public ActionResult Create(NoteAdd newItem)
{
// Standard 'add new' handling
// Including checking the ModelState
if (!ModelState.IsValid)
{
// If there's a problem with the form data postback, redisplay the form
var addForm = new NoteAddForm();
addForm.EmployeeId = newItem.EmployeeId;
addForm.NoteText = newItem.NoteText;
addForm.Title = newItem.Title;
// If there's a problem with the form data postback, redisplay the form
return(View(addForm));
}
else
{
// Otherwise, whether successful or not, redirect back to the employee's
// details view
var addedItem = m.AddNoteForAuthenticatedEmployee(newItem);
if (addedItem == null)
{
return(HttpNotFound());
}
return(RedirectToAction("Details", "Employees", new { id = addedItem.EmployeeId }));
}
}
// GET: Notes/Create/{id}
public ActionResult Create()
{
int?emp_id = m.GetEmployeeIdForUserName(User.Identity.Name);
// Validate the user name
if (!emp_id.HasValue)
{ // If validation fails, exit
return(HttpNotFound());
}
else
{ // Otherwise, continue...
// Create and configure an 'add form'
var addForm = new NoteAddForm();
addForm.EmployeeId = (int)emp_id;
return(View(addForm));
}
}
// GET: Notes/Create/{id}
public ActionResult Create(int?id)
{
// Validate the user name
var fetchedObject = m.GetEmployeeById(id.Value);
if ((User.Identity as ClaimsIdentity).Name != fetchedObject.IdentityUserId)
{
// If validation fails, exit
return(HttpNotFound());
}
else
{
// Otherwise, continue...
// Create and configure an 'add form'
var addForm = new NoteAddForm();
addForm.EmployeeId = id.Value;
return(View(addForm));
}
}
