public ActionResult Edit(int id, BusinessLogicLayer.OwnedItemBLL collection)
{
try
{
using (ContextBLL ctx = new ContextBLL())
{
OwnedItemBLL Mine = ctx.FindOwnedItemByID(collection.OwnedItemID);
if (null == Mine)
{
return(View("ItemNotFound"));
}
if (!IsThisMine(ctx, Mine))
{
return(View("NotYourItem"));
}
ctx.UpdateOwnedItem(collection);
}
return(RedirectToAction("Index"));
}
catch (Exception Ex)
{
ViewBag.Exception = Ex;
return(View("Error"));
}
}
public ActionResult Delete(int id, BusinessLogicLayer.OwnedItemBLL collection)
{
try
{
// TODO: Add insert logic here
using (ContextBLL ctx = new ContextBLL())
{
OwnedItemBLL Mine = ctx.FindOwnedItemByID(id);
if (null == Mine)
{
return(View("ItemNotFound"));
}
if (!IsThisMine(ctx, Mine))
{
return(View("NotYourItem"));
}
ctx.DeleteOwnedItem(id);
}
return(RedirectToAction("Index"));
}
catch (Exception Ex)
{
ViewBag.Exception = Ex;
return(View("Error"));
}
}
// GET: Role/Create
public ActionResult Create()
{
OwnedItemBLL defItem = new OwnedItemBLL();
defItem.OwnedItemID = 0;
using (ContextBLL ctx = new ContextBLL())
{
ViewBag.Users = GetUserItems(ctx);
return(View(defItem));
}
}
bool IsThisMine(ContextBLL ctx, OwnedItemBLL Mine)
{
if (User.IsInRole(MagicConstants.AdminRoleName))
{
return(true);
}
UserBLL me = ctx.FindUserByEMail(User.Identity.Name);
if (me == null)
{
return(false);
}
return(me.UserID == Mine.OwnerID);
}
