protected void AddNewStaff(object sender, EventArgs e) { var environmentParametersViewModel = new EnvironmentParametersFactory(AppSettings.ConnectionStringName).GetEnvironmentParameters(); var staffManagement = new StaffManagement(environmentParametersViewModel); var doesUserExist = staffManagement.DoesUserExist(loginID.Text); staffManagement.Dispose(); if (doesUserExist) { var radalertscript = "<script language='javascript'>function f(){radalert('" + string.Format("Cannot Add User, this user already exists. User: {0}", loginID.Text) + "', 300, 300, 'Duplicate User Detected'); Sys.Application.remove_load(f);}; Sys.Application.add_load(f);</script>"; Page.ClientScript.RegisterStartupScript(GetType(), "radalert", radalertscript); return; } var staffIdentificationTable = new dtGeneric_String_String(); var schoolIdTable = new dtGeneric_Int(); var userTypeIdTable = new dtGeneric_String(); string restrictionsValue = string.Empty ; staffIdentificationTable.Rows.Add("FirstName", firstName.Text); staffIdentificationTable.Rows.Add("MiddleName", middleName.Text); staffIdentificationTable.Rows.Add("LastName", lastName.Text); staffIdentificationTable.Rows.Add("Email", email.Text); staffIdentificationTable.Rows.Add("LoginID", loginID.Text); switch (DataIntegrity.ConvertToInt(restrictionsDropdown.SelectedIndex)) // using index is not best way to accomplish this... but easy to fix in the future if we need to reorder dropdown { case (int)Restrictions.None: staffIdentificationTable.Rows.Add("IsLockedOut", "false"); staffIdentificationTable.Rows.Add("IsApproved", "true"); staffIdentificationTable.Rows.Add("Restrictions", "None"); restrictionsValue = "None"; break; case (int)Restrictions.Revoked: staffIdentificationTable.Rows.Add("IsLockedOut", "false"); staffIdentificationTable.Rows.Add("IsApproved", "false"); staffIdentificationTable.Rows.Add("Restrictions", "None"); restrictionsValue = "None"; break; case (int)Restrictions.LockedOut: staffIdentificationTable.Rows.Add("IsLockedOut", "true"); staffIdentificationTable.Rows.Add("IsApproved", "true"); staffIdentificationTable.Rows.Add("Restrictions", "None"); restrictionsValue = "None"; break; case (int)Restrictions.ChangePassword: staffIdentificationTable.Rows.Add("IsLockedOut", "false"); staffIdentificationTable.Rows.Add("IsApproved", "true"); staffIdentificationTable.Rows.Add("Restrictions", ThinkgateUser.ChangePasswordRestrictionValue); restrictionsValue = ThinkgateUser.ChangePasswordRestrictionValue.ToString(CultureInfo.InvariantCulture); break; } foreach (RadComboBoxItem item in schoolDropdown.Items) { var itemCheckbox = (CheckBox)item.FindControl("schoolCheckbox"); var itemLabel = (Label)item.FindControl("schoolLabel"); if (itemCheckbox != null && itemCheckbox.Checked && itemLabel.Text != @"All" && itemLabel.Text.ToLower().IndexOf("<img", StringComparison.Ordinal) == -1) { schoolIdTable.Add(DataIntegrity.ConvertToInt(item.Value)); } } StringBuilder userSyncRoles = new StringBuilder(); foreach (RadComboBoxItem item in userTypeDropdown.Items) { var itemCheckbox = (CheckBox)item.FindControl("userTypeCheckbox"); var itemLabel = (Label)item.FindControl("userTypeLabel"); if (itemCheckbox != null && itemCheckbox.Checked && itemLabel.Text != @"All" && itemLabel.Text.ToLower().IndexOf("<img", StringComparison.Ordinal) == -1) { userTypeIdTable.Add(item.Text); userSyncRoles.Append(itemLabel.Text); } } /* Create the user record */ /* Validate Results - if error, give message and go back to user */ SqlParameterCollection parms = new SqlCommand().Parameters; parms.AddWithValue("ApplicationName", AppSettings.ApplicationName); parms.AddWithValue("UserName", loginID.Text); parms.AddWithValue("FirstName", firstName.Text); parms.AddWithValue("MiddleName", middleName.Text); parms.AddWithValue("LastName", lastName.Text); parms.AddWithValue("Password", DistrictParms.LoadDistrictParms().DefaultPasswordEncrypted); parms.AddWithValue("PasswordSalt", DistrictParms.LoadDistrictParms().DefaultPasswordEncryptedSalt); parms.AddWithValue("Email", email.Text); parms.Add(ThinkgateDataAccess.GetParmFromTable(userTypeIdTable.ToSql(), "Roles")); parms.Add(ThinkgateDataAccess.GetParmFromTable(schoolIdTable.ToSql(), "Schools")); parms.AddWithValue("PrimarySchool", DataIntegrity.ConvertToInt(cmbPrimarySchool.SelectedItem.Value)); parms.AddWithValue("PrimaryUser", cmbPrimaryUser.SelectedItem.Text); parms.AddWithValue("TeacherID", string.Empty); parms.AddWithValue("Restrictions", restrictionsValue); var drNewStaffUserPage = ThinkgateDataAccess.FetchDataRow(AppSettings.ConnectionString, Base.Classes.Data.StoredProcedures.ASPNET_TG_SECURITY_USER_CREATE_USER, System.Data.CommandType.StoredProcedure, parms, SessionObject.GlobalInputs); /* * Extract UserPage ID out of recordset and put in hidden field so that when we return to the client side, we * can offer user (through javascript) the opportunity to bring up Staff Object Page with new staff in it. */ if (drNewStaffUserPage != null) { hdnNewStaffIDEncrypted.Value = Standpoint.Core.Classes.Encryption.EncryptString(drNewStaffUserPage["UserPage"].ToString()); KenticoBusiness.AddUserAndRoles(loginID.Text); } //Dan - UserSync - Queue a UserSync Message here! //TODO: Michael Rue - complete user sync functionality //UserSyncHelperFactory.GetMsmqHelper().AddOrUpdateUser(loginID.Text, loginID.Text, null, email.Text, JsonConvert.SerializeObject(userSyncRoles)); ScriptManager.RegisterStartupScript(this, typeof(AddStaff), "AddedStaff", "autoSizeWindow();", true); resultPanel.Visible = true; addPanel.Visible = false; lblResultMessage.Text = @"Staff successfully added!"; }