public ActionResult Edit(AlbumModel album) { SetNextNotification(album); SetPrivateAccess(album); if (ModelState.IsValid) { AlbumRepository albums = new AlbumRepository(); AlbumModel dbAlbum = albums.GetByIdForEdit(album.Id); dbAlbum.Name = album.Name; dbAlbum.Description = album.Description; dbAlbum.Category = album.Category; dbAlbum.Public = album.Public; dbAlbum.Password = album.Password; dbAlbum.CommentsAllow = album.CommentsAllow; dbAlbum.CommentsAuth = album.CommentsAuth; dbAlbum.TrustedUsers = album.TrustedUsers; dbAlbum.NotificationPeriod = album.NotificationPeriod; dbAlbum.NextNotification = album.NextNotification; albums.Update(dbAlbum); return RedirectToAction("Show", new { id = dbAlbum.Id }); } PrepareCategories(); return View(album); }
public ActionResult Edit(int id) { AlbumRepository albums = new AlbumRepository(); AlbumModel album = albums.GetByIdForEdit(id); UserRepository users = new UserRepository(); var user = users.GetByUsername(HttpContext.User.Identity.Name); //access control if (!albums.isUserAuthorizedToEditAlbum(album, user)) return View("NotAuthorizedEdit"); PrepareCategories(); ViewData["usersList"] = string.Join(", ", album.TrustedUsers.Select(u => u.Login)); return View(album); }