public ActionResult Change_password(FormCollection collection)
{
UserModels sv = new UserModels();
C_User it = new C_User();
string strBread;
ViewBag.Title = App_GlobalResources.Lang.strChangePassword + " | " + GeneralModels.GetContent(CommonGlobal.PageName, this.Lang);
strBread = "<li>" + App_GlobalResources.Lang.strChangePassword + "</li>";
ViewBag.heading = App_GlobalResources.Lang.strChangePassword;
ViewBag.str_breadcrumbs = strBread;
var login_view = new Login_view();
this.TryUpdateModel(login_view);
login_view.ParentAction = HttpContext.Request.RequestContext.RouteData.Values["action"].ToString();
login_view.ParentController = HttpContext.Request.RequestContext.RouteData.Values["controller"].ToString();
if (login_view.IsChange == 1 && string.IsNullOrEmpty(login_view.ConfirmCode) && (!string.IsNullOrEmpty(login_view.Password)) && (!string.IsNullOrEmpty(login_view.ConfirmPassword)))
{
////user change password
it = sv.GetUserbyUserName(login_view.UserName);
if (it != null && MD5Extend.EncodePassword(login_view.OldPassword) == it.Password)
{
if (login_view.Password == login_view.ConfirmPassword)
{
it.Password = MD5Extend.EncodePassword(login_view.Password);
sv.Update_User(it);
login_view.Message = App_GlobalResources.Lang.strMessageChangePasswordSuccess;
}
else
{
login_view.Message = App_GlobalResources.Lang.strMessageConfirmPassword;
}
}
}
else if (login_view.IsChange == 0 && (!string.IsNullOrEmpty(login_view.ConfirmCode)) && (!string.IsNullOrEmpty(login_view.Password)) && (!string.IsNullOrEmpty(login_view.ConfirmPassword)))
{
////client reset pasword
if (MD5Extend.EncodePassword(login_view.Code + " " + login_view.UserName) == login_view.ConfirmCode)
{
if (login_view.Password == login_view.ConfirmPassword)
{
it = sv.GetUserbyUserName(login_view.UserName);
it.Password = MD5Extend.EncodePassword(login_view.Password);
sv.Update_User(it);
login_view.Message = App_GlobalResources.Lang.strMessageChangePasswordSuccess;
}
else
{
login_view.Message = App_GlobalResources.Lang.strMessageConfirmPassword;
}
}
else
{
login_view.Message = App_GlobalResources.Lang.strMessageErrorConfirmCode;
}
}
return(this.PartialView("../page/change_password", login_view));
}
public ActionResult Change_password(FormCollection collection)
{
UserModels sv = new UserModels();
C_User it = new C_User();
var login_view = new Login_view();
this.TryUpdateModel(login_view);
login_view.Parent_action = HttpContext.Request.RequestContext.RouteData.Values["action"].ToString();
login_view.Parent_controller = HttpContext.Request.RequestContext.RouteData.Values["controller"].ToString();
if (login_view.Is_change == 1 && string.IsNullOrEmpty(login_view.Confirm_code))
{
////user change password
it = sv.GetUserbyUserName(login_view.User_name);
if (it != null && MD5Extend.EncodePassword(login_view.Old_password) == it.Password)
{
if (login_view.Password == login_view.Confirm_password)
{
it.Password = MD5Extend.EncodePassword(login_view.Password);
sv.Update_User(it);
login_view.Message = App_GlobalResources.Lang.strMessageChangePasswordSuccess;
}
else
{
login_view.Message = App_GlobalResources.Lang.strMessageConfirmPassword;
}
}
return(this.Redirect(login_view.Return_url));
}
else if (login_view.Is_change == 0 && (!string.IsNullOrEmpty(login_view.Confirm_code)))
{
////client reset pasword
if (MD5Extend.EncodePassword(login_view.Code + " " + login_view.User_name) == login_view.Confirm_code)
{
if (login_view.Password == login_view.Confirm_password)
{
it = sv.GetUserbyUserName(login_view.User_name);
it.Password = MD5Extend.EncodePassword(login_view.Password);
sv.Update_User(it);
login_view.Message = App_GlobalResources.Lang.strMessageChangePasswordSuccess;
}
else
{
login_view.Message = App_GlobalResources.Lang.strMessageConfirmPassword;
}
}
else
{
login_view.Message = App_GlobalResources.Lang.strMessageErrorConfirmCode;
}
return(this.PartialView("../page/change_password", login_view));
}
else
{
return(this.PartialView("../page/change_password", login_view));
}
}
public IActionResult ChangePassword([FromBody] ChangePasswordView login)
{
UserModels sv = new UserModels();
IActionResult response = null;
var identity = (ClaimsIdentity)User.Identity;
IEnumerable <Claim> claims = identity.Claims;
var userLogin = claims.FirstOrDefault(c => c.Type == ClaimTypes.Email).Value;
if (!string.IsNullOrEmpty(login.Password) && !string.IsNullOrEmpty(login.ConfirmPassword))
{
// user change password
User user = sv.GetUserbyUserName(userLogin);
if (user != null && MD5Extend.EncodePassword(login.OldPassword) == user.Password)
{
if (login.Password == login.ConfirmPassword)
{
user.Password = MD5Extend.EncodePassword(login.Password);
sv.UpdateUserPassword(user);
response = Json(new { code = Constant.Success, message = Constant.MessageUpdateCompleted });
}
else
{
response = Json(new { code = Constant.Fail, message = Constant.MessageConfirmPassword });
}
}
}
else
{
response = Json(new { code = Constant.NotExist, message = Constant.MessageNotExist });
}
return(response);
}
private UserInfo Authenticate(LoginView login, out User user, out Role role)
{
UserModels sv = new UserModels();
UserInfo iit = new UserInfo();
user = sv.GetUserbyUserName(login.UserName);
if (user != null && MD5Extend.EncodePassword(login.Password) == user.Password && user.Online == true)
{
role = sv.GetRolebyId(user.Role);
iit = sv.GetUserInforByEmail(user.Username);
if (iit != null)
{
return(iit);
}
else
{
return(null);
}
}
else
{
role = null;
return(null);
}
}
/// <summary>
/// Logouts this instance.
/// </summary>
/// <returns>the logout</returns>
public ActionResult Logout()
{
try
{
UserModels sv = new UserModels();
C_User it = new C_User();
it.Username = Session["mem"].ToString();
it = sv.GetUserbyUserName(it.Username);
if (it.Role != 1)
{
it.Online = false;
}
it.IP = HttpContext.Request.ServerVariables["REMOTE_ADDR"].ToString();
sv.Update_User(it);
this.Session["acc"] = null;
this.Session["mem"] = null;
this.Session["role"] = null;
string[] myCookies = Request.Cookies.AllKeys;
foreach (string ck in myCookies)
{
var check = Request.Cookies[ck].Expires;
Response.Cookies[ck].Expires = DateTime.Now.AddDays(-1);
}
}
catch
{
return(this.RedirectToAction("index", "home"));
}
return(this.RedirectToAction("index", "home"));
}
/// <summary>
/// Logouts this instance.
/// </summary>
/// <returns>the logout</returns>
public ActionResult Logout()
{
if (this.CheckAdminlogin())
{
UserModels sv = new UserModels();
C_User it = new C_User();
it.Username = Session["mem"].ToString();
it = sv.GetUserbyUserName(it.Username);
it.IP = HttpContext.Request.ServerVariables["REMOTE_ADDR"].ToString();
sv.Update_User(it);
this.Session["acc"] = string.Empty;
this.Session["mem"] = string.Empty;
this.Session["role"] = string.Empty;
string[] myCookies = Request.Cookies.AllKeys;
foreach (string ck in myCookies)
{
var check = Request.Cookies[ck].Expires;
Response.Cookies[ck].Expires = DateTime.Now.AddDays(-1);
}
return(this.RedirectToAction("login", "dashboard"));
}
else
{
return(this.RedirectToAction("login", "dashboard"));
}
}
public IActionResult Put(string userName, [FromBody] AdminEditUserView userView)
{
IActionResult response = null;
UserModels userModels = new UserModels();
User user = null;
var mess = string.Empty;
string rt = string.Empty;
if (!string.IsNullOrEmpty(userName))
{
user = userModels.GetUserbyUserName(userName);
}
if (user != null)
{
user.Online = userView.Online;
user.Role = userView.Role;
user.Ip = userView.Ip;
rt = userModels.UpdateUser(userName, user);
}
if (rt.Length > 0)
{
response = Json(new { code = Constant.Success, message = Constant.MessageUpdateCompleted });
}
else
{
response = Json(new { code = Constant.Fail, message = Constant.MessageUpdateUncompleted });
}
return(response);
}
public ActionResult Login(string user_name, string password, string return_url, bool?remember_me)
{
var login_view = new Login_view();
UserModels sv = new UserModels();
C_User it = new C_User();
login_view.Parent_action = HttpContext.Request.RequestContext.RouteData.Values["action"].ToString();
login_view.Parent_controller = HttpContext.Request.RequestContext.RouteData.Values["controller"].ToString();
it = sv.GetUserbyUserName(user_name);
if (remember_me == null)
{
remember_me = false;
}
if (it != null && MD5Extend.EncodePassword(password) == it.Password)
{
this.Session["mem"] = user_name;
this.Session["role"] = it.Role.ToString();
it.IP = HttpContext.Request.ServerVariables["REMOTE_ADDR"].ToString();
it.LastLogin = DateTime.Now;
////Client only : If Online = true is client online else is offline
if (it.Role.ToString() == "2")
{
login_view.Message = App_GlobalResources.Lang.mess403;
login_view.Return_url = return_url;
return(this.PartialView("../page/login", login_view));
}
else if (it.Role.ToString() == "1" && it.Online == true)
{
////Admin only : If Online = true is active else is disable login
sv.Update_User(it);
this.Session["acc"] = user_name;
this.SetAccountCookies(user_name, user_name, it.Role.ToString(), 12);
return(this.RedirectToAction("index", "dashboard", new { area = "admin" }));
}
else
{
login_view.Message = App_GlobalResources.Lang.mess403;
login_view.Return_url = return_url;
return(this.PartialView("../page/login", login_view));
}
}
else
{
login_view.Message = App_GlobalResources.Lang.messLoginFail;
login_view.Return_url = return_url;
return(this.PartialView("../page/login", login_view));
}
}
/// <summary>
/// Updates the status user.
/// </summary>
/// <param name="user_name">Name of the user.</param>
/// <param name="status">The status.</param>
/// <param name="type">The type.</param>
/// <returns>update status user</returns>
public ActionResult Update_status_user(string user_name, string status, string type)
{
UserModels userModels = new UserModels();
C_User cuser = new C_User();
bool isOk = false;
if (UserModels.CheckPermission(this.Session["mem"] != null ? this.Session["mem"].ToString() : string.Empty, "change_user", "adminUser", CommonGlobal.Edit, type))
{
isOk = true;
}
else
{
isOk = false;
}
if (!string.IsNullOrEmpty(user_name))
{
cuser = userModels.GetUserbyUserName(user_name);
if (cuser != null)
{
try
{
if (bool.Parse(status) == true)
{
cuser.Online = true;
}
else
{
cuser.Online = false;
}
if (isOk)
{
userModels.Update_User(cuser);
}
}
catch (Exception)
{
}
}
}
var jsonSerialiser = new JavaScriptSerializer();
var results = Convert.ToDateTime(DateTime.Now).ToString("dd/MM/yyyy") + "|" + cuser.Online;
return(this.Json(results));
}
public IActionResult Delete(string userName)
{
IActionResult response = null;
string mess = string.Empty;
UserModels userModels = new UserModels();
User cuser = userModels.GetUserbyUserName(userName);
UserInfo userInfo = userModels.GetUserInforByEmail(userName);
if (cuser != null)
{
//// delete user
bool rt = userModels.DeleteUser(userName);
if (rt)
{
//// delete avatar file
if (!string.IsNullOrEmpty(userInfo.Avatar) && userInfo.Avatar.Contains("/"))
{
string webRootPath = _hostingEnvironment.WebRootPath;
string fileDelete = Path.Combine(webRootPath, userInfo.Avatar.Replace("/", "\\"));
if (System.IO.File.Exists(fileDelete))
{
System.IO.File.Delete(fileDelete);
}
string fileDelete2 = Path.Combine(webRootPath, userInfo.Avatar.Replace("/", "\\").Replace("sc_small_", "sc_full_"));
if (System.IO.File.Exists(fileDelete2))
{
System.IO.File.Delete(fileDelete2);
}
}
response = Json(new { code = Constant.Success, message = Constant.MessageDeleteCompleted });
}
else
{
response = Json(new { code = Constant.Fail, message = Constant.MessageDeleteUncompleted });
}
}
else
{
response = Json(new { code = Constant.NotExist, message = Constant.MessageNotExist });
}
return(response);
}
public ActionResult Forgot_password(FormCollection collection)
{
OrderModels orderModels = new OrderModels();
WebInfoModels web_infor = new WebInfoModels();
UserModels sv = new UserModels();
C_User it = new C_User();
var login_view = new Login_view();
this.TryUpdateModel(login_view);
login_view.Parent_action = HttpContext.Request.RequestContext.RouteData.Values["action"].ToString();
login_view.Parent_controller = HttpContext.Request.RequestContext.RouteData.Values["controller"].ToString();
login_view.Return_url = Url.Action("login", "dashboard", new { area = "admin" });
////check user_name or email
it = sv.GetUserbyUserName(login_view.User_name);
if (it != null)
{
login_view.Message = App_GlobalResources.Lang.strMessageSendNewPassword;
string code = GetCodeUniqueKey(8); ////orderModels.getOrderCodeUnique();
string link = Url.Action("change_password", "dashboard", new { cfcode = MD5Extend.EncodePassword(code + " " + login_view.User_name), area = "admin" });
//// send email to client
var strBody_email_client = GeneralModels.GetContent(CommonGlobal.EmailConfirmForgotPassword, Lang).ToString(); ////get from email template
strBody_email_client = strBody_email_client.Replace("{domain}", Util.GetConfigValue("Domain", Request.UserHostName).ToString());
strBody_email_client = strBody_email_client.Replace("{store_name}", GeneralModels.GetContent(CommonGlobal.PageName, Lang).ToString());
strBody_email_client = strBody_email_client.Replace("{email}", web_infor.GetContent(CommonGlobal.Email).ToString());
strBody_email_client = strBody_email_client.Replace("{email_client}", login_view.User_name);
strBody_email_client = strBody_email_client.Replace("{code}", code);
strBody_email_client = strBody_email_client.Replace("{link}", Util.GetConfigValue("Domain", Request.UserHostName).ToString() + link);
////send email to email system
if (login_view.User_name == "Admin")
{
CommonGlobal.SendMail(web_infor.GetContent(CommonGlobal.Email), App_GlobalResources.Lang.strSubjectConfirmForgotPassword + "- " + Util.GetConfigValue("Domain", Request.UserHostName).ToString(), strBody_email_client);
}
else
{
CommonGlobal.SendMail(login_view.User_name, App_GlobalResources.Lang.strSubjectConfirmForgotPassword + "- " + Util.GetConfigValue("Domain", Request.UserHostName).ToString(), strBody_email_client);
}
}
else
{
login_view.Message = App_GlobalResources.Lang.strMessageForgotPassword;
}
return(this.PartialView("../page/forgot_password", login_view));
}
public IActionResult GetUserDetail(string userName)
{
UserModels sv = new UserModels();
IActionResult response = null;
var userDetail = sv.GetUserbyUserName(userName);
if (userDetail != null)
{
userDetail.Password = string.Empty;
response = Json(userDetail);
}
else
{
response = Json(new { code = Constant.NotExist, message = Constant.MessageNotExist });
}
return(response);
}
public ActionResult Order_list(int?page, int?page_size)
{
if (!this.CheckMemberlogin())
{
return(this.RedirectToAction("login", "account", new { return_url = string.Empty + Url.Action("order_history", "account") }));
}
else
{
var order_history_view = new Order_history_view();
int total_record = 0;
UserModels sv = new UserModels();
C_UserInfo iit = new C_UserInfo();
C_User it = new C_User();
OrderModels orderModels = new OrderModels();
it = sv.GetUserbyUserName(Session["mem"].ToString());
page = Request.QueryString["page"] != null?Convert.ToInt16(Request.QueryString["page"].ToString()) : 1;
order_history_view.Page_list_order = orderModels.GetAllOrderByMember(it.Username, (int)page, (int)page_size, out total_record);
order_history_view.Item_count = total_record.ToString();
return(this.PartialView("../control/order_list", order_history_view));
}
}
public IActionResult Refresh([FromBody] RefreshTokenResource resource)
{
UserModels sv = new UserModels();
IActionResult response = null;
var identity = (ClaimsIdentity)User.Identity;
IEnumerable <Claim> claims = identity.Claims;
var userLogin = claims.FirstOrDefault(c => c.Type == ClaimTypes.Email).Value;
User user = sv.GetUserbyUserName(userLogin);
if (user != null && user.Token == resource.Token)
{
var role = sv.GetRolebyId(user.Role);
var expiresDate = DateTime.Now.AddHours(12);
var now = DateTime.Now;
var userInfo = sv.GetUserInforByEmail(user.Username);
if (!string.IsNullOrEmpty(user.Token) && user.Expire != null && user.Expire.Value > DateTime.Now)
{
var tokenResource = new TokenResource
{
Token = user.Token,
Expiry = user.Expire.Value
};
response = Json(tokenResource);
}
else
{
var tokenResource = BuildToken(userInfo, user, role, now, expiresDate);
response = Json(tokenResource);
}
}
return(response);
}
/// <summary>
/// Checks the member login.
/// </summary>
/// <returns>Check Member login</returns>
public bool CheckMemberlogin()
{
string mem = string.Empty;
string role = string.Empty;
////get session
if (this.Session["mem"] != null)
{
mem = this.Session["mem"].ToString();
}
if (this.Session["role"] != null)
{
role = this.Session["role"].ToString();
}
////if session null get from cookies and set session
if (mem == string.Empty || role == string.Empty)
{
HttpCookie cookie = this.Request.Cookies["mem"];
if (cookie != null)
{
HttpCookie decodedCookie = HttpSecureCookie.Decode(cookie);
if (decodedCookie != null && decodedCookie.Value != null)
{
UserModels sv = new UserModels();
C_User it = new C_User();
C_UserInfo iit = new C_UserInfo();
it = sv.GetUserbyUserName(decodedCookie.Value);
if (it != null && it.Role == 2)
{
iit = sv.GetUserInforByEmail(it.Username);
this.Session["mem"] = iit.FName;
this.Session["role"] = it.Role.ToString();
this.Session["acc"] = it.Username;
}
}
else
{
mem = string.Empty;
role = string.Empty;
}
}
}
////HttpCookie cookie = new HttpCookie("UserName", "Terminator");
////cookie.Expires = DateTime.Now.AddDays(1);
////HttpCookie encodedCookie = HttpSecureCookie.Encode(cookie);
////Response.Cookies.Add(encodedCookie);
////HttpCookie cookie = Request.Cookies["UserName"];
////lblDisplayBefore.Text = cookie.Value;
////HttpCookie decodedCookie = HttpSecureCookie.Decode(cookie);
if (mem != string.Empty && role == "2")
{
return(true);
}
else
{
return(false);
}
}
public ActionResult Login(string user_name, string password, string return_url)
{
var login_view = new Login_view();
UserModels sv = new UserModels();
C_User it = new C_User();
C_UserInfo iit = new C_UserInfo();
login_view.ParentAction = HttpContext.Request.RequestContext.RouteData.Values["action"].ToString();
login_view.ParentController = HttpContext.Request.RequestContext.RouteData.Values["controller"].ToString();
it = sv.GetUserbyUserName(user_name);
if (it != null && MD5Extend.EncodePassword(password) == it.Password)
{
iit = sv.GetUserInforByEmail(user_name);
if (iit != null)
{
this.Session["acc"] = iit.FName + ' ' + iit.LName;
this.Session["mem"] = user_name;
this.Session["role"] = it.Role.ToString();
this.SetAccountCookies(iit.FName, user_name, it.Role.ToString(), 6);
it.Online = true;
it.IP = HttpContext.Request.ServerVariables["REMOTE_ADDR"].ToString();
it.LastLogin = DateTime.Now;
sv.Update_User(it);
if (it.Role.ToString() == "2" && it.Online == true)
{
if (this.Session["acc"] == null)
{
this.Session["acc"] = it.Username;
}
if (Url.IsLocalUrl(return_url))
{
return(this.Redirect(return_url));
}
else
{
return(this.RedirectToAction("my_account", "account"));
}
}
else if (it.Role.ToString() == "1" && it.Online == true)
{
return(this.RedirectToAction("index", "dashboard", new { area = "admin" }));
}
else
{
login_view.Message = App_GlobalResources.Lang.mess403;
login_view.ReturnUrl = return_url;
return(this.PartialView("../page/login", login_view));
}
}
else
{
login_view.Message = App_GlobalResources.Lang.mess403;
login_view.ReturnUrl = return_url;
return(this.PartialView("../page/login", login_view));
}
}
else
{
login_view.Message = App_GlobalResources.Lang.messLoginFail;
login_view.ReturnUrl = return_url;
return(this.PartialView("../page/login", login_view));
}
}
/// <summary>
/// Instagrams the callback.
/// </summary>
/// <returns>the Instagram Call back</returns>
public ActionResult InstagramCallback()
{
if (!string.IsNullOrEmpty(Request.QueryString["code"]))
{
string code = Request.QueryString["code"];
try
{
NameValueCollection parameters = new NameValueCollection();
parameters.Add("client_id", Util.GetConfigValue("AppInstagramID", string.Empty));
parameters.Add("client_secret", Util.GetConfigValue("AppInstagramSecret", string.Empty));
parameters.Add("grant_type", "authorization_code");
parameters.Add("redirect_uri", Util.GetConfigValue("AppIstagramReturn", string.Empty));
parameters.Add("code", code);
WebClient client = new WebClient();
var result = client.UploadValues("https://api.instagram.com/oauth/access_token", "POST", parameters);
var response = System.Text.Encoding.Default.GetString(result);
//// deserializing nested JSON string to object
var javascriptResult = (JObject)JsonConvert.DeserializeObject(response);
string accessToken = (string)javascriptResult["access_token"];
string id = (string)javascriptResult["user"]["id"];
string username_client = (string)javascriptResult["user"]["username"];
string fullname_client = (string)javascriptResult["user"]["full_name"];
////This code register id and access token to get on client side
////Page.ClientScript.RegisterStartupScript(this.GetType(), "GetToken", "<script>var instagramaccessid=\"" + @"" + id + "" + "\"; var instagramaccesstoken=\"" + @"" + accessToken + "" + "\";</script>");
UserModels sv = new UserModels();
C_User it = new C_User();
C_UserInfo iit = new C_UserInfo();
it = sv.GetUserbyUserName(username_client);
if (it == null)
{
it = new C_User();
string rt = string.Empty;
bool infors = false;
it.Username = username_client;
it.Role = 2;
it.Password = MD5Extend.EncodePassword("123456");
it.Online = true;
it.IP = HttpContext.Request.ServerVariables["REMOTE_ADDR"].ToString();
it.LastLogin = DateTime.Now;
rt = sv.Add_User(it);
iit.FName = fullname_client;
iit.Email = username_client;
////iit.LName = middlename;
iit.DateRegister = DateTime.Now;
////iit.EventId = string.IsNullOrEmpty(ids) != false ? int.Parse(ids) : 0;
iit.Note = "Instagram login";
infors = sv.Add_User_Infor(iit);
if (rt.Length > 0 && infors == true)
{
////register_view.message = Lang.strMessageLogin;
this.Session["acc"] = iit.FName;
this.Session["mem"] = rt;
this.Session["role"] = it.Role.ToString();
this.SetAccountCookies(iit.FName, rt, it.Role.ToString(), 6);
}
}
else
{
iit = sv.GetUserInforByEmail(username_client);
this.Session["acc"] = iit.FName;
this.Session["mem"] = it.Username;
this.Session["role"] = it.Role.ToString();
this.SetAccountCookies(iit.FName, it.Username, it.Role.ToString(), 6);
it.Online = true;
it.IP = HttpContext.Request.ServerVariables["REMOTE_ADDR"].ToString();
it.LastLogin = DateTime.Now;
sv.Update_User(it);
}
if (this.Session["Instagram_return"] != null && Url.IsLocalUrl(this.Session["Instagram_return"].ToString()))
{
return(this.Redirect(this.Session["Instagram_return"].ToString()));
}
else
{
return(this.RedirectToAction("index", "home"));
}
}
catch (Exception)
{
throw;
}
}
else
{
return(this.RedirectToAction("index", "home"));
}
}
/// <summary>
/// Google the callback.
/// </summary>
/// <returns>Google Call back</returns>
public ActionResult GoogleCallback()
{
GoogleConnect.ClientId = Util.GetConfigValue("AppGoogleID", string.Empty);
GoogleConnect.ClientSecret = Util.GetConfigValue("AppGoogleSecret", string.Empty);
if (!string.IsNullOrEmpty(Request.QueryString["code"]))
{
string code = Request.QueryString["code"];
string json = GoogleConnect.Fetch("me", code);
GoogleProfile profile = new JavaScriptSerializer().Deserialize <GoogleProfile>(json);
UserModels sv = new UserModels();
C_User it = new C_User();
C_UserInfo iit = new C_UserInfo();
it = sv.GetUserbyUserName(profile.Emails.Find(email => email.Type == "account").Value);
if (it == null)
{
it = new C_User();
string rt = string.Empty;
bool infors = false;
it.Username = profile.Emails.Find(email => email.Type == "account").Value;
it.Role = 2;
it.Password = MD5Extend.EncodePassword("123456");
it.Online = true;
it.IP = HttpContext.Request.ServerVariables["REMOTE_ADDR"].ToString();
it.LastLogin = DateTime.Now;
rt = sv.Add_User(it);
iit.FName = profile.DisplayName;
iit.Email = profile.Emails.Find(email => email.Type == "account").Value;
////iit.LName = middlename;
iit.DateRegister = DateTime.Now;
////iit.EventId = string.IsNullOrEmpty(ids) != false ? int.Parse(ids) : 0;
iit.Note = "Google login";
infors = sv.Add_User_Infor(iit);
if (rt.Length > 0 && infors == true)
{
////register_view.message = Lang.strMessageLogin;
this.Session["acc"] = iit.FName;
this.Session["mem"] = rt;
this.Session["role"] = it.Role.ToString();
this.SetAccountCookies(iit.FName, rt, it.Role.ToString(), 6);
}
}
else
{
iit = sv.GetUserInforByEmail(profile.Emails.Find(email => email.Type == "account").Value);
this.Session["acc"] = iit.FName;
this.Session["mem"] = it.Username;
this.Session["role"] = it.Role.ToString();
this.SetAccountCookies(iit.FName, it.Username, it.Role.ToString(), 6);
it.Online = true;
it.IP = HttpContext.Request.ServerVariables["REMOTE_ADDR"].ToString();
it.LastLogin = DateTime.Now;
sv.Update_User(it);
}
////lblId.Text = profile.Id;
////lblName.Text = profile.DisplayName;
////lblEmail.Text = profile.Emails.Find(email => email.Type == "account").Value;
////lblGender.Text = profile.Gender;
////lblType.Text = profile.ObjectType;
////ProfileImage.ImageUrl = profile.Image.Url;
if (Request.QueryString["error"] == "access_denied")
{
////login fail
logger.Error("Error requesting OAuth user data from Google:" + Request.QueryString["error"]);
}
if (this.Session["Google_return"] != null && Url.IsLocalUrl(this.Session["Google_return"].ToString()))
{
return(this.Redirect(Session["Google_return"].ToString()));
}
else
{
return(this.RedirectToAction("index", "home"));
}
}
else
{
return(this.RedirectToAction("index", "home"));
}
}
/// <summary>
/// Facebook the callback.
/// </summary>
/// <param name="code">The code.</param>
/// <returns>Facebook Call back</returns>
public ActionResult FacebookCallback(string code)
{
var fb = new Facebook.FacebookClient();
dynamic result = fb.Post("oauth/access_token", new { client_id = Util.GetConfigValue("AppFaceBookID", string.Empty), client_secret = Util.GetConfigValue("AppFacebookSecret", string.Empty), redirect_uri = this.RedirectUri.AbsoluteUri, code = code });
var accessToken = result.access_token;
//// Store the access token in the session for farther use
this.Session["AccessToken"] = accessToken;
//// update the facebook client with the access token so
//// we can make requests on behalf of the user
fb.AccessToken = accessToken;
//// Get the user's information
dynamic me = fb.Get("me?fields=first_name,middle_name,last_name,id,email");
string email = me.email;
string firstname = me.first_name;
string middlename = me.middle_name;
string lastname = me.last_name;
string ids = me.id;
//// Set the auth cookie
////FormsAuthentication.SetAuthCookie(email, false);
UserModels sv = new UserModels();
C_User it = new C_User();
C_UserInfo iit = new C_UserInfo();
it = sv.GetUserbyUserName(email);
if (it == null)
{
it = new C_User();
string rt = string.Empty;
bool infors = false;
it.Username = email;
it.Role = 2;
it.Password = MD5Extend.EncodePassword("123456");
it.Online = true;
it.IP = HttpContext.Request.ServerVariables["REMOTE_ADDR"].ToString();
it.LastLogin = DateTime.Now;
rt = sv.Add_User(it);
iit.FName = firstname;
iit.Email = email;
iit.LName = middlename;
iit.DateRegister = DateTime.Now;
iit.EventId = string.IsNullOrEmpty(ids) != false?int.Parse(ids) : 0;
iit.Note = "Facebook login";
infors = sv.Add_User_Infor(iit);
if (rt.Length > 0 && infors == true)
{
////register_view.message = Lang.strMessageLogin;
this.Session["acc"] = iit.FName;
this.Session["mem"] = rt;
this.Session["role"] = it.Role.ToString();
this.SetAccountCookies(iit.FName, rt, it.Role.ToString(), 6);
}
}
else
{
iit = sv.GetUserInforByEmail(email);
this.Session["acc"] = iit.FName;
this.Session["mem"] = it.Username;
this.Session["role"] = it.Role.ToString();
this.SetAccountCookies(iit.FName, it.Username, it.Role.ToString(), 6);
it.Online = true;
it.IP = HttpContext.Request.ServerVariables["REMOTE_ADDR"].ToString();
it.LastLogin = DateTime.Now;
sv.Update_User(it);
}
if (this.Session["FaceBook_return"] != null && Url.IsLocalUrl(this.Session["FaceBook_return"].ToString()))
{
return(this.Redirect(Session["FaceBook_return"].ToString()));
}
else
{
return(this.RedirectToAction("index", "home"));
}
}
public ActionResult Register(FormCollection collection)
{
var register_view = new Register_view();
this.TryUpdateModel(register_view);
UserModels sv = new UserModels();
C_User it = new C_User();
C_UserInfo iit = new C_UserInfo();
register_view.Parent_action = HttpContext.Request.RequestContext.RouteData.Values["action"].ToString();
register_view.Parent_controller = HttpContext.Request.RequestContext.RouteData.Values["controller"].ToString();
if (HttpContext.Session["captchastring"] != null && register_view.Code == HttpContext.Session["captchastring"].ToString())
{
if (register_view.Password != register_view.Confirm_password)
{
register_view.Message = App_GlobalResources.Lang.messConfirmPassword;
return(this.PartialView("../page/register", register_view));
}
if (sv.GetUserbyUserName(register_view.Email) != null)
{
register_view.Message = App_GlobalResources.Lang.messExistsEmail;
return(this.PartialView("../page/register", register_view));
}
string rt = string.Empty;
bool infors = false;
it.Username = register_view.Email;
it.Role = 2;
it.Password = MD5Extend.EncodePassword(register_view.Password);
it.IP = "not login";
it.Online = true;
it.LastLogin = DateTime.Now;
rt = sv.Add_User(it);
iit.FName = register_view.FirstName;
iit.Email = register_view.Email;
infors = sv.Add_User_Infor(iit);
if (rt.Length > 0 && infors == true)
{
register_view.Message = App_GlobalResources.Lang.strMessageLogin;
this.Session["acc"] = register_view.Email;
this.Session["mem"] = rt;
this.Session["role"] = it.Role.ToString();
this.SetAccountCookies(register_view.Email, rt, it.Role.ToString(), 6);
if (!string.IsNullOrEmpty(register_view.Return_url))
{
return(this.Redirect(register_view.Return_url));
}
else
{
return(this.RedirectToAction("index", "home"));
}
}
else
{
register_view.Message = App_GlobalResources.Lang.messErrorRegister;
return(this.PartialView("../page/register", register_view));
}
}
else
{
register_view.Message = App_GlobalResources.Lang.messCaptcha;
return(this.PartialView("../page/register", register_view));
}
}
/// <summary>
/// Checks the admin login.
/// </summary>
/// <returns>Check Admin login</returns>
public bool CheckAdminlogin()
{
string mem = string.Empty;
string role = string.Empty;
if (this.Session["mem"] != null)
{
mem = this.Session["mem"].ToString();
}
if (this.Session["role"] != null)
{
role = this.Session["role"].ToString();
}
////if session null get from cookies and set session
if (mem == string.Empty || role == string.Empty)
{
HttpCookie cookie = Request.Cookies["mem"];
if (cookie != null)
{
HttpCookie decodedCookie = HttpSecureCookie.Decode(cookie);
if (decodedCookie != null && decodedCookie.Value != null)
{
UserModels sv = new UserModels();
C_User it = new C_User();
it = sv.GetUserbyUserName(decodedCookie.Value);
if (it != null)
{
if (it.Role == 1)
{
this.Session["mem"] = it.Username;
this.Session["role"] = it.Role.ToString();
this.Session["acc"] = it.Username;
}
else
{
mem = string.Empty;
role = string.Empty;
}
}
else
{
mem = string.Empty;
role = string.Empty;
}
}
else
{
mem = string.Empty;
role = string.Empty;
}
}
}
if (mem != string.Empty && role == "1")
{
return(true);
}
else
{
return(false);
}
}
public ActionResult List_user(string user_name, string act, string ctrl, string type_act, string type, string lang, string search, int?page, int?page_size, string order_by, string order_type)
{
UserModels userModels = new UserModels();
RoleModels roleModels = new RoleModels();
C_User cuser = new C_User();
StringBuilder sb = new StringBuilder();
var list_user_view = new Web.Areas.Admin.ViewModels.List_user_view();
this.TryUpdateModel(list_user_view);
int total_record = 0;
if (string.IsNullOrEmpty(type))
{
type = Request.QueryString["type"] != null ? Request.QueryString["type"].ToString() : string.Empty;
}
if (type == string.Empty)
{
list_user_view.Message = "Chúng tôi không tìm thấy danh sách bạn yêu cầu";
}
if (string.IsNullOrEmpty(act))
{
act = Request.QueryString["act"] != null ? Request.QueryString["act"].ToString() : "list_user";
}
if (string.IsNullOrEmpty(ctrl))
{
ctrl = Request.QueryString["ctrl"] != null ? Request.QueryString["ctrl"].ToString() : "adminUser";
}
if (page == null || page == 0)
{
page = Request.QueryString["page"] != null?Convert.ToInt32(Request.QueryString["page"].ToString()) : 1;
}
if (string.IsNullOrEmpty(lang))
{
lang = LanguageModels.ActiveLanguage().LangCultureName;
}
if (page_size == null)
{
page_size = int.Parse(Util.GetConfigValue("NumberPageSizeAdmin", "30"));
}
if (user_name != null && type_act != null && type_act == CommonGlobal.Delete)
{
////check permission delete
if (UserModels.CheckPermission(this.Session["mem"] != null ? this.Session["mem"].ToString() : string.Empty, act, ctrl, type_act, type ?? string.Empty))
{
cuser = userModels.GetUserbyUserName(user_name);
if (cuser != null)
{
////delete user
bool rt = userModels.Delete_User(user_name);
if (rt)
{
list_user_view.Message = "Bạn đã xóa " + user_name;
}
else
{
list_user_view.Message = "Xóa không thành công";
}
}
else
{
list_user_view.Message = "Không tìm thấy : " + user_name;
}
}
else
{
list_user_view.Message = " Bạn không có quyền thực thi hành động xóa.";
}
}
if (string.IsNullOrEmpty(order_by) || string.IsNullOrEmpty(order_type))
{
order_by = "Username";
order_type = "asc";
}
list_user_view.Type = type;
list_user_view.Cate_type = roleModels.GetRoleByRole(type);
list_user_view.Lang = lang;
list_user_view.Type_act = type_act;
////tab
sb.Append("<li class=\"active\"><a href=\"#\"><span><span>Danh sách " + list_user_view.Cate_type + "</span></span></a></li>");
if (type == "Admin")
{
sb.Append("<li><a href=\"" + Url.Action("index", "dashboard", new { act = "change_user", ctrl = "adminUser", type = type, type_act = CommonGlobal.Add }) + "\"><span><span>Thêm " + list_user_view.Cate_type + "</span></span></a></li>");
}
list_user_view.Html_link_tab = sb.ToString();
////list language
list_user_view.List_language = this.List_select_language(this.Lang);
////list page size and paging
list_user_view.List_page_size = this.GetSizePagingPublic((int)page_size);
list_user_view.Page = (int)page;
list_user_view.Page_size = (int)page_size;
////list catalog
list_user_view.Page_list_user = userModels.AdminGetAllUser(type, lang, search, (int)page, (int)page_size, order_by, order_type, out total_record);
list_user_view.Search = search;
list_user_view.Order_by = order_by;
list_user_view.Order_type = order_type;
list_user_view.Total_record = total_record;
////acton and parent action
list_user_view.Act = act;
list_user_view.Ctrl = ctrl;
list_user_view.Parent_action = HttpContext.Request.RequestContext.RouteData.Values["action"].ToString();
list_user_view.Parent_controller = HttpContext.Request.RequestContext.RouteData.Values["controller"].ToString();
return(this.PartialView("../control/list_user", list_user_view));
}
public ActionResult Change_user(string user_name, string type, string act, string ctrl, string type_act)
{
UserModels userModels = new UserModels();
RoleModels roleModels = new RoleModels();
C_User cuser = new C_User();
StringBuilder sb = new StringBuilder();
var user_view = new Web.Areas.Admin.ViewModels.User_view();
if (string.IsNullOrEmpty(type))
{
type = Request.QueryString["type"] != null ? Request.QueryString["type"].ToString() : CommonGlobal.CateProduct;
}
if (string.IsNullOrEmpty(act))
{
act = Request.QueryString["act"] != null ? Request.QueryString["act"].ToString() : "change_user";
}
if (string.IsNullOrEmpty(ctrl))
{
ctrl = Request.QueryString["ctrl"] != null ? Request.QueryString["ctrl"].ToString() : "adminUser";
}
if (user_name == null)
{
user_name = Request.QueryString["user_name"] != null ? Request.QueryString["user_name"].ToString() : string.Empty;
}
if (string.IsNullOrEmpty(type_act))
{
type_act = Request.QueryString["type_act"] != null ? Request.QueryString["type_act"].ToString() : CommonGlobal.Add;
if (user_name == string.Empty)
{
type_act = CommonGlobal.Add;
}
else
{
type_act = CommonGlobal.Edit;
}
}
sb.Append("<li><a href=\"" + Url.Action("index", "dashboard", new { act = "list_user", ctrl = "adminUser", type = type, page = "1" }) + "\"><span><span>Danh sách Admin</span></span></a></li>");
if (type_act == CommonGlobal.Edit)
{
cuser = userModels.GetUserbyUserName(user_name);
sb.Append("<li class=\"active\"><a href=\"#\"><span><span>" + cuser.Username + "</span></span></a></li>");
if (type == "Admin")
{
sb.Append("<li><a href=\"" + Url.Action("index", "dashboard", new { act = "list_user_permission", ctrl = "adminUser", type = type, page = "1", user_name = cuser.Username }) + "\"><span><span>Page Permission</span></span></a></li>");
}
user_view.Username = cuser.Username;
user_view.Username_text = "readonly='readonly'";
user_view.Role = cuser.Role;
user_view.Online = cuser.Online ?? false;
if (cuser.Online == true)
{
user_view.Online = true;
user_view.Online_text = "checked='checked'";
}
else
{
user_view.Online = false;
user_view.Online_text = string.Empty;
}
}
else
{
if (type == "Admin")
{
sb.Append("<li class=\"active\"><a href=\"#\"><span><span>Thêm Admin</span></span></a></li>");
user_view.Username_text = string.Empty;
}
}
user_view.Html_link_tab = sb.ToString();
user_view.Type = type;
user_view.Type_act = type_act;
////action and parent action
user_view.Act = act;
user_view.Ctrl = ctrl;
user_view.Parent_action = HttpContext.Request.RequestContext.RouteData.Values["action"].ToString();
user_view.Parent_controller = HttpContext.Request.RequestContext.RouteData.Values["controller"].ToString();
return(this.PartialView("../control/change_user", user_view));
}
/// <summary>
/// Orders the view.
/// </summary>
/// <param name="fcode">The order code.</param>
/// <returns>Order view</returns>
public ActionResult Order_view(string fcode)
{
if (!this.CheckMemberlogin())
{
return(this.RedirectToAction("login", "account", new { return_url = string.Empty + Url.Action("order_view", "account", new { fcode = fcode }) }));
}
else
{
var order_view = new Order_register_view();
string strBread;
ViewBag.Title = App_GlobalResources.Lang.strOrderCode + " " + fcode;
strBread = string.Format("<li><a href=\"" + Url.Action("my_account", "account") + "\">" + App_GlobalResources.Lang.strPersonalInformation + "</a></li>");
strBread = string.Format("<li><a href=\"" + Url.Action("order_history", "account") + "\">" + App_GlobalResources.Lang.strOrderHistory + "</a></li>");
strBread += "<li>" + fcode + "</li>";
ViewBag.heading = App_GlobalResources.Lang.strOrderCode + " " + fcode;
ViewBag.str_breadcrumbs = strBread;
this.AddMeta(CommonGlobal.Keyword, App_GlobalResources.Lang.strOrderCode + " " + fcode);
this.AddMeta(CommonGlobal.Description, App_GlobalResources.Lang.strOrderCode + " " + fcode);
DetailOrderModels detailsv = new DetailOrderModels();
OrderModels orderModels = new OrderModels();
if (string.IsNullOrEmpty(fcode))
{
return(this.HttpNotFound());
}
C_User usr = new C_User();
order_view.Parent_action = HttpContext.Request.RequestContext.RouteData.Values["action"].ToString();
order_view.Parent_controller = HttpContext.Request.RequestContext.RouteData.Values["controller"].ToString();
order_view.ContentShipping = GeneralModels.GetContent(CommonGlobal.ContentShipping, this.Lang);
UserModels sv = new UserModels();
usr = sv.GetUserbyUserName(Session["mem"].ToString());
var orders = orderModels.GetOrdersbyCode(fcode, usr.Username);
if (orders == null)
{
order_view.Message = App_GlobalResources.Lang.messOrderNotFound;
return(this.PartialView("../page/order_view", order_view));
}
order_view.Message = string.Empty;
order_view.Email = orders.Email;
order_view.Name = orders.Name;
order_view.Phone = orders.Phone;
order_view.Address = orders.Address;
order_view.Gender = orders.Gender;
order_view.Sub_total = CommonGlobal.FormatMoney(orders.Total);
order_view.Content = orders.Note;
order_view.Order_code = fcode;
order_view.Payment_status_text = CommonGlobal.GetPaymentStatusString(int.Parse(orders.Payment ?? "0"));
order_view.Process_status_text = CommonGlobal.GetOrderStatusString(orders.Process ?? 0);
var list_order_detail = detailsv.GetAllOrderDetail(fcode);
if (list_order_detail.Count > 0)
{
order_view.ShoppingCart = new ArrayList(list_order_detail.ToArray());
}
return(this.PartialView("../page/order_view", order_view));
}
}
public IActionResult ValidateUser([FromBody] AdminUserValidateView userView)
{
IActionResult response = null;
UserModels userModels = new UserModels();
User user = new User();
var mess = string.Empty;
string rt = string.Empty;
bool is_valid = true;
if (userView.IsCreate)
{
if (!string.IsNullOrEmpty(userView.Username))
{
user = userModels.GetUserbyUserName(userView.Username);
if (user != null)
{
is_valid = false;
if (mess == string.Empty)
{
response = Json(new { code = Constant.Duplicate, message = Constant.MessageDuplicate, field = "username" });
}
}
}
}
////validation server
if (string.IsNullOrEmpty(userView.Username))
{
is_valid = false;
if (mess == string.Empty)
{
mess = Constant.MessageDataEmpty;
response = Json(new { code = Constant.Empty, message = mess, field = "username" });
}
}
////UserName duplicate Admin
if (userView.Username == "Admin")
{
is_valid = false;
if (mess == string.Empty)
{
mess = Constant.MessageNotValid;
response = Json(new { code = Constant.Fail, message = mess, field = "username" });
}
}
if (userView.IsCreate)
{
// validation password
if (string.IsNullOrEmpty(userView.Password))
{
is_valid = false;
if (mess == string.Empty)
{
mess = Constant.MessageDataEmpty;
response = Json(new { code = Constant.Empty, message = mess, field = "password" });
}
}
if (string.IsNullOrEmpty(userView.ConfirmPassword))
{
is_valid = false;
if (mess == string.Empty)
{
mess = Constant.MessageDataEmpty;
response = Json(new { code = Constant.Empty, message = mess, field = "confirmPassword" });
}
}
if (userView.Password != userView.ConfirmPassword)
{
is_valid = false;
if (mess == string.Empty)
{
mess = Constant.MessageConfirmPassword;
response = Json(new { code = Constant.Fail, message = mess, field = "confirmPassword" });
}
}
}
if (userModels.GetRolebyId(userView.Role) == null)
{
is_valid = false;
if (mess == string.Empty)
{
mess = Constant.MessageNotExist;
response = Json(new { code = Constant.NotExist, message = mess, field = "role" });
}
}
if (is_valid)
{
response = Json(new { code = Constant.Success, message = Constant.MessageOk });
}
return(response);
}
public ActionResult Change_user(FormCollection collection)
{
UserModels userModels = new UserModels();
C_User cuser = null;
StringBuilder sb = new StringBuilder();
var user_view = new Web.Areas.Admin.ViewModels.User_view();
this.TryUpdateModel(user_view);
string rt = string.Empty;
bool is_valid = true;
if (!string.IsNullOrEmpty(user_view.Username))
{
cuser = userModels.GetUserbyUserName(user_view.Username);
}
////validation server
if (string.IsNullOrEmpty(user_view.Username))
{
is_valid = false;
if (user_view.Message == string.Empty)
{
user_view.Message = "Bạn phải nhập User Name";
}
}
////UserName duplicate Admin
if (user_view.Username == "Admin")
{
is_valid = false;
if (user_view.Message == string.Empty)
{
user_view.Message = "Bạn không thể tạo Admin";
}
}
////Link tab
sb.Append("<li><a href=\"" + Url.Action("index", "dashboard", new { act = "list_user", ctrl = "adminUser", type = user_view.Type, page = "1" }) + "\"><span><span>Danh sách Admin</span></span></a></li>");
if (!string.IsNullOrEmpty(user_view.Username) && user_view.Type_act == CommonGlobal.Edit)
{
sb.Append("<li class=\"active\"><a href=\"#\"><span><span>" + cuser.Username + "</span></span></a></li>");
}
else
{
sb.Append("<li class=\"active\"><a href=\"#\"><span><span>Thêm mới</span></span></a></li>");
////validation password
if (string.IsNullOrEmpty(user_view.Password))
{
is_valid = false;
if (user_view.Message == string.Empty)
{
user_view.Message = "Bạn phải nhập mật khẩu";
}
}
if (string.IsNullOrEmpty(user_view.ConfirmPassword))
{
is_valid = false;
if (user_view.Message == string.Empty)
{
user_view.Message = "Bạn phải xác nhận mật khẩu";
}
}
if (user_view.Password != user_view.ConfirmPassword)
{
is_valid = false;
if (user_view.Message == string.Empty)
{
user_view.Message = "Bạn phải xác nhận mật khẩu";
}
}
}
sb.Append("<li><a href=\"" + Url.Action("index", "dashboard", new { act = "list_user_permission", ctrl = "adminUser", type = user_view.Type, user_name = user_view.Username, page = "1" }) + "\"><span><span>Permission</span></span></a></li>");
user_view.Html_link_tab = sb.ToString();
if (!is_valid)
{
return(this.PartialView("../control/change_user", user_view));
}
cuser = new C_User();
cuser.Username = user_view.Username;
cuser.Online = user_view.Online;
if (cuser.Online == true)
{
user_view.Online = true;
user_view.Online_text = "checked='checked'";
}
else
{
user_view.Online = false;
user_view.Online_text = string.Empty;
}
if (!string.IsNullOrEmpty(user_view.Username) && user_view.Type_act == CommonGlobal.Edit)
{
rt = userModels.Update_User(cuser);
}
else
{
cuser.Role = 1;
cuser.Password = MD5Extend.EncodePassword(user_view.Password);
cuser.IP = "not login";
cuser.Online = true;
cuser.LastLogin = null;
rt = userModels.Add_User(cuser);
}
if (rt.Length > 0)
{
user_view.Message = "Cập nhật thành công!";
user_view.Username = rt;
user_view.Type_act = CommonGlobal.Edit;
}
else
{
user_view.Message = "Cập nhật không thành công!";
}
return(this.PartialView("../control/change_user", user_view));
}
public ActionResult Index()
{
if (!this.CheckAdminlogin())
{
return(this.RedirectToAction("login", "dashboard", new { area = "admin" }));
}
else
{
var return_url = Request.Url.ToString();
var index_view = new Index_view();
int count = Request.QueryString.Count;
if (count > 0)
{
string act, ctrl, type_act, type;
act = Request.QueryString["act"] != null ? Request.QueryString["act"].ToString() : string.Empty;
ctrl = Request.QueryString["ctrl"] != null ? Request.QueryString["ctrl"].ToString() : string.Empty;
type_act = Request.QueryString["type_act"] != null ? Request.QueryString["type_act"].ToString() : CommonGlobal.View;
type = Request.QueryString["type"] != null ? Request.QueryString["type"].ToString() : string.Empty;
if (act != string.Empty && ctrl != string.Empty)
{
bool isOk = false;
UserModels sv = new UserModels();
RoleModels roleM = new RoleModels();
C_Role itR = new C_Role();
C_User itU = new C_User();
itU = sv.GetUserbyUserName(Session["mem"].ToString());
itR = roleM.GetRoleItem(itU.Role);
////check permission view/add/edit
if (ctrl == "adminProduct" && (act == "image_product" || act == "property_product" || act == "list_Rating"))
{
////Chỉ được phép thay đổi thuộc tính của sản phẩm nếu có quyền edit product
if (UserModels.CheckPermission(this.Session["mem"] != null ? this.Session["mem"].ToString() : string.Empty, "change_product", ctrl, type_act, type) && itR.Role == "Admin")
{
isOk = true;
}
else
{
isOk = false;
}
}
else
{
if (UserModels.CheckPermission(this.Session["mem"] != null ? this.Session["mem"].ToString() : string.Empty, act, ctrl, type_act, type) && itR.Role == "Admin")
{
isOk = true;
}
else
{
isOk = false;
}
}
if (isOk == true)
{
index_view.Act = act;
index_view.Ctrl = ctrl;
index_view.Type_act = type_act;
index_view.Type = type;
}
else
{
logger.Error(Session["mem"].ToString() + " đã truy cập khu vực không hợp lệ:act = " + act + ",ctrl = " + ctrl + ",type_act= " + type_act + ",type= " + type);
index_view.Act = "access_denied";
index_view.Ctrl = "dashboard";
}
}
else
{
logger.Error(Session["mem"].ToString() + " đã truy cập khu vực không hợp lệ:act = " + act + ",ctrl = " + ctrl + ",type_act= " + type_act + ",type= " + type);
index_view.Act = "access_denied";
index_view.Ctrl = "dashboard";
}
}
else
{
index_view.Act = "statistic";
index_view.Ctrl = "dashboard";
index_view.Type_act = CommonGlobal.View;
index_view.Type = string.Empty;
}
index_view.Return_url = return_url;
return(this.PartialView("../page/index", index_view));
}
}
