public ActionResult EditAccountPermission(AccountPermissionEditViewModel model)
{
if (ModelState.IsValid)
{
AccountPermission _accountPermission = accountPermissionDAO.FetchAccountPermissionByID(model.accountPermissionID);
var user = accountPermissionDAO.FetchAccountPermissionByID(model.accountPermissionID);
AccountPermission accountPermission = new AccountPermission
{
accountPermissionID = model.accountPermissionID,
accountID = model.accountID,
permissionID = model.permissionID,
email = _accountPermission.email,
lastUpdateDate = DateTime.Now
};
//prevents user from changing the permission of a super admin user
if (user.Permission.name == "SuperAdmin")
{
TempData["errorMessage"] = "SuperAdmin users cannot be changed. Please see System Administrator !";
return(RedirectToAction("AccountPermissionIndex"));
}
else if (user.Permission.name != "SuperAdmin")
{
accountPermissionDAO.updateAccountPermission(accountPermission);
alertService.AdminUpdatedAlert(accountPermission);
return(RedirectToAction("AccountPermissionDetails", new { id = accountPermission.accountPermissionID }));
}
}
model.Permissions = accountPermissionDAO.FetchAllPermissions();
model.userSession = userSession.LoggedIn;
model.adminUser = true;
return(View(model));
}
public ActionResult EditAccountPermission(int id = 0)
{
//prevents users from accessing the page if they are not logged in
if (userSession.LoggedIn == false)
{
return(Content("You are not logged in ! Please login to view this page"));
}
//prevents users from accessing this method if they are not super admin
Account account = userSession.CurrentUser;
var adminUser = accountPermissionDAO.FetchByEmail(account.email);
AccountPermission accountPermission = accountPermissionDAO.FetchAccountPermissionByID(id);
if (adminUser == null)
{
return(Content("Only Super Admin users are permitted to view this page"));
}
if (adminUser.Permission.name != "SuperAdmin")
{
return(Content("Only Super Admin users are permitted to view this page"));
}
if (accountPermission == null)
{
TempData["errorMessage"] = "Sorry. That admin user does not exist !";
return(RedirectToAction("AccountPermissionIndex"));
}
AccountPermissionEditViewModel model = new AccountPermissionEditViewModel(accountPermission, accountPermissionDAO.FetchAllPermissions());
model.Permissions = accountPermissionDAO.FetchAllPermissions();
if (userSession.LoggedIn == true)
{
model.userSession = true;
}
else if (userSession.LoggedIn != true)
{
model.userSession = false;
}
model.loggedInAccount = account;
model.loggedInAccountID = account.accountID;
model.permissionType = adminUser.Permission.name;
model.adminUser = true;
return(View(model));
}
