public ActionResult NoteDetails(String id) { if (Session["UserID"] == null) { return(RedirectToAction("Login", "Authentication", new { ReturnUrl = @"/Admin/NoteDetails/" + id })); } string NoteId = id; ViewBag.Title = "NotesDetails"; ViewBag.Authorized = true; if (String.IsNullOrEmpty(NoteId)) { return(new HttpNotFoundResult()); } int UserID = 0; string[] UserRoles = null; if (Request.IsAuthenticated) { if (Session["UserID"] == null) { return(RedirectToAction("Login", "Authentication")); } ViewBag.Authorized = true; UserID = Convert.ToInt32(User.Identity.Name); UserRoles = new RoleManager.NotesMarketPlaceRoleManager().GetRolesForUser(User.Identity.Name); } NoteModel Nm = NotesRepository.GetNoteDetailsById(Convert.ToInt32(NoteId)); if (Nm == null) { return(new HttpStatusCodeResult(System.Net.HttpStatusCode.NotFound)); } //Only show note details when notes is published or being accessed by owner or admins if (Nm.Status != 3 && (Request.IsAuthenticated && !(Nm.SellerID == UserID || UserRoles.Contains("SuperAdmin") || UserRoles.Contains("SubAdmin")))) { return(new HttpStatusCodeResult(System.Net.HttpStatusCode.NotFound)); } return(View("~/Views/Admin/NoteViews/NoteDetails.cshtml", Nm)); }
public ActionResult NoteDetails(string NoteId) { if (String.IsNullOrEmpty(NoteId)) { return(new HttpNotFoundResult()); } int UserID = 0; string[] UserRoles = null; if (Request.IsAuthenticated) { if (Session["UserID"] == null) { return(RedirectToAction("Login", "Authentication")); } ViewBag.Authorized = true; UserID = Convert.ToInt32(User.Identity.Name); UserRoles = new RoleManager.NotesMarketPlaceRoleManager().GetRolesForUser(User.Identity.Name); } NoteModel Nm = NotesRepository.GetNoteDetailsById(Convert.ToInt32(NoteId)); if (Nm == null) { return(new HttpStatusCodeResult(System.Net.HttpStatusCode.NotFound)); } //Only show note details when notes is published or being accessed by owner or admins if (Nm.Status != 3 && (Request.IsAuthenticated && !(Nm.SellerID == UserID || UserRoles.Contains("SuperAdmin") || UserRoles.Contains("SubAdmin")))) { return(new HttpStatusCodeResult(System.Net.HttpStatusCode.NotFound)); } List <string> ReviewerList = new List <string>(); foreach (Review r in Nm.Reviews) { ReviewerList.Add(r.ReviwerProfilePicture); } /* We will use this list in content controller to give anonymous users, access to those user profiles * which are included in notes reviews. */ Session["ReviewerList"] = ReviewerList; //Adding Full Name of Seller and contact number of support for popup model SystemConfigModel SupportContact = SystemConfigData.GetSystemConfigData("SupportContact"); if (SupportContact != null) { ViewBag.SupportContact = SupportContact.DataValue; } else { ViewBag.SupportContact = "Not Available"; } //Full Name of Seller UserProfileModel Seller = UserRepository.GetUserData(Nm.SellerID); if (Seller != null) { ViewBag.Seller = Seller.User.FirstName + " " + Seller.User.LastName; } else { ViewBag.Seller = "Anonymous User"; } //TempData passed by GetNoteAttachments method to confirm buyer request submission if (TempData.ContainsKey("BuyerRequestSubmitted") && (bool)TempData["BuyerRequestSubmitted"]) { ViewBag.BuyerRequestSubmitted = true; } ViewBag.Title = "NotesDetails"; return(View(Nm)); }