public async Task <ActionResult> Edit([Bind(Include = "Id,Enabled,Name,MvvmTemplateCategoryId,Language,Tags,ViewModel,View")] MvvmTemplate mvvmTemplate)
{
// Have to retrieve and reassign the ApplicationUserId since it wasn't given
// to the client (a security risk). Be sure to use AsNoTracking() so EF doesn't
// think we're attaching a dupe on SaveChanges().
var t = db.MvvmTemplates.AsNoTracking().First(template => template.Id == mvvmTemplate.Id);
mvvmTemplate.ApplicationUserId = t.ApplicationUserId;
if (!AuthorizeTemplateAccess(t))
{
return(new HttpUnauthorizedResult());
}
if (ModelState.IsValid)
{
db.Entry(mvvmTemplate).State = EntityState.Modified;
await db.SaveChangesAsync();
return(RedirectToAction("Index"));
}
var model = new TemplateEditViewModel(mvvmTemplate, db.MvvmTemplateCategories);
return(View(model));
}
public async Task <IHttpActionResult> PostTemplate(MvvmTemplate mvvmTemplate)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
db.MvvmTemplates.Add(mvvmTemplate);
await db.SaveChangesAsync();
return(CreatedAtRoute("DefaultApi", new { id = mvvmTemplate.Id }, mvvmTemplate));
}
public async Task <ActionResult> Create([Bind(Include = "Name,Language,MvvmTemplateCategoryId,Tags,ViewModel,View")] MvvmTemplate mvvmTemplate)
{
mvvmTemplate.ApplicationUserId = User.Identity.GetUserId();
if (ModelState.IsValid)
{
db.MvvmTemplates.Add(mvvmTemplate);
await db.SaveChangesAsync();
return(RedirectToAction("Index"));
}
var model = new TemplateCreateViewModel(await db.MvvmTemplateCategories.ToListAsync());
return(View(model));
}
private bool AuthorizeTemplateAccess(MvvmTemplate mvvmTemplate)
{
return(AdminUserIsLoggedIn || mvvmTemplate.ApplicationUserId == User.Identity.GetUserId());
}
private Template CreateTemplateFromMvvmTemplate(MvvmTemplate mt)
{
return(new Template(mt.Id, mt.Enabled, mt.ApplicationUser.Author, mt.Name, mt.Language, mt.MvvmTemplateCategory.Name, mt.Tags, mt.ViewModel, mt.View));
}
