public ActionResult Create(CreateBlogModel model)
{
if (ModelState.IsValid)
{
var adminSecurable = new Data.Securable {
Name = "Admin: " + model.Name
};
_securableRepo.Create(adminSecurable);
var authorSecurable = new Data.Securable {
Name = "Author: " + model.Name
};
_securableRepo.Create(authorSecurable);
_blogRepo.Create(new Data.Blog
{
AdminSecurableId = adminSecurable.Id,
AuthorSecurableId = authorSecurable.Id,
Name = model.Name,
AuthoritiveUrl = model.Url,
BlogGuid = Guid.NewGuid()
});
_invitationService.Invite(adminSecurable.Id, model.AdminEmail, "StaticVoid.Blog");
return(Json(new { success = true }));
}
return(PartialView("CreateModal", model));
}
public JsonResult Invite(InviteModel model)
{
var currentUser = _securityHelper.CurrentUser;
if (!_securableRepo.BlogsUserIsAdminOf(_blogRepo, currentUser.Id).Any(b => b.AuthorSecurableId == model.SecurableId))
{
throw new HttpException(403, "Not Authorised");
}
_invitationService.Invite(model.SecurableId, model.Email, currentUser.FullName());
return(Json(true));
}