// GET: mitarbeit/user/{id}/neue-notiz
public ActionResult AddNote(int id)
{
User idproof = userManager.FindByIdAsync(id).Result;
if (idproof == null)
{
Response.StatusCode = 404;
Response.TrySkipIisCustomErrors = true;
return(View("~/Areas/mitarbeit/Views/User/_NotFound.cshtml"));
}
Dictionary <int, string> actions = cache.Get <Dictionary <int, string> >("UserUserNoteActions");
Dictionary <int, string> bvsroles = cache.Get <Dictionary <int, string> >("BvsRoles");
UserAddNoteViewModel uanvm = new UserAddNoteViewModel()
{
User = idproof,
NoteActions = new List <SelectListItem>(),
BvsRoles = new List <SelectListItem>()
};
foreach (var action in actions)
{
uanvm.NoteActions.Add(new SelectListItem()
{
Text = action.Value, Value = action.Key.ToString()
});
}
foreach (var role in bvsroles)
{
uanvm.BvsRoles.Add(new SelectListItem()
{
Text = role.Value, Value = role.Key.ToString()
});
}
return(View("~/Areas/mitarbeit/Views/User/AddNote.cshtml", uanvm));
}
public ActionResult AddNote(int id, UserAddNoteViewModel uanote)
{
User idproof = userManager.FindByIdAsync(id).Result;
if (idproof == null)
{
Response.StatusCode = 404;
Response.TrySkipIisCustomErrors = true;
return(View("~/Areas/mitarbeit/Views/User/_NotFound.cshtml"));
}
UserNote note = uanote.NoteToAdd;
note.AuthorId = userManager.FindByNameAsync(User.Identity.Name).Result.Id;
note.Created = DateTime.Now;
note.IsDeletable = true;
// Until the BB-Code-Parser is ready, let's just tidy up HTML to be on the safe side, I guess.
HtmlSanitizer sanitizer = new HtmlSanitizer();
sanitizer.AllowedTags.Clear(); // Disallow everything.
note.Content = sanitizer.Sanitize(note.UnparsedContent);
note.UserId = id;
if (String.IsNullOrEmpty(note.Content) || note.ActionId < 0 || note.RoleIdNeeded < 0)
{
fail:
int i = this.ModelState.Count;
Dictionary <int, string> actions = cache.Get <Dictionary <int, string> >("UserUserNoteActions");
Dictionary <int, string> bvsroles = cache.Get <Dictionary <int, string> >("BvsRoles");
UserAddNoteViewModel uanvm = new UserAddNoteViewModel()
{
User = idproof,
NoteActions = new List <SelectListItem>(),
BvsRoles = new List <SelectListItem>()
};
foreach (var action in actions)
{
uanvm.NoteActions.Add(new SelectListItem()
{
Text = action.Value, Value = action.Key.ToString()
});
}
foreach (var role in bvsroles)
{
uanvm.BvsRoles.Add(new SelectListItem()
{
Text = role.Value, Value = role.Key.ToString()
});
}
return(View("~/Areas/mitarbeit/Views/User/AddNote.cshtml", uanvm));
}
db.UserNotes.Add(note);
db.SaveChanges();
return(RedirectToAction("Notes", new { id = id }));
}