public ActionResult DeleteConfirm(int id)
{
bool result = ProductRepo.Delete(id);
UserViewModel modul = CompanyRepo.GetIdByName(User.Identity.Name);
if (modul.Role == "Admin")
{
if (CompanyRepo.Delete(id))
{
return(Json(new
{
success = result,
entity = "",
message = "delete success"
}, JsonRequestBehavior.AllowGet));
}
else
{
return(Json(new
{
success = result,
entity = "",
message = "delete fail"
}, JsonRequestBehavior.AllowGet));
}
}
else
{
return(new RedirectToRouteResult(new RouteValueDictionary(new { controller = "AccessDenied", action = "Index" })));
}
}
//GET
public ActionResult Create()
{
UserViewModel model = CompanyRepo.GetIdByName(User.Identity.Name);
if (model.Role == "Admin")
{
return(PartialView("_Create", new CompanyViewModel()));
}
else
{
return(new RedirectToRouteResult(new RouteValueDictionary(new { controller = "AccessDenied", action = "Index" })));
}
}
public ActionResult Delete(CompanyViewModel model)
{
UserViewModel modul = CompanyRepo.GetIdByName(User.Identity.Name);
if (modul.Role == "Admin")
{
return(RedirectToAction("Index"));
}
else
{
return(new RedirectToRouteResult(new RouteValueDictionary(new { controller = "AccessDenied", action = "Index" })));
}
}
//GET
public ActionResult Edit(int id)
{
UserViewModel modul = CompanyRepo.GetIdByName(User.Identity.Name);
if (modul.Role == "Admin")
{
CompanyViewModel model = CompanyRepo.GetById(id);
return(PartialView("_Edit", model));
}
else
{
return(new RedirectToRouteResult(new RouteValueDictionary(new { controller = "AccessDenied", action = "Index" })));
}
}