//create return for delete page when confirming details public ActionResult Delete(int id) { Feedback_Forms feedback_form = db.Feedback_Forms.Find(id); if (feedback_form != null && //if there is an actual entry returned ( (User.Identity.Permission() == 1 && feedback_form.User.Id == User.Identity.GetUserId()) || //and they are the patient who submitted the form User.Identity.Permission() == 3 //or an admin ) ) { return(View(feedback_form)); } return(RedirectToAction("List", "Feedback_Forms")); //otherwise reroute them to the main list }
public ActionResult Add(Feedback_Forms feedback_form) { if (ModelState.IsValid) { string currentUserId = User.Identity.GetUserId(); ApplicationUser currentUser = db.Users.FirstOrDefault(x => x.Id == currentUserId); int permission = UserManager.GetUserPermission(); if (permission == 1 || permission == 3) //is patient or admin { feedback_form.User = currentUser; feedback_form.Feedback_Forms_Email = currentUser.Email; db.Feedback_Forms.Add(feedback_form); db.SaveChanges(); } return(RedirectToAction("List", "Feedback_Forms")); } return(View()); }
public ActionResult Delete(int id, string confirm) { string userid = User.Identity.GetUserId(); int permission = UserManager.GetUserPermission(); Feedback_Forms delete_entry = db.Feedback_Forms.Find(id); if (delete_entry != null) { if ((permission == 1 && delete_entry.User.Id == userid) || permission == 3) //is patient who submitted the form or admin { //if the request is from the patient who submitted the form or an admin, delete the entry db.Feedback_Forms.Remove(delete_entry); db.SaveChanges(); } return(RedirectToAction("List", "Feedback_Forms")); } return(View()); }
public ActionResult Edit(Feedback_Forms feedback_form) { if (ModelState.IsValid) { string userid = User.Identity.GetUserId(); int permission = UserManager.GetUserPermission(); Feedback_Forms updated_form = db.Feedback_Forms.Find(feedback_form.Feedback_Forms_ID); if (updated_form != null) { if ((permission == 1 && updated_form.User.Id == userid) || permission == 3) //is patient who submitted the form or admin { updated_form.Feedback_Forms_Comment = feedback_form.Feedback_Forms_Comment; updated_form.Feedback_Forms_Date = feedback_form.Feedback_Forms_Date; updated_form.Feedback_Forms_Rating = feedback_form.Feedback_Forms_Rating; db.SaveChanges(); } return(RedirectToAction("List", "Feedback_Forms")); } } return(View()); }