public List <User> GetUsers()
{
SystemAdmin authUser = AdminDal.GetAuthUser();
List <User> users = new List <User>();
using (connection)
using (var command = connection.CreateCommand())
{
connection.Open();
command.CommandText = "SELECT * FROM user WHERE customer_id = @customer_id";
command.Parameters.AddWithValue("@customer_id", authUser.CustomerID);
MySqlDataReader Reader = command.ExecuteReader();
if (!Reader.HasRows)
{
return(null); // Could not find users
}
while (Reader.Read())
{
users.Add(new User {
Id = Reader.GetInt32("id"),
SchoolUnit = Reader.IsDBNull(Reader.GetOrdinal("unit")) ? string.Empty : Reader.GetString("unit"),
Name = Reader.IsDBNull(Reader.GetOrdinal("name")) ? string.Empty : Reader.GetString("name"),
Email = Reader.IsDBNull(Reader.GetOrdinal("email")) ? string.Empty : Reader.GetString("email"),
Password = Reader.IsDBNull(Reader.GetOrdinal("password")) ? string.Empty : Reader.GetString("password"),
Role = Reader.IsDBNull(Reader.GetOrdinal("role")) ? string.Empty : Reader.GetString("role"),
});
}
Reader.Close();
}
return(users);
}
public User CreateUser(User user)
{
SystemAdmin authUser = AdminDal.GetAuthUser();
using (connection)
using (var command = connection.CreateCommand())
{
connection.Open();
command.CommandText =
@"INSERT INTO user
(customer_id, customer, unit, name, email, role, password)
VALUES
(@customer_id, @customer, @unit, @name, @email, @role, @password)";
command.Parameters.AddWithValue("@customer_id", authUser.CustomerID);
command.Parameters.AddWithValue("@customer", authUser.Customer);
command.Parameters.AddWithValue("@unit", user.SchoolUnit);
command.Parameters.AddWithValue("@name", user.Name);
command.Parameters.AddWithValue("@email", user.Email);
command.Parameters.AddWithValue("@role", user.Role);
command.Parameters.AddWithValue("@password", user.Password);
command.ExecuteNonQuery();
}
return(user);
}