narsil/Tanshu.Accounts.SqlDAO/UserDAO.cs
2010-03-02 23:26:21 +05:30

122 lines
5.1 KiB
C#

using System;
using System.Collections.Generic;
using System.Data.SqlClient;
using Tanshu.Accounts.Contracts;
using Tanshu.Data.DAO;
using Tanshu.Accounts.DAOFactory;
namespace Tanshu.Accounts.SqlDAO
{
public class UserDAO : BaseDAO, IUserDAO
{
public UserDAO(IConnectionDAO connection)
: base(connection)
{ }
public UserBO GetUser(Guid userID)
{
SqlCommand cmd = new SqlCommand("SELECT * FROM Users WHERE UserID = @UserID");
cmd.Parameters.AddWithValue("@UserID", userID);
return BusinessObjectDAO<UserBO>.GetBusinessObject(connection.ExecuteReader(cmd));
}
public List<UserBO> GetUsers()
{
return BusinessObjectDAO<UserBO>.GetBusinessObjects(connection.ExecuteReader("SELECT * FROM Users"));
}
public List<UserBO> GetFilteredUsers(Dictionary<string, string> filter)
{
string name = string.Format("%{0}%", filter["Name"]);
using (SqlCommand cmd = new SqlCommand("SELECT * FROM Users WHERE Name LIKE @Name ORDER BY Name"))
{
cmd.Parameters.AddWithValue("@Name", name);
return BusinessObjectDAO<UserBO>.GetBusinessObjects(connection.ExecuteReader(cmd));
}
}
public bool UserExists(string userName)
{
using (SqlCommand cmd = new SqlCommand("SELECT Count(*) FROM Users WHERE Name = @Name"))
{
cmd.Parameters.AddWithValue("@Name", userName);
return (int)connection.ExecuteScalar(cmd) == 1;
}
}
public bool Insert(UserBO user)
{
using (SqlCommand cmd = new SqlCommand(@"
SELECT @UserID = NEWID()
INSERT INTO Users (UserID, Name, Password, LockedOut)
VALUES (@UserID, @Name, @Password, @LockedOut)
SELECT @timestamp = timestamp FROM Users WHERE UserID = @UserID
"))
{
cmd.Parameters.Add("@UserID", System.Data.SqlDbType.UniqueIdentifier);
cmd.Parameters["@UserID"].Direction = System.Data.ParameterDirection.Output;
cmd.Parameters.AddWithValue("@Name", user.Name);
cmd.Parameters.AddWithValue("@Password", user.Password);
cmd.Parameters.AddWithValue("@LockedOut", user.LockedOut);
cmd.Parameters.Add("@timestamp", System.Data.SqlDbType.Timestamp);
cmd.Parameters["@timestamp"].Direction = System.Data.ParameterDirection.Output;
connection.ExecuteNonQuery(cmd);
user.UserID = (Guid)cmd.Parameters["@UserID"].Value;
user.timestamp = (byte[])cmd.Parameters["@timestamp"].Value;
return true;
}
}
//public bool CheckPassword(string userName, string password)
//{
// using (SqlCommand cmd = new SqlCommand("SELECT Count(*) FROM Users WHERE Name = @Name AND Password = @Password"))
// {
// cmd.Parameters.AddWithValue("@Name", userName);
// cmd.Parameters.AddWithValue("@Password", password);
// return (int)connection.ExecuteScalar(cmd) == 1;
// }
//}
public bool ChangePassword(UserBO userData, string newPassword)
{
using (SqlCommand cmd = new SqlCommand("UPDATE Users SET Password = @NewPassword WHERE Name = @Name AND Password = @Password; SELECT @@rowcount"))
{
cmd.Parameters.AddWithValue("@Name", userData.Name);
cmd.Parameters.AddWithValue("@Password", userData.Password);
cmd.Parameters.AddWithValue("@NewPassword", newPassword);
return (int)connection.ExecuteScalar(cmd) == 1;
}
}
public bool Update(UserBO user)
{
using (SqlCommand cmd = new SqlCommand(@"
UPDATE Users SET
Name = @Name,
Password = @Password,
LockedOut = @LockedOut
WHERE UserID = @UserID;
SELECT @timestamp = timestamp FROM Users WHERE UserID = @UserID
"))
{
cmd.Parameters.AddWithValue("@UserID", user.UserID);
cmd.Parameters.AddWithValue("@Name", user.Name);
cmd.Parameters.AddWithValue("@Password", user.Password);
cmd.Parameters.AddWithValue("@LockedOut", user.LockedOut);
cmd.Parameters.Add("@timestamp", System.Data.SqlDbType.Timestamp);
cmd.Parameters["@timestamp"].Direction = System.Data.ParameterDirection.Output;
connection.ExecuteNonQuery(cmd);
user.timestamp = (byte[])cmd.Parameters["@timestamp"].Value;
return true;
}
}
public bool Delete(Guid userID)
{
using (SqlCommand cmd = new SqlCommand("DELETE FROM Users WHERE UserID = @UserID"))
{
cmd.Parameters.AddWithValue("@UserID", userID);
connection.ExecuteNonQuery(cmd);
return true;
}
}
}
}
//private static log4net.ILog log
//= log4net.LogManager.GetLogger(
// System.Reflection.MethodBase.GetCurrentMethod().DeclaringType);