public async Task <IActionResult> Edit(DetailsFeedbackViewModel model)
{
var loggedUserId = this.userManager.GetUserId(User);
if (model.SenderId != loggedUserId)
{
TempData[WebConstants.WarningMessageKey] = "You cannot delete someone else's feedback";
return(RedirectToAction("FeedbacksList"));
}
var editedFeedback = await this.feedbackService.EditFeedback(model, loggedUserId);
var mapped = Mapper.Map <Feedback>(editedFeedback);
return(RedirectToAction("Details", new { model.ProductId, model.SenderId }));
}
public async Task <Feedback> EditFeedback(DetailsFeedbackViewModel feedback, string loggedUserId)
{
var feedbackToEdit = await this.db.Feedbacks.Where(f => f.SenderId == feedback.SenderId && f.ProductId == feedback.ProductId).FirstOrDefaultAsync();
if (feedbackToEdit == null || !feedback.SenderId.Equals(loggedUserId))
{
throw new InvalidOperationException("You are not allowed to edit someone else's feedbacks");
}
feedbackToEdit.Content = feedback.Content;
feedbackToEdit.Rating = feedback.Rating;
await this.db.SaveChangesAsync();
return(feedbackToEdit);
}
