public async Task <IActionResult> OnGetAsync(int id)
{
Änderung = await Context.Änderung.FirstOrDefaultAsync(
m => m.ÄnderungId == id);
if (Änderung == null)
{
return(NotFound());
}
var isAuthorized = await AuthorizationService.AuthorizeAsync(
User, Änderung,
ContactOperations.Update);
if (!isAuthorized.Succeeded)
{
return(Forbid());
}
return(Page());
}
public async Task <IActionResult> OnGetAsync(int id)
{
Änderung = await Context.Änderung.FirstOrDefaultAsync(m => m.ÄnderungId == id);
if (Änderung == null)
{
return(NotFound());
}
var isAuthorized =
User.IsInRole(Constants.DekanRole);
var currentUserId = UserManager.GetUserId(User);
if (!isAuthorized
// && currentUserId != Änderung.OwnerID
/* && Änderung.Status != ÄndernStatus.Approved*/)
{
return(Forbid());
}
return(Page());
}
