public ActionResult ViewUsers()
{
UserVM newVM = new UserVM();
if (Session["UserName"] != null && (int)Session["UserLevel"] == 1)
{
try
{
//create new list
List <IuserInfoDO> userData = _UserAccess.ViewAllUsers();
//map info from data to presentation obj
newVM.UserList = UserMap.MapDOtoPO(userData);
}
catch (Exception)
{
//pass error to user here in presentation layer, error has already been logged
newVM.ErrorMessage = "There was an issue obtaining the list";
}
finally
{
///nothing else needs to happen
}
return(View(newVM));
}
else
{
return(RedirectToAction("Login", "User"));
}
}
public ActionResult ViewUsers()
{
ActionResult oResponse = null;
if (Session["Username"] == null || (Int16)Session["Role"] != 1)
{
//Guest, User, Power User
oResponse = RedirectToAction("Index", "Home");
}
else //Admin
{
UserVM newVM = new UserVM(); //create new instance
try
{
//Use of method from DAL assigned in a variable
List <IUserDO> userInfo = UserAccess.ViewAllUsers();
//Mapping assigned in a variable
newVM.UserList = UserMap.MapDOtoPO(userInfo);
//return view
oResponse = View(newVM);
}
catch (Exception e)
{
newVM.ErrorMessage = "Sorry we cannot process your request at this time";
ErrorLog.LogError(e);
oResponse = View(newVM);
}
finally
{
//Onshore standards
}
}
return(oResponse);
}
public ActionResult ViewUserbyID(long UserID)
{
ActionResult oResponse = null;
if (Session["Username"] == null) //Guest
{
oResponse = RedirectToAction("Index", "Home");
}
else
{
UserVM newVM = new UserVM(); //creating new instance
try
{
//Uses method from DAL then assigns to variable
IUserDO userInfo = UserAccess.ViewUsersByID(UserID);
//Mapping assigned to variable
newVM.User = UserMap.MapDOtoPO(userInfo);
//Return this view
oResponse = View(newVM);
}
catch (Exception e)
{
newVM.ErrorMessage = "Sorry we cannot process your request at this time";
ErrorLog.LogError(e);
oResponse = View(newVM);
}
finally
{
//Onshore standards
}
}
return(oResponse);
}
public ActionResult Login(UserVM iForm)
{
ActionResult oResponse = null;
//if data annotation requirements are met
if (ModelState.IsValid)
{
//check db to see if user input matches that user db info
UserPO user = UserMap.MapDOtoPO(_UserAccess.ViewUserByUserName(iForm.User.UserName));
if (user != null && iForm.User.Password.Equals(user.Password))
{
//set session for current user
Session["UserName"] = user.UserName;
Session["UserLevel"] = user.UserLevel;
Session.Timeout = 10;
if (iForm.RememberMe == true)
{
//save cookie with user info IF they checked the "Remember me" box on log in page
HttpCookie cookie = new HttpCookie("UserInfo");
cookie["UserName"] = user.UserName;
cookie["Password"] = user.Password;
Response.Cookies.Add(cookie);
}
else
{
//if box is not checked, do not keep cookie
Response.Cookies["UserInfo"].Expires = DateTime.Now.AddDays(-1);
}
oResponse = RedirectToAction("Index", "Home");
}
else
{
//if password is incorrect, return to screen and gice error message
ModelState.AddModelError("User.Password", "The Login Info is Invalid");
oResponse = View(iForm);
}
}
else
{
oResponse = View(iForm);
}
return(oResponse);
}
public ActionResult UpdateUser(int UserID)
{
if (Session["UserName"] != null && (int)Session["UserLevel"] == 1)
{
UserVM updateVM = new UserVM();
IuserInfoDO user = _UserAccess.ViewUserByID(UserID);
updateVM.User = UserMap.MapDOtoPO(user);
return(View(updateVM));
}
else
{
return(RedirectToAction("Login", "User"));
}
}
public ActionResult DeleteUser(int UserID)
{
UserVM removeUser = new UserVM();
//data call to pull up user info and get that UserLevel
UserPO deleteuser = UserMap.MapDOtoPO(_UserAccess.ViewUserByID(UserID));
//if user is not an admin
if (deleteuser.UserLevel != 1)
{
//session check to make sure address isnt just typed in
if (Session["UserName"] != null && (int)Session["UserLevel"] == 1)
{
try
{
//call to method from data layer to execute delete procedure
_UserAccess.DeleteUser(UserID);
}
catch (Exception)
{
removeUser.ErrorMessage = "There was a problem deleting the record from the database, please try again later";
}
finally
{
//error is kicked to user, return must be outside this scope.
}
//take user back to list of users to see if delete went through
return(RedirectToAction("ViewUsers", "User"));
}
else
{
return(RedirectToAction("Login", "User"));
}
}
else
{
//set temp data with message to return to View Users screen
TempData["ErrorMessage"] = "You are not authorized to delete an Admin!";
return(RedirectToAction("ViewUsers", "User"));
}
}
public ActionResult UpdateUser(long UserID)
{
ActionResult oResponse = null;
if (Session["Username"] == null || (Int16)Session["Role"] == 3)
{
//Guest, User
oResponse = RedirectToAction("Index", "Home");
}
else //Admin
{
//Create a new instance of the object
UserVM newVM = new UserVM();
//set the method to a variable to be used
IUserDO user = UserAccess.ViewUsersByID(UserID);
//set mapping to a variable
newVM.User = UserMap.MapDOtoPO(user);
//return view
oResponse = View(newVM);
}
return(oResponse);
}
