public ViewComplaintActionsViewModel(Complaint e, AddComplaintActionViewModel vm)
{
CurrentOfficeId = e.CurrentOfficeId;
CurrentOwnerId = e.CurrentOwnerId;
ComplaintClosed = e.ComplaintClosed;
ComplaintDeleted = e.Deleted;
DateCurrentOwnerAccepted = e.DateCurrentOwnerAccepted;
ComplaintId = vm.ComplaintId;
ActionDate = vm.ActionDate;
ActionTypeId = vm.ActionTypeId;
Investigator = vm.Investigator;
Comments = vm.Comments;
}
public async Task <IActionResult> AddAction(int id, AddComplaintActionViewModel model)
{
var currentUser = await GetCurrentUserAsync();
if (currentUser == null)
{
throw new Exception("Current user not found");
}
string msg;
var complaint = await _context.Complaints.AsNoTracking()
.Where(e => e.Id == model.ComplaintId)
.SingleOrDefaultAsync();
if (complaint == null)
{
return(NotFound());
}
if (ModelState.IsValid)
{
var complaintAction = new ComplaintAction(model);
// Check permissions
if (complaint.Deleted)
{
msg = "This Complaint has been deleted and cannot be edited.";
TempData.SaveAlertForSession(msg, AlertStatus.Warning, "Access Denied");
return(RedirectToAction("Details", new { id = model.ComplaintId }));
}
if (currentUser.Id != complaint.CurrentOwnerId &&
!(User.IsInRole(CtsRole.Manager.ToString()) && currentUser.OfficeId == complaint.CurrentOfficeId) &&
!(User.IsInRole(CtsRole.DivisionManager.ToString())))
{
msg = "You do not have permission to edit this Complaint.";
TempData.SaveAlertForSession(msg, AlertStatus.Warning, "Access Denied");
return(RedirectToAction("Details", new { id = model.ComplaintId }));
}
if (currentUser != null &&
(currentUser.Id == complaint.CurrentOwnerId) &&
(complaint.DateCurrentOwnerAccepted == null))
{
msg = "You must accept this Complaint before you can edit it.";
TempData.SaveAlertForSession(msg, AlertStatus.Warning, "Access Denied");
return(RedirectToAction("Details", new { id = model.ComplaintId }));
}
if (complaint.ComplaintClosed)
{
msg = "This Complaint has been closed and cannot be edited unless it is reopened.";
TempData.SaveAlertForSession(msg, AlertStatus.Warning, "Access Denied");
return(RedirectToAction("Details", new { id = model.ComplaintId }));
}
// Update model
complaintAction.EnteredById = currentUser.Id;
complaintAction.DateEntered = DateTime.Now;
try
{
_context.Add(complaintAction);
await _context.SaveChangesAsync();
msg = "The Action has been added.";
TempData.SaveAlertForSession(msg, AlertStatus.Success, "Success");
return(RedirectToAction("Actions", new { id = model.ComplaintId }));
}
catch
{
msg = "There was an error saving the Action. Please try again or contact support.";
ViewData["AlertMessage"] = new AlertViewModel(msg, AlertStatus.Error, "Error");
}
}
msg = "The Action was not created. Please fix the errors shown below.";
ViewData["AlertMessage"] = new AlertViewModel(msg, AlertStatus.Error, "Error");
// Populate the view model before returning
var vm = new ViewComplaintActionsViewModel(complaint, model);
if (vm == null)
{
return(NotFound());
}
bool includeDeleted = User != null &&
(User.IsInRole(CtsRole.DivisionManager.ToString()) ||
User.IsInRole(CtsRole.Manager.ToString()));
vm.ComplaintActions = await _dal.GetComplaintActionsByComplaintId(model.ComplaintId, SortOrder.Descending, includeDeleted).ToListAsync();
vm.ActionTypesSelectList = await _dal.GetActionTypesSelectListAsync();
vm.UserCanDelete = includeDeleted;
return(View("Actions", vm));
}
