public ActionResult Edit(UserEditViewModel viewModel)
{
if (ModelState.IsValid)
{
using (var context = dataContextFactory.Create())
{
var user = context.Users.FirstOrDefault(x => x.UserId == viewModel.UserId);
if (user == null)
return new HttpStatusCodeResult(HttpStatusCode.NotFound);
if (!User.IsInRole(Role.SystemAdmin) && user.MembershipUserIdentifier != User.Identity.Name)
return new HttpStatusCodeResult(HttpStatusCode.Forbidden);
//Email can always be updated
user.Email = viewModel.Email;
context.SaveChanges();
return RedirectToAction("Index");
}
}
return Edit(viewModel.UserId);
}
/// <summary>
/// Edit a single User
/// </summary>
/// <param name="id">Id if the user to edit</param>
/// <returns>Edit User view</returns>
public ActionResult Edit(int id)
{
using (var context = dataContextFactory.Create())
{
var user = context.Users.FirstOrDefault(x => x.UserId == id);
if (user == null)
return new HttpStatusCodeResult(HttpStatusCode.NotFound);
if (!User.IsInRole(Role.SystemAdmin) && user.MembershipUserIdentifier != User.Identity.Name)
return new HttpStatusCodeResult(HttpStatusCode.Forbidden);
var viewModel = new UserEditViewModel()
{
UserId = user.UserId,
Email = user.Email
};
return View(viewModel);
}
}
