Beispiel #1
0
        // GET: mitarbeit/user/{id}/neue-notiz
        public ActionResult AddNote(int id)
        {
            User idproof = userManager.FindByIdAsync(id).Result;

            if (idproof == null)
            {
                Response.StatusCode             = 404;
                Response.TrySkipIisCustomErrors = true;
                return(View("~/Areas/mitarbeit/Views/User/_NotFound.cshtml"));
            }

            Dictionary <int, string> actions  = cache.Get <Dictionary <int, string> >("UserUserNoteActions");
            Dictionary <int, string> bvsroles = cache.Get <Dictionary <int, string> >("BvsRoles");

            UserAddNoteViewModel uanvm = new UserAddNoteViewModel()
            {
                User        = idproof,
                NoteActions = new List <SelectListItem>(),
                BvsRoles    = new List <SelectListItem>()
            };

            foreach (var action in actions)
            {
                uanvm.NoteActions.Add(new SelectListItem()
                {
                    Text = action.Value, Value = action.Key.ToString()
                });
            }

            foreach (var role in bvsroles)
            {
                uanvm.BvsRoles.Add(new SelectListItem()
                {
                    Text = role.Value, Value = role.Key.ToString()
                });
            }

            return(View("~/Areas/mitarbeit/Views/User/AddNote.cshtml", uanvm));
        }
Beispiel #2
0
        public ActionResult AddNote(int id, UserAddNoteViewModel uanote)
        {
            User idproof = userManager.FindByIdAsync(id).Result;

            if (idproof == null)
            {
                Response.StatusCode             = 404;
                Response.TrySkipIisCustomErrors = true;
                return(View("~/Areas/mitarbeit/Views/User/_NotFound.cshtml"));
            }

            UserNote note = uanote.NoteToAdd;

            note.AuthorId    = userManager.FindByNameAsync(User.Identity.Name).Result.Id;
            note.Created     = DateTime.Now;
            note.IsDeletable = true;
            // Until the BB-Code-Parser is ready, let's just tidy up HTML to be on the safe side, I guess.
            HtmlSanitizer sanitizer = new HtmlSanitizer();

            sanitizer.AllowedTags.Clear(); // Disallow everything.
            note.Content = sanitizer.Sanitize(note.UnparsedContent);
            note.UserId  = id;


            if (String.IsNullOrEmpty(note.Content) || note.ActionId < 0 || note.RoleIdNeeded < 0)
            {
fail:
                int i = this.ModelState.Count;
                Dictionary <int, string> actions  = cache.Get <Dictionary <int, string> >("UserUserNoteActions");
                Dictionary <int, string> bvsroles = cache.Get <Dictionary <int, string> >("BvsRoles");

                UserAddNoteViewModel uanvm = new UserAddNoteViewModel()
                {
                    User        = idproof,
                    NoteActions = new List <SelectListItem>(),
                    BvsRoles    = new List <SelectListItem>()
                };

                foreach (var action in actions)
                {
                    uanvm.NoteActions.Add(new SelectListItem()
                    {
                        Text = action.Value, Value = action.Key.ToString()
                    });
                }

                foreach (var role in bvsroles)
                {
                    uanvm.BvsRoles.Add(new SelectListItem()
                    {
                        Text = role.Value, Value = role.Key.ToString()
                    });
                }

                return(View("~/Areas/mitarbeit/Views/User/AddNote.cshtml", uanvm));
            }

            db.UserNotes.Add(note);
            db.SaveChanges();

            return(RedirectToAction("Notes", new { id = id }));
        }