Beispiel #1
0
        public ActionResult Edit(UserEditViewModel viewModel)
        {
            if (ModelState.IsValid)
            {
                using (var context = dataContextFactory.Create())
                {
                    var user = context.Users.FirstOrDefault(x => x.UserId == viewModel.UserId);

                    if (user == null)
                        return new HttpStatusCodeResult(HttpStatusCode.NotFound);

                    if (!User.IsInRole(Role.SystemAdmin) && user.MembershipUserIdentifier != User.Identity.Name)
                        return new HttpStatusCodeResult(HttpStatusCode.Forbidden);

                    //Email can always be updated
                    user.Email = viewModel.Email;
                    context.SaveChanges();

                    return RedirectToAction("Index");
                }
            }

            return Edit(viewModel.UserId);
        }
Beispiel #2
0
        /// <summary>
        /// Edit a single User
        /// </summary>
        /// <param name="id">Id if the user to edit</param>
        /// <returns>Edit User view</returns>
        public ActionResult Edit(int id)
        {
            using (var context = dataContextFactory.Create())
            {
                var user = context.Users.FirstOrDefault(x => x.UserId == id);

                if (user == null)
                    return new HttpStatusCodeResult(HttpStatusCode.NotFound);

                if (!User.IsInRole(Role.SystemAdmin) && user.MembershipUserIdentifier != User.Identity.Name)
                    return new HttpStatusCodeResult(HttpStatusCode.Forbidden);

                var viewModel = new UserEditViewModel()
                {
                    UserId = user.UserId,
                    Email = user.Email
                };

                return View(viewModel);
            }
        }