public IActionResult GetById([FromQuery] int id)
{
// only allow admins to access other user records
var currentUserId = int.Parse(User.Identity.Name);
if (id != currentUserId && !User.IsInRole(Role.Admin))
{
return(Unauthorized());
}
var assoicate = Service.GetAssociateById(id);
if (assoicate == null)
{
return(NotFound());
}
return(Ok(assoicate));
}
public ActionResult Edit(int?id)
{
if (id == null)
{
return(View("BadRequest"));
}
else
{
try
{
AssociateViewModel associateViewModel = _associateService.GetAssociateById(id.Value);
CreateSummaryOfIds(associateViewModel);
return(View(associateViewModel));
}
catch
{
throw;
}
}
}