public ActionResult Create(NoteAdd newItem) { // Standard 'add new' handling // Including checking the ModelState if (!ModelState.IsValid) { // If there's a problem with the form data postback, redisplay the form var addForm = new NoteAddForm(); addForm.EmployeeId = newItem.EmployeeId; addForm.NoteText = newItem.NoteText; addForm.Title = newItem.Title; // If there's a problem with the form data postback, redisplay the form return(View(addForm)); } else { // Otherwise, whether successful or not, redirect back to the employee's // details view var addedItem = m.AddNoteForAuthenticatedEmployee(newItem); if (addedItem == null) { return(HttpNotFound()); } return(RedirectToAction("Details", "Employees", new { id = addedItem.EmployeeId })); } }
// GET: Notes/Create/{id} public ActionResult Create() { int?emp_id = m.GetEmployeeIdForUserName(User.Identity.Name); // Validate the user name if (!emp_id.HasValue) { // If validation fails, exit return(HttpNotFound()); } else { // Otherwise, continue... // Create and configure an 'add form' var addForm = new NoteAddForm(); addForm.EmployeeId = (int)emp_id; return(View(addForm)); } }
// GET: Notes/Create/{id} public ActionResult Create(int?id) { // Validate the user name var fetchedObject = m.GetEmployeeById(id.Value); if ((User.Identity as ClaimsIdentity).Name != fetchedObject.IdentityUserId) { // If validation fails, exit return(HttpNotFound()); } else { // Otherwise, continue... // Create and configure an 'add form' var addForm = new NoteAddForm(); addForm.EmployeeId = id.Value; return(View(addForm)); } }