public async Task <ActionResult> Create(HRCreateView model)
{
Role role = await AuthorizationTools.GetRoleAsync(User, _context);
ViewData.Add("role", role);
ViewData.Add("id", AuthorizationTools.GetUserDbId(User, _context, role));
if (role != Role.ADMIN)
{
return(new UnauthorizedResult());
}
if (!ModelState.IsValid)
{
model.Companies = await _context.Companies.ToListAsync();
return(View(model));
}
HR hr = new HR
{
FirstName = model.FirstName,
LastName = model.LastName,
CompanyId = model.CompanyId,
EmailAddress = model.EmailAddress
};
await _context.HRs.AddAsync(hr);
await _context.SaveChangesAsync();
return(RedirectToAction("Index"));
}
public async Task <ActionResult> Create()
{
Role role = await AuthorizationTools.GetRoleAsync(User, _context);
ViewData.Add("role", role);
ViewData.Add("id", AuthorizationTools.GetUserDbId(User, _context, role));
if (await AuthorizationTools.IsAdmin(User, _context) == false)
{
return(new UnauthorizedResult());
}
var model = new HRCreateView
{
Companies = await _context.Companies.ToListAsync()
};
return(View(model));
}