public ActionResult EditPending(PendingUser user, string[] roleNames)
{
if (Authorized(RoleType.SystemManager))
{
if (ModelState.IsValid)
{
PendingUser userFromDatabase;
using (PendingUsersRepository pendingUserRep = new PendingUsersRepository())
{
userFromDatabase = pendingUserRep.GetEntity(user.Id);
if (userFromDatabase != null)
{
if (userFromDatabase.CompanyId != CurrentUser.CompanyId)
{
return(Error(Loc.Dic.error_no_permission));
}
RoleType combinedRoles = RoleType.None;
List <RoleType> forbiddenRoles = GetForbiddenRoles();
foreach (string roleName in roleNames)
{
RoleType role;
if (Enum.TryParse(roleName, out role) && !forbiddenRoles.Contains(role))
{
combinedRoles = Roles.CombineRoles(combinedRoles, role);
}
else
{
return(Error(Loc.Dic.error_invalid_form));
}
}
userFromDatabase.Email = user.Email;
userFromDatabase.Roles = (int)combinedRoles;
userFromDatabase.OrdersApproverId = user.OrdersApproverId.HasValue && user.OrdersApproverId.Value == -1 ? null : user.OrdersApproverId;
pendingUserRep.Update(userFromDatabase);
return(RedirectToAction("Index"));
}
else
{
return(Error(Loc.Dic.error_user_not_found));
}
}
}
else
{
return(Error(ModelState));
}
}
else
{
return(Error(Loc.Dic.error_no_permission));
}
}
public ActionResult EditPending(PendingUser user, string[] roleNames)
{
if (Authorized(RoleType.SystemManager))
{
if (ModelState.IsValid)
{
PendingUser userFromDatabase;
using (PendingUsersRepository pendingUserRep = new PendingUsersRepository())
{
userFromDatabase = pendingUserRep.GetEntity(user.Id);
if (userFromDatabase != null)
{
if (userFromDatabase.CompanyId != CurrentUser.CompanyId)
return Error(Loc.Dic.error_no_permission);
RoleType combinedRoles = RoleType.None;
List<RoleType> forbiddenRoles = GetForbiddenRoles();
foreach (string roleName in roleNames)
{
RoleType role;
if (Enum.TryParse(roleName, out role) && !forbiddenRoles.Contains(role))
{
combinedRoles = Roles.CombineRoles(combinedRoles, role);
}
else
{
return Error(Loc.Dic.error_invalid_form);
}
}
userFromDatabase.Email = user.Email;
userFromDatabase.Roles = (int)combinedRoles;
userFromDatabase.OrdersApproverId = user.OrdersApproverId.HasValue && user.OrdersApproverId.Value == -1 ? null : user.OrdersApproverId;
pendingUserRep.Update(userFromDatabase);
return RedirectToAction("Index");
}
else
{
return Error(Loc.Dic.error_user_not_found);
}
}
}
else
{
return Error(ModelState);
}
}
else
{
return Error(Loc.Dic.error_no_permission);
}
}
