public async Task <ActionResult> Create([Bind(Include = "userName,hashPassword,permissionGroup")] UserAccount useraccount)
{
if (ModelState.IsValid)
{
//check that the user has sufficient priveliges
if (useraccount.permissionGroup == "Boss" || useraccount.permissionGroup == "Admins")
{
if (!LDAPHelper.UserIsMemberOfGroupOC("Boss", User.Identity.Name))
{
RedirectToAction("Error", "ErrorPages");
}
}
else //auto generate a password for the customers
{
useraccount.hashPassword = System.Web.Security.Membership.GeneratePassword(9, 2);
}
//hash the password with the apps secret key
useraccount.hashPassword = EncryptionHelper.Encrypt(useraccount.hashPassword);
db.UserAccounts.Add(useraccount);
await db.SaveChangesAsync();
return(RedirectToAction("Index"));
}
return(View(useraccount));
}
public async Task <ActionResult> ChangePaid(int id, bool value)
{
Invoices invoices = await db.Invoices.FindAsync(id);
if (invoices == null)
{
return(Json(new { Success = false }));
}
invoices.paid = value;
db.Entry(invoices).State = EntityState.Modified;
await db.SaveChangesAsync();
return(Json(new { Success = true }));
}