/** * Retorna true se o privilégio do usuário logado é de vendedor da ATOS */ public static bool isAtosRoleVendedor(string token) { webpages_Users user = GetUser(token); if (user == null) { return(false); } using (var _db = new painel_taxservices_dbContext()) { _db.Configuration.ProxyCreationEnabled = false; webpages_Roles role = _db.webpages_UsersInRoles .Where(r => r.UserId == user.id_users) .Where(r => r.RoleId > 50) .Select(r => r.webpages_Roles) .FirstOrDefault(); if (role == null) { return(false); } return(role.RoleLevel >= 0 && role.RoleLevel <= 2 && role.RoleName.ToUpper().Equals("COMERCIAL")); } }
public IHttpActionResult Login([FromBody] JObject jsonResult) { Login model = jsonResult.ToObject <Login>(); if (!ModelState.IsValid) { return(BadRequest("Incorrect username or password")); } if (WebSecurity.Login(model.Username, model.Password, false)) { CoachItEntities _db = new CoachItEntities(); webpages_Users user = _db.webpages_Users.First(x => x.Username == model.Username); List <KeyValuePair <string, string> > claimsForToken = new List <KeyValuePair <string, string> >(); claimsForToken.Add(new KeyValuePair <string, string>("UserId", user.UserId.ToString())); claimsForToken.Add(new KeyValuePair <string, string>("UserRole", JsonConvert.SerializeObject(Roles.GetRolesForUser(model.Username)))); _db.Dispose(); JObject jAuthObj = AuthorisationController.GetToken(claimsForToken); return(Ok(jAuthObj)); } else { return(BadRequest("Incorrect username or password")); } }
public static string GetCNPJEmpresa(string token) { webpages_Users user = GetUser(token); if (user != null && user.id_grupo != null && user.nu_cnpjEmpresa != null) { return(user.nu_cnpjEmpresa); } return(""); }
public static Int32 GetIdGrupo(string token) { webpages_Users user = GetUser(token); if (user != null && user.id_grupo != null) { return((Int32)user.id_grupo); } return(0); }
public IHttpActionResult ForgotPassword([FromBody] JObject jsonResult) { dynamic jObj = new JObject(); try { string EmailAddress = jsonResult["Email"].ToString(); using (CoachItEntities db = new CoachItEntities()) { webpages_Users user = db.webpages_Users.FirstOrDefault(x => x.EmailAddress == EmailAddress); if (user == null) { return(BadRequest("Email Not Found")); } string body = System.IO.File.ReadAllText(System.Web.HttpContext.Current.Request.MapPath("~/Helpers/MailTemplates/NewUser.html")); body = body.Replace("#NAME#", user.FirstName) .Replace("#USERNAME#", user.Username) .Replace("#EXPIRATIONDATE#", DateTime.Now.AddHours(2).ToString("yyyy/MM/dd hh:mm tt")); var re = Request; var headers = re.Headers; if (headers.Contains("SetPasswordURI")) { string setPasswordURI = $"{headers.GetValues("SetPasswordURI").First()}?Key={WebSecurity.GeneratePasswordResetToken(user.Username, 120)}"; body = body.Replace("#LINK#", setPasswordURI); jObj.result = setPasswordURI; } if (headers.Contains("ForgotPasswordURI")) { string setPasswordURI = headers.GetValues("ForgotPasswordURI").First(); body = body.Replace("#FORGOTPASSWORDLINK#", $"{setPasswordURI}"); } Mail.Send(EmailAddress, "CoachIt - Registration", body); jObj.status = "OK"; } } catch (Exception ex) { jObj.status = "FAILED"; jObj.result = ex.Message; } return(Ok(jObj)); }
public IHttpActionResult CreateRecord([FromBody] JObject jsonResult) { // Get all data from jsonResult int userId = Convert.ToInt32(jsonResult["userId"].ToString()); double measurement = Convert.ToDouble(jsonResult["measurement"].ToString()); int metricTypeId = Convert.ToInt32(jsonResult["metricTypeId"].ToString()); // If jsonResult does not contain a timestamp (not backdated), give it one. DateTime?timestamp = null; if (jsonResult.ContainsKey("timestamp")) { timestamp = Convert.ToDateTime(jsonResult["timestamp"].ToString()); } else { timestamp = DateTime.Now; } CoachItEntities _db = new CoachItEntities(); // Get the userId to which the entry has to be linked, else return an appropriate error. webpages_Users webUser = _db.webpages_Users.FirstOrDefault(x => x.UserId == userId); if (webUser == null) { _db.Dispose(); return(BadRequest($"User '{userId}' not found")); } MetricRecord newRecord = new MetricRecord() { UserId = webUser.UserId, Measurement = measurement, MetricTypeId = metricTypeId, Timestamp = Convert.ToDateTime(timestamp) }; _db.MetricRecords.Add(newRecord); _db.SaveChanges(); return(Ok("Record added succesfully")); }
public static List <Int32> GetIdsGruposEmpresasVendedor(string token) { List <Int32> lista = new List <Int32>(); webpages_Users user = GetUser(token); if (user == null) { return(lista); } using (var _db = new painel_taxservices_dbContext()) { _db.Configuration.ProxyCreationEnabled = false; lista = _db.grupo_empresa .Where(g => g.id_vendedor == user.id_users) .Select(g => g.id_grupo) .ToList <Int32>(); return(lista); } }
/// <summary> /// Altera webpages_Users /// </summary> /// <param name="param"></param> /// <returns></returns> public static void Update(string token, Models.Object.Usuario param, painel_taxservices_dbContext _dbContext = null) { painel_taxservices_dbContext _db; if (_dbContext == null) { _db = new painel_taxservices_dbContext(); } else { _db = _dbContext; } try { if (param.Id_grupo != 0) { // Altera grupo empresa do usuário logado Int32 IdUser = Permissoes.GetIdUser(token); webpages_Users value = _db.webpages_Users .Where(e => e.id_users == IdUser) .FirstOrDefault <webpages_Users>(); if (value != null) { // VALIDAR PERMISSÂO PARA FUNCIONALIDADE if (param.Id_grupo == -1) { value.id_grupo = null; } else { value.id_grupo = param.Id_grupo; } value.nu_cnpjEmpresa = null; _db.SaveChanges(); } else { throw new Exception("Usuário inválido!"); } } else { if (param.Webpagesusers.id_users == 0) { throw new Exception("Falha ao parâmetro"); } // Altera um usuário que não necessiariamente é o logado webpages_Users value = _db.webpages_Users .Where(e => e.id_users == param.Webpagesusers.id_users) .First <webpages_Users>(); if (value != null) { if (param.Pessoa != null) { param.Pessoa.id_pesssoa = (int)value.id_pessoa; GatewayPessoa.Update(token, param.Pessoa); } if (param.Webpagesusersinroles != null) { foreach (webpages_UsersInRoles item in param.Webpagesusersinroles) { if (item.UserId == -1) { item.UserId = param.Webpagesusers.id_users; GatewayWebpagesUsersInRoles.Delete(token, item); } else { item.UserId = param.Webpagesusers.id_users; webpages_UsersInRoles verificacao = _db.webpages_UsersInRoles.Where(p => p.UserId == item.UserId).Where(p => p.RoleId == item.RoleId).FirstOrDefault(); if (verificacao != null) { webpages_UsersInRoles principal = _db.webpages_UsersInRoles .Where(p => p.UserId == item.UserId) .Where(p => p.RolePrincipal == true).FirstOrDefault(); if (principal != null) { principal.RolePrincipal = false; } verificacao.RolePrincipal = item.RolePrincipal; _db.SaveChanges(); } else { GatewayWebpagesUsersInRoles.Add(token, item); } } } } // Associa grupos empresas ao vendedor if (param.Addidsgrupoempresavendedor != null) { foreach (var idGrupo in param.Addidsgrupoempresavendedor) { grupo_empresa grupo = _db.grupo_empresa.Where(g => g.id_grupo == idGrupo).FirstOrDefault(); if (grupo != null) { grupo.id_vendedor = param.Webpagesusers.id_users; _db.SaveChanges(); } } } // Desassocia grupos empresas if (param.Removeidsgrupoempresavendedor != null) { foreach (var idGrupo in param.Removeidsgrupoempresavendedor) { grupo_empresa grupo = _db.grupo_empresa.Where(g => g.id_grupo == idGrupo).FirstOrDefault(); if (grupo != null) { grupo.id_vendedor = null; _db.SaveChanges(); } } } if (param.Webpagesusers.ds_login != null && param.Webpagesusers.ds_login != value.ds_login) { webpages_Users old = _db.webpages_Users.Where(e => e.ds_login.ToLower().Equals(param.Webpagesusers.ds_login.ToLower())) .FirstOrDefault(); if (old == null || old.id_users == value.id_users) { value.ds_login = param.Webpagesusers.ds_login; } } if (param.Webpagesusers.ds_email != null && param.Webpagesusers.ds_email != value.ds_email) { webpages_Users old = _db.webpages_Users.Where(e => e.ds_email.ToLower().Equals(param.Webpagesusers.ds_email.ToLower())) .FirstOrDefault(); if (old == null || old.id_users == value.id_users) { value.ds_email = param.Webpagesusers.ds_email; } } if (param.Webpagesusers.fl_ativo != value.fl_ativo) { value.fl_ativo = param.Webpagesusers.fl_ativo; } Boolean grupoEmpresaAlterado = false; if (param.Webpagesusers.nu_cnpjEmpresa != null && param.Webpagesusers.nu_cnpjEmpresa != value.nu_cnpjEmpresa) { if (param.Webpagesusers.nu_cnpjEmpresa == "") { value.nu_cnpjEmpresa = null; } else { value.nu_cnpjEmpresa = param.Webpagesusers.nu_cnpjEmpresa; value.id_grupo = _db.empresas.Where(f => f.nu_cnpj.Equals(param.Webpagesusers.nu_cnpjEmpresa)).Select(f => f.id_grupo).FirstOrDefault(); grupoEmpresaAlterado = true; // já forçou o grupo pela filial } }// só pode colocar grupo empresa ao qual a filial está ou sem nenhuma filial if (!grupoEmpresaAlterado && param.Webpagesusers.id_grupo != null && param.Webpagesusers.id_grupo != 0 && param.Webpagesusers.id_grupo != value.id_grupo) { if (param.Webpagesusers.id_grupo == -1) { value.id_grupo = null; value.nu_cnpjEmpresa = null; // Não pode estar associado a uma filial sem estar associado a um grupo } else { value.id_grupo = param.Webpagesusers.id_grupo; // Avalia se tem empresa associado => A filial TEM QUE SER associada ao grupo if (value.nu_cnpjEmpresa != null) { Int32 id_grupo = _db.empresas.Where(f => f.nu_cnpj.Equals(value.nu_cnpjEmpresa)).Select(f => f.id_grupo).FirstOrDefault(); if (id_grupo != value.id_grupo) { value.nu_cnpjEmpresa = null; // filial que estava associado é de um grupo diferente do grupo recém associado } } } } _db.SaveChanges(); } else { throw new Exception("Usuário não cadastrado"); } } } catch (Exception e) { if (e is DbEntityValidationException) { string erro = MensagemErro.getMensagemErro((DbEntityValidationException)e); throw new Exception(erro.Equals("") ? "Falha ao alterar usuário" : erro); } throw new Exception(e.InnerException == null ? e.Message : e.InnerException.InnerException == null ? e.InnerException.Message : e.InnerException.InnerException.Message); } finally { if (_dbContext == null) { // Fecha conexão _db.Database.Connection.Close(); _db.Dispose(); } } }
/// <summary> /// Apaga uma Webpages_Users /// </summary> /// <param name="param"></param> /// <returns></returns> //public static void Delete(string token, Int32 id_users) //{ // _db.webpages_Users.Remove(_db.webpages_Users.Where(e => e.id_users.Equals(id_users)).First()); // _db.SaveChanges(); //} public static void Delete(string token, Int32 id_users, painel_taxservices_dbContext _dbContext = null) { painel_taxservices_dbContext _db; if (_dbContext == null) { _db = new painel_taxservices_dbContext(); } else { _db = _dbContext; } DbContextTransaction transaction = _db.Database.BeginTransaction(); try { if (_db.LogAcesso1.Where(e => e.idUsers == id_users).ToList().Count == 0) { GatewayWebpagesUsersInRoles.Delete(token, id_users, false, _db); GatewayWebpagesMembership.Delete(token, id_users, _db); // Obtem o usuário com o id_users webpages_Users value = _db.webpages_Users .Where(e => e.id_users.Equals(id_users)) .First <webpages_Users>(); int id_pessoa = (value.id_pessoa != null) ? Convert.ToInt32(value.id_pessoa) : 0; _db.webpages_Users.RemoveRange(_db.webpages_Users.Where(e => e.id_users == id_users)); _db.SaveChanges(); if (id_pessoa > 0) { GatewayPessoa.Delete(token, id_pessoa, _db); } } else { throw new Exception("Usuário não pode ser deletado!"); } } catch (Exception e) { transaction.Rollback(); if (e is DbEntityValidationException) { string erro = MensagemErro.getMensagemErro((DbEntityValidationException)e); throw new Exception(erro.Equals("") ? "Falha ao apagar usuário" : erro); } throw new Exception(e.InnerException == null ? e.Message : e.InnerException.InnerException == null ? e.InnerException.Message : e.InnerException.InnerException.Message); } finally { if (_dbContext == null) { // Fecha conexão _db.Database.Connection.Close(); _db.Dispose(); } } }
/// <summary> /// Adiciona nova Webpages_Users /// </summary> /// <param name="param"></param> /// <returns></returns> public static Int32 Add(string token, Models.Object.Usuario param, painel_taxservices_dbContext _dbContext = null) { painel_taxservices_dbContext _db; if (_dbContext == null) { _db = new painel_taxservices_dbContext(); } else { _db = _dbContext; } DbContextTransaction transaction = _db.Database.BeginTransaction(); try { // Adiciona os dados da pessoa param.Pessoa.id_pesssoa = GatewayPessoa.Add(token, param.Pessoa, _db); //_db.pessoas.Add(param.Pessoa); //_db.SaveChanges(); // Cria a conta com o login informado e a senha padrão "atos123" //WebSecurity.CreateAccount(param.Webpagesusers.ds_login, "atos123", false); WebSecurity.CreateUserAndAccount(param.Webpagesusers.ds_login, "atos123", propertyValues: new { ds_email = param.Webpagesusers.ds_email, fl_ativo = true }, requireConfirmationToken: false); param.Webpagesusers.id_users = WebSecurity.GetUserId(param.Webpagesusers.ds_login); // Cria o usuário webpages_Users usr = _db.webpages_Users.Find(param.Webpagesusers.id_users); //usr.ds_email = param.Webpagesusers.ds_email; usr.id_grupo = param.Webpagesusers.id_grupo; usr.nu_cnpjBaseEmpresa = param.Webpagesusers.nu_cnpjBaseEmpresa; usr.nu_cnpjEmpresa = param.Webpagesusers.nu_cnpjEmpresa; usr.id_pessoa = param.Pessoa.id_pesssoa; //usr.fl_ativo = true; _db.SaveChanges(); transaction.Commit(); foreach (var item in param.Webpagesusersinroles) { if (item.UserId == 0) { item.UserId = param.Webpagesusers.id_users; _db.webpages_UsersInRoles.Add(item); try { _db.SaveChanges(); } catch { } } } // Associa grupos empresas ao vendedor if (param.Addidsgrupoempresavendedor != null) { foreach (var idGrupo in param.Addidsgrupoempresavendedor) { grupo_empresa grupo = _db.grupo_empresa.Where(g => g.id_grupo == idGrupo).FirstOrDefault(); if (grupo != null) { grupo.id_vendedor = param.Webpagesusers.id_users; try { _db.SaveChanges(); } catch { // não é porque não associou algum grupo ao vendedor que deve retornar erro por completo } } } } return(param.Webpagesusers.id_users); } catch (Exception e) { transaction.Rollback(); if (e is DbEntityValidationException) { string erro = MensagemErro.getMensagemErro((DbEntityValidationException)e); throw new Exception(erro.Equals("") ? "Falha ao salvar usuário" : erro); } throw new Exception(e.InnerException == null ? e.Message : e.InnerException.InnerException == null ? e.InnerException.Message : e.InnerException.InnerException.Message); } finally { if (_dbContext == null) { // Fecha conexão _db.Database.Connection.Close(); _db.Dispose(); } } }
public IHttpActionResult GetUserRecords([FromBody] JObject jsonResult) { int userId = Convert.ToInt32(jsonResult["userId"].ToString()); DateTime?dateFrom = null; if (jsonResult.ContainsKey("dateFrom")) { dateFrom = Convert.ToDateTime(jsonResult["dateFrom"].ToString()); } DateTime?dateTo = null; if (jsonResult.ContainsKey("dateTo")) { dateTo = Convert.ToDateTime(jsonResult["dateTo"].ToString()); } CoachItEntities _db = new CoachItEntities(); // When Type is specified, it will superceed Class since it narrows down a return list even more. List <int> metricTypeId = new List <int>(); if (jsonResult.ContainsKey("metricTypeId")) { metricTypeId.Add(Convert.ToInt32(jsonResult["metricTypeId"].ToString())); } else if (jsonResult.ContainsKey("metricClassId")) { int metricClassId = Convert.ToInt32(jsonResult["metricClassId"].ToString()); metricTypeId.AddRange(_db.MetricTypes.Where(x => x.MetricClassId == metricClassId).Select(z => z.Id).ToList()); } else { metricTypeId.AddRange(_db.MetricTypes.Select(x => x.Id).ToList()); } webpages_Users webUser = _db.webpages_Users.FirstOrDefault(x => x.UserId == userId); if (webUser == null) { _db.Dispose(); return(BadRequest($"User '{userId}' not found")); } if (dateFrom != null && dateTo != null) { var metricRecords = (from s in _db.MetricRecords where s.UserId == webUser.UserId && s.Timestamp >= dateFrom && s.Timestamp <= dateTo && metricTypeId.Contains(s.MetricTypeId) select new { Id = s.Id, Measurement = s.Measurement, MetricType = s.MetricType.Type, Unit = s.MetricType.MetricUnit.Unit, TimeStamp = s.Timestamp }).ToList(); _db.Dispose(); return(Ok(JsonConvert.SerializeObject(metricRecords))); } else if (dateFrom != null) { var metricRecords = (from s in _db.MetricRecords where s.UserId == webUser.UserId && s.Timestamp >= dateFrom && metricTypeId.Contains(s.MetricTypeId) select new { Id = s.Id, Measurement = s.Measurement, MetricType = s.MetricType.Type, Unit = s.MetricType.MetricUnit.Unit, TimeStamp = s.Timestamp }).ToList(); _db.Dispose(); return(Ok(JsonConvert.SerializeObject(metricRecords))); } else if (dateTo != null) { var metricRecords = (from s in _db.MetricRecords where s.UserId == webUser.UserId && s.Timestamp <= dateTo && metricTypeId.Contains(s.MetricTypeId) select new { Id = s.Id, Measurement = s.Measurement, MetricType = s.MetricType.Type, Unit = s.MetricType.MetricUnit.Unit, TimeStamp = s.Timestamp }).ToList(); _db.Dispose(); return(Ok(JsonConvert.SerializeObject(metricRecords))); } else { var metricRecords = (from s in _db.MetricRecords where s.UserId == webUser.UserId && metricTypeId.Contains(s.MetricTypeId) select new { Id = s.Id, Measurement = s.Measurement, MetricType = s.MetricType.Type, Unit = s.MetricType.MetricUnit.Unit, TimeStamp = s.Timestamp }).ToList(); _db.Dispose(); return(Ok(JsonConvert.SerializeObject(metricRecords))); } }