public ActionResult Edit(int id, OutgoingInvoiceViewModel outgoingInvoiceView) { string currUserId = User.Identity.GetUserId(); //redirects user to the 403 page if he is trying to change data that is not his own if (ctx.OutgoingInvoices.Where(x => x.IdOutgoingInvoice == id).First().ApplicationUserId != currUserId) { throw new HttpException(403, "Forbidden"); } try { // TODO: Add update logic here ctx.OutgoingInvoices.Where(o => o.IdOutgoingInvoice == id).First().InvoiceClassNumber = outgoingInvoiceView.InvoiceClassNumber; ctx.OutgoingInvoices.Where(o => o.IdOutgoingInvoice == id).First().DateOutgoingInvoice = Convert.ToDateTime(outgoingInvoiceView.Date); ctx.OutgoingInvoices.Where(o => o.IdOutgoingInvoice == id).First().CustomerInfo = outgoingInvoiceView.CustomerInfo; ctx.OutgoingInvoices.Where(o => o.IdOutgoingInvoice == id).First().Amount = Convert.ToDecimal(outgoingInvoiceView.Amount); ctx.SaveChanges(); return(RedirectToAction("Index")); } catch { return(RedirectToAction("Error", "Shared")); } }
public ActionResult Create(OutgoingInvoiceViewModel outgoingInvoiceView) { try { // TODO: Add insert logic here string currUserId = User.Identity.GetUserId(); decimal amount = Convert.ToDecimal(outgoingInvoiceView.Amount); DateTime date = Convert.ToDateTime(outgoingInvoiceView.Date); OutgoingInvoice outgoingInvoice = new OutgoingInvoice() { ApplicationUserId = currUserId, DateOutgoingInvoice = date, InvoiceClassNumber = outgoingInvoiceView.InvoiceClassNumber, CustomerInfo = outgoingInvoiceView.CustomerInfo, Amount = amount }; ctx.OutgoingInvoices.Add(outgoingInvoice); ctx.SaveChanges(); return(RedirectToAction("Index")); } catch { return(RedirectToAction("Error", "Shared")); } }
// // GET: /OutgoingInvoice/Edit/5 public ActionResult Edit(int id) { OutgoingInvoice outgoingInvoice = ctx.OutgoingInvoices.Where(o => o.IdOutgoingInvoice == id).First(); string currUserId = User.Identity.GetUserId(); //redirects user to the 403 page if he is trying to change data that is not his own if (outgoingInvoice.ApplicationUserId != currUserId) { throw new HttpException(403, "Forbidden"); } OutgoingInvoiceViewModel outgoingInvoiceView = new OutgoingInvoiceViewModel() { Id = outgoingInvoice.IdOutgoingInvoice, ApplicationUserId = outgoingInvoice.ApplicationUserId, Date = outgoingInvoice.DateOutgoingInvoice.ToShortDateString(), InvoiceClassNumber = outgoingInvoice.InvoiceClassNumber, CustomerInfo = outgoingInvoice.CustomerInfo, Amount = outgoingInvoice.Amount.ToString() }; return(View(outgoingInvoiceView)); }