public IActionResult Edit(int id, DietFormModel model, IFormFile file)
{
string userId = this.userManager.GetUserId(User);
if (!this.diets.isUserAuthor(userId, id) && !User.IsInRole(WebConstants.AdministratorRole))
{
return(Unauthorized());
}
if (ModelState.IsValid)
{
this.diets.Edit(id, model.Name, model.Description, file);
return(RedirectToAction(nameof(All)));
}
return(View(model));
}
public IActionResult Create(DietFormModel dietModel, IFormFile file)
{
if (!ModelState.IsValid)
{
return(View(dietModel));
}
string userId = userManager.GetUserId(User);
if (userId == null)
{
return(NotFound());
}
string sanitizedDescription = this.html.Sanitize(dietModel.Description);
this.diets.Add(dietModel.Name, sanitizedDescription, file, userId);
return(RedirectToAction(nameof(All)));
}
