public ActionResult Edit(long id) { var rlc = new RequestLockManagementController(); var uc = new UserManagementController(); UserProfile up = uc.getUserProfile(User.Identity.Name); RequestLock rl = rlc.getRequestLock(id); if (rl == null) { rlc.addLock(id, up.UserId); } else if (rl.UserID != up.UserId) { // Locked to someone else, redirect return RedirectToAction("Index", "Home", new { status = Constants.URLStatus.AccessingLocked }); } var dc = new DropdownManagementController(); var rmc = new RequestManagementController(); RequestContent reqContent = rmc.getRequestDetails(id); if (reqContent.requestStatus == Constants.RequestStatus.Invalid) { // Invalid request, cannot edit return RedirectToAction("Index", "Home", new { status = Constants.URLStatus.EditingInvalid }); } ViewBag.RequestorTypes = new SelectList( dc.getEntries(Constants.DropdownTable.RequestorType), "id", "text"); ViewBag.Regions = new SelectList( dc.getEntries(Constants.DropdownTable.Region), "id", "text"); ViewBag.GenderOptions = new SelectList(Constants.genderOptions); return View(reqContent); }
public void TestViewRequestLockedToAnother() { // Create a test request in the DB var rc = new RequestContent { patientFName = "VRInt-" + _random.Next() .ToString(CultureInfo.InvariantCulture) }; var rmc = new RequestManagementController(); long rid = rmc.create(rc); // Create the User var up = new UserProfile { UserName = "******" + _random.Next() .ToString(CultureInfo.InvariantCulture) }; _cdc.UserProfiles.InsertOnSubmit(up); _cdc.SubmitChanges(); // Create the Lock var rlmc = new RequestLockManagementController(); rlmc.addLock(rid, up.UserId); // Remove the Viewer Role from the User _ctm.removeRole(Constants.Roles.ADMINISTRATOR); // Attempt to go to the appropriate View Request Page Directly _driver.Navigate().GoToUrl(CommonTestingMethods.getURL()); _driver.Navigate() .GoToUrl(CommonTestingMethods.getURL() + "/Request/Details/" + rid.ToString(CultureInfo.InvariantCulture)); _driver.FindElement(By.Id("error-header")); IWebElement msg = _driver.FindElement(By.Id("error-message")); StringAssert.AreEqualIgnoringCase( "This request has been locked to another person and cannot be viewed until unlocked.", msg.Text); // Assert that we're redirected to the not authorized page StringAssert.Contains("/Request/Details", _driver.Url); // Cleanup rlmc.removeLock(rid); _cdc.UserProfiles.DeleteOnSubmit(up); Request rq = _cdc.Requests.FirstOrDefault(r => r.RequestID == rid); if (rq == null) { Assert.Fail("Request is null"); } _cdc.Requests.DeleteOnSubmit(rq); _cdc.SubmitChanges(); _ctm.addRole(Constants.Roles.ADMINISTRATOR); }