コード例 #1
0
        public IActionResult Account()
        {
            // Retrieves data from session to query as an event handler
            // checks to see if the session data is present to prevent
            // penetration.
            string LoggedIn = HttpContext.Session.GetString("LoggedIn");
            int?   userId   = HttpContext.Session.GetInt32("UserId");
            string email    = HttpContext.Session.GetString("Email");

            // If logged in not present, proceed to default
            if (LoggedIn == null)
            {
                return(View("Index"));
            }
            else
            {
                // Checks to see if the user is in the DB
                var userTransactionBundle = new UserTransactionBundle();
                userTransactionBundle.user = dbContext.Users.FirstOrDefault(user => user.Email == email);
                if (userTransactionBundle.user == null)
                {
                    // if user is not in DB, kill session, redirect to index
                    HttpContext.Session.Clear();
                    return(RedirectToAction("Index"));
                }
                else
                {
                    // Checks to see if session user ID matches the actuall user ID
                    if (userTransactionBundle.user.UserId != (int)userId)
                    {
                        // if ID's do not match, kills session, redirects to Index
                        HttpContext.Session.Clear();
                        return(RedirectToAction("Index"));
                    }
                    else
                    {
                        // populates the user's transactions
                        userTransactionBundle.transactions = dbContext.Transactions
                                                             .Where(transaction => transaction.UserId == (int)userId)
                                                             .OrderByDescending(transaction => transaction.CreatedAt)
                                                             .ToList();
                        return(View("Account", userTransactionBundle));
                    }
                }
            }
        }
コード例 #2
0
        public IActionResult CreateTransaction(UserTransactionBundle userTransactionBundle)
        {
            // Sets the User for the userTransactionBundle
            string email  = HttpContext.Session.GetString("Email");
            int?   userId = HttpContext.Session.GetInt32("UserId");

            userTransactionBundle.user = dbContext.Users.FirstOrDefault(user => user.Email == email);

            // populates the user's transaction
            userTransactionBundle.transactions = dbContext.Transactions
                                                 .Where(transaction => transaction.UserId == (int)userId)
                                                 .OrderByDescending(transaction => transaction.CreatedAt)
                                                 .ToList();

            // Checks validator
            if (ModelState.IsValid)
            {
                // Checks to see if transaction results in negative balance
                if (userTransactionBundle.Balance + userTransactionBundle.transaction.Amount > 0)
                {
                    userTransactionBundle.transaction.CreatedAt = DateTime.Now;
                    dbContext.Add(userTransactionBundle.transaction);
                    dbContext.SaveChanges();
                    return(RedirectToAction("Account"));
                }
                else
                {
                    // because the model is bundled, reference the sub-model/property for the annotation to fire
                    ModelState.AddModelError("transaction.Amount", "Transaction will result in a Negative Balance and is not allowed!");
                    return(View("Account", userTransactionBundle));
                }
            }
            else
            {
                return(View("Account", userTransactionBundle));
            }
        }