using System; using System.Collections.Generic; using System.Configuration; using System.Data; using System.Data.SqlClient; using System.Linq; using System.Web; using Dapper; using Fab2ApprovalSystem.Models; using System.Text; namespace Fab2ApprovalSystem.DMO { public class UserAccountDMO { private IDbConnection db = new SqlConnection(ConfigurationManager.ConnectionStrings["FabApprovalConnection"].ConnectionString); //public List GetUser(string loginID) //{ // StringBuilder sql = new StringBuilder(); // sql.Append("SELECT * FROM Users WHERE LoginID = '" + loginID + "'"); // return this.db.Query(sql.ToString()).ToList(); //} public IEnumerable GetAllUsers() { StringBuilder sql = new StringBuilder(); //sql.Append("SELECT U.FirstName + ' ' + U.LastName AS FullName, U1.FirstName + ' ' + U1.LastName AS DelegatedToFullName, U.* "); //sql.Append("FROM Users U LEFT JOIN Users U1 "); //sql.Append("ON U.UserID = U1.DelegatedTo ORDER BY FirstName "); //sql.Append("SELECT FirstName + ' ' + LastName AS FullName, * FROM Users ORDER BY FirstName "); sql.Append(" SELECT U.FirstName + ' ' + U.LastName AS FullName, U.* , U1.FirstName + ' ' + U1.LastName AS DelegatedToFullName "); sql.Append("FROM Users U LEFT JOIN Users U1 ON U.DelegatedTo = U1.UserID "); sql.Append("ORDER BY FirstName "); return this.db.Query(sql.ToString()).ToList(); } public LoginModel GetUser(string loginID) { //StringBuilder sql = new StringBuilder(); //sql.Append("SELECT * FROM Users WHERE LoginID = '" + loginID + "'"); //return this.db.Query(sql.ToString()).SingleOrDefault(); return this.db.Query("SELECT FirstName + ' ' + LastName AS FullName, * FROM Users WHERE LoginID = @loginID AND IsActive = 1 ", new { loginID = loginID }).Take(1).SingleOrDefault(); } public LoginModel GetUserByID(int userID) { return this.db.Query( "SELECT FirstName + ' ' + LastName AS FullName, * FROM Users WHERE UserID = @UserID ", new { UserID = userID }).Take(1).SingleOrDefault(); } public string GetUserEmailByID(string userID) { return this.db.Query( "SELECT Email FROM Users WHERE UserID = @UserID ", new { UserID = userID }).Take(1).SingleOrDefault(); } /// /// /// /// internal void UpdateUser(LoginModel model) { string sql; sql = "UPDATE Users SET LoginID = @LoginID, FirstName = @FirstName, LastName = @LastName, Email = @Email, IsAdmin = @IsAdmin WHERE UserID = @UserID"; var parameters = new DynamicParameters(); parameters.Add("@UserID", model.UserID); parameters.Add("@LoginID", model.LoginID); parameters.Add("@FirstName", model.FirstName); parameters.Add("@LastName", model.LastName ); parameters.Add("@Email", model.Email); parameters.Add("@IsAdmin", model.IsAdmin); this.db.Execute(sql, parameters); } /// /// /// /// internal void DeleteUser(LoginModel model) { string sql; sql = "DELETE Users WHERE UserID = @UserID"; var parameters = new DynamicParameters(); parameters.Add("@UserID", model.UserID); this.db.Execute(sql, parameters); } /// /// /// /// internal void InsertUser(LoginModel model) { //string sql; //sql = "INSERT Users (LoginID, FirstName, LastName, IsAdmin) VALUES (@LoginID, @FirstName, @LastName, @IsAdmin )"; var parameters = new DynamicParameters(); parameters.Add("@UserID", model.UserID, DbType.Int32, direction: ParameterDirection.InputOutput); parameters.Add("@LoginID", model.LoginID); parameters.Add("@FirstName", model.FirstName); parameters.Add("@LastName", model.LastName); parameters.Add("@Email", model.Email); parameters.Add("@IsAdmin", model.IsAdmin); this.db.Execute("InsertUsers", parameters, commandType: CommandType.StoredProcedure); int userid = parameters.Get("@UserID"); model.UserID = userid; } /// /// /// /// /// internal void UpdateInsertITARAccess(string userID, string hasITARAccess) { var parameters = new DynamicParameters(); parameters.Add("@UserID", userID); parameters.Add("@HasITARAccess", hasITARAccess); this.db.Execute("ITARAccessUpdateInsert", parameters, commandType: CommandType.StoredProcedure); } /// /// /// /// /// internal bool GetITARAccess(int userID) { var parameters = new DynamicParameters(); parameters.Add("@UserID", userID); var results = this.db.Query( "SELECT HasITARAccess FROM SAMUsers, Users WHERE Users.UserID = @UserID AND SAMUsers.UserID = Users.LoginID", parameters, commandType: CommandType.Text); if ((results != null) && (results.Count() > 0) && (results.First() == "1")) return true; return false; } /// /// /// /// /// internal bool GetEC_AD_Users(string userID) { var parameters = new DynamicParameters(); parameters.Add("@UserID", userID); var results = this.db.Query( "SELECT UserID FROM EC_AD_Users WHERE UserID = @UserID", parameters, commandType: CommandType.Text); if ((results != null) && (results.Count() > 0)) return true; return false; } } }