using System;using System.Collections.Generic;using System.Data;using Syst

1. using System;
2. using System.Collections.Generic;
3. using System.Data;
4. using System.Data.Entity;
5. using System.Linq;
6. using System.Net;
7. using System.Web;
8. using System.Web.Mvc;
9. using lab_2_web_design.Data;
10. using lab_2_web_design.Models;
11. using lab_2_web_design.Services;
12.  
13. namespace lab_2_web_design.Controllers
14. {
15. [Authorize]
16. public class UserController : Controller
17. {
18. private readonly IRepository _dataRepository;
19. private IUser _userService;
20.  
21. public UserController(IRepository dataRepository, IUser userService)
22. {
23. _dataRepository = dataRepository;
24. _userService = userService;
25. }
26. // GET: User
27. public ActionResult Index()
28. {
29. var users = _dataRepository.GetAllUsers();
30. foreach(User user in users)
31. {
32. user.hasYarn = _userService.UserhasYarn(user);
33. }
34. return View(users);
35. }
36.  
37. // GET: User/Details/5
38. public ActionResult Details(int? id)
39. {
40. if (id == null)
41. {
42. return new HttpStatusCodeResult(HttpStatusCode.BadRequest);
43. }
44. User user = _dataRepository.getUser(id.Value);
45. if (user == null)
46. {
47. return HttpNotFound();
48. }
49. return View(user);
50. }
51.  
52. // GET: User/Create
53. public ActionResult Create()
54. {
55. return View();
56. }
57.  
58. // POST: User/Create
59. // To protect from overposting attacks, please enable the specific properties you want to bind to, for
60. // more details see http://go.microsoft.com/fwlink/?LinkId=317598.
61. [HttpPost]
62. [ValidateAntiForgeryToken]
63. public ActionResult Create([Bind(Include = "UserId,FirstName,LastName,EmailAdress,hasYarn")] User user)
64. {
65. if (ModelState.IsValid)
66. {
67. _dataRepository.addUser(user);
68. return RedirectToAction("Index");
69. }
70.  
71. return View(user);
72. }
73.  
74. // GET: User/Edit/5
75. public ActionResult Edit(int? id)
76. {
77. if (id == null)
78. {
79. return new HttpStatusCodeResult(HttpStatusCode.BadRequest);
80. }
81. User user = _dataRepository.getUser(id.Value);
82. if (user == null)
83. {
84. return HttpNotFound();
85. }
86. return View(user);
87. }
88.  
89. // POST: User/Edit/5
90. // To protect from overposting attacks, please enable the specific properties you want to bind to, for
91. // more details see http://go.microsoft.com/fwlink/?LinkId=317598.
92. [HttpPost]
93. [ValidateAntiForgeryToken]
94. public ActionResult Edit([Bind(Include = "UserId,FirstName,LastName,EmailAdress")] User user)
95. {
96. if (ModelState.IsValid)
97. {
98. _dataRepository.updateUser(user);
99. return RedirectToAction("Index");
100. }
101. return View(user);
102. }
103.  
104. // GET: User/Delete/5
105. public ActionResult Delete(int? id)
106. {
107. if (id == null)
108. {
109. return new HttpStatusCodeResult(HttpStatusCode.BadRequest);
110. }
111. User user = _dataRepository.getUser(id.Value);
112. if (user == null)
113. {
114. return HttpNotFound();
115. }
116. _dataRepository.removeUser(user);
117. return RedirectToAction("Index");
118. }
119.  
120. // POST: User/Delete/5
121. [HttpPost, ActionName("Delete")]
122. [ValidateAntiForgeryToken]
123. public ActionResult DeleteConfirmed(int id)
124. {
125. User user = _dataRepository.getUser(id);
126. return RedirectToAction("Index");
127. }
128.  
129. public class MyAuthorizeAttribute : AuthorizeAttribute
130. {
131. protected override bool AuthorizeCore(HttpContextBase httpContext)
132. {
133. var authorized = base.AuthorizeCore(httpContext);
134. if (!authorized)
135. {
136. return false;
137. }
138.  
139. var rd = httpContext.Request.RequestContext.RouteData;
140.  
141. var id = rd.Values["id"];
142. var userName = httpContext.User.Identity.Name;
143.  
144. User user = _dataRepository.getUser(id);
145.  
146. return submission.UserID == user.UserID;
147. }
148. }
149.  
150. }
151. }