public ActionResult UpdateUser(int userId, string name, string surname, string email, string password,
string username, int roleId, bool isDeleted = false)
{
using (var db = new BlogDbContext())
{
var user = db.Users.FirstOrDefault(u => u.UserId == userId);
if (user != null)
{
user.Name = name;
user.Surname = surname;
user.Email = email;
user.Username = username;
user.RoleId = roleId;
if (!string.IsNullOrEmpty(password))
{
user.Password = GetMethods.GetHash(password);
}
user.IsDeleted = Convert.ToBoolean(isDeleted);
if (!isDeleted)
{
var posts = db.Posts.Where(p => p.UserId == userId).ToList();
RestoreUserPosts(posts);
}
}
db.SaveChanges();
return(View("~/Views/Admin/AdminMain.cshtml"));
}
}
public ActionResult CreateUser(string name, string surname, string email, string password, string username,
int roleId)
{
var isAdmin = CheckMethods.IsCurrentUserAdmin(User.Identity.Name);
if (User.Identity.IsAuthenticated && isAdmin)
{
using (var db = new BlogDbContext())
{
var user = new User();
user.Name = name;
user.Surname = surname;
user.Email = email;
user.Username = username;
user.Password = GetMethods.GetHash(password);
user.RoleId = roleId;
db.Users.Add(user);
db.SaveChanges();
return(View("~/Views/Admin/AdminMain.cshtml"));
}
}
return(new HttpStatusCodeResult(HttpStatusCode.Forbidden));
}
