public ActionResult Create(int id, int projectStepId, RiskRecommendation riskRecommendation)
{
// clear the modelstate
ModelState.Remove("riskRecommendation.Risk");
try
{
var projectStep = _projectService.GetProjectStep(projectStepId, CurrentUserId);
var risk = Db.Risks.Include("Project").Include("AssessmentType").Where(a => a.Id == id).Single();
// ensure the risk belongs to the project
if (risk.Project.Id != projectStep.Project.Id) throw new SecurityException("Risk does not belong to project");
riskRecommendation.Risk = risk;
if (ModelState.IsValid)
{
Db.RiskRecommendations.Add(riskRecommendation);
Db.SaveChanges();
Message = "Risk recommendation has been saved.";
return RedirectToAction("Index", risk.AssessmentType.Controller, new { id = projectStepId, projectId = risk.Project.Id });
}
var viewModel = RiskRecommendationViewModel.Create(projectStepId, risk, riskRecommendation);
return View(viewModel);
}
catch (SecurityException)
{
return this.RedirectToAction<ErrorController>(a => a.NoAccessToStep());
}
}
public static RiskRecommendationViewModel Create(int projectStepId, Risk risk, RiskRecommendation riskRecommendation = null)
{
Check.Require(risk != null, "risk is required.");
var viewModel = new RiskRecommendationViewModel()
{
ProjectStepId = projectStepId,
RiskRecommendation = riskRecommendation ?? new RiskRecommendation(),
Risk = risk
};
return viewModel;
}
public ActionResult Edit(int id, int projectStepId, RiskRecommendation riskRecommendation)
{
// clear the modelstate
ModelState.Remove("riskRecommendation.Risk");
try
{
var projectStep = _projectService.GetProjectStep(projectStepId, CurrentUserId);
var recommendationToEdit = Db.RiskRecommendations
.Include("Risk").Include("Risk.Project")
.Include("Risk.AssessmentType")
.Where(a => a.Id == id).Single();
// copy the values
recommendationToEdit.Controls = riskRecommendation.Controls;
recommendationToEdit.Impact = riskRecommendation.Impact;
recommendationToEdit.Feasibility = riskRecommendation.Feasibility;
if (ModelState.IsValid)
{
Db.SaveChanges();
Message = "Risk recommendation has been updated.";
return RedirectToAction("Index", recommendationToEdit.Risk.AssessmentType.Controller, new { id = projectStepId, projectId = recommendationToEdit.Risk.Project.Id });
}
var viewModel = RiskRecommendationViewModel.Create(projectStepId, recommendationToEdit.Risk, riskRecommendation);
return View(viewModel);
}
catch (SecurityException)
{
return this.RedirectToAction<ErrorController>(a => a.NoAccessToStep());
}
}
