public ActionResult Edit(EditReviewViewModel model)
{
var existingReview = _venueService.GetReviewById(model.ReviewId);
// Get logged in user
var email = User.Identity.Name;
// Get review author
var contact = _contactService.GetContactById(existingReview.ContactId);
// Return error if users are not same
if (!email.Equals(contact.Email))
{
ViewData.ModelState.AddModelError("Not Author", "You are not authorized to edit this review.");
return(View(model));
}
existingReview.Comments = model.Comments;
existingReview.Rating = model.Rating;
_venueService.EditVenueReview(existingReview);
return(RedirectToAction("Details", "Venue", new { id = model.VenueId }));
}