public async Task <IActionResult> Delete(int?id) { if (id == null) { return(NotFound()); } var ticket = await _context.Ticket .FirstOrDefaultAsync(m => m.Id == id); if (ticket == null) { return(NotFound()); } // Authorize if (!User.IsInRole("Administrator")) { var userId = _httpContextAccessor.HttpContext.User.FindFirst(ClaimTypes.NameIdentifier).Value; if (userId != ticket.UserId) { return(Unauthorized()); } } var project = await _context.Project .FirstOrDefaultAsync(m => m.Id == ticket.ParentProjectId); if (project == null) { return(NotFound()); } EditTicketVM vm = new EditTicketVM { Project = project, Ticket = ticket }; return(View(vm)); }
// GET: Tickets public async Task <IActionResult> Index() { var tickets = await _context.Tickets.Include(t => t.Event).Include(t => t.Guest).Include(t => t.Transaction).ToListAsync(); var EditTicketVM = new EditTicketVM { Tickets = tickets }; var guests = _context.Guests .Select(n => new { GuestId = n.GuestId, GuestFullName = string.Format("{0} - {1}", n.GuestFullName, n.GuestEmail) }) .ToList(); ViewData["EventId"] = new SelectList(_context.Events, "EventId", "EventName"); ViewData["GuestId"] = new SelectList(guests, "GuestId", "GuestFullName"); ViewData["TransactionId"] = new SelectList(_context.Transactions, "TransactionId", "TransactionId"); return(View(EditTicketVM)); }