public ActionResult ApproveRejectByCustomUrl(Guid rowGuid, string reqStatus, string comment)
{
var repository = new VolunteerRepository();
var oVolunteer = repository.GetbyGuid(rowGuid);
var cu = Session["user"] as ContextUser;
if (reqStatus == "approved")
{
ApprovedBylevel(new volunteer_profile {
}, repository, oVolunteer, cu);
}
else
{
oVolunteer.IsRejected = true;
oVolunteer.RejectedBy = cu.OUser.Username;
if (cu.EnumRole == EnumUserRole.Approver1)
{
oVolunteer.ApprovedAtLevel1Comments = comment;
}
if (cu.EnumRole == EnumUserRole.Approver2)
{
oVolunteer.ApprovedAtLevel2Comments = comment;
}
if (cu.EnumRole == EnumUserRole.Approver3)
{
oVolunteer.ApprovedAtLevel3Comments = comment;
}
repository.Put(oVolunteer.Id, oVolunteer);
}
return(RedirectToAction("Index"));
}
private static void ApprovedBylevel(volunteer_profile volunteer, VolunteerRepository repository, volunteer_profile oVolunteer, ContextUser cu)
{
if (cu.EnumRole == EnumUserRole.Approver1)
{
oVolunteer.IsApprovedAtLevel1 = true;
oVolunteer.ApprovedAtLevel1Comments = volunteer.ApprovedAtLevel1Comments;
}
if (cu.EnumRole == EnumUserRole.Approver2)
{
oVolunteer.IsApprovedAtLevel2 = true;
oVolunteer.ApprovedAtLevel2Comments = volunteer.ApprovedAtLevel2Comments;
}
if (cu.EnumRole == EnumUserRole.Approver3)
{
oVolunteer.IsApprovedAtLevel3 = true;
oVolunteer.ApprovedAtLevel3Comments = volunteer.ApprovedAtLevel3Comments;
string password = EncryptionKeys.Decrypt(oVolunteer.user.Password);
string url = System.Web.HttpContext.Current.Request.Url.GetLeftPart(UriPartial.Authority) + "/Account/Login";
var bogusController = Util.CreateController <EmailTemplateController>();
EmailTemplateModel emodel =
new EmailTemplateModel
{
Title = "Volunteer Approved",
RedirectUrl = url,
VolunteerName = oVolunteer.VolunteerName,
UserName = oVolunteer.user.Username,
Password = password
};
string body =
Util.RenderViewToString(bogusController.ControllerContext, "VolunteerApproved", emodel);
EmailSender.SendSupportEmail(body, oVolunteer.VolunteerEmail);
}
repository.Put(oVolunteer.Id, oVolunteer);
}
public async Task <IActionResult> VolunteerList()
{
var user = await userManager.GetUserAsync(User);
VolunteerRepository repo = new VolunteerRepository(configModel.ConnectionString);
List <VolunteerModel> volunteers;
// Ensure that ONLY staff accounts have access to this API endpoint
if (user == null || !await userManager.IsInRoleAsync(user, UserHelpers.UserRoles.Staff.ToString()))
{
return(Utilities.ErrorJson("Not authorized"));
}
try
{
volunteers = repo.GetVolunteers();
}
catch (Exception e)
{
return(Utilities.ErrorJson(configModel.DebugMode ? e.Message : "An error occurred while accessing the database."));
}
return(new JsonResult(new
{
Error = "",
Volunteers = volunteers
}));
}
public async Task <IActionResult> GetBusDrivers(DateTime date)
{
VolunteerRepository repo = new VolunteerRepository(configModel.ConnectionString);
List <DriverListModel> drivers;
var user = await userManager.GetUserAsync(User);
/// Ensure that ONLY staff accounts have access to this API endpoint
if (user == null || !await userManager.IsInRoleAsync(user, UserHelpers.UserRoles.Staff.ToString()))
{
return(Utilities.ErrorJson("Not authorized"));
}
try
{
if (date != DateTime.MinValue)
{
drivers = repo.GetBusDrivers(date);
}
else
{
drivers = repo.GetBusDrivers();
}
}
catch (Exception e)
{
return(Utilities.ErrorJson(e.Message));
}
return(new JsonResult(new {
Error = "",
Drivers = drivers
}));
}
public async Task <ActionResult> MaintenanceFormsCreation(MaintenanceModel maintenance)
{
BusModel bus;
MaintenanceRepository repo = new MaintenanceRepository(configModel.ConnectionString);
BusRepository busRepo = new BusRepository(configModel.ConnectionString);
VolunteerRepository volunteerRepo = new VolunteerRepository(configModel.ConnectionString);
var user = await userManager.GetUserAsync(User);
VolunteerModel profile;
if (user == null || !User.IsInRole(UserHelpers.UserRoles.BusDriver.ToString()))
{
return(Utilities.ErrorJson("Not authorized"));
}
bus = busRepo.GetBus(maintenance.BusId);
if (bus == null)
{
return(Utilities.ErrorJson("Invalid bus id"));
}
if (String.IsNullOrEmpty(maintenance.Text))
{
return(Utilities.ErrorJson("Text cannot be empty"));
}
profile = volunteerRepo.GetVolunteer(user.VolunteerId);
repo.CreateMaintenanceForm(maintenance.BusId, maintenance.Text, profile.PreferredName + " " + profile.LastName);
return(Utilities.NoErrorJson());
}
public async Task <IActionResult> ClassTeacherAssignment(ClassModel model)
{
var user = await userManager.GetUserAsync(User);
ClassRepository repo = new ClassRepository(configModel.ConnectionString);
VolunteerRepository vRepo = new VolunteerRepository(configModel.ConnectionString);
// Ensure that ONLY staff accounts have access to this API endpoint
if (user == null || !await userManager.IsInRoleAsync(user, UserHelpers.UserRoles.Staff.ToString()))
{
return(Utilities.ErrorJson("Not authorized"));
}
// Make sure the provided class and volunteer ids are valid
if (model.Id == 0 || repo.GetClass(model.Id) == null)
{
return(Utilities.ErrorJson("Must include a valid class ID"));
}
if (model.TeacherId == 0 || vRepo.GetVolunteer(model.TeacherId) == null)
{
return(Utilities.ErrorJson("Must include a valid volunteer id as TeacherId"));
}
// Update in the database
try
{
repo.AssignTeacher(model.Id, model.TeacherId);
}
catch (Exception e)
{
return(Utilities.ErrorJson(e.Message));
}
return(Utilities.NoErrorJson());
}
public async Task <IActionResult> VolunteerTrainingCreation(VolunteerTrainingModel training)
{
VolunteerRepository repo = new VolunteerRepository(configModel.ConnectionString);
var user = await userManager.GetUserAsync(User);
// Verify the user is a staff member
if (!User.IsInRole(UserHelpers.UserRoles.Staff.ToString()))
{
return(Utilities.ErrorJson("Not authorized"));
}
// Validate inputs
if (String.IsNullOrEmpty(training.Name))
{
return(Utilities.ErrorJson("Name is required"));
}
try
{
repo.CreateTraining(training.Name);
}
catch (Exception e)
{
return(Utilities.ErrorJson(e.Message));
}
return(Utilities.NoErrorJson());
}
public ActionResult VolenteerForm(int sessionId, int?volId, int?corId)
{
evaluation_volunteer ecpp = new EvaluationVolunteerRepository().GetEvaluationForm(sessionId);
if (ecpp == null)
{
ecpp = new evaluation_volunteer();
ecpp.SessionId = sessionId;
if (volId != null)
{
var schoolName = new SessionRepository().Get(sessionId).school.SchoolName;
ecpp.VolunteerId = volId.Value;
var vol = new VolunteerRepository().Get(volId.Value);
ecpp.F1 = schoolName;
ecpp.F2 = vol.Region;
ecpp.F3 = vol.City;
ecpp.F5 = vol.VolunteerName;
}
if (corId != null)
{
ecpp.CoordinatorId = corId.Value;
}
}
return(View(ecpp));
}
public async Task <IActionResult> VolunteerTrainingDelete(VolunteerTrainingModel training)
{
VolunteerRepository repo = new VolunteerRepository(configModel.ConnectionString);
VolunteerTrainingModel dbTraining;
var user = await userManager.GetUserAsync(User);
// Verify the user is a staff member
if (!User.IsInRole(UserHelpers.UserRoles.Staff.ToString()))
{
return(Utilities.ErrorJson("Not authorized"));
}
// Validate inputs
dbTraining = repo.GetTraining(training.Id);
if (dbTraining == null)
{
return(Utilities.ErrorJson("Invalid id"));
}
try
{
repo.DeleteTraining(training.Id);
}
catch (Exception e)
{
return(Utilities.ErrorJson(e.Message));
}
return(Utilities.NoErrorJson());
}
public async Task <ActionResult> Register(RegisterViewModel model)
{
if (ModelState.IsValid)
{
//attach appuser to a volunteer user chk Tweeter
var User = new ApplicationUser {
UserName = model.Email, Email = model.Email
};
var result = await UserManager.CreateAsync(User, model.Password);
if (result.Succeeded)
{
await SignInManager.SignInAsync(User, isPersistent : false, rememberBrowser : false);
// For more information on how to enable account confirmation and password reset please visit http://go.microsoft.com/fwlink/?LinkID=320771
// Send an email with this link
// string code = await UserManager.GenerateEmailConfirmationTokenAsync(user.Id);
// var callbackUrl = Url.Action("ConfirmEmail", "Account", new { userId = user.Id, code = code }, protocol: Request.Url.Scheme);
// await UserManager.SendEmailAsync(user.Id, "Confirm your account", "Please confirm your account by clicking <a href=\"" + callbackUrl + "\">here</a>");
VolunteerRepository repo = new VolunteerRepository();
repo.CreateVolunteerUser(User.UserName);
return(RedirectToAction("Index", "Home"));
}
AddErrors(result);
}
// If we got this far, something failed, redisplay form
return(View(model));
}
public async Task <IActionResult> Inventory(bool resolved = false)
{
InventoryRepository repo = new InventoryRepository(configModel.ConnectionString);
VolunteerRepository volunteerRepo = new VolunteerRepository(configModel.ConnectionString);
List <InventoryModel> items = null;
bool authorized = false;
var user = await userManager.GetUserAsync(User);
VolunteerModel profile = volunteerRepo.GetVolunteer(user.VolunteerId);
// Verify the user has permissions to edit inventory
if (User.IsInRole(UserHelpers.UserRoles.Staff.ToString()) || User.IsInRole(UserHelpers.UserRoles.VolunteerCaptain.ToString()) || profile.CanEditInventory)
{
authorized = true;
}
else
{
authorized = false;
}
if (!authorized)
{
return(Utilities.ErrorJson("Not authorized"));
}
// Get the appropriate inventory items
items = repo.GetInventory(resolved);
return(new JsonResult(new
{
Error = "",
Items = items
}));
}
public async Task <IActionResult> VolunteerTrainings()
{
VolunteerRepository repo = new VolunteerRepository(configModel.ConnectionString);
List <VolunteerTrainingModel> trainings;
var user = await userManager.GetUserAsync(User);
// Verify the user is a staff member
if (!User.IsInRole(UserHelpers.UserRoles.Staff.ToString()))
{
return(Utilities.ErrorJson("Not authorized"));
}
try
{
trainings = repo.GetTrainings();
}
catch (Exception e)
{
return(Utilities.ErrorJson(e.Message));
}
return(new JsonResult(new
{
Error = "",
Trainings = trainings
}));
}
public async Task <IActionResult> VolunteerJobsDelete(VolunteerJobModel job)
{
VolunteerRepository repo = new VolunteerRepository(configModel.ConnectionString);
var user = await userManager.GetUserAsync(User);
VolunteerJobModel dbJob = null;
// Verify the user is a staff member
if (!User.IsInRole(UserHelpers.UserRoles.Staff.ToString()))
{
return(Utilities.ErrorJson("Not authorized"));
}
dbJob = repo.GetVolunteerJob(job.Id, DateTime.MinValue);
// Get job from database to check it exists
if (dbJob == null)
{
return(Utilities.ErrorJson("Invalid id"));
}
try
{
repo.DeleteVolunteerJob(job);
}
catch (Exception e)
{
return(Utilities.ErrorJson(e.Message));
}
return(Utilities.NoErrorJson());
}
public ActionResult List()
{
var repository = new VolunteerRepository();
var volunteers = repository.GetAllVolunteers().ToList();
return(View(volunteers));
}
public async Task <ActionResult> UserInfo()
{
VolunteerRepository repo = new VolunteerRepository(configModel.ConnectionString);
CalendarRepository calendarRepo = new CalendarRepository(configModel.ConnectionString);
ClassRepository classRepo = new ClassRepository(configModel.ConnectionString);
BusRepository busRepo = new BusRepository(configModel.ConnectionString);
AttendanceModel attendance;
VolunteerModel profile;
var user = await userManager.GetUserAsync(User);
bool checkedIn = false;
List <ClassModel> classes = new List <ClassModel>();
List <BusModel> buses = new List <BusModel>();
// Get the current user's profile
try
{
profile = repo.GetVolunteer(user.VolunteerId);
}
catch (Exception e)
{
return(Utilities.ErrorJson(e.Message));
}
if (profile == null)
{
return(Utilities.ErrorJson("Could not find user profile"));
}
if (configModel.DebugMode || DateTime.Now.DayOfWeek == DayOfWeek.Saturday)
{
try
{
attendance = calendarRepo.GetSingleAttendance(profile.Id, DateTime.Now.Date);
// determine if the current user has been checked in today
if (attendance != null && attendance.Attended == true)
{
checkedIn = true;
}
// Get the classes the user teaches and buses the user drives
classes = classRepo.GetClasses(true).Where(c => c.TeacherId == profile.Id).ToList();
buses = busRepo.GetBusList(true).Where(b => b.DriverId == profile.Id).ToList();
}
catch (Exception e)
{
return(Utilities.ErrorJson(e.Message));
}
}
return(new JsonResult(new
{
Error = "",
Profile = profile,
CheckedIn = checkedIn,
Classes = classes,
Buses = buses
}));
}
public async Task <IActionResult> SearchVolunteers(string searchString)
{
var user = await userManager.GetUserAsync(User);
VolunteerRepository repo = new VolunteerRepository(configModel.ConnectionString);
List <VolunteerModel> volunteers;
if (!User.IsInRole(UserHelpers.UserRoles.Staff.ToString()))
{
return(Utilities.ErrorJson("Not authorized"));
}
if (String.IsNullOrEmpty(searchString))
{
return(Utilities.ErrorJson("Search string must be non-empty"));
}
try
{
volunteers = repo.SearchVolunteers(searchString);
}
catch (Exception e)
{
return(Utilities.ErrorJson(e.Message));
}
return(new JsonResult(new
{
Error = "",
Volunteers = volunteers
}));
}
public async Task <IActionResult> CheckAttendance([FromQuery] IdModel model)
{
var user = await userManager.GetUserAsync(User);
if (user == null || !(await userManager.IsInRoleAsync(user, UserHelpers.UserRoles.Staff.ToString())))
{
return(Utilities.ErrorJson("Not authorized."));
}
if (model.Id == 0)
{
return(Utilities.GenerateMissingInputMessage("volunteer id"));
}
try
{
VolunteerRepository repo = new VolunteerRepository(configModel.ConnectionString);
return(new JsonResult(new
{
DaysAttended = repo.GetAttendanceDates(model.Id)
}));
}
catch (Exception exc)
{
return(new JsonResult(new
{
Error = exc.Message,
}));
}
}
public async Task <IActionResult> VolunteerJobRemoval(JobAssignmentViewModel vm)
{
var user = await userManager.GetUserAsync(User);
VolunteerRepository repo = new VolunteerRepository(configModel.ConnectionString);
VolunteerJobModel job;
// This endpoint should only be accessible if the user is a staff member or if the user is trying to remove a job they have signed themselves up for
if (user.VolunteerId != vm.VolunteerId && !User.IsInRole(UserHelpers.UserRoles.Staff.ToString()))
{
return(Utilities.ErrorJson("Unauthorized"));
}
// The first check is so we can skip a call to the database if the user is signing up for a job on their own - clearly the user id is valid in that case
if (vm.VolunteerId != user.VolunteerId && repo.GetVolunteer(vm.VolunteerId) == null)
{
return(Utilities.ErrorJson("Invalid volunteer id"));
}
if (vm.Date == DateTime.MinValue)
{
return(Utilities.ErrorJson("Must specify a date"));
}
job = repo.GetVolunteerJob(vm.JobId, vm.Date);
if (job == null)
{
return(Utilities.ErrorJson("Invalid volunteer job id"));
}
if (!repo.CheckSignedUpForJob(vm.JobId, vm.VolunteerId, vm.Date))
{
return(Utilities.ErrorJson("Not currently signed up for this job"));
}
if (job.CurrentNumber <= job.Min)
{
try
{
await EmailHelpers.SendEmail("*****@*****.**", $"{vm.Date.ToString("dd/MM/yyyy")} - {job.Name} may be understaffed",
$"A cancellation has left {job.Name} with fewer than its minimum of {job.Min} volunteers signed up on {vm.Date.ToString("dd/MM/yyyy")}.", configModel.EmailOptions);
}
catch (Exception)
{
// This is in case the email fails to send - we still want to cancel the job, since the email isn't critical
}
}
try
{
repo.RemoveVolunteerJobAssignment(vm.VolunteerId, vm.JobId, vm.Date);
}
catch (Exception e)
{
return(Utilities.ErrorJson(e.Message));
}
return(Utilities.NoErrorJson());
}
public ActionResult Edit(volunteer_profile volunteer)
{
var repository = new VolunteerRepository();
var oVolunteer = repository.GetbyGuid(volunteer.RowGuid);
var cu = Session["user"] as ContextUser;
if (volunteer.SubmitButton == "reject")
{
oVolunteer.IsRejected = true;
oVolunteer.RejectedBy = cu.OUser.Username;
oVolunteer.ApprovedAtLevel1Comments = volunteer.ApprovedAtLevel1Comments;
oVolunteer.ApprovedAtLevel2Comments = volunteer.ApprovedAtLevel2Comments;
oVolunteer.ApprovedAtLevel3Comments = volunteer.ApprovedAtLevel3Comments;
repository.Put(oVolunteer.Id, oVolunteer);
return(RedirectToAction("Index"));
}
if (volunteer.SubmitButton == "otdate")
{
// oVolunteer.OTDateTime = DateTime.Parse(volunteer.OTDateString);
oVolunteer.OTId = volunteer.OTId;
oVolunteer.OTIdAssigner = cu.OUser.Id;
repository.Put(oVolunteer.Id, oVolunteer);
return(RedirectToAction("Index", new { status = "approved" }));
}
if (volunteer.SubmitButton == "accept")
{
//todo: send notification to super admin
if (oVolunteer.OTIdAssigner != null)
{
var ot = new OTRepository().Get(oVolunteer.OTId.Value);
var admin = new AccountRepository().Get(oVolunteer.OTIdAssigner.Value);
var bogusController = Util.CreateController <EmailTemplateController>();
EmailTemplateModel emodel =
new EmailTemplateModel
{
Title = "Injaz: accepted by volunteer.",
VolunteerName = oVolunteer.VolunteerName,
User = admin.FirstName,
OTSubject = ot.Subject
};
string body =
Util.RenderViewToString(bogusController.ControllerContext, "VolunteerAcceptsOT", emodel);
EmailSender.SendSupportEmail(body, admin.Email);
}
oVolunteer.OTAcceptedByVolunteer = volunteer.OTAcceptedByVolunteer;
repository.Put(oVolunteer.Id, oVolunteer);
return(RedirectToAction("Edit", oVolunteer.RowGuid));
}
if (volunteer.SubmitButton == "otattendense")
{
oVolunteer.OTAttendenceForVolunteer = volunteer.OTAttendenceForVolunteer;
repository.Put(oVolunteer.Id, oVolunteer);
return(RedirectToAction("Index", new { status = "approved" }));
}
ApprovedBylevel(volunteer, repository, oVolunteer, cu);
return(RedirectToAction("Index"));
}
public void EnsureICanGetInstanceOfRepo()
{
//Arrange //Act
VolunteerRepository repo = new VolunteerRepository();
//Assert
Assert.IsNotNull(repo);
}
public void Initialize()
{
mock_context = new Mock <VolunteerContext>();
mock_users = new Mock <DbSet <VolunteerUser> >();
mock_activities = new Mock <DbSet <VolunteerActivity> >();
mock_app_users = new Mock <DbSet <ApplicationUser> >();
Repo = new VolunteerRepository(mock_context.Object);
ApplicationUser fredj = new ApplicationUser {
Email = "*****@*****.**", UserName = "******", Id = "1234567"
};
ApplicationUser susanm = new ApplicationUser {
Email = "*****@*****.**", UserName = "******", Id = "1234568"
};
//mock users created
app_users = new List <ApplicationUser>()
{
fredj,
susanm
};
{
new VolunteerUser {
VolunteerUserId = 1,
BaseUser = fredj
};
new VolunteerUser
{
VolunteerUserId = 2,
BaseUser = susanm
};
};
//mock activities created to test the methods for adding, etc. to database
mock_activities = new List <VolunteerActivity>
{
new VolunteerActivity
{
mock_users = "susanm",
ActivityId = 3,
OrgName = "The Nashville Rescue Mission",
Date = DateTime.Now,
NumberHours = 8,
Mileage = 11,
DollarsContributed = 20
},
new VolunteerActivity
{
mock_users = "fredj",
ActivityId = 5,
OrgName = "Second Harvest",
Date = DateTime.Now,
NumberHours = 2,
Mileage = 3,
DollarsContributed = 25
}
};
}
public async Task <IActionResult> VolunteerInfo(int id)
{
var user = await userManager.GetUserAsync(User);
VolunteerRepository repo = new VolunteerRepository(configModel.ConnectionString);
CalendarRepository calendarRepo = new CalendarRepository(configModel.ConnectionString);
VolunteerModel volunteer;
AttendanceModel attendance;
bool checkedIn = false;
// Ensure that ONLY staff accounts have access to this API endpoint
if (user == null || !await userManager.IsInRoleAsync(user, UserHelpers.UserRoles.Staff.ToString()))
{
return(Utilities.ErrorJson("Not authorized"));
}
if (id == 0)
{
return(Utilities.ErrorJson("Must include an id"));
}
try
{
volunteer = repo.GetVolunteer(id);
}
catch (Exception e)
{
return(Utilities.ErrorJson(configModel.DebugMode ? e.Message : "An error occurred while accessing the database."));
}
if (volunteer == null)
{
return(Utilities.ErrorJson("Invalid id"));
}
try
{
attendance = calendarRepo.GetSingleAttendance(volunteer.Id, DateTime.Now.Date);
// determine if the current user has been checked in today
if (attendance != null && attendance.Attended == true)
{
checkedIn = true;
}
}
catch (Exception e)
{
return(Utilities.ErrorJson(e.Message));
}
return(new JsonResult(new
{
Error = "",
Volunteer = volunteer,
CheckedIn = checkedIn
}));
}
public async Task <IActionResult> AnnouncementCreation(AnnouncementModel announcement) // TODO: put in parameter list
{
var user = await userManager.GetUserAsync(User);
AnnouncementRepository ancRepo = new AnnouncementRepository(configModel.ConnectionString);
VolunteerRepository volunteerRepo = new VolunteerRepository(configModel.ConnectionString);
VolunteerModel volunteer;
// Ensure that ONLY staff accounts have access to this API endpoint
if (user == null || !await userManager.IsInRoleAsync(user, UserHelpers.UserRoles.Staff.ToString()))
{
return(Utilities.ErrorJson("Not authorized"));
}
// Get the current user's volunteer profile so we can get their name
volunteer = volunteerRepo.GetVolunteer(user.VolunteerId);
// Validate the inputs
// Note that in C#, DateTimes are never null, so instead of checking for null, we check for DateTime.MinValue, which is the
// default value that ASP.NET's model binding will provide if the date is not included in the API call.
if (String.IsNullOrEmpty(announcement.Title))
{
return(Utilities.ErrorJson("Title field cannot be empty"));
}
if (announcement.StartDate == DateTime.MinValue || announcement.EndDate == DateTime.MinValue)
{
return(Utilities.ErrorJson("Start and end date must be provided"));
}
if (announcement.StartDate > announcement.EndDate)
{
return(Utilities.ErrorJson("Start date must be no later than end date"));
}
try
{
ancRepo.CreateAnnouncement(new AnnouncementModel
{
Title = announcement.Title,
Message = announcement.Message,
Author = volunteer.FirstName + " " + volunteer.LastName,
LastUpdateBy = volunteer.FirstName + " " + volunteer.LastName,
StartDate = announcement.StartDate,
EndDate = announcement.EndDate
});
}
catch (Exception e)
{
return(Utilities.ErrorJson(e.Message));
}
return(new JsonResult(new
{
Error = ""
}));
}
public void VolunteerRepository_GetVolunteerByClaimedIdentifier_Test()
{
string claimedIdentifier = "https://www.google.com/accounts/o8/id?id=AAaAaaaaaa-1aaaAaaaAAaAAAaaAaAaA111AA1";
VolunteerRepository volunteerRepository = new VolunteerRepository();
Volunteer volunteer = volunteerRepository.GetVolunteerByClaimedIdentifier(claimedIdentifier);
Assert.IsNotNull(volunteer);
}
public async Task <IActionResult> CancelEvent(EventViewModel eventViewModel)
{
int eventId = eventViewModel.eventId;
var user = await userManager.GetUserAsync(User);
VolunteerRepository volRepo = new VolunteerRepository(configModel.ConnectionString);
CalendarRepository repo = new CalendarRepository(configModel.ConnectionString);
VolunteerModel volunteer;
EventModel eventModel;
EventSignupModel signup;
// Ensure that ONLY volunteer, volunteer captain, and bus driver accounts have access to this API endpoint
if (user == null ||
!(await userManager.IsInRoleAsync(user, UserHelpers.UserRoles.Volunteer.ToString()) ||
await userManager.IsInRoleAsync(user, UserHelpers.UserRoles.VolunteerCaptain.ToString()) ||
await userManager.IsInRoleAsync(user, UserHelpers.UserRoles.BusDriver.ToString())))
{
return(Utilities.ErrorJson("Event signup is available only to volunteers, volunteer captains, and bus drivers"));
}
volunteer = volRepo.GetVolunteer(user.VolunteerId);
if (volunteer == null)
{
return(Utilities.ErrorJson("Unable to find volunteer profile"));
}
eventModel = repo.GetEvent(eventId);
// Verify that the specified event exists
if (eventModel == null)
{
return(Utilities.ErrorJson("Specified event does not exist."));
}
// Check if there is already a record of this user having signed up
signup = repo.GetEventSignup(eventId, volunteer.Id);
if (signup == null)
{
// If no record exists of the user signing up, or they have already cancelled, then let them know
return(Utilities.ErrorJson("You are not signed up for this event"));
}
else
{
// Otherwise, update the record to indicate non-attendance
repo.DeleteEventSignup(eventId, volunteer.Id);
}
return(new JsonResult(new
{
Error = ""
}));
}
public async Task <IActionResult> AnnouncementEdit(AnnouncementModel announcement)
{
var user = await userManager.GetUserAsync(User);
AnnouncementRepository repo = new AnnouncementRepository(configModel.ConnectionString);
AnnouncementModel dbAnc;
VolunteerRepository volunteerRepo = new VolunteerRepository(configModel.ConnectionString);
VolunteerModel volunteer;
// Ensure that ONLY staff accounts have access to this API endpoint
if (user == null || !await userManager.IsInRoleAsync(user, UserHelpers.UserRoles.Staff.ToString()))
{
return(Utilities.ErrorJson("Not authorized"));
}
if (String.IsNullOrEmpty(announcement.Title))
{
return(Utilities.ErrorJson("Title field cannot be empty"));
}
if (announcement.StartDate == DateTime.MinValue || announcement.EndDate == DateTime.MinValue)
{
return(Utilities.ErrorJson("Start and end date must be provided"));
}
if (announcement.StartDate > announcement.EndDate)
{
return(Utilities.ErrorJson("Start date must be no later than end date"));
}
dbAnc = repo.GetAnnouncement(announcement.Id);
if (dbAnc == null)
{
return(Utilities.ErrorJson("Not a valid announcement"));
}
volunteer = volunteerRepo.GetVolunteer(user.VolunteerId);
announcement.LastUpdateBy = volunteer.FirstName + " " + volunteer.LastName;
try
{
repo.UpdateAnnouncement(announcement);
}
catch (Exception e)
{
return(Utilities.ErrorJson(e.Message));
}
return(new JsonResult(new
{
Error = "",
Announcement = repo.GetAnnouncement(announcement.Id)
}));
}
public ActionResult AfterExternalLoginCallBack(string username, string email, string providerKey, string provider, string prfileurl, string fullname)
{
var cu = new ContextUser
{
OUser = new user
{
Username = username,
Email = email
},
EnumRole = EnumUserRole.Volunteer,
GoogleId = provider == "Google" ? providerKey : null,
LinkedInId = provider == "LinkedIn" ? providerKey : null,
FullName = fullname,
ProfileUrl = prfileurl
};
FormsAuthentication.SetAuthCookie(username, false);
var repository = new VolunteerRepository();
volunteer_profile oVoluntee = null;
Session["user"] = cu;
if (provider == "Google")
{
oVoluntee = repository.Get().FirstOrDefault(x => x.GoogleSigninId == providerKey);
}
else if (provider == "user")
{
oVoluntee = repository.Get().FirstOrDefault(x => x.UserId == int.Parse(providerKey));
}
else
{
oVoluntee = repository.Get().FirstOrDefault(x => x.LinkedInSignInId == providerKey);
}
if (oVoluntee != null)
{
cu.OUser.Id = oVoluntee.Id;
Session["user"] = cu;
if (oVoluntee.IsApprovedAtLevel1 != null && oVoluntee.IsApprovedAtLevel1.Value &&
oVoluntee.IsApprovedAtLevel2 != null && oVoluntee.IsApprovedAtLevel2.Value &&
oVoluntee.IsApprovedAtLevel3 != null && oVoluntee.IsApprovedAtLevel3.Value &&
!oVoluntee.OTAttendenceForVolunteer)
{
return(RedirectToAction("Edit", "Supervisor", new { id = oVoluntee.RowGuid }));
}
if (oVoluntee.OTAttendenceForVolunteer)
{
return(RedirectToAction("Index", "Session"));
}
return(RedirectToAction("VolunteerProfile", "Volunteer"));
}
return(RedirectToAction("VolunteerProfile", "Volunteer"));
}
public async Task <IActionResult> PasswordResetRequest(PasswordResetViewModel vm)
{
string email = vm.Email;
string token;
var user = await userManager.FindByNameAsync(email);
VolunteerRepository repo = new VolunteerRepository(configModel.ConnectionString);
VolunteerModel profile;
if (!UserHelpers.IsValidEmail(email))
{
return(Utilities.ErrorJson("Must provide a valid email address"));
}
if (user == null)
{
return(Utilities.NoErrorJson());
}
try
{
profile = repo.GetVolunteer(user.VolunteerId);
}
catch (Exception)
{
return(Utilities.ErrorJson("Unable to get volunteer profile - please try again later."));
}
if (profile == null)
{
return(Utilities.ErrorJson("Unable to get volunteer profile - please try again later."));
}
token = await userManager.GeneratePasswordResetTokenAsync(user);
try
{
await EmailHelpers.SendEmail(email, "Password Reset - OCC",
$"Hello {profile.PreferredName + " " + profile.LastName},\n\n" +
"You are receiving this email because you requested a password reset for Orlando Children's Church. " +
"In order to reset your password, please follow the link below, or copy/paste the code below when prompted.\n\n" +
"Link: https://www.operation-portal.com/password-reset-confirm?email=" + HttpUtility.UrlEncode(email) + "&token=" + HttpUtility.UrlEncode(token) + "\n\n" +
$"Code: {token}\n\n" +
"This code will be valid for 1 hour. If you did not request a password reset, please ignore this email.",
configModel.EmailOptions);
}
catch (Exception)
{
return(Utilities.ErrorJson("An error occurred and a password reset email could not be sent. Please try again later."));
}
return(new JsonResult(new { token = token }));
}
public async Task <IActionResult> CheckInBusDriver(DriverCheckInModel model)
{
var user = await userManager.GetUserAsync(User);
CheckInRepository repo = new CheckInRepository(configModel.ConnectionString);
VolunteerRepository volRepo = new VolunteerRepository(configModel.ConnectionString);
VolunteerModel profile;
if (user == null ||
!(await userManager.IsInRoleAsync(user, UserHelpers.UserRoles.Staff.ToString())))
{
return(Utilities.ErrorJson("Not authorized."));
}
if (model == null || model.Id == 0)
{
return(Utilities.GenerateMissingInputMessage("bus driver id"));
}
if (model.Date == DateTime.MinValue)
{
return(Utilities.GenerateMissingInputMessage("date"));
}
if (model.Date.DayOfWeek != DayOfWeek.Saturday)
{
return(Utilities.ErrorJson("Drivers can only be checked in for Saturdays"));
}
if (DateTime.Today.Date.AddDays(7) < model.Date)
{
return(Utilities.ErrorJson("Date is too far in the future. Bus drivers can only be checked in for the next Saturday"));
}
try
{
profile = volRepo.GetVolunteer(model.Id);
if (profile == null || profile.Role != UserHelpers.UserRoles.BusDriver.ToString())
{
return(Utilities.ErrorJson("Not a valid bus driver"));
}
repo.CheckInBusDriver(model.Id, model.Date);
}
catch (Exception e)
{
return(Utilities.ErrorJson(e.Message));
}
return(Utilities.NoErrorJson());
}
public UnitOfWork(ContextDb context)
{
this.context = context;
Language = new LanguageRepository(context);
LanguageData = new LanguageDataRepository(context);
Partners = new PartnerRepository(context);
Photo = new PhotoRepository(context);
Slider = new SliderRepository(context);
Volunteer = new VolunteerRepository(context);
Gallery = new GalleryRepository(context);
News = new NewsRepository(context);
Tag = new TagRepository(context);
}
public async Task <IActionResult> VolunteerJobsEdit(VolunteerJobModel job)
{
VolunteerRepository repo = new VolunteerRepository(configModel.ConnectionString);
var user = await userManager.GetUserAsync(User);
VolunteerJobModel dbJob = null;
// Verify the user is a staff member
if (!User.IsInRole(UserHelpers.UserRoles.Staff.ToString()))
{
return(Utilities.ErrorJson("Not authorized"));
}
dbJob = repo.GetVolunteerJob(job.Id, DateTime.MinValue);
// Get job from database to check that it exists
if (dbJob == null)
{
return(Utilities.ErrorJson("Invalid id"));
}
// Validate inputs
if (String.IsNullOrEmpty(job.Name))
{
return(Utilities.ErrorJson("Name is required"));
}
if (job.Min < 0)
{
return(Utilities.ErrorJson("Minimum number of volunteers for ajob must be non-negative"));
}
if (job.Max <= 0)
{
return(Utilities.ErrorJson("Maximum number of volunteers for a job must be positive"));
}
if (job.Max < job.Min)
{
return(Utilities.ErrorJson("Maximum number of volunteers for a job cannot be less than the minimum number of volunteers"));
}
try
{
repo.UpdateVolunteerJob(job);
}
catch (Exception e)
{
return(Utilities.ErrorJson(e.Message));
}
return(Utilities.NoErrorJson());
}
public ProfileController(VolunteerRepository volunteerRepository)
{
this.volunteerRepository = volunteerRepository;
}
public ProfileController()
{
volunteerRepository = new VolunteerRepository();
}
/// <summary>
/// Authenticates the volunteer using Open ID.
/// </summary>
/// <param name="modelState">The current ModelState dictionary.</param>
/// <returns>The authenticated volunteer.</returns>
public Volunteer Authenticate(ModelStateDictionary modelState)
{
Volunteer volunteer = null;
// Guard against a canceled response.
if (AuthenticationResponse.Status == AuthenticationStatus.Canceled)
{
modelState.AddModelError("OpenIdUrl", "The sign in was canceled.");
return volunteer;
}
// Guard against a failed response.
if (AuthenticationResponse.Status == AuthenticationStatus.Failed)
{
modelState.AddModelError("OpenIdUrl", AuthenticationResponse.Exception.Message);
return volunteer;
}
if (AuthenticationResponse.Status == AuthenticationStatus.Authenticated)
{
volunteer = new VolunteerRepository()
.GetVolunteerByClaimedIdentifier(AuthenticationResponse.ClaimedIdentifier);
// Guard against a new volunteer authenticating, but they are not
// in the database yet.
if (volunteer == null)
{
HttpContext.Current.Response.Cookies.Set(CreateCookie("New Volunteer",
AuthenticationResponse.ClaimedIdentifier));
return volunteer;
}
string volunteerName = MvcHtmlString.Create(volunteer.FirstName + " " + volunteer.LastName).ToHtmlString();
HttpContext.Current.Response.Cookies.Set(CreateCookie(volunteerName.Trim(),
AuthenticationResponse.ClaimedIdentifier));
return volunteer;
}
// TODO Log how we ended up here.
modelState.AddModelError("OpenIdUrl", "An unknown error occurred.");
return volunteer;
}
