNonQuery();
}
catch (Exception ex)
{
ModelState.AddModelError("", "Can't update. " + ex);
return RedirectToAction("Edit", routeValues: new { id = repoId, model = model });
}
conn.Close();
conn.Dispose();
return RedirectToAction("Edit", routeValues: new { id = repoId, model = model });
}
public ActionResult Upload(HttpPostedFileBase file,RepoEditModel model )
{
if (Request.Files.Count > 0)
{
string repoId = model.Repo.ToString();
string userId = model.User.ToString();
string connStr = @"Data Source=(LocalDb)\v11.0;AttachDbFilename=|DataDirectory|\aspnet-WebApplication2-20160108044733.mdf;Initial Catalog=aspnet-WebApplication2-20160108044733;Integrated Security=True";
SqlConnection conn = new SqlConnection(connStr);
try
{
conn.Open();
}
catch (SqlException se)
{
ModelState.AddModelError("", "can't open connection" + se);
return RedirectToAction("Edit", routeValues: new { id = repoId, model = model });
}
string query = "SELECT * FROM Repositories WHERE Id = '"+repoId+"';";
SqlCommand cmd = new SqlCommand(query, conn);
SqlDataReader dr = cmd.ExecuteReader();
string owner=null;
bool flag = false;
if (dr.Read())
{
owner=dr.GetValue(2).ToString();
if (owner == userId)
{
flag = true;
}else{
query = "SELECT * FROM Connection WHERE Repos = '"+repoId+"';";
cmd = new SqlCommand(query, conn);
dr.Close();
dr = cmd.ExecuteReader(CommandBehavior.CloseConnection);
while(dr.Read()){
if(dr.GetValue(0).ToString() == userId)
{
flag=true;
break;
}
}
if(!flag)
{
ModelState.AddModelError("", "You don't have pervission!");
return RedirectToAction("Edit?repoId="+model.Repo.ToString(), model);
}
}
}
var newFile = Request.Files[0];
if (newFile != null && newFile.ContentLength > 0)
{
var fileName = Path.GetFileName(newFile.FileName);
query = "INSERT INTO Files (Name,Path,Repo,LastChange,LastChangeBy,Type) VALUES "
+ "(@Name, @Path,@Repo,@time,@currentUser,@Type)";
cmd = new SqlCommand(query, conn);
SqlParameter param = new SqlParameter();
param.ParameterName = "@Name";
param.Value = fileName.Trim();
param.SqlDbType = SqlDbType.NVarChar;
cmd.Parameters.Add(param);
param = new SqlParameter();
param.ParameterName = "@Path";
param.Value = "~/Repos/" + owner + "/" + repoId + "/" + fileName;
param.SqlDbType = SqlDbType.NVarChar;
cmd.Parameters.Add(param);
param = new SqlParameter();
param.ParameterName = "@Repo";
param.Value = repoId;
param.SqlDbType = SqlDbType.Int;
cmd.Parameters.Add(param);
param = new SqlParameter();
param.ParameterName = "@time";
param.Value = System.DateTime.Now;
param.SqlDbType = SqlDbType.DateTime;
cmd.Parameters.Add(param);
param = new SqlParameter();
param.ParameterName = "@currentUser";
param.Value = userId;
param.SqlDbType = SqlDbType.NVarChar;
cmd.Parameters.Add(param);
param = new SqlParameter();
param.ParameterName = "@type";
param.Value = file.ContentType;
param.SqlDbType = SqlDbType.NVarChar;
dr.Close();
cmd.Parameters.Add(param);
try
{
cmd.ExecuteNonQuery();
}
catch (Exception ex)
{
ModelState.AddModelError("", "Can't update. " + ex);
return RedirectToAction("Edit", routeValues: new { id = repoId, model = model });
}
conn.Close();
conn.Dispose();
ViewData["Message"] = "Success";
var path = Path.Combine(Server.MapPath("~/Repos/"+owner+"/"+repoId+"/"), fileName);
file.SaveAs(path);
}
}
return RedirectToAction("Edit",routeValues: new { id = model.Repo.ToString(), model=model });
}
//
// GET: /Repository/Edit/5
public ActionResult Edit(int id, RepoEditModel model)
{
ViewBag.repoId = id;
return View(model);
}