public async Task <IActionResult> Create(EmployeeEditViewModel employeeEdits, IFormCollection form)
{
var authorizationResult = await _authorizationService
.AuthorizeAsync(User, new Employee(), EmployeeOperations.Create);
if (authorizationResult.Succeeded)
{
if (ModelState.IsValid)
{
employeeEdits.Id = Guid.NewGuid().ToString();
var employee = new Employee();
employeeEdits.ApplyTo(employee);
_context.Add(employee);
await _context.SaveChangesAsync();
string role = Request.Form["Role"].ToString();
var addRole = await _userManager.AddToRoleAsync(employee, role);
return(RedirectToAction(nameof(Index)));
}
return(View(employeeEdits));
}
else
{
return(Forbid());
}
}
public async Task <IActionResult> Edit(string id, EmployeeEditViewModel employeeEdits)
{
if (id != employeeEdits.Id)
{
return(NotFound());
}
if (ModelState.IsValid)
{
try
{
var employee = await _context.Users.FindAsync(id);
var authorizationResult = await _authorizationService
.AuthorizeAsync(User, employee, EmployeeOperations.Update);
if (authorizationResult.Succeeded)
{
employeeEdits.ApplyTo(employee);
_context.Update(employee);
await _context.SaveChangesAsync();
}
else
{
return(Forbid());
}
}
catch (DbUpdateConcurrencyException)
{
if (!EmployeeExists(employeeEdits.Id))
{
return(NotFound());
}
else
{
throw;
}
}
return(RedirectToAction(nameof(Index)));
}
return(View(employeeEdits));
}
