public async Task <IActionResult> Create(int Id, [Bind("Text")] string Text)
{
//if (ModelState.IsValid)
if ((Text != null) && (Text.Length > 0))
{
User user;
if (signInManager.IsSignedIn(User))
{
user = (await signInManager.UserManager.GetUserAsync(User));
}
else
{
// check api key
return(Json(JsonError.ERROR_ACCESS_DENIED));
}
Group group = await _context.Group.Include(g => g.Participants).Include(g => g.Admins).FirstOrDefaultAsync(g => g.Id.Equals(Id));
bool b;
if (!((User.IsInRole("Admin") || (GroupsController.CheckUserRightsToPost(group, user.Id, out b)))))
{
return(Json(JsonError.ERROR_ACCESS_DENIED));
}
Comment comment = new Comment(Id, user.Id, Text);
_context.Comment.Add(comment);
await _context.SaveChangesAsync();
return(await apiIndex(Id));
}
return(Json(new { error = "Data error" }));
}
public async Task <IActionResult> Create(string Id, [Bind("Text")] string Text)
{
//if (ModelState.IsValid)
if (Text.Length > 0)
{
User user;
if (signInManager.IsSignedIn(User))
{
user = (await signInManager.UserManager.GetUserAsync(User));
}
else
{
// check api key
return(Json(JsonError.ERROR_ACCESS_DENIED));
}
var document = await _context.Document.Include(d => d.Group).ThenInclude(g => g.Subscribers).Include(d => d.Group).ThenInclude(g => g.Participants).Include(d => d.Group).ThenInclude(g => g.Admins).Include(d => d.Comments).ThenInclude(c => c.User).Include(d => d.Likes)
.Include(d => d.User).FirstOrDefaultAsync(d => d.Id.Equals(Id));
bool b;
if (!((User.IsInRole("Admin")) || (document.GroupId == null) || (GroupsController.CheckUserRightsToPost(document.Group, user.Id, out b))))
{
return(Json(JsonError.ERROR_ACCESS_DENIED));
}
Text = GroupsController.ClearBodyHtml(Text);
Comment comment = new Comment(Id, user.Id, Text);
_context.Comment.Add(comment);
await _context.SaveChangesAsync();
return(await apiIndex(Id));
}
return(Json(new { error = "Data error" }));
}
