public ActionResult Create(Vacation vacation)
        {
            DateTime vacationDate = vacation.VacationDate;
            int userId = vacation.UserId;
            int vacationCount = db.Vacations.Where(c => c.UserId == userId && c.VacationDate.Year == vacationDate.Year).Count();
            String errorMsg = "More than 10 days is not allowed for the year " + vacationDate.Year;
            try
            {

                if (vacationCount >= 10)
                {
                    throw new ValidationException("More than 10 days is not allowed for the year " + vacationDate.Year);
                }
            }
            catch (ValidationException e)
            {
                errorMsg = e.Message;
            }

            if (ModelState.IsValid && vacationCount < 10)
            {
                db.Vacations.Add(vacation);
                db.SaveChanges();
                return RedirectToAction("Index");
            }

            ViewBag.UserId = new SelectList(db.UserProfiles, "UserId", "UserName", vacation.UserId);
            ViewBag.ErrorMsg = errorMsg;
            return View(vacation);
        }
 public ActionResult Edit(Vacation vacation)
 {
     if (ModelState.IsValid && (vacation.UserId == WebSecurity.CurrentUserId || User.IsInRole("Manager")))
     {
         db.Entry(vacation).State = EntityState.Modified;
         db.SaveChanges();
         return RedirectToAction("Index");
     }
     ViewBag.ErrorMsg = "";
     if (vacation.UserId != WebSecurity.CurrentUserId || !User.IsInRole("Manager"))
     {
         ViewBag.ErrorMsg = "You may not modify someone else's vacation request";
     }
     return View(vacation);
 }