Hello I need help please
I am creating my first asp mvc Webpage.
I created a login and registration page connected with database.
I want to pass CustomerId from the customer that logged in to a Bookings table
So that it shows bookings related to that customer only.
Bookings table has CustomerId as a foreign key. This is what I have done so far.
public class BookingController : Controller
{
// GET: Booking
public ActionResult Index(int customerId)
{
TravelExpertsEntities bookingdb = new TravelExpertsEntities();
List<Booking> bookings = bookingdb.Bookings.Where(book =>
book.CustomerId == customerId).ToList();
return View(bookings);
}
}
}
//This is from login Controller
public ActionResult Login(Customer reg)
{
if (ModelState.IsValid)
{
var details = (from userlist in db.Customers
where userlist.UserName == reg.UserName &&
userlist.Password == reg.Password
select new
{
userlist.CustomerId,
userlist.UserName
}).ToList();
if (details.FirstOrDefault() != null)
{
Session["CustomerId"] =
details.FirstOrDefault().CustomerId;
Session["Username"] = details.FirstOrDefault().UserName;
return RedirectToAction("Index", "Booking");
}
}
else
{
ModelState.AddModelError("", "Invalid UserName or Password");
}
return View(reg);
}
I was able to pull all bookings but I want to filter it with the Customer that logged in.
Replace your RedirectToAction as below, to pass customerId as parameter
var CustomerIdparam=details.FirstOrDefault().CustomerId;
RedirectToAction("Index", "Booking", new{customerId=CustomerIdparam});
Related
I am trying to show booking of logged in user from database, but its show all data from all user. this is the original code:
// GET: Bookings
public ActionResult Index()
{
var bookings = db.Bookings.Include(b => b.Room).Include(b => b.Register);
return View(bookings.ToList());
}
Here what I have tried but the output show an error,
public ActionResult Index()
{
var bookings = db.Bookings.Include(b => b.Room).Include(b => b.Register == Session["id"]);
return View(bookings.ToList());
}
This is the user table in the database, so if I login as user no.1, the booking data should display only customerID no.1, but the problem is, the data show all user bookings.
Here is the image of booking db,
Here is the code for login:
[HttpPost]
public ActionResult Login(Register login)
{
using (HotelBookingEntities db = new HotelBookingEntities())
{
var userDetails = db.Registers.Where(x => x.email == login.email && x.password == login.password).FirstOrDefault();
if (userDetails == null)
{
ViewBag.WrongMessage = "Wrong username or password";
return View("Login", login);
}
else
{
Session["id"] = userDetails.id;
Session["username"] = userDetails.username;
return RedirectToAction("Index", "Rooms");
}
}
}
Try as follows:
public ActionResult Index()
{
int userId = Convert.ToInt32(Session["id"]);
var bookings = db.Bookings.Where.Include(b => b.Room).Where(b => b.CustomerID == userId).ToList();
return View(bookings);
}
I have this table where displaying the list of userID+SubjectID, now i want is,if the user who Logged in can only see the list of Subject that belongs to the current user,is it possible? then should i need to use asp.net identity? currently i am using empty template with custom login Authentication + Roles only, any idea on what is the best way to handle this type of scenario? all i want is my tables will show data based on the current user logged in.
Example: If User1 logged in then User1 will only see subjects belong to user1..
Note:
i was searching for tutorials on showing data based on the current user logged in, but i couldn't find,any one has better idea? or link can share with me? i don't know the better word for my scenario i just call it "show data based on current user",i appreciate if anyone can solve this..thanks in advance..
Table Controller:
[CostumAuthorize(Roles = "Admin,Teacher")]
public ActionResult Subject_List(int id)
{
var test = db.SubjectTeachers.Where(x => x.Users.Any(n => n.UserID == id)).ToList();
var subjectTeachers = db.SubjectTeachers.Include(s => s.Levels).Include(s => s.Subjects).Include(s => s.Users).Where(u => u.LevelID == id);
return View(subjectTeachers.ToList());
}
Account controller:
[HttpPost]
[ValidateAntiForgeryToken]
public ActionResult Login(Login l, string ReturnUrl = "")
{
if (!ModelState.IsValid)
{
return View(l);
}
using (MyContext dc = new MyContext())
{
var user = dc.Users.Where(a => a.Username.Equals(l.Username) && a.Password.Equals(l.Password)).FirstOrDefault();
if (user != null)
{
FormsAuthentication.SetAuthCookie(user.Username, l.RememberMe);
if (Url.IsLocalUrl(ReturnUrl))
{
return Redirect(ReturnUrl);
}
return RedirectToAction("Index", "Home");
}
}
ModelState.AddModelError("", "Invalid Login.");
return View(l);
}
[Authorize]
public ActionResult Logout()
{
FormsAuthentication.SignOut();
return RedirectToAction("Login", "Account");
}
}
If you can get the logged-in userid then simply use that to get Corresponding Subjects list.........
int userid = Membership.GetUser(User.Identity.Name).ProviderUserKey;
[CostumAuthorize(Roles = "Admin,Teacher")]
public ActionResult Subject_List()
{
var test = db.SubjectTeachers.Where(x => x.Users.Any(n => n.UserID == userid )).ToList();
return View(test.ToList());
}
How can I remove User from Roles in ASP.NET Identity 2.x ?
about adding role to user there is no problem but when I want to remove a role from a user I cannot.It should be mentioned that there is no exception or error!
//POST: Admin/User/Edit/5
[AcceptVerbs(HttpVerbs.Post)]
[ValidateAntiForgeryToken]
public async Task<ActionResult> Edit([Bind(Prefix = "")]UserViewModel userViewModel, List<int> availableRoles)
{
if (ModelState.IsValid)
{
List<int> newListOfRolesIDs = availableRoles;
List<int> oldListOfRolesIDs = UserBLL.Instance.GetRolesIDs(userViewModel.Id);
List<int> deletedList;
List<int> addedList;
var haschanged = oldListOfRolesIDs.ChangeTracking(newListOfRolesIDs, out deletedList, out addedList);
using (new EFUnitOfWorkFactory().Create())
{
if (haschanged)
{
UserBLL.Instance.InsertRoles(addedList, userViewModel.Id);
UserBLL.Instance.DeleteRoles(deletedList, userViewModel.Id);
}
await UserBLL.Instance.UpdateAsync(userViewModel);
}
//ArticleBLL.Instance.UpdatePartial(articleViewModel, m => m.Title);
return RedirectToAction("Edit");
}
return View(userViewModel);
}
Delete Role method:
public void DeleteRoles(List<int> deleteList, int? userId)
{
if (userId != null)
{
User user = UserManager.FindByIdAsync(userId.Value).Result;
foreach (var i in deleteList)
{
user.Roles.Remove(new UserRole { RoleId = i, UserId = user.Id }); // What's the problem?!
}
}
}
Insert Role method:
public void InsertRoles(List<int> insertList, int? userId)
{
if (userId != null)
{
User user = UserManager.FindByIdAsync(userId.Value).Result;
foreach (var i in insertList)
{
user.Roles.Add(new UserRole { RoleId = i, UserId = user.Id });
}
}
}
What you are looking for is the RemoveFromRoleAsync method. An example would look similar to the following:
public async Task DeleteRolesAsync(List<string> deleteList, int? userId)
{
if (userId != null)
{
foreach (var roleName in deleteList)
{
IdentityResult deletionResult = await UserManager.RemoveFromRoleAsync(userId, roleName);
}
}
}
If you already have the ID of the user, there's no need to get the user again (only if you want to make sure that the user really exists; then you have to wrap your foreach with an if-statement). The deletion methods needs the name of the role, instead of the ID, to delete the user from the role. You can use the result of the operation (in my example stored in deletionResult) to make sure that the operation was successful. Remember that the name of the user manager (in my example UserManager) can vary depending on your implementation.
I had the same issue and what I ended up using was the
RemoveFromRolesAsync(string userId, params string[] roles) Method
from the UserManager.
Using the role names in an array works.
But has an issue that is if the user is not in one of the roles in the array the user will not be removed from any roles in the array.
All or nothing.
var usr = UserManager.FindById(usrV.ID.ToString());
string[] deleteList;
deleteList= new string[1];
deleteList[0] = "Engineer";
var rresult1 = UserManager.RemoveFromRolesAsync(usr.Id, deleteList);
Hope it helps
You might want to check out this blog post. The ASP.NET team has a sample that includes adding and removing roles from a user.
ASP.NET Identity 2.0: Customizing Users and Roles
I have a Controller where on the Create action I need the user ID.
Here's the controller.
public ActionResult Create(MyCreateViewModel model)
{
if (ModelState.IsValid)
{
var myobject = new MyObject
{
Attrib1 = DateTime.Now.Date,
Attrib2 = model.Etichetta,
UserId = // I need the user ID...
};
// Save the object on database...
return RedirectToAction("Index");
}
return View(model);
}
I'm using the UserProfile table provided with the SimpleMembership of MVC 4.
Which is the best practice in MVC 4 to manage the userID across the application?
Do I have to include a User attribute inside every Entity class?
Should I use a Session[] variable or what?
You can use this line to get the userId from the UserProfiles table.
var userId = WebSecurity.GetUserId(HttpContext.Current.User.Identity.Name);
You can also use this function to get the users complete profile, including any custom columns you may be populating.
public static UserProfile GetUserProfile()
{
using (var db = new UsersContext())
{
var userId = WebSecurity.GetUserId
(HttpContext.Current.User.Identity.Name);
var user = db.UserProfiles
.FirstOrDefault(u => u.UserId == userId);
if (user == null)
{
//couldn't find the profile for some reason
return null;
}
return user;
}
}
I'm following this tutorial link
I have a table users {iduser, user, pass, role}
I'm using this users : string[] users = db.users.Select(t => t.user).ToArray();
instead of : string[] users = Users.Split(','); Is it ok ?
My problem is with roles : SiteRoles role = (SiteRoles)httpContext.Session["role"];
Q: Where do I store the role for my user ?
My simplified account controller:
[HttpPost]
public ActionResult Login(LoginModel model)
{
HeliosEntities db = new HeliosEntities();
if (ModelState.IsValid)
{
bool userok = db.users.Any(t => t.user == model.UserName && t.pass == model.Password);
if (userok == true)
{
FormsAuthentication.SetAuthCookie(model.UserName, model.RememberMe);
return RedirectToAction("Index", "Home");
}
{
ModelState.AddModelError("", "Incorect password or user!");
}
}
return View();
}
A quick look at your link above shows that it is getting the user's role from session:
(SiteRoles)httpContext.Session["role"];
so you need to set the session value when the user logs in, for example:
var userRole = Roles.Admin | Roles.User;
httpContext.Session["role"] = role;
I don't know where you store the information about what role the user is in though.