public string addUser(SqlConnection conn, SqlTransaction trans, User user)
{
ConnectionDao connectionDao = new ConnectionDao();
string returnString = IdProConstants.SUCCESS;
Employee objEmployee = new Employee();
SqlCommand cmd = null;
SqlDataReader rs = null;
AddEmployee obj = new AddEmployee();
UserServices userService = new UserServices();
string query = "INSERT INTO Users([username],[password],[role]) VALUES(@UserName,@Password,@Role)";
try
{
cmd = connectionDao.getSqlCommand(query, conn, trans);
SqlParameter param1 = new SqlParameter();
param1.ParameterName = "@UserName";
//param1.Value = HttpContext.Current.Session["useremp"];
param1.Value = user.Username;
cmd.Parameters.Add(param1);
SqlParameter param2 = new SqlParameter();
param2.ParameterName = "@Password";
//param2.Value = userService.getHashPassword(HttpContext.Current.Session["useremp"].ToString ());
param2.Value = userService.getHashPassword(user.Password);
cmd.Parameters.Add(param2);
SqlParameter param3 = new SqlParameter();
param3.ParameterName = "@Role";
//param3.Value = HttpContext.Current.Session["rol"];
param3.Value = user.Role ;
cmd.Parameters.Add(param3);
cmd.ExecuteScalar();
}
catch (Exception exception)
{
System.Diagnostics.Trace.WriteLine("[UserDAO:addUser] Exception " + exception.StackTrace);
returnString = IdProConstants.FAIL;
}
finally
{
connectionDao.closeDabaseEntities(cmd, rs);
}
return returnString;
}
public string updateEmployee(Employee employee)
{
SqlConnection conn = null;
SqlTransaction trans = null;
string returnString = IdProConstants.SUCCESS;
UserDAO userDao = new UserDAO();
EmployeeDao EmployeeDao = new EmployeeDao();
ConnectionDao ConnectionDao = new ConnectionDao();
UserServices userServices = new UserServices();
Employee employeeById = EmployeeDao.getEmployeeById(employee.EmployeeId);
if (!(employeeById.Email.Trim().Equals(employee.Email.Trim())) && isEmployeeEmailexist(employee.Email.Trim()))
{
returnString = "Employee Email already Exist in the system";
}
else if (!(employeeById.USER.Username.Trim().ToUpper().Equals(employee.USER.Username.Trim().ToUpper())) && userServices.isUserNameExist(employee.USER.Username))
{
returnString = "UserName already Exit in the system";
}
else
{
try
{
conn = ConnectionDao.getConnection();
trans = conn.BeginTransaction();
HttpContext.Current.Session["prevUserName"] = employeeById.USER.Username;
returnString = userDao.updateUser(conn, trans, employee.USER);
if (IdProConstants.SUCCESS.Equals(returnString))
{
returnString = EmployeeDao.updateEmployee(conn, trans, employee);
}
if (IdProConstants.SUCCESS.Equals(returnString))
{
trans.Commit();
}
else
{
trans.Rollback();
}
}
catch (Exception exception)
{
trans.Rollback();
System.Diagnostics.Trace.WriteLine("[EmployeeServices:updateEmployee] Exception " + exception.StackTrace);
}
finally
{
ConnectionDao.closeConnection(conn);
}
}
return returnString;
}
public string addEmployee(Employee employee)
{
SqlConnection conn = null;
SqlTransaction trans = null;
string returnString = IdProConstants.SUCCESS;
UserDAO userDao = new UserDAO();
EmployeeDao EmployeeDao = new EmployeeDao();
ConnectionDao ConnectionDao = new ConnectionDao();
UserServices userServices = new UserServices();
if (isEmployeeEmailexist(employee.Email.Trim()))
{
returnString = "Employee Email already Exist in the system";
}
// else if (userServices.isUserNameExist(employee.USER.Username))
else if (userServices.isUserNameExist(employee.Username))
{
returnString = "UserName already Exit in the system";
}
else
{
try
{
conn = ConnectionDao.getConnection();
trans = conn.BeginTransaction();
returnString = userDao.addUser(conn, trans, employee.USER);
if (IdProConstants.SUCCESS.Equals(returnString))
{
returnString = EmployeeDao.addEmployee(conn, trans, employee);
}
if (IdProConstants.SUCCESS.Equals(returnString))
{
trans.Commit();
}
else
{
trans.Rollback();
}
}
catch (Exception exception)
{
trans.Rollback();
System.Diagnostics.Trace.WriteLine("[EmployeeServices:addEmployee] Exception " + exception.StackTrace);
}
finally
{
ConnectionDao.closeConnection(conn);
}
}
return returnString;
}
public string updateUser(SqlConnection conn, SqlTransaction trans, User user)
{
ConnectionDao connectionDao = new ConnectionDao();
string returnString = IdProConstants.SUCCESS;
SqlCommand cmd = null;
SqlDataReader rs = null;
UserServices userService = new UserServices();
string query = null;
bool updatePassword = !userService.getHashPassword("defaultPassWord").Equals(user.Password);
if (updatePassword)
{
query = "update Users set UserName=@UserName,Password=@Password,Role=@Role where UserName='******'";
}
else
{
query = "update Users set UserName=@UserName,Role=@Role where UserName='******'";
}
try
{
cmd = connectionDao.getSqlCommand(query, conn, trans);
SqlParameter param1 = new SqlParameter();
param1.ParameterName = "@UserName";
param1.Value = user.Username;
cmd.Parameters.Add(param1);
if (updatePassword)
{
SqlParameter param2 = new SqlParameter();
param2.ParameterName = "@Password";
param2.Value = userService.getHashPassword(user.Password);
cmd.Parameters.Add(param2);
}
SqlParameter param3 = new SqlParameter();
param3.ParameterName = "@Role";
param3.Value = user.Role;
cmd.Parameters.Add(param3);
cmd.ExecuteScalar();
}
catch (Exception exception)
{
System.Diagnostics.Trace.WriteLine("[UserDAO:updateUser] Exception " + exception.StackTrace);
returnString = IdProConstants.FAIL;
}
finally
{
connectionDao.closeDabaseEntities(cmd, rs);
}
return returnString;
}
protected void btnLogin_Click(object sender, EventArgs e)
{
string userName = txtUsername.Text.Trim().ToUpper();
string passWord = txtPassword.Text.Trim();
UserServices userService = new UserServices();
string returnString = userService.ValidateUser(userName, passWord);
if (IdProConstants.SUCCESS.Equals(returnString))
{
User user = new User();
user = userService.getUserbyUserName(userName);
EmployeeServices employeeService = new EmployeeServices();
Employee employee = new Employee();
employee = employeeService.getEmployeeByUserName(userName);
if (user == null || employee == null)
{
returnString = IdProConstants.ADMIN;
}
//else if (UserStatusesConstants.INACTIVEEMPLOYEE.Equals(employee.getEmployeeStatus()))
//{
// returnString = TransactionConfirmMessages.INACTIVEUSER;
//}
else
{
string role = user.getRole().Trim();
Session["role"] = role;
Session["username"] = user.getUserName().Trim();
Session["name"] = employee.getFirstName();
FormsAuthenticationTicket tkt = default(FormsAuthenticationTicket);
string cookiestr = null;
System.Web.HttpCookie ck = default(System.Web.HttpCookie);
tkt = new FormsAuthenticationTicket(1, txtUsername.Text, DateTime.Now, DateTime.Now.AddMinutes(30), false, role);
cookiestr = FormsAuthentication.Encrypt(tkt);
ck = new System.Web.HttpCookie(FormsAuthentication.FormsCookieName, cookiestr);
ck.Path = FormsAuthentication.FormsCookiePath;
Response.Cookies.Add(ck);
string strRedirect = null;
strRedirect = Request["ReturnURL"];
if (!string.IsNullOrEmpty(strRedirect) & strRedirect != "/")
{
Response.Redirect(strRedirect, true);
}
else
{
strRedirect = "ManageEmployee.aspx";
Response.Redirect(strRedirect, true);
}
}
}
lblMsg.Text = returnString;
}