public ActionResult Edit(EditReviewModel reviewModel)
{
try
{
if (ModelState.IsValid)
{
var review = db.Reviews.FirstOrDefault(x => x.Id == reviewModel.Id);
review.Title = reviewModel.Title;
review.Description = reviewModel.Description;
review.UserRating = reviewModel.UserRating;
review.Type = reviewModel.Type;
db.Entry(review).State = EntityState.Modified;
db.SaveChanges();
var username = ((User)Session["currentUser"]).Username;
Response.Redirect($"~/Users/Profile?username={username}");
return(View(review));
}
}
catch
{
RedirectToAction("Error", "Home");
}
return(View());
}
public async Task <IActionResult> Edit(int id)
{
var review = _reviews.Get(id);
if (review == null)
{
return(RedirectToAction("Index", "Movie"));
}
var authz = await _authorization.AuthorizeAsync(User, review, ReviewOperations.Update);
if (!authz.Succeeded)
{
return(Forbid());
}
var movie = _movies.GetDetails(review.MovieId);
var model = new EditReviewModel
{
ReviewId = id,
Comment = review.Comment,
Stars = review.Stars,
MovieTitle = movie.Title,
};
return(View(model));
}
} //check!
public ActionResult Edit(Guid?id)
{
try
{
if (id == null)
{
return(new HttpStatusCodeResult(HttpStatusCode.BadRequest));
}
Review review = db.Reviews.Find(id);
var model = new EditReviewModel
{
Id = review.Id,
Title = review.Title,
Description = review.Description,
UserRating = review.UserRating,
Type = review.Type
};
return(View(model));
}
catch
{
RedirectToAction("Error", "Home");
}
return(View());
} //check
public async Task <IActionResult> Edit(int id)
{
var review = _reviews.Get(id);
if (review == null)
{
return(RedirectToAction("Index", "Movie"));
}
if (!(await _authorizationService.AuthorizeAsync(User, review, Authorization.ReviewOperations.Edit)))
{
return(Challenge());
}
var movie = _movies.GetDetails(review.MovieId);
var model = new EditReviewModel
{
ReviewId = id,
Comment = review.Comment,
Stars = review.Stars,
MovieTitle = movie.Title,
};
return(View(model));
}
public async Task <IActionResult> Update(EditReviewModel model)
{
var review = _reviews.Get(model.ReviewId);
if (review == null)
{
return(RedirectToAction("Index", "Movie"));
}
// TODO: authorize the user to edit the review
if (ModelState.IsValid)
{
var result = _reviews.Update(model.ReviewId, model.Stars, model.Comment);
if (result.Succeeded)
{
return(View("Success", new ReviewSuccessViewModel {
MovieId = review.MovieId, Action = "Updated"
}));
}
else
{
foreach (var error in result.Errors)
{
ModelState.AddModelError("", error);
}
}
}
var movie = _movies.GetDetails(review.MovieId);
model.MovieTitle = movie.Title;
return(View("Edit", model));
}
public async Task <IActionResult> Edit(int id)
{
var result = await _reviews.GetAsync(id);
if (result.IsAccessDenied)
{
return(Forbid());
}
if (!result.Succeeded)
{
return(Error(result.Errors));
}
var review = result.Value;
if (review == null)
{
return(RedirectToAction("Index", "Movie"));
}
if (!review.CanEdit)
{
return(Forbid());
}
var movieResult = await _movies.GetDetailsAsync(review.MovieId);
if (movieResult.IsAccessDenied)
{
return(Forbid());
}
if (!movieResult.Succeeded)
{
return(Error(movieResult.Errors));
}
var movie = movieResult.Value;
var model = new EditReviewModel
{
ReviewId = id,
Comment = review.Comment,
Stars = review.Stars,
MovieTitle = movie.Title,
};
return(View(model));
}
public async Task <IActionResult> Update(EditReviewModel model)
{
var review = _reviews.Get(model.ReviewId);
if (review == null)
{
return(RedirectToAction("Index", "Movie"));
}
//Another way to trigger the authorization (next to defining an attribute)
//Only users fulfilling the movieoperations edit requirement are allowed
var authz = await _authorization.AuthorizeAsync(User, review, ReviewOperations.Update);
if (!authz.Succeeded)
{
return(Forbid());
}
if (ModelState.IsValid)
{
var result = _reviews.Update(model.ReviewId, model.Stars, model.Comment);
if (result.Succeeded)
{
return(View("Success", new ReviewSuccessViewModel {
MovieId = review.MovieId, Action = "Updated"
}));
}
else
{
foreach (var error in result.Errors)
{
ModelState.AddModelError("", error);
}
}
}
var movie = _movies.GetDetails(review.MovieId);
model.MovieTitle = movie.Title;
return(View("Edit", model));
}
public async Task <IActionResult> Update(EditReviewModel model)
{
var review = _reviews.Get(model.ReviewId);
if (review == null)
{
return(RedirectToAction("Index", "Movie"));
}
var authz = await _authorization.AuthorizeAsync(User, review, Authorization.ReviewOperations.Edit);
if (!authz.Succeeded)
{
return(Forbid());
}
if (ModelState.IsValid)
{
var result = _reviews.Update(model.ReviewId, model.Stars, model.Comment);
if (result.Succeeded)
{
return(View("Success", new ReviewSuccessViewModel {
MovieId = review.MovieId, Action = "Updated"
}));
}
else
{
foreach (var error in result.Errors)
{
ModelState.AddModelError("", error);
}
}
}
var movie = _movies.GetDetails(review.MovieId);
model.MovieTitle = movie.Title;
return(View("Edit", model));
}
public async Task <IActionResult> Edit(int id)
{
var review = _reviews.Get(id);
if (review == null)
{
return(RedirectToAction("Index", "Movie"));
}
// TODO: authorize the user to edit the review
var movie = _movies.GetDetails(review.MovieId);
var model = new EditReviewModel
{
ReviewId = id,
Comment = review.Comment,
Stars = review.Stars,
MovieTitle = movie.Title,
};
return(View(model));
}
public async Task <IActionResult> Update(EditReviewModel model)
{
var result = await _reviews.GetAsync(model.ReviewId);
if (result.IsAccessDenied)
{
return(Forbid());
}
if (!result.Succeeded)
{
return(Error(result.Errors));
}
var review = result.Value;
if (review == null)
{
return(RedirectToAction("Index", "Movie"));
}
if (!review.CanEdit)
{
return(Forbid());
}
if (ModelState.IsValid)
{
var update = await _reviews.UpdateAsync(model.ReviewId, model.Stars, model.Comment);
if (update.IsAccessDenied)
{
return(Forbid());
}
if (!update.Succeeded)
{
return(Error(update.Errors));
}
if (update.Succeeded)
{
return(View("Success", new ReviewSuccessViewModel {
MovieId = review.MovieId, Action = "Updated"
}));
}
else
{
foreach (var error in update.Errors)
{
ModelState.AddModelError("", error);
}
}
}
var movieResult = await _movies.GetDetailsAsync(review.MovieId);
if (movieResult.IsAccessDenied)
{
return(Forbid());
}
if (!movieResult.Succeeded)
{
return(Error(movieResult.Errors));
}
var movie = movieResult.Value;
model.MovieTitle = movie.Title;
return(View("Edit", model));
}
