Пример #1
0
        public ActionResult DeletePendingConfirmed(int id)
        {
            if (Authorized(RoleType.SystemManager))
            {
                PendingUser user;
                using (PendingUsersRepository pendingUserRep = new PendingUsersRepository())
                {
                    user = pendingUserRep.GetEntity(id);

                    if (user == null)
                    {
                        return(Error(Loc.Dic.error_user_not_found));
                    }
                    if (user.CompanyId != CurrentUser.CompanyId)
                    {
                        return(Error(Loc.Dic.error_no_permission));
                    }

                    pendingUserRep.Delete(user.Id);
                }

                return(RedirectToAction("Index"));
            }
            else
            {
                return(Error(Loc.Dic.error_no_permission));
            }
        }
Пример #2
0
        public ActionResult DeletePending(int id = 0)
        {
            if (Authorized(RoleType.SystemManager))
            {
                PendingUser user;
                using (PendingUsersRepository userRep = new PendingUsersRepository())
                {
                    user = userRep.GetEntity(id, "User");
                }

                if (user == null)
                {
                    return(Error(Loc.Dic.error_user_not_found));
                }
                if (user.CompanyId != CurrentUser.CompanyId)
                {
                    return(Error(Loc.Dic.error_no_permission));
                }

                return(View(user));
            }
            else
            {
                return(Error(Loc.Dic.error_no_permission));
            }
        }
Пример #3
0
        public ActionResult EditPending(PendingUser user, string[] roleNames)
        {
            if (Authorized(RoleType.SystemManager))
            {
                if (ModelState.IsValid)
                {
                    PendingUser userFromDatabase;
                    using (PendingUsersRepository pendingUserRep = new PendingUsersRepository())
                    {
                        userFromDatabase = pendingUserRep.GetEntity(user.Id);

                        if (userFromDatabase != null)
                        {
                            if (userFromDatabase.CompanyId != CurrentUser.CompanyId)
                            {
                                return(Error(Loc.Dic.error_no_permission));
                            }

                            RoleType        combinedRoles  = RoleType.None;
                            List <RoleType> forbiddenRoles = GetForbiddenRoles();

                            foreach (string roleName in roleNames)
                            {
                                RoleType role;
                                if (Enum.TryParse(roleName, out role) && !forbiddenRoles.Contains(role))
                                {
                                    combinedRoles = Roles.CombineRoles(combinedRoles, role);
                                }
                                else
                                {
                                    return(Error(Loc.Dic.error_invalid_form));
                                }
                            }

                            userFromDatabase.Email            = user.Email;
                            userFromDatabase.Roles            = (int)combinedRoles;
                            userFromDatabase.OrdersApproverId = user.OrdersApproverId.HasValue && user.OrdersApproverId.Value == -1 ? null : user.OrdersApproverId;

                            pendingUserRep.Update(userFromDatabase);
                            return(RedirectToAction("Index"));
                        }
                        else
                        {
                            return(Error(Loc.Dic.error_user_not_found));
                        }
                    }
                }
                else
                {
                    return(Error(ModelState));
                }
            }
            else
            {
                return(Error(Loc.Dic.error_no_permission));
            }
        }
Пример #4
0
        public ActionResult EditPending(int id = 0)
        {
            if (Authorized(RoleType.SystemManager))
            {
                PendingUser             user;
                List <SelectListItemDB> usersList = new List <SelectListItemDB> {
                    new SelectListItemDB()
                    {
                        Id = -1, Name = "(ללא) מאשר סופי"
                    }
                };

                using (UsersRepository usersRep = new UsersRepository(CurrentUser.CompanyId))
                    using (PendingUsersRepository pendingUserRep = new PendingUsersRepository())
                    {
                        user = pendingUserRep.GetEntity(id);
                        usersList.AddRange(usersRep.GetList().Where(u => u.CompanyId == CurrentUser.CompanyId && ((RoleType)u.Roles & RoleType.OrdersApprover) == RoleType.OrdersApprover).Select(x => new SelectListItemDB()
                        {
                            Id = x.Id, Name = x.FirstName + " " + x.LastName
                        }));
                    }

                if (user.CompanyId != CurrentUser.CompanyId)
                {
                    return(Error(Loc.Dic.error_no_permission));
                }

                if (user != null)
                {
                    ViewBag.OrdersApproverId = new SelectList(usersList, "Id", "Name", user.OrdersApproverId.HasValue ? user.OrdersApproverId.Value : -1);

                    List <string> roleNames = GetRoleNames();
                    ViewBag.RolesList = roleNames;

                    ViewBag.ExistingRoles =
                        Roles.GetAllRoles((RoleType)user.Roles)
                        .Select(x => x.ToString())
                        .ToList();

                    return(View(user));
                }
                else
                {
                    return(Error(Loc.Dic.error_user_not_found));
                }
            }
            else
            {
                return(Error(Loc.Dic.error_no_permission));
            }
        }
Пример #5
0
        public ActionResult EditPending(PendingUser user, string[] roleNames)
        {
            if (Authorized(RoleType.SystemManager))
            {
                if (ModelState.IsValid)
                {
                    PendingUser userFromDatabase;
                    using (PendingUsersRepository pendingUserRep = new PendingUsersRepository())
                    {
                        userFromDatabase = pendingUserRep.GetEntity(user.Id);

                        if (userFromDatabase != null)
                        {
                            if (userFromDatabase.CompanyId != CurrentUser.CompanyId)
                                return Error(Loc.Dic.error_no_permission);

                            RoleType combinedRoles = RoleType.None;
                            List<RoleType> forbiddenRoles = GetForbiddenRoles();

                            foreach (string roleName in roleNames)
                            {
                                RoleType role;
                                if (Enum.TryParse(roleName, out role) && !forbiddenRoles.Contains(role))
                                {
                                    combinedRoles = Roles.CombineRoles(combinedRoles, role);
                                }
                                else
                                {
                                    return Error(Loc.Dic.error_invalid_form);
                                }
                            }

                            userFromDatabase.Email = user.Email;
                            userFromDatabase.Roles = (int)combinedRoles;
                            userFromDatabase.OrdersApproverId = user.OrdersApproverId.HasValue && user.OrdersApproverId.Value == -1 ? null : user.OrdersApproverId;

                            pendingUserRep.Update(userFromDatabase);
                            return RedirectToAction("Index");
                        }
                        else
                        {
                            return Error(Loc.Dic.error_user_not_found);
                        }
                    }
                }
                else
                {
                    return Error(ModelState);
                }
            }
            else
            {
                return Error(Loc.Dic.error_no_permission);
            }
        }
Пример #6
0
        public ActionResult EditPending(int id = 0)
        {
            if (Authorized(RoleType.SystemManager))
            {
                PendingUser user;
                List<SelectListItemDB> usersList = new List<SelectListItemDB> { new SelectListItemDB() { Id = -1, Name = "(ללא) מאשר סופי" } };

                using (UsersRepository usersRep = new UsersRepository(CurrentUser.CompanyId))
                using (PendingUsersRepository pendingUserRep = new PendingUsersRepository())
                {
                    user = pendingUserRep.GetEntity(id);
                    usersList.AddRange(usersRep.GetList().Where(u => u.CompanyId == CurrentUser.CompanyId && ((RoleType)u.Roles & RoleType.OrdersApprover) == RoleType.OrdersApprover).Select(x => new SelectListItemDB() { Id = x.Id, Name = x.FirstName + " " + x.LastName }));
                }

                if (user.CompanyId != CurrentUser.CompanyId)
                    return Error(Loc.Dic.error_no_permission);

                if (user != null)
                {
                    ViewBag.OrdersApproverId = new SelectList(usersList, "Id", "Name", user.OrdersApproverId.HasValue ? user.OrdersApproverId.Value : -1);

                    List<string> roleNames = GetRoleNames();
                    ViewBag.RolesList = roleNames;

                    ViewBag.ExistingRoles =
                        Roles.GetAllRoles((RoleType)user.Roles)
                        .Select(x => x.ToString())
                        .ToList();

                    return View(user);
                }
                else
                {
                    return Error(Loc.Dic.error_user_not_found);
                }
            }
            else
            {
                return Error(Loc.Dic.error_no_permission);
            }
        }
Пример #7
0
        public ActionResult DeletePendingConfirmed(int id)
        {
            if (Authorized(RoleType.SystemManager))
            {
                PendingUser user;
                using (PendingUsersRepository pendingUserRep = new PendingUsersRepository())
                {
                    user = pendingUserRep.GetEntity(id);

                    if (user == null)
                    {
                        return Error(Loc.Dic.error_user_not_found);
                    }
                    if (user.CompanyId != CurrentUser.CompanyId)
                    {
                        return Error(Loc.Dic.error_no_permission);
                    }

                    pendingUserRep.Delete(user.Id);
                }

                return RedirectToAction("Index");
            }
            else
            {
                return Error(Loc.Dic.error_no_permission);
            }
        }
Пример #8
0
        public ActionResult DeletePending(int id = 0)
        {
            if (Authorized(RoleType.SystemManager))
            {
                PendingUser user;
                using (PendingUsersRepository userRep = new PendingUsersRepository())
                {
                    user = userRep.GetEntity(id, "User");
                }

                if (user == null)
                {
                    return Error(Loc.Dic.error_user_not_found);
                }
                if (user.CompanyId != CurrentUser.CompanyId)
                {
                    return Error(Loc.Dic.error_no_permission);
                }

                return View(user);
            }
            else
            {
                return Error(Loc.Dic.error_no_permission);
            }
        }