public ActionResult UpdateUser(UserPO form)
{
ActionResult response = null;
if (ModelState.IsValid)
{
try
{
UserDO userDO = Mapping.Mapper.UserPOtoDO(form);
_userDAO.UpdateUserById(userDO);
response = RedirectToAction("UserDetails", "Account", new { Id = form.UserID });
}
catch (Exception exception)
{
_Logger.Log("Fatal", exception.Source, exception.TargetSite.ToString(), exception.Message, exception.StackTrace);
response = RedirectToAction("ViewAllUsers", "Account");
}
finally
{
}
}
else
{
response = View(form);
}
return(response);
}
///<summary>
/// Views all users by team
/// </summary>
public ActionResult ViewAllUsers()
{
ActionResult oResponse = null;
UserViewModel ViewAllUsersVM = new UserViewModel();
// Ensures authenticated
if (ModelState.IsValid)
{
try
{
// Calls GetAllUsers from DAL and stores in allUsersDO
List <IUserDO> allUsersDO = _uda.GetAllUsers();
foreach (IUserDO userDO in allUsersDO)
{
UserPO userPO = Mapper.Map <IUserDO, UserPO>(userDO);
ViewAllUsersVM.ListOfUserPO.Add(userPO);
}
oResponse = View(ViewAllUsersVM);
}
catch (Exception ex)
{
ErrorLogger.LogError(ex, "ViewAllUsers", "Account");
ViewAllUsersVM.ErrorMessage = "There was an issue retrieving employees. Please try again. If the problem persists contact your IT department.";
}
}
else
{
oResponse = RedirectToAction("Index", "Home");
}
return(oResponse);
}
/// <summary>
/// Sets the Keys: Username, Role, and UserID to their corresponding values from the
/// UserPO that is passed in as a parameter.
/// </summary>
/// <remarks>
/// SetUserSession also logs a message when a Admin logs into their account.
/// </remarks>
protected void SetUserSession(UserPO user)
{
Session["Username"] = user.Username;
Session["Role"] = user.RoleID;
Session["UserID"] = user.UserID;
if (user.RoleID == 1 || user.RoleID == 2)
{
// If an Admin or Driver is logging in then
// allow 4 hours before the session times out.
// One less complaint we need to worry about.
Session.Timeout = 240;
}
else
{
// Give users a session timeout of 45.
Session.Timeout = 45;
}
if (user.RoleID == 1)
{
// If an Admin got on, then we should log it.
Logger.Log("Info", "Mvc Layer", "SetUserSession from AccountController",
"ADMIN logged on with username " + user.Username);
}
}
public List <UserActiveInfoPO> Resolve(Entity.User source, UserPO destination, List <UserActiveInfoPO> destMember, ResolutionContext context)
{
if (source.UserActiveInfo == null)
{
return(null);
}
var result = new List <UserActiveInfoPO>();
var po = new UserActiveInfoPO()
{
MItemID = source.UserActiveInfo.Id,
MUserID = source.Id,
MEmail = source.UserActiveInfo.Email,
MPhone = source.UserActiveInfo.Phone,
MCreateDate = DateTime.Now,
MLinkType = source.UserActiveInfo.LinkType,
MCreatorID = source.CreatorID,
MExpireDate = source.CreateDate.AddHours(12),
MIsDelete = source.UserActiveInfo.IsDelete,
MIsActive = source.UserActiveInfo.IsActive
};
result.Add(po);
return(result);
}
public ActionResult CreateUser(UserViewModel userInfo)
{
ActionResult response = null;
try
{
if (Session["UserName"] == null)
{
UserPO form = userInfo.Form;
if (ModelState.IsValid)
{
UserMap map = new UserMap();
UserDO userObject = map.UserPOToDO(form);
userObject.RoleID = 1;
userDL.CreateUser(userObject);
response = RedirectToAction("Login", "Account");
}
else
{
response = View(userInfo);
}
}
else
{
response = RedirectToAction("Index", "Home");
}
}
catch (SqlException sqlEx)
{
//What about the exception do we wish to analyze?
userInfo.message = new ExceptionAnalysis().GenerateResponse(sqlEx);
response = View(userInfo);
}
return(response);
}
public ActionResult Login(UserPO userModel)
{
// check to make sure the user is accessing the right view/browser
if (ModelState.IsValid)
{
// map the info
UserDAO _user = _userDataAccess.LoginUser(_mapper.Map(userModel));
// if the user does not exist take them to the create user page
if (_user.userPassword == userModel.userPassword)
{
// put the user values to the sesion variables
Session["userTableID"] = _user.userTableID;
Session["roleName"] = _user.roleName;
Session["userRole"] = _user.userRole;
}
else
{
// display message if the info does not match
ViewBag.errorMessage = "Incorrect username/password";
// return the view
return(View());
}
}
return(RedirectToAction("ViewProducts", "Product"));
}
public ActionResult UpdateUser(int UserID)
{
UserDO item = null;
UserPO display = null;
ActionResult response = RedirectToAction("Index", "Home");
if (Session["RoleID"] != null && ((int)Session["RoleID"] == 3))
{
try
{
//Make sure password is not being called
item = _dataAccess.ReadIndividualUserByID(UserID);
display = UserMappers.UserDOtoPO(item);
}
catch (Exception exception)
{
ErrorLogger.LogExceptions(exception);
response = View(UserID);
}
finally
{ }
response = View(display);
}
else
{
response = RedirectToAction("Index", "Home");
}
return(response);
}
public ActionResult AccountView()
{
UserPO userInfo = new UserPO();
//try to connect to the db, collect the users information (filtered by UserName) and map it to a UserPO
try
{
userInfo = Mapper.Mapper.UserDOtoPO(_UserDAO.ViewByUserName(Session["UserName"].ToString()));
}
//catching any sqlExceptions we may encounter in our db call
catch (SqlException sqlEx)
{
if (!((bool)sqlEx.Data["Logged"] == true) || !sqlEx.Data.Contains("Logged"))
{
Logger.LogSqlException(sqlEx);
}
}
catch (Exception ex)
{
if (!ex.Data.Contains("Logged") || (bool)ex.Data["Logged"] == false)
{
Logger.LogException(ex);
}
}
return(View(userInfo));
}
/// <summary>
///
/// </summary>
/// <param name="id"></param>
/// <returns></returns>
public static UserPO GetDataForSave(int id)
{
UserPO item;
if (id == 0)
{
item = new UserPO()
{
Username = "",
Password = "",
Nickname = "",
Email = "",
Usertype = "",
Moblie = "",
Sex = 0,
SchoolId = 0,
Cash = 0,
Point = 0,
Status = 0,
Createtime = DateTime.Now,
Updatetime = DateTime.Now,
};
}
else
{
item = GetItem(id);
}
return(item);
}
public ActionResult Modify(UserPO user)
{
ActionResult oResponse = RedirectToAction("Index");
if (ModelState.IsValid && user.UserId != 0)
{
try
{
UserDO to = UserMapper.MapPoToDO(user);
dataAccess.UpdateUser(to);
TempData["Message"] = $"{to.Username} successfully modified.";
}
catch (Exception ex)
{
//Logs exception using exceptionLog class.
exceptionLog.ExceptionLog("Critical", ex.Message, "AccuntController", "Modify", ex.StackTrace);
oResponse = View(user);
}
}
else
{
oResponse = View(user);
}
return(oResponse);
}
public ActionResult ViewAllUser()
{
ActionResult response = null;
if (Session["RoleID"] != null)
{
if ((int)Session["RoleID"] == 1)
{
UserDAL userDataAccess = new UserDAL();
List <UserPO> userList = new List <UserPO>();
List <UserDO> userObjectList = userDataAccess.ReadUser();
foreach (UserDO objectList in userObjectList)
{
UserPO mappedUser = Mapper.MapUserDOtoPO(objectList);
userList.Add(mappedUser);
}
response = View(userList);
}
else
{
response = RedirectToAction("Index", "Home");
}
}
else
{
response = RedirectToAction("Index", "Home");
}
return(response);
}
public ActionResult Modify(long userId)
{
//Defaults redirect to view.
ActionResult oResponse = View();
if (ModelState.IsValid)
{
try
{
UserDO data = dataAccess.ViewUserById(userId);
UserPO display = UserMapper.MapDoToPO(data);
//Sets redirect to view passing User info from table using stored procedure.
oResponse = View(display);
}
catch (Exception ex)
{
//Logs exception using exceptionLog class.
exceptionLog.ExceptionLog("Critical", ex.Message, "AccountController", "Modify", ex.StackTrace);
//Sets redirect to view passing userId.
oResponse = View(userId);
}
}
else
{
//Redirects to view passing userId.
oResponse = View(userId);
}
return(oResponse);
}
private void SetSessionVariables(UserPO user)
{
Session["FirstName"] = user.FirstName;
Session["LastName"] = user.LastName;
Session["EmailAddress"] = user.EmailAddress;
Session["LastLogin"] = user.LastLogin;
}
public ActionResult Login(LoginPO Form)
{
ActionResult oRespose = null;
if (ModelState.IsValid)
{
//View User by username
UserPO user = AutoMap <User> .To <UserPO>(userDataAccess.ViewUserByUsername(Form.Username));
byte[] currentAttempt = aCrypt.HashPassword(user.PrependSalt, Form.Password, user.AppendSalt);
int len = currentAttempt.Length;
for (int i = 0; i < currentAttempt.Length && i < user.Password.Length; i++)
{
if (currentAttempt[i] != user.Password[i])
{
string setBP = "";
}
}
if (user != null && aCrypt.Compare(user.Password, currentAttempt))
{
SetSessionVariables(user);
oRespose = RedirectToAction("Index", "Home");
}
else
{
oRespose = View(Form);
}
}
else
{
oRespose = View(Form);
}
return(oRespose);
}
public ActionResult Alter(UserPO Update)
{
UserDAO UserToUpdate = mapper.SingleUserMap(Update);
UserData.UpdateUser(UserToUpdate);
return(RedirectToAction("UserProfile"));
}
public ActionResult UpdateAUser(Int64 userID)
{
UserDO userObject = UserDataAccess.ViewUserById(userID);
UserPO mappedData = Mapper.MapUserDOToPO(userObject);
return(View(mappedData));
}
public ActionResult Register(UserPO Create)
{
if (ModelState.IsValid)
{
if (Create.Email != null)
{
if (Create.Email.Contains("@") & Create.Email.Contains(".") & Create.FirstName != null & Create.LastName != null)
{
UserDAO UserToCreate = mapper.SingleUserMap(Create);
UserData.CreateUser(UserToCreate);
return(RedirectToAction("Login"));
}
else
{
return(RedirectToAction("Register", new { check = 1 }));
}
}
else
{
return(RedirectToAction("Register", new { check = 1 }));
}
}
else
{
return(RedirectToAction("Register", new { check = 1 }));
}
}
public ActionResult UpdateUser(UserPO form)
{
ActionResult response = null;
if (ModelState.IsValid)
{
try
{
UserDO dataObject = UserMapper.UserPOToDO(form);
_dataAccess.UpdateUserInformation(dataObject);
response = RedirectToAction("Index", "User");
}
catch (SqlException ex)
{
//uses custom Sql error to show that a username already exists
if (ex.Data.Contains("uniqueUsername"))
{
ModelState.AddModelError("Username", ex.Data["uniqueUsername"].ToString());
}
//uses custom Sql error to show that the inputted role ID is not valid
else if (ex.Data.Contains("invalidRoleId"))
{
ModelState.AddModelError("RoleId", ex.Data["invalidRoleId"].ToString());
}
Logger.Log("Fatal", ex.TargetSite.ToString(), ex.Message, ex.StackTrace);
response = View();
}
}
else
{
response = View(form);
}
return(response);
}
public ActionResult UpdateUser(UserPO form)
{
ActionResult response = null;
try
{
_logger.LogMessage("Info", "Update User Post", MethodBase.GetCurrentMethod().ToString(),
"Request to update information for user with ID #" + form.UserID + " received from user with ID #" + Session["ID"] + ".");
if (ModelState.IsValid)
{
_logger.LogMessage("Info", "Model State check passed", MethodBase.GetCurrentMethod().ToString(),
"UserPO form model state is valid.");
//Allow role changes if updater is admin
if ((int.TryParse(Session["Role"].ToString(), out int role) && role >= 3) ||
(TempData["initialRole"] != null && (int)TempData["initialRole"] == form.RoleID))
{
//Under no circumstances allow altered UserID
if (TempData["initialID"] != null && (int)TempData["initialID"] == form.UserID)
{
_logger.LogMessage("Attempting to map User PO to DO.");
UserDO userDO = Mapping.Mapper.UserPOtoDO(form);
_userDAO.UpdateUser(userDO);
if (TempData["updatingSelf"] != null &&
TempData["updatingSelf"].ToString() == "true")
{
TempData.Remove("updatingSelf");
//reset session in case own username was changed
SetSession(form.Username, form.RoleID);
}
else
{
}
TempData["updateSuccess"] = "User information updated.";
response = RedirectToAction("UserDetails", "Account", new { username = form.Username });
}
else
{
_logger.LogMessage("Warning", "User Update forbidden", MethodBase.GetCurrentMethod().ToString(),
"User ID could not be verified or failed verification. Attempt to submit update form with altered User ID was denied.");
TempData["noPermission"] = "An error has been encountered. You have been returned to the home page.";
response = RedirectToAction("Index", "Home");
}
}
else
{
_logger.LogMessage("Warning", "User Update forbidden", MethodBase.GetCurrentMethod().ToString(),
"Non admin with User ID#" + Session["ID"].ToString() + " and username '" + Session["Username"].ToString() + "' attempted to change user role.");
TempData["noPermission"] = "An error has been encountered. You have been returned to the home page.";
response = RedirectToAction("Index", "Home");
}
}
else
{
_logger.LogMessage("Warning", "Model State check failed", MethodBase.GetCurrentMethod().ToString(),
"UserPO form model state was not valid. Returning user to View.");
FillRoleDropDown(form);
response = View(form);
}
}
//Method that allows user to input the information they want to update
public ActionResult UpdateUser(int UserId)
{
//declaring object using model PlayerPO
UserPO userToUpdate = new UserPO();
//Beginning of processes
try
{
//declare List using Model UserDO, and use it to store all information on the game recovered by using a DAL access call
UserDO item = _dataAccess.UserReadByID(UserId);
//assign all data to object using a mapper
userToUpdate = MapUserTF.UserDOtoPO(item);
}
//catch to record any exceptions that crop up
catch (Exception ex)
{
//call to method to record necessary information
ErrorFile.ErrorHandlerPL(ex);
}
//finally to tie up any loose ends
finally
{ }
//Sends the data in the list to the view to be seen by the user.
return(View(userToUpdate));
}
public ActionResult UpdateUser(UserPO form)
{
ActionResult response = null;
if (Session["RoleID"] != null && ((int)Session["RoleID"] == 3))
{
if (ModelState.IsValid)
{
try
{
UserDO dataObject = UserMappers.UserPOtoDOWithoutPassword(form);
_dataAccess.UpdateUser(dataObject);
response = RedirectToAction("Index", "User");
}
catch (Exception exception)
{
ErrorLogger.LogExceptions(exception);
response = View(form);
}
finally
{ }
}
else
{
response = View(form);
}
}
return(response);
}
public ActionResult Create(UserPO form)
{
ActionResult oResponse = RedirectToAction("Index", "Account");
//Validation check
if (ModelState.IsValid)
{
try
{
//Passing dataObjects mapped from PO to DO for CreateUser()
UserDO dataObject = UserMapper.MapPOtoDO(form);
dataAccess.CreateUser(dataObject);
TempData["Message"] = $"{form.Username} was created successfully.";
}
catch (Exception ex)
{
oResponse = View(form);
TempData["Message"] = "Fail";
}
}
else
{
oResponse = View(form);
}
return(oResponse);
}
public ActionResult UpdateUser(UserViewModel userInfo)
{
ActionResult response = null;
try
{
if ((Int64)Session["RoleID"] == 3)
{
UserPO form = userInfo.Form;
UserMap map = new UserMap();
if (ModelState.IsValid)
{
UserDO userObject = map.UserPOToDO(form);
userDL.UpdateUser(userObject);
response = RedirectToAction("UserIndex");
}
else
{
response = View(userInfo);
}
}
else
{
response = RedirectToAction("Index", "Home");
}
}
catch (SqlException sqlEx)
{
userInfo.message = new ExceptionAnalysis().GenerateResponse(sqlEx);
response = View(userInfo);
}
return(response);
}
public ActionResult Register(UserPO form)
{
//Declaring local variables
ActionResult oResponse = RedirectToAction("Login", "Account");
if (ModelState.IsValid)
{
try
{
form.RoleID = 3;
UserDO dataObject = UserMapper.MapPOtoDO(form);
dataAccess.CreateUser(dataObject);
TempData["Message"] = $"{form.Username} was created successfully.";
}
catch (Exception ex)
{
oResponse = View(form);
TempData["Message"] = "Fail";
}
}
else
{
oResponse = View(form);
}
return(oResponse);
}
public static List <UserPO> UserDOListToPO(List <UserDO> from)
{
List <UserPO> to = new List <UserPO>();
foreach (UserDO user in from)
{
UserPO temp = new UserPO();
temp.UserID = user.UserId;
temp.UserName = user.UserName;
temp.Password = null;
temp.RoleName = user.RoleName;
temp.Role = user.Role;
temp.FirstName = user.FirstName;
temp.LastName = user.LastName;
temp.Banned = user.Banned;
temp.Inactive = user.Inactive;
temp.Salt = user.Salt;
to.Add(temp);
}
return(to);
}
public ActionResult UserDetails(int specificUser = default(int))
{
ActionResult response = null;
//Only accessiblle to signed in users.
if (Session["UserRole"] != null)
{
//The details page must match the user Id of the user requesting, or be an admin.
if (specificUser != (int)Session["UserID"] && (int)Session["UserRole"] != 1)
{
//Make them match if they don't.
specificUser = (int)Session["UserID"];
}
try
{
//Get and display the users information.
UserDO userObject = _dataAccess.UserDetails(specificUser);
UserPO displayUser = Mapper.UserDOtoPO(userObject);
response = View(displayUser);
}
catch (Exception ex)
{
Logger.Log(ex);
//If there is an issue getting the user's details, sent the user to the Index of Games.
response = RedirectToAction("Index", "Games");
}
finally { }
}
else
{
//Redirect if the user does not have session.
response = RedirectToAction("Index", "Games");
}
return(response);
}
public ActionResult Login(UserViewModel loginVM)
{
ActionResult oResponse = null;
IUserBO returnUserBO = new UserBO();
if ((returnUserBO = _userBLL.CheckUserLogin(loginVM.User.Email, loginVM.UserCred.UserPassword)) != null)
{
IUserPO _iUserPO = new UserPO();
_iUserPO = Mapper.Map <IUserBO, IUserPO>(returnUserBO);
FormsAuthentication.SetAuthCookie(_iUserPO.Email, false);
Session["UserModel"] = _iUserPO;
//Refresh Menus
Session["MenuItems"] = HomeController.GetMenuItem(HttpContext.Session);
oResponse = RedirectToAction("Dashboards", "Home");
}
else
{
oResponse = RedirectToAction("Shared", "Error");
}
return(oResponse);
}
public ActionResult UpdateUser(int specificUser = default(int))
{
ActionResult response = null;
//Only registered users can update their information.
if (Session["UserRole"] != null)
{
//The user accessing the update page must be updating their own information, unless they are admin.
if (specificUser != (int)Session["UserID"] && (int)Session["UserRole"] != 1)
{
//Make them match if they don't.
specificUser = (int)Session["UserID"];
}
try
{
//Populate the form with the user's current information.
UserDO userObject = _dataAccess.UserDetails(specificUser);
UserPO displayUser = Mapper.UserDOtoPO(userObject);
response = View(displayUser);
}
catch (Exception ex)
{
//If there is an issue, send the user to the game's index.
Logger.Log(ex);
response = RedirectToAction("Index", "Games");
}
finally { }
}
else
{
//If the user has lost session, redirect them.
response = RedirectToAction("Index", "Games");
}
return(response);
}
/// <summary>
/// Gets a list of invalid information on a user when they request a delivery order.
/// </summary>
/// <param name="user">The user to validate.</param>
/// <returns>A list of property names that are invalid.</returns>
protected List <string> GetInvalidDeliveryInfo(UserPO user)
{
// Set up the return variable. A list of the property names that are invalid.
List <string> invalidInfo = new List <string>();
// Set up a dictionary with the Keys as the models properties and the values being true if valid.
Dictionary <string, bool> validations = new Dictionary <string, bool>();
validations.Add("Address", !String.IsNullOrEmpty(user.Address));
validations.Add("City", !String.IsNullOrEmpty(user.City));
validations.Add("State", !String.IsNullOrEmpty(user.State));
validations.Add("ZipCode", !String.IsNullOrEmpty(user.ZipCode));
validations.Add("Phone", !String.IsNullOrEmpty(user.Phone));
// Loop through all of the keys and add any that are not valid to the list of invalidInfo.
foreach (string key in validations.Keys)
{
if (validations[key] == false)
{
invalidInfo.Add(key);
}
}
return(invalidInfo);
}
public ActionResult DeleteUser(long userID)
{
ActionResult response;
//Only admins can delete user.
if (Session["Role"] != null)
{
if ((int)Session["Role"] == 3 && userID > 0)
{
try
{
UserDO user = userDataAccess.ViewUserByID(userID);
UserPO deleteUser = mapper.MapDoToPo(user);
userDataAccess.DeleteUser(userID);
response = RedirectToAction("AllUsers", "Account");
}
catch (Exception ex)
{
logger.ErrorLog(MethodBase.GetCurrentMethod().DeclaringType.Name, MethodBase.GetCurrentMethod().Name, ex);
response = RedirectToAction("UserDetails", "Account");
}
}
else
{
response = RedirectToAction("AllUsers", "Account");
}
}
else
{
response = RedirectToAction("Register", "Account");
}
return(response);
}