public async Task <ActionResult> Create(HRCreateView model) { Role role = await AuthorizationTools.GetRoleAsync(User, _context); ViewData.Add("role", role); ViewData.Add("id", AuthorizationTools.GetUserDbId(User, _context, role)); if (role != Role.ADMIN) { return(new UnauthorizedResult()); } if (!ModelState.IsValid) { model.Companies = await _context.Companies.ToListAsync(); return(View(model)); } HR hr = new HR { FirstName = model.FirstName, LastName = model.LastName, CompanyId = model.CompanyId, EmailAddress = model.EmailAddress }; await _context.HRs.AddAsync(hr); await _context.SaveChangesAsync(); return(RedirectToAction("Index")); }
public async Task <ActionResult> Create() { Role role = await AuthorizationTools.GetRoleAsync(User, _context); ViewData.Add("role", role); ViewData.Add("id", AuthorizationTools.GetUserDbId(User, _context, role)); if (await AuthorizationTools.IsAdmin(User, _context) == false) { return(new UnauthorizedResult()); } var model = new HRCreateView { Companies = await _context.Companies.ToListAsync() }; return(View(model)); }