public ActionResult Edit(int id, AdminBaseViewModel <AdminUser> model, int[] userRoles)
{
var user = model.Item;
// get the user from the database
var userFromDatabase = _repo.FindById(id);
user.ID = id;
// deal with possible password blanks
HandlePassword(user, false);
// kind of hack, but let's try to revalidate the modelstate
ModelState.Clear();
TryValidateModel(user);
// let's check to see if the email is unique
if (userFromDatabase.EmailAddress != user.EmailAddress)
{
if (!_repo.IsEmailUnique(user.EmailAddress))
{
ModelState.AddModelError("NonUnique", "The email address is not unique");
}
}
if (!ModelState.IsValid)
{
return(View(new AdminBaseViewModel <AdminUser> {
Item = user
}));
}
try
{
// set the ID from URL to prevent any screwness
userFromDatabase.ExpireAllSessions();
_sessionRepo.ExpireAllSessionsForUser(userFromDatabase.EmailAddress);
_uow.Commit();
_repo.Edit(user);
AddUpdateRoles(userFromDatabase, userRoles);
_uow.Commit();
ModifiedItem();
if (!Request.RequestContext.HttpContext.User.IsInRole(Constants.ROLE_USERS_IM) &&
userFromDatabase.EmailAddress == Request.RequestContext.HttpContext.User.Identity.Name)
{
return(RedirectToAction("Logout", "Account"));
}
SetListPage(Url.Action("Index"));
return(RedirectToAction("Edit", new { id = user.ID }));
}
catch (Exception ex)
{
RaiseError(ex);
return(View(new AdminBaseViewModel <AdminUser> {
Item = user
}));
}
}
