public ActionResult DeleteNote(Guid noteId) { try { var employer = CurrentEmployer; _candidateNotesCommand.DeleteNote(employer, noteId); return(Json(new JsonResponseModel())); } catch (UserException ex) { ModelState.AddModelError(ex, new StandardErrorHandler()); } return(Json(new JsonResponseModel())); }
public void TestNoteOwner() { var member = _membersCommand.CreateTestMember(1); var noteCreator = _employersCommand.CreateTestEmployer(1, _organisationsCommand.CreateTestOrganisation(1)); var noteReader = _employersCommand.CreateTestEmployer(2, noteCreator.Organisation); // Add a private one. var note1 = CreateNote(1, noteCreator, member.Id, false); // Add a shared one. NoteCreationDelay(); var note2 = CreateNote(2, noteCreator, member.Id, true); AssertNotes(noteCreator, member.Id, new[] { note2, note1 }, new CandidateNote[0]); AssertNotes(noteReader, member.Id, new[] { note2 }, new[] { note1 }); AssertHasNotes(noteCreator, member.Id); AssertHasNotes(noteReader, member.Id); // Try to update the first text as the reader. const string updatedText = "Updated first note"; var note = _candidateNotesQuery.GetNote(noteCreator, note1.Id); note.Text = updatedText; try { _candidateNotesCommand.UpdateNote(noteReader, note); Assert.Fail(); } catch (NoteOwnerPermissionsException) { } AssertNotes(noteCreator, member.Id, new[] { note2, note1 }, new CandidateNote[0]); AssertNotes(noteReader, member.Id, new[] { note2 }, new[] { note1 }); AssertHasNotes(noteCreator, member.Id); AssertHasNotes(noteReader, member.Id); // Try to update the second text as the reader. note = _candidateNotesQuery.GetNote(noteCreator, note2.Id); note.Text = updatedText; try { _candidateNotesCommand.UpdateNote(noteReader, note); Assert.Fail(); } catch (NoteOwnerPermissionsException) { } AssertNotes(noteCreator, member.Id, new[] { note2, note1 }, new CandidateNote[0]); AssertNotes(noteReader, member.Id, new[] { note2 }, new[] { note1 }); AssertHasNotes(noteCreator, member.Id); AssertHasNotes(noteReader, member.Id); // Try to delete the first one. try { _candidateNotesCommand.DeleteNote(noteReader, note1.Id); Assert.Fail(); } catch (NoteOwnerPermissionsException) { } AssertNotes(noteCreator, member.Id, new[] { note2, note1 }, new CandidateNote[0]); AssertNotes(noteReader, member.Id, new[] { note2 }, new[] { note1 }); AssertHasNotes(noteCreator, member.Id); AssertHasNotes(noteReader, member.Id); // Try to delete the second one. try { _candidateNotesCommand.DeleteNote(noteReader, note2.Id); Assert.Fail(); } catch (NoteOwnerPermissionsException) { } AssertNotes(noteCreator, member.Id, new[] { note2, note1 }, new CandidateNote[0]); AssertNotes(noteReader, member.Id, new[] { note2 }, new[] { note1 }); AssertHasNotes(noteCreator, member.Id); AssertHasNotes(noteReader, member.Id); }