2010-03-02 17:56:21 +00:00
|
|
|
|
using System;
|
|
|
|
|
using System.Collections.Generic;
|
|
|
|
|
using System.Data.SqlClient;
|
|
|
|
|
using Tanshu.Accounts.Contracts;
|
|
|
|
|
using Tanshu.Data.DAO;
|
|
|
|
|
using Tanshu.Accounts.DAOFactory;
|
|
|
|
|
|
|
|
|
|
namespace Tanshu.Accounts.SqlDAO
|
|
|
|
|
{
|
|
|
|
|
public class UserDAO : BaseDAO, IUserDAO
|
|
|
|
|
{
|
|
|
|
|
public UserDAO(IConnectionDAO connection)
|
|
|
|
|
: base(connection)
|
|
|
|
|
{ }
|
|
|
|
|
|
|
|
|
|
public UserBO GetUser(Guid userID)
|
|
|
|
|
{
|
2011-12-05 09:23:02 +00:00
|
|
|
|
var cmd = new SqlCommand("SELECT * FROM Users WHERE UserID = @UserID");
|
2010-03-02 17:56:21 +00:00
|
|
|
|
cmd.Parameters.AddWithValue("@UserID", userID);
|
|
|
|
|
return BusinessObjectDAO<UserBO>.GetBusinessObject(connection.ExecuteReader(cmd));
|
|
|
|
|
}
|
|
|
|
|
public List<UserBO> GetUsers()
|
|
|
|
|
{
|
|
|
|
|
return BusinessObjectDAO<UserBO>.GetBusinessObjects(connection.ExecuteReader("SELECT * FROM Users"));
|
|
|
|
|
}
|
|
|
|
|
public List<UserBO> GetFilteredUsers(Dictionary<string, string> filter)
|
|
|
|
|
{
|
2011-12-05 09:23:02 +00:00
|
|
|
|
var name = string.Format("%{0}%", filter["Name"]);
|
|
|
|
|
using (var cmd = new SqlCommand("SELECT * FROM Users WHERE Name LIKE @Name ORDER BY Name"))
|
2010-03-02 17:56:21 +00:00
|
|
|
|
{
|
|
|
|
|
cmd.Parameters.AddWithValue("@Name", name);
|
|
|
|
|
return BusinessObjectDAO<UserBO>.GetBusinessObjects(connection.ExecuteReader(cmd));
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
public bool UserExists(string userName)
|
|
|
|
|
{
|
2011-12-05 09:23:02 +00:00
|
|
|
|
using (var cmd = new SqlCommand("SELECT Count(*) FROM Users WHERE Name = @Name"))
|
2010-03-02 17:56:21 +00:00
|
|
|
|
{
|
|
|
|
|
cmd.Parameters.AddWithValue("@Name", userName);
|
|
|
|
|
return (int)connection.ExecuteScalar(cmd) == 1;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
public bool Insert(UserBO user)
|
|
|
|
|
{
|
2011-12-05 09:23:02 +00:00
|
|
|
|
using (var cmd = new SqlCommand(@"
|
2010-03-02 17:56:21 +00:00
|
|
|
|
SELECT @UserID = NEWID()
|
|
|
|
|
INSERT INTO Users (UserID, Name, Password, LockedOut)
|
|
|
|
|
VALUES (@UserID, @Name, @Password, @LockedOut)
|
|
|
|
|
SELECT @timestamp = timestamp FROM Users WHERE UserID = @UserID
|
|
|
|
|
"))
|
|
|
|
|
{
|
|
|
|
|
cmd.Parameters.Add("@UserID", System.Data.SqlDbType.UniqueIdentifier);
|
|
|
|
|
cmd.Parameters["@UserID"].Direction = System.Data.ParameterDirection.Output;
|
|
|
|
|
cmd.Parameters.AddWithValue("@Name", user.Name);
|
|
|
|
|
cmd.Parameters.AddWithValue("@Password", user.Password);
|
|
|
|
|
cmd.Parameters.AddWithValue("@LockedOut", user.LockedOut);
|
|
|
|
|
cmd.Parameters.Add("@timestamp", System.Data.SqlDbType.Timestamp);
|
|
|
|
|
cmd.Parameters["@timestamp"].Direction = System.Data.ParameterDirection.Output;
|
|
|
|
|
connection.ExecuteNonQuery(cmd);
|
|
|
|
|
user.UserID = (Guid)cmd.Parameters["@UserID"].Value;
|
|
|
|
|
user.timestamp = (byte[])cmd.Parameters["@timestamp"].Value;
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
//public bool CheckPassword(string userName, string password)
|
|
|
|
|
//{
|
|
|
|
|
// using (SqlCommand cmd = new SqlCommand("SELECT Count(*) FROM Users WHERE Name = @Name AND Password = @Password"))
|
|
|
|
|
// {
|
|
|
|
|
// cmd.Parameters.AddWithValue("@Name", userName);
|
|
|
|
|
// cmd.Parameters.AddWithValue("@Password", password);
|
|
|
|
|
// return (int)connection.ExecuteScalar(cmd) == 1;
|
|
|
|
|
// }
|
|
|
|
|
//}
|
|
|
|
|
public bool ChangePassword(UserBO userData, string newPassword)
|
|
|
|
|
{
|
|
|
|
|
using (SqlCommand cmd = new SqlCommand("UPDATE Users SET Password = @NewPassword WHERE Name = @Name AND Password = @Password; SELECT @@rowcount"))
|
|
|
|
|
{
|
|
|
|
|
cmd.Parameters.AddWithValue("@Name", userData.Name);
|
|
|
|
|
cmd.Parameters.AddWithValue("@Password", userData.Password);
|
|
|
|
|
cmd.Parameters.AddWithValue("@NewPassword", newPassword);
|
|
|
|
|
return (int)connection.ExecuteScalar(cmd) == 1;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public bool Update(UserBO user)
|
|
|
|
|
{
|
|
|
|
|
using (SqlCommand cmd = new SqlCommand(@"
|
|
|
|
|
UPDATE Users SET
|
|
|
|
|
Name = @Name,
|
|
|
|
|
Password = @Password,
|
|
|
|
|
LockedOut = @LockedOut
|
|
|
|
|
WHERE UserID = @UserID;
|
|
|
|
|
SELECT @timestamp = timestamp FROM Users WHERE UserID = @UserID
|
|
|
|
|
"))
|
|
|
|
|
{
|
|
|
|
|
cmd.Parameters.AddWithValue("@UserID", user.UserID);
|
|
|
|
|
cmd.Parameters.AddWithValue("@Name", user.Name);
|
|
|
|
|
cmd.Parameters.AddWithValue("@Password", user.Password);
|
|
|
|
|
cmd.Parameters.AddWithValue("@LockedOut", user.LockedOut);
|
|
|
|
|
cmd.Parameters.Add("@timestamp", System.Data.SqlDbType.Timestamp);
|
|
|
|
|
cmd.Parameters["@timestamp"].Direction = System.Data.ParameterDirection.Output;
|
|
|
|
|
connection.ExecuteNonQuery(cmd);
|
|
|
|
|
user.timestamp = (byte[])cmd.Parameters["@timestamp"].Value;
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public bool Delete(Guid userID)
|
|
|
|
|
{
|
|
|
|
|
using (SqlCommand cmd = new SqlCommand("DELETE FROM Users WHERE UserID = @UserID"))
|
|
|
|
|
{
|
|
|
|
|
cmd.Parameters.AddWithValue("@UserID", userID);
|
|
|
|
|
connection.ExecuteNonQuery(cmd);
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//private static log4net.ILog log
|
|
|
|
|
//= log4net.LogManager.GetLogger(
|
|
|
|
|
// System.Reflection.MethodBase.GetCurrentMethod().DeclaringType);
|