public async Task <IActionResult> PutUserBasicDetails(int id, UserBasicDetails userBasicDetails) { if (id != userBasicDetails.Id) { return(BadRequest()); } _context.Entry(userBasicDetails).State = EntityState.Modified; try { await _context.SaveChangesAsync(); } catch (DbUpdateConcurrencyException) { if (!UserBasicDetailsExists(id)) { return(NotFound()); } else { throw; } } return(NoContent()); }
public async Task <ActionResult <UserBasicDetails> > PostUserBasicDetails(UserBasicDetails userBasicDetails) { _context.UserBasicDetails.Add(userBasicDetails); await _context.SaveChangesAsync(); return(CreatedAtAction("GetUserBasicDetails", new { id = userBasicDetails.Id }, userBasicDetails)); }
// GET: Vendors/Details/5 public async Task <ActionResult> Details(int?id) { if (!User.Identity.IsAuthenticated) { return(RedirectToAction("Login", "Account")); } if (id == null) { return(new HttpStatusCodeResult(HttpStatusCode.BadRequest)); } //Check if user belongs to this vendor. If not, deny access string userId = User.Identity.GetUserId(); var user = await db.Users.FirstOrDefaultAsync(x => x.Id == userId); int userVendorID = user.VendorID; if (userVendorID != id && !(User.IsInRole("Administrator") || User.IsInRole("Manager"))) { return(RedirectToAction("Warning", "Home", new { message = "ACCESS DENIED - You can't view other Vendor Details" })); } Vendor vendor = await db.Vendors.FindAsync(id); if (vendor == null) { return(HttpNotFound()); } // Find all users with this vendor var users = db.Users.Where(x => x.VendorID == id); // Create view model to return VendorDetails vd = new VendorDetails(); vd.Vendor = vendor; vd.Users = new List <UserBasicDetails>(); foreach (var item in users) { UserBasicDetails temp = new UserBasicDetails { FirstName = item.FirstName, LastName = item.LastName, Email = item.Email, Phone = item.PersonalPhone }; vd.Users.Add(temp); } return(View(vd)); }