public ActionResult Create(Vacation vacation) { DateTime vacationDate = vacation.VacationDate; int userId = vacation.UserId; int vacationCount = db.Vacations.Where(c => c.UserId == userId && c.VacationDate.Year == vacationDate.Year).Count(); String errorMsg = "More than 10 days is not allowed for the year " + vacationDate.Year; try { if (vacationCount >= 10) { throw new ValidationException("More than 10 days is not allowed for the year " + vacationDate.Year); } } catch (ValidationException e) { errorMsg = e.Message; } if (ModelState.IsValid && vacationCount < 10) { db.Vacations.Add(vacation); db.SaveChanges(); return RedirectToAction("Index"); } ViewBag.UserId = new SelectList(db.UserProfiles, "UserId", "UserName", vacation.UserId); ViewBag.ErrorMsg = errorMsg; return View(vacation); }
public ActionResult Edit(Vacation vacation) { if (ModelState.IsValid && (vacation.UserId == WebSecurity.CurrentUserId || User.IsInRole("Manager"))) { db.Entry(vacation).State = EntityState.Modified; db.SaveChanges(); return RedirectToAction("Index"); } ViewBag.ErrorMsg = ""; if (vacation.UserId != WebSecurity.CurrentUserId || !User.IsInRole("Manager")) { ViewBag.ErrorMsg = "You may not modify someone else's vacation request"; } return View(vacation); }