Example #1
0
        public ActionResult FeatureComment(FeatureCommentViewModel post)
        {
            if (this.User == null)
            {
                return(new HttpStatusCodeResult(HttpStatusCode.Forbidden));
            }
            if (post.Article == null || post.Comment == null)
            {
                return(new HttpStatusCodeResult(HttpStatusCode.BadRequest));
            }
            var article = ArticleModel.GetArticleById((int)post.Article);

            if (article == null)
            {
                return(new HttpStatusCodeResult(HttpStatusCode.NotFound));
            }
            if (!this.User.IsAdmin && this.User.Identity.Name != article.Author.Slug)
            {
                return(new HttpStatusCodeResult(HttpStatusCode.Forbidden));
            }
            if (!StoredProcs.Articles_FeatureComment(article.Id, post.Comment).Execute().Value)
            {
                return(new HttpStatusCodeResult(HttpStatusCode.BadRequest));
            }
            return(RedirectToRoute("ArticleCommentsAdmin", new { id = article.Id }));
        }