public HttpResponseMessage postMstUserForm(Entities.MstUserForm userForm) { try { Data.MstUserForm newUserForm = new Data.MstUserForm(); newUserForm.FormId = userForm.FormId; newUserForm.UserId = userForm.UserId; newUserForm.CanDelete = userForm.CanDelete; newUserForm.CanAdd = userForm.CanAdd; newUserForm.CanLock = userForm.CanLock; newUserForm.CanUnlock = userForm.CanUnlock; newUserForm.CanPrint = userForm.CanPrint; newUserForm.CanPreview = userForm.CanPreview; newUserForm.CanEdit = userForm.CanEdit; newUserForm.CanTender = userForm.CanTender; newUserForm.CanDiscount = userForm.CanDiscount; newUserForm.CanView = userForm.CanView; newUserForm.CanSplit = userForm.CanSplit; newUserForm.CanCancel = userForm.CanCancel; newUserForm.CanReturn = userForm.CanReturn; db.MstUserForms.InsertOnSubmit(newUserForm); db.SubmitChanges(); return(Request.CreateResponse(HttpStatusCode.OK)); } catch (Exception ex) { Debug.WriteLine(ex); return(Request.CreateResponse(HttpStatusCode.InternalServerError, "Something's went wrong from the server.")); } }
// =========== // User Rights // =========== public ActionResult UserRights(String formName) { var currentUser = from d in db.MstUsers where d.UserId == User.Identity.GetUserId() select d; if (currentUser.Any()) { var userForms = from d in db.MstUserForms where d.UserId == currentUser.FirstOrDefault().Id&& d.SysForm.FormName.Equals(formName) select d; if (userForms.Any()) { var userFormsRights = userForms.FirstOrDefault(); var model = new Entities.MstUserForm { CanAdd = userFormsRights.CanAdd, CanEdit = userFormsRights.CanEdit, CanDelete = userFormsRights.CanDelete, CanLock = userFormsRights.CanLock, CanUnlock = userFormsRights.CanUnlock, CanCancel = userFormsRights.CanCancel, CanPrint = userFormsRights.CanPrint }; return(View(model)); } else { return(RedirectToAction("Forbidden", "Software")); } } else { return(RedirectToAction("Login", "Account")); } }
public HttpResponseMessage putUser(String id, Entities.MstUserForm userForm) { try { var usersForm = from d in db.MstUserForms where d.Id == Convert.ToInt32(id) select d; if (usersForm.Any()) { //var userId = (from d in db.MstUsers where d.AspNetUserId == User.Identity.GetUserId() select d).FirstOrDefault().Id; var updateUserForm = usersForm.FirstOrDefault(); updateUserForm.FormId = userForm.FormId; updateUserForm.UserId = userForm.UserId; updateUserForm.CanDelete = userForm.CanDelete; updateUserForm.CanAdd = userForm.CanAdd; updateUserForm.CanLock = userForm.CanLock; updateUserForm.CanUnlock = userForm.CanUnlock; updateUserForm.CanPrint = userForm.CanPrint; updateUserForm.CanPreview = userForm.CanPreview; updateUserForm.CanEdit = userForm.CanEdit; updateUserForm.CanTender = userForm.CanTender; updateUserForm.CanDiscount = userForm.CanDiscount; updateUserForm.CanView = userForm.CanView; updateUserForm.CanSplit = userForm.CanSplit; updateUserForm.CanCancel = userForm.CanCancel; updateUserForm.CanReturn = userForm.CanReturn; db.SubmitChanges(); return(Request.CreateResponse(HttpStatusCode.OK)); } else { return(Request.CreateResponse(HttpStatusCode.NotFound)); } } catch (Exception e) { Debug.WriteLine(e); return(Request.CreateResponse(HttpStatusCode.BadRequest)); } }
public HttpResponseMessage UpdateUserForm(Entities.MstUserForm objUserForm, String id, String userId) { try { var currentUser = from d in db.MstUsers where d.UserId == User.Identity.GetUserId() select d; if (currentUser.Any()) { var currentUserId = currentUser.FirstOrDefault().Id; var userForms = from d in db.MstUserForms where d.UserId == currentUserId && d.SysForm.FormName.Equals("UserDetail") select d; if (userForms.Any()) { if (userForms.FirstOrDefault().CanEdit) { var user = from d in db.MstUsers where d.Id == Convert.ToInt32(userId) select d; if (user.Any()) { if (!user.FirstOrDefault().IsLocked) { var userForm = from d in db.MstUserForms where d.Id == Convert.ToInt32(id) select d; if (userForm.Any()) { String oldObject = at.GetObjectString(userForm.FirstOrDefault()); var updateUserForm = userForm.FirstOrDefault(); updateUserForm.FormId = objUserForm.FormId; updateUserForm.CanAdd = objUserForm.CanAdd; updateUserForm.CanEdit = objUserForm.CanEdit; updateUserForm.CanDelete = objUserForm.CanDelete; updateUserForm.CanLock = objUserForm.CanLock; updateUserForm.CanUnlock = objUserForm.CanUnlock; updateUserForm.CanCancel = objUserForm.CanCancel; updateUserForm.CanPrint = objUserForm.CanPrint; db.SubmitChanges(); String newObject = at.GetObjectString(userForm.FirstOrDefault()); at.InsertAuditTrail(currentUser.FirstOrDefault().Id, GetType().Name, MethodBase.GetCurrentMethod().Name, oldObject, newObject); return(Request.CreateResponse(HttpStatusCode.OK)); } else { return(Request.CreateResponse(HttpStatusCode.NotFound, "Data not found. These user form details are not found in the server.")); } } else { return(Request.CreateResponse(HttpStatusCode.BadRequest, "You cannot edit and update user form if the current user detail is locked.")); } } else { return(Request.CreateResponse(HttpStatusCode.NotFound, "These current user details are not found in the server. Please add new user first before proceeding.")); } } else { return(Request.CreateResponse(HttpStatusCode.BadRequest, "Sorry. You have no rights to edit and update user form.")); } } else { return(Request.CreateResponse(HttpStatusCode.BadRequest, "Sorry. You have no access for this user page.")); } } else { return(Request.CreateResponse(HttpStatusCode.BadRequest, "Theres no current user logged in.")); } } catch (Exception e) { Debug.WriteLine(e); return(Request.CreateResponse(HttpStatusCode.InternalServerError, "Something's went wrong from the server.")); } }
public HttpResponseMessage AddUserForm(Entities.MstUserForm objUserForm, String userId) { try { var currentUser = from d in db.MstUsers where d.UserId == User.Identity.GetUserId() select d; if (currentUser.Any()) { var currentUserId = currentUser.FirstOrDefault().Id; var userForms = from d in db.MstUserForms where d.UserId == currentUserId && d.SysForm.FormName.Equals("UserDetail") select d; if (userForms.Any()) { if (userForms.FirstOrDefault().CanAdd) { var user = from d in db.MstUsers where d.Id == Convert.ToInt32(userId) select d; if (user.Any()) { if (!user.FirstOrDefault().IsLocked) { Data.MstUserForm newUserForm = new Data.MstUserForm { UserId = Convert.ToInt32(userId), FormId = objUserForm.FormId, CanAdd = objUserForm.CanAdd, CanEdit = objUserForm.CanEdit, CanDelete = objUserForm.CanDelete, CanLock = objUserForm.CanLock, CanUnlock = objUserForm.CanUnlock, CanPrint = objUserForm.CanPrint }; db.MstUserForms.InsertOnSubmit(newUserForm); db.SubmitChanges(); return(Request.CreateResponse(HttpStatusCode.OK)); } else { return(Request.CreateResponse(HttpStatusCode.BadRequest, "You cannot add new user form if the current user detail is locked.")); } } else { return(Request.CreateResponse(HttpStatusCode.NotFound, "These current user details are not found in the server. Please add new user first before proceeding.")); } } else { return(Request.CreateResponse(HttpStatusCode.BadRequest, "Sorry. You have no rights to add user form.")); } } else { return(Request.CreateResponse(HttpStatusCode.BadRequest, "Sorry. You have no access for this user page.")); } } else { return(Request.CreateResponse(HttpStatusCode.BadRequest, "Theres no current user logged in.")); } } catch (Exception e) { Debug.WriteLine(e); return(Request.CreateResponse(HttpStatusCode.InternalServerError, "Something's went wrong from the server.")); } }