예제 #1
public ActionResult OrderDetails(long ID)
    ActionResult response = null;

        OrderDO orderDO = _orderDAO.GetOrderByID(ID);

        if (orderDO != null)          // If that order exists
            // Map the orderDO we got earlier to a orderPO
            OrderPO orderPO = Mapping.OrderMapper.OrderDOtoOrderPO(orderDO);

            // -- Allow the Driver's and Admins to view other person's order details but
            // -- don't allow the other users to view other user's order details.
            if (orderPO.UserID != GetSessionUserID() && GetSessionRole() == 3)
                response = RedirectingPage("You don't have permissions to view this page.", "../../Account/Login");
                // Get all the pizzas associtated with this order
                List <PizzaPO> pizzaPOList =

                // Create the view model for 1 order and a list of pizzas
                PizzaOrderVM pizzaOrderVM = new PizzaOrderVM();
                pizzaOrderVM.Order = orderPO;

                pizzaOrderVM.Pizzas = pizzaPOList;

                // Pass in the view model to the View.
                response = View(pizzaOrderVM);
        {           // The order couldn't be found.
                    // If the current user is an Admin then show that the order doesn't exist
            if (GetSessionRole() == 1)
                response = RedirectingPage("Order does not exist", "../");
            else         // Don't show anyone else that the order doesn't exist.
                response = RedirectToAction("Home", "Index");
    catch (Exception exception)
        if (response == null)
            response = RedirectToAction("Index", "Home");

예제 #2
        public ActionResult UpdatePizzaInOrder(PizzaPO form)
            // Give response a default value.
            ActionResult response = RedirectToAction("Index", "Home");

            OrderDO pizzasOrder = _orderDAO.GetOrderByID((long)form.OrderID);

            if (pizzasOrder.Paid) // If the order has already been paid for.
                TempData["ErrorMessage"] = "You cannot update a pizza on an order that has already been paid for.";
                response = RedirectToAction("OrderDetails", "Order", new { ID = pizzasOrder.OrderID });
            else if (ModelState.IsValid)
                if (pizzasOrder != null) // If that order exists
                    // Check if the pizza form is associated with this user OR if the user is an admin
                    if (pizzasOrder.UserID == GetSessionUserID() || GetSessionRole() == 1)
                        // Get the new price for the pizza.
                        form.Price = _pizzaBLO.GetPizzaCost(Mapping.PizzaMapper.PizzaPOtoPizzaBO(form));

                        if (_pizzaDAO.UpdatePizza(Mapping.PizzaMapper.PizzaPOtoPizzaDO(form)) > 0)
                            // If the pizza was able to update then try to update the Order.

                            // First get all the pizzas associated with this order.
                            List <PizzaDO> pizzas = _pizzaDAO.GetPizzasByOrderID((long)form.OrderID);

                            // Get the total cost for the pizzas that are linked to the orderID
                            decimal newTotal = _pizzaBLO.GetCostOfPizzas(Mapping.PizzaMapper.PizzaDOListToPizzaBOList(pizzas));

                            // Update the orders total cost.
                            if (_orderDAO.UpdateOrderTotal((long)form.OrderID, newTotal)) // If updated the price
                                response = RedirectToAction("OrderDetails", "Order", new { ID = form.OrderID });
                            else // Otherwise the order is now out of sync
                                Logger.Log("WARNING", "PizzaController", "UpdatePizzaInOrder",
                                           "After trying to update a pizza in orderID: " + form.OrderID +
                                           " the total was not updated.");
                        else // Otherwise the pizza couldn't update.
                            TempData["ErrorMessage"] = "Could not update the pizza, please try again later.";
                            response = RedirectToAction("OrderDetails", "Order", new { ID = form.OrderID });
                    else // Otherwise the user shouldn't be trying to change this order.
                        Logger.Log("WARNING", "PizzaController", "UpdatePizzaInOrder",
                                   "UserID: " + GetSessionUserID() + " tried to update someone elses pizza.");
                    // That pizza doesn't exist.
                    TempData["ErrorMessage"] = "That pizza doesn't exist.";
                    response = RedirectToAction("OrderDetails", "Order", new { ID = form.OrderID });
                // The form is not valid.
                TempData["ErrorMessage"] = "Please fix the errors shown below.";

                response = View(form);
