public ActionResult Edit(int id)
{
if (!User.IsInRole("chief") && !User.IsInRole("writer"))
{
return Redirect("~/Home/AccessError");
}
BlogManager db = new BlogManager();
Entry ent = db.GetEntry(id);
if (ent == null)
{
return Redirect("~/Home/Index");
}
if (User.IsInRole("writer") && User.Identity.Name != ent.Author)
{
return Redirect("~/Home/AccessError");
}
return View(ent);
}
public ActionResult ViewEntry(int id)
{
BlogManager db = new BlogManager();
Entry ent = db.GetEntry(id);
EntryModel entry = Mapper.Map<EntryModel>(ent);
if (ent != null)
{
return View(entry);
}
else
{
return View("PostNotFound");
}
}
public ActionResult Delete(int id)
{
BlogManager db = new BlogManager();
Entry etr = db.GetEntry(id);
if ((etr.Author == User.Identity.Name && User.IsInRole("writer"))
|| User.IsInRole("chief"))
{
db.Delete(etr);
db.Save();
return RedirectToAction("Index");
}
else
{
return Redirect("~/Home/AccessError");
}
}