public IActionResult Edit(int id, DietFormModel model, IFormFile file) { string userId = this.userManager.GetUserId(User); if (!this.diets.isUserAuthor(userId, id) && !User.IsInRole(WebConstants.AdministratorRole)) { return(Unauthorized()); } if (ModelState.IsValid) { this.diets.Edit(id, model.Name, model.Description, file); return(RedirectToAction(nameof(All))); } return(View(model)); }
public IActionResult Create(DietFormModel dietModel, IFormFile file) { if (!ModelState.IsValid) { return(View(dietModel)); } string userId = userManager.GetUserId(User); if (userId == null) { return(NotFound()); } string sanitizedDescription = this.html.Sanitize(dietModel.Description); this.diets.Add(dietModel.Name, sanitizedDescription, file, userId); return(RedirectToAction(nameof(All))); }