public async Task <IActionResult> OnPostAsync() { var context = _repository.GetByContentItemId(Id); var authorizationResult = await _authorizationService.AuthorizeAsync(User, context, "ContextOwnerPolicy"); if (authorizationResult.Succeeded) { ContentItem = context.Items.SingleOrDefault(i => i.Id == Id); if (ContentItem == null) { return(NotFound()); } var targetContentItem = context.Items.SingleOrDefault(i => i.Id == Input.TargetItemId); if (targetContentItem == null) { ModelState.AddModelError(string.Empty, "Target content item was not found"); } if (!ModelState.IsValid) { return(Page()); } ContentItem.AddRelation(targetContentItem, Enum.Parse <RelationType>(Input.RelationType)); await _dbContext.SaveChangesAsync(); PopulateOptions(context); return(Page()); } if (User.Identity.IsAuthenticated) { return(new ForbidResult()); } return(new ChallengeResult()); }