示例#1
0
        /// <summary>
        /// Set ViewBag collection return to view.
        /// </summary>
        /// <param name="nisan"></param>
        private void SetViewBag(Nisan nisan)
        {
            ViewBag.StatusId = new SelectList(db.Statuses.Where(s => s.StockTypeId == HLGranite.Mvc.Models.StockType.NISAN_TYPE_ID), "Id", "Name", nisan.StatusId);
            ViewBag.StockId = new SelectList(db.Stocks.Where(s => s.StockTypeId == HLGranite.Mvc.Models.StockType.NISAN_TYPE_ID && s.Active == true).OrderBy(s => s.Name), "Id", "Name", nisan.StockId);
            ViewBag.AssigneeId = new SelectList(db.Users.Where(u => (u.UserTypeId == HLGranite.Mvc.Models.User.STAFF_TYPE_ID || u.UserTypeId == HLGranite.Mvc.Models.User.ADMIN_TYPE_ID) && u.Active == true).OrderBy(u => u.UserName), "Id", "DisplayName", nisan.AssigneeId);

            HLGranite.Mvc.Models.User user = db.Users.Where(u => u.UserName == User.Identity.Name).FirstOrDefault();
            if (user != null)
            {
                if (user.UserTypeId != Models.User.ADMIN_TYPE_ID && user.UserTypeId != Models.User.STAFF_TYPE_ID)
                    ViewBag.SoldToId = new SelectList(db.Users.Where(u => u.UserTypeId == HLGranite.Mvc.Models.User.AGENT_TYPE_ID || u.UserTypeId == HLGranite.Mvc.Models.User.CUSTOMER_TYPE_ID).OrderBy(u => u.UserName), "Id", "DisplayName", nisan.SoldToId);
                else
                    ViewBag.SoldToId = new SelectList(db.Users.Where(u => u.UserTypeId == HLGranite.Mvc.Models.User.AGENT_TYPE_ID).OrderBy(u => u.UserName), "Id", "DisplayName", nisan.SoldToId);
            }

            ViewBag.MuslimMonth = MuslimMonthList;
        }
示例#2
0
 private void LogActivity(Nisan nisan)
 {
     HLGranite.Mvc.Models.User user = db.Users.Where(u => u.UserName.Equals(User.Identity.Name)).FirstOrDefault();
     Activity activity = db.Activities.Create();
     activity.WorkItemId = nisan.WorkItemId;
     activity.Date = DateTime.Now;
     activity.StatusId = nisan.StatusId;
     if (user != null) activity.UserId = user.Id;
     db.Activities.Add(activity);
 }
示例#3
0
        public ActionResult Create(Nisan nisan)
        {
            if (ModelState.IsValid)
            {
                WorkItem workItem = db.WorkItems.Create();
                db.WorkItems.Add(workItem);
                nisan.WorkItemId = workItem.Id;
                db.Nisans.Add(nisan);
                LogActivity(nisan);
                db.SaveChanges();
                return RedirectToAction("Index");
            }

            SetViewBag(nisan);
            return View(nisan);
        }
示例#4
0
        public ActionResult Edit(Nisan nisan)
        {
            if (ModelState.IsValid)
            {
                // put loggin person as assignee after submit (normally submit is the second status after save or new).
                List<Status> statuses = db.Statuses.Where(s => s.StockTypeId == StockType.NISAN_TYPE_ID).Take(3).ToList();
                Status status = statuses[2];
                if (nisan.AssigneeId == null || nisan.AssigneeId == 0)
                {
                    if (nisan.StatusId >= status.Id)
                    {
                        Mvc.Models.User assignee = db.Users.Where(u => u.UserName == User.Identity.Name).FirstOrDefault();
                        if (assignee != null) nisan.AssigneeId = assignee.Id;
                    }
                }

                nisan.WorkItem = db.WorkItems.Where(w => w.Id.Equals(nisan.WorkItemId)).First();
                db.Entry(nisan).State = EntityState.Modified;
                LogActivity(nisan);
                db.SaveChanges();
                return RedirectToAction("Index");
            }
            SetViewBag(nisan);
            return View(nisan);
        }
示例#5
0
        protected override bool AuthorizeCore(HttpContextBase httpContext)
        {
            bool canView      = false;
            var  isAuthorized = base.AuthorizeCore(httpContext);

            if (!isAuthorized)
            {
                // the user is either not authenticated or
                // not in roles => no need to continue any further
                return(false);
            }

            // get the currently logged on user
            var username = httpContext.User.Identity.Name;

            // get the id of the article that he is trying to manipulate
            // from the route data (this assumes that the id is passed as a route
            // data parameter: /foo/edit/123). If this is not the case and you
            // are using query string parameters you could fetch the id using the Request
            //var id = httpContext.Request.RequestContext.RouteData.Values["id"] as string;

            // Now that we have the current user and the id of the article he
            // is trying to manipualte all that's left is go ahead and look in
            // our database to see if this user is the owner of the article
            HLGranite.Mvc.Models.hlgraniteEntities db = new HLGranite.Mvc.Models.hlgraniteEntities();
            HLGranite.Mvc.Models.User user            = db.Users.Where(u => u.UserName.Equals(username)).FirstOrDefault();
            if (user == null)
            {
                return(false);
            }
            canView = user.IsAdmin;

            // check whether the order is belonged to login user
            if (!canView)
            {
                string controller = httpContext.Request.RequestContext.RouteData.Values.First().Value.ToString();
                int    id         = Convert.ToInt32(httpContext.Request.RequestContext.RouteData.Values["id"]);
                switch (controller)
                {
                case "Nisan":
                    if (!canView)
                    {
                        canView = (user.UserTypeId == HLGranite.Mvc.Models.User.STAFF_TYPE_ID);
                    }
                    if (!canView)
                    {
                        Nisan nisan = db.Nisans.Where(n => n.Id == id).FirstOrDefault();
                        if (nisan != null)
                        {
                            canView = (nisan.SoldTo.UserName == username);
                        }
                    }
                    break;

                case "Tomb":
                    if (!canView)
                    {
                        canView = (user.Id == HLGranite.Mvc.Models.User.STAFF_TYPE_ID);
                    }
                    break;

                case "Renovation":
                    if (!canView)
                    {
                        canView = (user.Id == HLGranite.Mvc.Models.User.STAFF_TYPE_ID);
                    }
                    break;

                case "User":
                    User profile = db.Users.Where(u => u.Id == id).FirstOrDefault();
                    if (profile != null)
                    {
                        canView = (profile.Id == user.Id);
                    }
                    break;
                }
            }

            return(canView);
        }