public GetUserProfileObject ChangeRole(GetUserProfileObject PostDataArrived) { try { if (PostDataArrived == null || string.IsNullOrEmpty(PostDataArrived.UserCode)) throw new Exception("Input Error"); string sqlquery = string.Format("select count(*) from UserRoles where UserCode='{0}'", PostDataArrived.UserCode.Replace("'", "''"), PostDataArrived.UserRole.RoleId); //string Sqlconn.Open(); try { DataTable dtres = new DataTable(); using (SqlCommand comm = new SqlCommand(sqlquery, Sqlconn)) { int conta = Convert.ToInt32(comm.ExecuteScalar()); if (conta > 0) sqlquery = string.Format("Update UserRoles set RoleId={1} where UserCode='{0}'", PostDataArrived.UserCode.Replace("'", "''"), PostDataArrived.UserRole.RoleId); else sqlquery = string.Format("INSERT INTO UserRoles (UserCode, RoleId) VALUES ('{0}',{1})", PostDataArrived.UserCode.Replace("'", "''"), PostDataArrived.UserRole.RoleId); } using (SqlCommand comm = new SqlCommand(sqlquery, Sqlconn)) { int mod = comm.ExecuteNonQuery(); if (mod <= 0) throw new Exception("User not modified"); } return PostDataArrived; } catch (Exception) { throw; } finally { Sqlconn.Close(); } } catch (Exception ex) { Logger.Warn(ex.Message, ex); throw new Exception(string.Format(ErrorOccuredMess, ex.Message)); } }
public UserRoleObject GetRole(GetUserProfileObject PostDataArrived) { try { if (PostDataArrived == null || string.IsNullOrEmpty(PostDataArrived.UserCode)) throw new Exception("Input Error"); string sqlquery = string.Format("Select * from UserRoles where UserCode='{0}'", PostDataArrived.UserCode.Replace("'", "''")); Sqlconn.Open(); try { DataTable dtres = new DataTable(); using (SqlCommand comm = new SqlCommand(sqlquery, Sqlconn)) { using (SqlDataAdapter da = new SqlDataAdapter(comm)) { da.Fill(dtres); } } UserRolesEnum ruolo = UserRolesEnum.User; if (dtres != null && dtres.Rows.Count > 0) { int RoleCode = Convert.ToInt32(dtres.Rows[0]["RoleId"].ToString()); ruolo = (UserRolesEnum)RoleCode; } return new UserRoleObject() { RoleId = (int)ruolo, Role = ruolo.ToString() }; } catch (Exception) { throw; } finally { Sqlconn.Close(); } } catch (Exception ex) { Logger.Warn(ex.Message, ex); throw new Exception(string.Format(ErrorOccuredMess, ex.Message)); } }