public ActionResult OwnerStatement(DateTime month, string propertyCode)
{
if (!AuthorizationProvider.CanViewStatement())
{
return(Forbidden());
}
try
{
var provider = new OwnerStatementProvider(_dbContext);
var viewModel = provider.GetOwnerStatement(month, propertyCode);
// get the edit freeze flag
viewModel.IsEditFreezed = (new StatementCompletionProvider(_dbContext)).IsEditFreezed(month);
// statement owner can only see own statement and summary
if (AuthorizationProvider.IsStatementOwner() && !AuthorizationProvider.IsStatementAdmin() && !AuthorizationProvider.IsStatementViewer())
{
// TODO: filter the viewModel for the owner account
}
return(PartialView("_StatementPartial", viewModel));
}
catch
{
Response.StatusCode = (int)System.Net.HttpStatusCode.InternalServerError;
return(Json(false, JsonRequestBehavior.AllowGet));
}
}