public static void DeleteStaffMember(string staffName)
{
/*
* Delete staff member by specified staff name,
* and group links with that staff member in.
*/
int staffId = Staff.GetStaffIdByName(staffName);
SqlCommand comm = new SqlCommand("DELETE FROM StaffGroupsLink WHERE StaffId = @StaffId");
comm.Parameters.AddWithValue("@StaffId", staffId);
SqlTools.ExecuteNonQuery(comm);
comm.CommandText = "DELETE FROM Staff WHERE StaffName = @StaffName";
comm.Parameters.AddWithValue("@StaffName", staffName);
SqlTools.ExecuteNonQuery(comm);
// Repopulate list.
AdminForm.RefreshLists();
}
public static void DeleteGroup(string groupName)
{
/*
* DeleteGroup deletes the given group from
* the database.
*
* Arguments:
* groupName (string): The name of the group to delete.
*/
int groupId = GetGroupIdByName(groupName);
// Delete all references to Group in StaffGroupsLink
SqlCommand comm = new SqlCommand("DELETE FROM StaffGroupsLink WHERE GroupId = @GroupId");
comm.Parameters.AddWithValue("@GroupId", groupId);
SqlTools.ExecuteNonQuery(comm);
// Delete from Groups table
comm.CommandText = "DELETE FROM Groups WHERE GroupId = @GroupId";
SqlTools.ExecuteNonQuery(comm);
// Repopulate the list to view affected groups.
AdminForm.RefreshLists();
}
private void LoginButton_Click(object sender, EventArgs e)
{
string username = usernameBox.Text;
Debug.WriteLine(username);
// Run plain-text password through algorithm
string password = HashingAlgorithm(passwordBox.Text);
try
{
SqlCommand comm = new SqlCommand("SELECT StaffPassword FROM Staff WHERE StaffUsername = @StaffUsername");
comm.Parameters.AddWithValue("@StaffUsername", username);
DataTable dt = SqlTools.GetTable(comm);
// If password needs to be reset, don't continue
if ((string)dt.Rows[0]["StaffPassword"] == "")
{
ResetPasswordForm pwForm = new ResetPasswordForm(username);
pwForm.ShowDialog();
pwForm.Dispose();
}
else
{
if ((string)dt.Rows[0]["StaffPassword"] == password)
{
switch (Staff.GetPermissionLevel(username))
{
case PermissionLevel.Overseer:
int staffId = Staff.GetStaffIdByUsername(username);
OverseerForm of = new OverseerForm
{
StaffId = staffId,
isTutor = false
};
Hide();
of.FormClosed += (s, args) => Close();
of.Show();
break;
case PermissionLevel.Admin:
AdminForm af = new AdminForm();
Hide();
af.FormClosed += (s, args) => Close();
af.Show();
break;
case PermissionLevel.Teacher:
staffId = Staff.GetStaffIdByUsername(username);
TeacherMainForm tf = new TeacherMainForm
{
StaffId = staffId,
StaffName = Staff.GetStaffNameById(staffId),
};
Hide();
tf.FormClosed += (s, args) => Close();
tf.Show();
break;
default:
MessageBox.Show("Future system will have lower permission levels");
break;
}
}
else
{
// The password must be wrong if the username is right.
invalidPasswordLabel.Show();
}
}
}
catch (Exception ex)
{
Debug.WriteLine(ex);
// Unfortunately, we have to assume the username is wrong.
// The end-user can't have done much else wrong - except a bad
// username.
invalidUsernameLabel.Show();
throw ex;
}
}
private void SaveGroupButton_Click(object sender, EventArgs e)
{
/*
* SaveButton executes the SQL query needed for inserting
* a new Group and its related staff members.
* newGroup defines whether a group is being edited or
* a new group is being created.
*/
if (!newGroup)
{
// Delete all cases of the group beforehand to avoid conflicts.
SqlCommand comm = new SqlCommand("DELETE FROM StaffGroupsLink WHERE GroupId = @GroupId");
comm.Parameters.AddWithValue("@GroupId", groupId);
SqlTools.ExecuteNonQuery(comm);
SqlParameter staffId = new SqlParameter("@StaffId", "");
// Insert the new group-staff links with the selected staff
comm.CommandText = "INSERT INTO StaffGroupsLink (GroupId, StaffId) VALUES (@GroupId, @StaffId)";
comm.Parameters.Add(staffId);
foreach (string o in staffList)
{
// Loop over each Staff ID in the list.
staffId.Value = Staff.GetStaffIdByName(o);
SqlTools.ExecuteNonQuery(comm);
}
// Update with the new subject if changed
comm.CommandText = "UPDATE Groups SET SubjectId = @SubjectId WHERE GroupId = @GroupId";
comm.Parameters.AddWithValue("@SubjectId", Subjects.GetSubjectIdByName(subjectsComboBox.SelectedItem.ToString()));
SqlTools.ExecuteNonQuery(comm);
// Update with the new Academic Year if changed
comm.CommandText = "UPDATE Groups SET AcademicYearId = @AcademicYearId WHERE GroupId = @GroupId";
comm.Parameters.AddWithValue("@AcademicYearId", Groups.GetYearIdByName(academicYearComboBox.SelectedItem.ToString()));
SqlTools.ExecuteNonQuery(comm);
// Repopulate the list with the new group.
AdminForm.RefreshLists();
Close();
}
else
{
// New group
if (groupNameTextBox.Text != "" && academicYearComboBox.SelectedIndex != -1 && subjectsComboBox.SelectedIndex != -1 && lecturerBox.Items.Count != 0)
{
// Insert the parameters into the query.
SqlCommand comm = new SqlCommand("INSERT INTO Groups (GroupName, SubjectId, AcademicYearId) VALUES (@GroupName, @SubjectId, @AcademicYearId)");
comm.Parameters.AddWithValue("@GroupName", groupNameTextBox.Text);
comm.Parameters.AddWithValue("@SubjectId", Subjects.GetSubjectIdByName(subjectsComboBox.SelectedItem.ToString()));
comm.Parameters.AddWithValue("@AcademicYearId", Groups.GetYearIdByName(academicYearComboBox.SelectedItem.ToString()));
SqlTools.ExecuteNonQuery(comm);
SqlParameter StaffId = new SqlParameter("@StaffId", "");
comm.Parameters.Add(StaffId);
// Get the newly created group ID
comm.Parameters.AddWithValue("@GroupId", Groups.GetGroupIdByName(groupNameTextBox.Text));
comm.CommandText = "INSERT INTO StaffGroupsLink (GroupId, StaffId) VALUES (@GroupId, @StaffId)";
foreach (string o in lecturerBox.Items)
{
// Loop through the staff ID's and add them
StaffId.Value = Staff.GetStaffIdByName(o);
SqlTools.ExecuteNonQuery(comm);
}
AdminForm.RefreshLists();
Close();
}
}
}