[ValidateAntiForgeryToken] // This is to prevent Cross-site Request Forgery (CSRF) attacks.
public ActionResult Create(MeetupFormViewModel viewModel)
{
// If our view model is not valid, return the user back to the Create view with
// validation messages showing.
if (!ModelState.IsValid)
{
// We have to re-initialize our Categories list or a null exception will be thrown.
viewModel.Categories = _context.Categories.ToList();
return View("MeetupForm", viewModel);
}
var meetup = new Meetup
{
GroupId = User.Identity.GetUserId(),
DateTime = viewModel.GetDateTime(),
CategoryId = viewModel.Category,
Venue = viewModel.Venue,
Title = viewModel.Title,
Description = viewModel.Description
};
_context.Meetups.Add(meetup);
_context.SaveChanges();
return RedirectToAction("Mine", "Meetups");
}
public ActionResult Create()
{
var viewModel = new MeetupFormViewModel
{
Heading = "Add a Meetup",
Categories = _context.Categories.ToList()
};
return View("MeetupForm", viewModel);
}
[ValidateAntiForgeryToken] // This is to prevent Cross-site Request Forgery (CSRF) attacks.
public ActionResult Update(MeetupFormViewModel viewModel)
{
// If our view model is not valid, return the user back to the Create view with
// validation messages showing.
if (!ModelState.IsValid)
{
// We have to re-initialize our Categories list or a null exception will be thrown.
viewModel.Categories = _context.Categories.ToList();
return View("MeetupForm", viewModel);
}
var userId = User.Identity.GetUserId();
var meetup = _context.Meetups
.Include(m => m.Attendances.Select(a => a.Attendee))
.Single(m => m.Id == viewModel.Id && m.GroupId == userId);
meetup.Modify(viewModel.GetDateTime(), viewModel.Venue, viewModel.Category);
_context.SaveChanges();
return RedirectToAction("Mine", "Meetups");
}
public ActionResult Edit(int id)
{
// We cannot allow anyone to edit any meetup. The meetup's group id must match
// the id of the currently logged in user id.
var userId = User.Identity.GetUserId();
var meetup = _context.Meetups.Single(m => m.Id == id && userId == m.GroupId);
var viewModel = new MeetupFormViewModel
{
Id = meetup.Id,
Heading = "Edit this Meetup",
Categories = _context.Categories.ToList(),
Date = meetup.DateTime.ToString("MMM d yyyy"),
Time = meetup.DateTime.ToString("HH:mm"),
Title = meetup.Title,
Venue = meetup.Venue,
Description = meetup.Description
};
return View("MeetupForm", viewModel);
}