public ActionResult Edit(long userId, long organizationId)
{
if (!db.Users.Any(u => u.UserId == userId && u.OrganizationId == organizationId)
|| !AccessIsAllowed(organizationId))
return HttpNotFound();
var user = db.Users.Single(u => u.UserId == userId);
var model = new UserEditViewModel
{
UserId = user.UserId,
OrganizationId = user.OrganizationId,
Username = user.Username,
Firstname = user.Firstname,
Lastname = user.Lastname,
Middlename = user.Middlename,
Gender = user.Gender,
Email = user.Email,
GraduationYear = user.GraduationYear,
EligibleForRaces = user.EligibleForRaces,
DefaultVarsityLevelId = user.DefaultVarsityLevelId,
DefaultRunnerClassificationId = user.DefaultRunnerClassificationId,
RoleId = user.RoleId,
RoleList = new SelectList(Role.GetRolesForOrganizationCreatableByRole(organizationId, GetLoggedInUser().RoleId)
, "RoleId", "RoleName"),
RunnerClassifications = new SelectList(db.RunnerClassifications.ToList(),
"RunnerClassificationId", "RunnerClassificationName"),
VarsityLevels = new SelectList(db.VarsityLevels.ToList(), "VarsityLevelId", "VarsityLevelName"),
};
return PartialView("EditForm", model);
}
public ActionResult Edit(UserEditViewModel model)
{
if (!db.Users.Any(u => u.UserId == model.UserId && u.OrganizationId == model.OrganizationId)
|| !AccessIsAllowed(model.OrganizationId))
ModelState.AddModelError("Error", "You are not authorized to modify this user");
if (GetLoggedInUser().RoleId > model.RoleId)
ModelState.AddModelError("RoleId", "You are not authorized to modify a user in this role");
if (ModelState.IsValid)
{
var user = db.Users.Single(u => u.UserId == model.UserId);
user.Firstname = model.Firstname;
user.Lastname = model.Lastname;
user.Middlename = model.Middlename;
user.Gender = model.Gender;
user.Email = model.Email;
user.GraduationYear = model.GraduationYear;
user.EligibleForRaces = model.EligibleForRaces;
user.RoleId = model.RoleId;
user.DefaultVarsityLevelId = model.DefaultVarsityLevelId.HasValue ? (int?)model.DefaultVarsityLevelId.Value : null;
user.DefaultRunnerClassificationId = model.DefaultRunnerClassificationId.HasValue ?
(int?)model.DefaultRunnerClassificationId : null;
user.ModifiedBy = LoggedInUserId;
TryDBChange(() => db.SaveChanges());
}
model.RoleList = new SelectList(Role.GetRolesForOrganizationCreatableByRole(model.OrganizationId, GetLoggedInUser().RoleId),
"RoleId", "RoleName");
model.RunnerClassifications = new SelectList(db.RunnerClassifications.ToList(),
"RunnerClassificationId", "RunnerClassificationName");
model.VarsityLevels = new SelectList(db.VarsityLevels.ToList(), "VarsityLevelId", "VarsityLevelName");
return PartialView("EditForm", model);
}