//create return for delete page when confirming details
public ActionResult Delete(int id)
{
Feedback_Forms feedback_form = db.Feedback_Forms.Find(id);
if (feedback_form != null && //if there is an actual entry returned
(
(User.Identity.Permission() == 1 && feedback_form.User.Id == User.Identity.GetUserId()) || //and they are the patient who submitted the form
User.Identity.Permission() == 3 //or an admin
)
)
{
return(View(feedback_form));
}
return(RedirectToAction("List", "Feedback_Forms")); //otherwise reroute them to the main list
}
public ActionResult Add(Feedback_Forms feedback_form)
{
if (ModelState.IsValid)
{
string currentUserId = User.Identity.GetUserId();
ApplicationUser currentUser = db.Users.FirstOrDefault(x => x.Id == currentUserId);
int permission = UserManager.GetUserPermission();
if (permission == 1 || permission == 3) //is patient or admin
{
feedback_form.User = currentUser;
feedback_form.Feedback_Forms_Email = currentUser.Email;
db.Feedback_Forms.Add(feedback_form);
db.SaveChanges();
}
return(RedirectToAction("List", "Feedback_Forms"));
}
return(View());
}
public ActionResult Delete(int id, string confirm)
{
string userid = User.Identity.GetUserId();
int permission = UserManager.GetUserPermission();
Feedback_Forms delete_entry = db.Feedback_Forms.Find(id);
if (delete_entry != null)
{
if ((permission == 1 && delete_entry.User.Id == userid) || permission == 3) //is patient who submitted the form or admin
{
//if the request is from the patient who submitted the form or an admin, delete the entry
db.Feedback_Forms.Remove(delete_entry);
db.SaveChanges();
}
return(RedirectToAction("List", "Feedback_Forms"));
}
return(View());
}
public ActionResult Edit(Feedback_Forms feedback_form)
{
if (ModelState.IsValid)
{
string userid = User.Identity.GetUserId();
int permission = UserManager.GetUserPermission();
Feedback_Forms updated_form = db.Feedback_Forms.Find(feedback_form.Feedback_Forms_ID);
if (updated_form != null)
{
if ((permission == 1 && updated_form.User.Id == userid) || permission == 3) //is patient who submitted the form or admin
{
updated_form.Feedback_Forms_Comment = feedback_form.Feedback_Forms_Comment;
updated_form.Feedback_Forms_Date = feedback_form.Feedback_Forms_Date;
updated_form.Feedback_Forms_Rating = feedback_form.Feedback_Forms_Rating;
db.SaveChanges();
}
return(RedirectToAction("List", "Feedback_Forms"));
}
}
return(View());
}
