public async Task <IActionResult> GetUserRights(string Type, string UserOrDesignation)
{
UserRightsFunctionsDTO = new UserRightsFunctionsDTO();
try
{
UserRightsFunctionsDTO = await UserRightsDAL.GetallUserModules(Type, UserOrDesignation, Con);
return(UserRightsFunctionsDTO != null?Ok(UserRightsFunctionsDTO) : (IActionResult)StatusCode(StatusCodes.Status204NoContent));
}
catch (Exception)
{
return(StatusCode(StatusCodes.Status500InternalServerError));
throw;
}
}
public async Task <UserRightsFunctionsDTO> GetallUserModules(string Type, string UserOrDesignation, string connectionString)
{
UserRightsFunctionsDTO UserRightsFunctionsDTO = new UserRightsFunctionsDTO();
UserRightsFunctionsDTO.FunctionsDTOList = new List <FunctionsDTO>();
List <FunctionsDTO> FunctionsDTOList = new List <FunctionsDTO>();
List <ModuleDTO> ModuleDTOlist = new List <ModuleDTO>();
List <SubModuleDTO> SubModuleDTOList = new List <SubModuleDTO>();
string Query = string.Empty;
long Userid = 0;
int RoleFunctionsCount = 0;
int RoleID = 0;
ds = new DataSet();
await Task.Run(() =>
{
UserRightsDTO = new UserRightsDTO();
UserRightsDTO.ModuleDTOList = new List <ModuleDTO>();
try
{
if (string.IsNullOrEmpty(Type) && string.IsNullOrEmpty(UserOrDesignation))
{
Query = "select functionid,parentmoduleid,submoduleid,functionname,functionurl,false as viewpermission,false as createpermission,false as updatepermission,false as deletepermission from tblmstfunctions where statusid=" + Convert.ToInt32(Status.Active) + ";";
}
else
{
if (Type.ToUpper().Trim() == "USER")
{
RoleFunctionsCount = Convert.ToInt32(NPGSqlHelper.ExecuteScalar(connectionString, CommandType.Text, "select count(*) from tblmstrolefunctions where upper(username)='" + ManageQuote(UserOrDesignation.ToUpper().Trim()) + "';"));
Userid = Convert.ToInt64(NPGSqlHelper.ExecuteScalar(connectionString, CommandType.Text, "select coalesce(userid,0) as userid from tblmstusers where upper(username)='" + ManageQuote(UserOrDesignation.ToUpper().Trim()) + "';").ToString());
UserRightsDTO.pUserID = Userid;
UserRightsDTO.pUserName = UserOrDesignation;
UserRightsFunctionsDTO.pUserID = Userid;
UserRightsFunctionsDTO.pUserName = UserOrDesignation;
if (RoleFunctionsCount > 0)
{
// Query = "select functionid,parentmoduleid,submoduleid,functionname,functionurl,false as viewpermission,false as createpermission,false as updatepermission,false as deletepermission from tblmstfunctions where functionid not in (select functionid from tblmstrolefunctions where userid=" + Userid + ") union select t2.functionid,t2.parentmoduleid,t2.submoduleid,t2.functionname,t2.functionurl,coalesce(t1.viewpermission,false) as viewpermission,coalesce(t1.createpermission,false)as createpermission,coalesce(t1.updatepermission,false)as updatepermission,coalesce(t1.deletepermission,false) as deletepermission from tblmstrolefunctions t1 left join tblmstfunctions t2 on t1.functionid=t2.functionid where t1.userid=" + Userid + ";";
Query = "select functionid,parentmoduleid,submoduleid,functionname,functionurl,false as viewpermission,false as createpermission,false as updatepermission,false as deletepermission from tblmstfunctions where statusid=" + Convert.ToInt32(Status.Active) + " and functionid not in (select functionid from tblmstrolefunctions where userid=" + Userid + ") union select t2.functionid,t2.parentmoduleid,t2.submoduleid,t2.functionname,t2.functionurl,coalesce(t1.viewpermission,false) as viewpermission,coalesce(t1.createpermission,false)as createpermission,coalesce(t1.updatepermission,false)as updatepermission,coalesce(t1.deletepermission,false) as deletepermission from tblmstrolefunctions t1 left join tblmstfunctions t2 on t1.functionid=t2.functionid where t1.userid=" + Userid + " and t2.statusid=" + Convert.ToInt32(Status.Active) + ";";
}
else
{
RoleID = Convert.ToInt32(NPGSqlHelper.ExecuteScalar(connectionString, CommandType.Text, "select coalesce(roleid,0) as roleid from tblmstusers where upper(username)='" + ManageQuote(UserOrDesignation.ToUpper().Trim()) + "';"));
if (RoleID > 0)
{
Query = "select functionid,parentmoduleid,submoduleid,functionname,functionurl,false as viewpermission,false as createpermission,false as updatepermission,false as deletepermission from tblmstfunctions where statusid=" + Convert.ToInt32(Status.Active) + " and functionid not in (select functionid from tblmstrolefunctions where roleid=" + RoleID + ") union select t2.functionid,t2.parentmoduleid,t2.submoduleid,t2.functionname,t2.functionurl,coalesce(t1.viewpermission,false) as viewpermission,coalesce(t1.createpermission,false)as createpermission,coalesce(t1.updatepermission,false)as updatepermission,coalesce(t1.deletepermission,false) as deletepermission from tblmstrolefunctions t1 left join tblmstfunctions t2 on t1.functionid=t2.functionid where t1.roleid=" + RoleID + " and t2.statusid=" + Convert.ToInt32(Status.Active) + ";";
}
else
{
Query = "select functionid,parentmoduleid,submoduleid,functionname,functionurl,false as viewpermission,false as createpermission,false as updatepermission,false as deletepermission from tblmstfunctions where statusid=" + Convert.ToInt32(Status.Active) + " and functionid not in (select functionid from tblmstrolefunctions where userid=" + Userid + ") union select t2.functionid,t2.parentmoduleid,t2.submoduleid,t2.functionname,t2.functionurl,coalesce(t1.viewpermission,false) as viewpermission,coalesce(t1.createpermission,false)as createpermission,coalesce(t1.updatepermission,false)as updatepermission,coalesce(t1.deletepermission,false) as deletepermission from tblmstrolefunctions t1 left join tblmstfunctions t2 on t1.functionid=t2.functionid where t1.userid=" + Userid + " and t2.statusid=" + Convert.ToInt32(Status.Active) + ";";
}
}
}
else
{
Userid = Convert.ToInt64(NPGSqlHelper.ExecuteScalar(connectionString, CommandType.Text, "select coalesce(roleid,0) as roleid from tblmstemployeerole where statusid=" + Convert.ToInt32(Status.Active) + " and upper(rolename)='" + ManageQuote(UserOrDesignation.ToUpper().Trim()) + "';").ToString());
UserRightsDTO.pUserID = Userid;
UserRightsDTO.pUserName = UserOrDesignation;
UserRightsFunctionsDTO.pUserID = Userid;
UserRightsFunctionsDTO.pUserName = UserOrDesignation;
//Query = "select functionid,parentmoduleid,submoduleid,functionname,functionurl,false as viewpermission,false as createpermission,false as updatepermission,false as deletepermission from tblmstfunctions where functionid not in (select functionid from tblmstrolefunctions where roleid=" + Userid + ") union select t2.functionid,t2.parentmoduleid,t2.submoduleid,t2.functionname,t2.functionurl,coalesce(t1.viewpermission,false) as viewpermission,coalesce(t1.createpermission,false)as createpermission,coalesce(t1.updatepermission,false)as updatepermission,coalesce(t1.deletepermission,false) as deletepermission from tblmstrolefunctions t1 left join tblmstfunctions t2 on t1.functionid=t2.functionid where t1.roleid=" + Userid + ";";
Query = "select functionid,parentmoduleid,submoduleid,functionname,functionurl,false as viewpermission,false as createpermission,false as updatepermission,false as deletepermission from tblmstfunctions where statusid=" + Convert.ToInt32(Status.Active) + " and functionid not in (select functionid from tblmstrolefunctions where roleid=" + Userid + ") union select t2.functionid,t2.parentmoduleid,t2.submoduleid,t2.functionname,t2.functionurl,coalesce(t1.viewpermission,false) as viewpermission,coalesce(t1.createpermission,false)as createpermission,coalesce(t1.updatepermission,false)as updatepermission,coalesce(t1.deletepermission,false) as deletepermission from tblmstrolefunctions t1 left join tblmstfunctions t2 on t1.functionid=t2.functionid where t1.roleid=" + Userid + " and t2.statusid=" + Convert.ToInt32(Status.Active) + ";";
}
}
using (NpgsqlDataReader dr = NPGSqlHelper.ExecuteReader(connectionString, CommandType.Text, "select moduleid,modulename from tblmstmodules where statusid=" + Convert.ToInt32(Status.Active) + " and parentmoduleid is null order by modulesortorder asc;"))
{
while (dr.Read())
{
ModuleDTO ModuleDTO = new ModuleDTO();
ModuleDTO.pmoduleid = Convert.ToInt64(dr["moduleid"]);
ModuleDTO.pmodulename = dr["modulename"].ToString();
ModuleDTO.lstSubModuleDTO = new List <SubModuleDTO>();
using (NpgsqlDataReader dr1 = NPGSqlHelper.ExecuteReader(connectionString, CommandType.Text, "select f1.moduleid,f1.modulename,f2.moduleid as submoduleid,f2.modulename as submodulename from tblmstmodules f1 INNER JOIN tblmstmodules f2 ON f1.moduleid = f2.parentmoduleid where f1.statusid=" + Convert.ToInt32(Status.Active) + " order by f2.modulesortorder asc;"))
{
while (dr1.Read())
{
if (Convert.ToInt64(dr["moduleid"]) == Convert.ToInt64(dr1["moduleid"]))
{
SubModuleDTO SubModuleDTO = new SubModuleDTO();
SubModuleDTO.psubmoduleid = Convert.ToInt64(dr1["submoduleid"]);
SubModuleDTO.psubmodulename = dr1["submodulename"].ToString();
SubModuleDTO.FunctionsDTOList = new List <FunctionsDTO>();
using (NpgsqlDataReader dr2 = NPGSqlHelper.ExecuteReader(connectionString, CommandType.Text, Query))
{
while (dr2.Read())
{
if (Convert.ToInt64(dr2["submoduleid"]) == Convert.ToInt64(dr1["submoduleid"]))
{
FunctionsDTO FunctionsDTO = new FunctionsDTO();
FunctionsDTO.pmoduleid = Convert.ToInt64(dr["moduleid"]);
FunctionsDTO.pmodulename = dr["modulename"].ToString();
FunctionsDTO.psubmoduleid = Convert.ToInt64(dr1["submoduleid"]);
FunctionsDTO.psubmodulename = dr1["submodulename"].ToString();
FunctionsDTO.pFunctionID = Convert.ToInt64(dr2["functionid"]);
FunctionsDTO.pFunctionName = dr2["functionname"].ToString();
FunctionsDTO.pFunctionUrl = dr2["functionurl"].ToString();
FunctionsDTO.pIsviewpermission = Convert.ToBoolean(dr2["viewpermission"].ToString());
FunctionsDTO.pIscreatepermission = Convert.ToBoolean(dr2["createpermission"].ToString());
FunctionsDTO.pIsupdatepermission = Convert.ToBoolean(dr2["updatepermission"].ToString());
FunctionsDTO.pIsdeletepermission = Convert.ToBoolean(dr2["deletepermission"].ToString());
SubModuleDTO.FunctionsDTOList.Add(FunctionsDTO);
UserRightsFunctionsDTO.FunctionsDTOList.Add(FunctionsDTO);
}
}
}
ModuleDTO.lstSubModuleDTO.Add(SubModuleDTO);
}
}
}
UserRightsDTO.ModuleDTOList.Add(ModuleDTO);
}
}
}
catch (Exception)
{
throw;
}
});
return(UserRightsFunctionsDTO);
}
public async Task <bool> SaveUserRight(string Type, string UserOrDesignation, UserRightsFunctionsDTO UserRightsFunctionsDTO, string connectionString)
{
SubModuleDTO SubModuleDTO = new SubModuleDTO();
StringBuilder sbinsert = new StringBuilder();
bool IsSaved = false;
long Userid = 0;
await Task.Run(() =>
{
try
{
con = new NpgsqlConnection(connectionString);
if (con.State != ConnectionState.Open)
{
con.Open();
}
trans = con.BeginTransaction();
if (Type.ToUpper().Trim() == "USER")
{
Userid = Convert.ToInt64(NPGSqlHelper.ExecuteScalar(trans, CommandType.Text, "select userid from tblmstusers where upper(username)='" + ManageQuote(UserOrDesignation.ToUpper().Trim()) + "';").ToString());
sbinsert.Append("delete from tblmstrolefunctions where userid=" + Userid + " and upper(username)='" + ManageQuote(UserOrDesignation.ToUpper().Trim()) + "';");
}
else
{
Userid = Convert.ToInt64(NPGSqlHelper.ExecuteScalar(connectionString, CommandType.Text, "select roleid from tblmstemployeerole where statusid=" + Convert.ToInt32(Status.Active) + " and upper(rolename)='" + ManageQuote(UserOrDesignation.ToUpper().Trim()) + "';").ToString());
sbinsert.Append("delete from tblmstrolefunctions where roleid=" + Userid + ";");
}
if (UserRightsFunctionsDTO.FunctionsDTOList.Count > 0)
{
for (int i = 0; i < UserRightsFunctionsDTO.FunctionsDTOList.Count; i++)
{
if (UserRightsFunctionsDTO.FunctionsDTOList[i].pIsviewpermission == true || UserRightsFunctionsDTO.FunctionsDTOList[i].pIscreatepermission == true || UserRightsFunctionsDTO.FunctionsDTOList[i].pIsupdatepermission == true || UserRightsFunctionsDTO.FunctionsDTOList[i].pIsdeletepermission == true)
{
if (Type.ToUpper().Trim() == "USER")
{
sbinsert.Append("INSERT INTO tblmstrolefunctions(functionid,moduleid,userid,username,viewpermission,createpermission,updatepermission,deletepermission,statusid,createdby,createddate)VALUES (" + UserRightsFunctionsDTO.FunctionsDTOList[i].pFunctionID + "," + UserRightsFunctionsDTO.FunctionsDTOList[i].psubmoduleid + "," + Userid + ",'" + ManageQuote(UserOrDesignation) + "'," + UserRightsFunctionsDTO.FunctionsDTOList[i].pIsviewpermission + "," + UserRightsFunctionsDTO.FunctionsDTOList[i].pIscreatepermission + "," + UserRightsFunctionsDTO.FunctionsDTOList[i].pIsupdatepermission + ", " + UserRightsFunctionsDTO.FunctionsDTOList[i].pIsdeletepermission + "," + Convert.ToInt32(Status.Active) + "," + UserRightsFunctionsDTO.pCreateby + ",current_timestamp);");
}
else
{
sbinsert.Append("INSERT INTO tblmstrolefunctions(functionid,roleid,moduleid,viewpermission,createpermission,updatepermission,deletepermission,statusid,createdby,createddate)VALUES (" + UserRightsFunctionsDTO.FunctionsDTOList[i].pFunctionID + "," + Userid + "," + UserRightsFunctionsDTO.FunctionsDTOList[i].psubmoduleid + "," + UserRightsFunctionsDTO.FunctionsDTOList[i].pIsviewpermission + "," + UserRightsFunctionsDTO.FunctionsDTOList[i].pIscreatepermission + "," + UserRightsFunctionsDTO.FunctionsDTOList[i].pIsupdatepermission + ", " + UserRightsFunctionsDTO.FunctionsDTOList[i].pIsdeletepermission + "," + Convert.ToInt32(Status.Active) + "," + UserRightsFunctionsDTO.pCreateby + ",current_timestamp);");
}
}
}
}
if (Convert.ToString(sbinsert) != string.Empty)
{
NPGSqlHelper.ExecuteNonQuery(trans, CommandType.Text, sbinsert.ToString());
}
trans.Commit();
IsSaved = true;
}
catch (Exception ex)
{
trans.Rollback();
throw ex;
}
finally
{
if (con.State == ConnectionState.Open)
{
con.Dispose();
con.Close();
con.ClearPool();
trans.Dispose();
}
}
});
return(IsSaved);
}
public async Task <IActionResult> SaveUserRight(string Type, string UserOrDesignation, UserRightsFunctionsDTO UserRightsFunctionsDTO)
{
bool isSaved = false;
try
{
isSaved = await UserRightsDAL.SaveUserRight(Type, UserOrDesignation, UserRightsFunctionsDTO, Con);
}
catch (Exception ex)
{
throw new FinstaAppException(ex.ToString());
}
return(Ok(isSaved));
}
