public ActionResult Create(int id, int projectStepId, RiskRecommendation riskRecommendation) { // clear the modelstate ModelState.Remove("riskRecommendation.Risk"); try { var projectStep = _projectService.GetProjectStep(projectStepId, CurrentUserId); var risk = Db.Risks.Include("Project").Include("AssessmentType").Where(a => a.Id == id).Single(); // ensure the risk belongs to the project if (risk.Project.Id != projectStep.Project.Id) throw new SecurityException("Risk does not belong to project"); riskRecommendation.Risk = risk; if (ModelState.IsValid) { Db.RiskRecommendations.Add(riskRecommendation); Db.SaveChanges(); Message = "Risk recommendation has been saved."; return RedirectToAction("Index", risk.AssessmentType.Controller, new { id = projectStepId, projectId = risk.Project.Id }); } var viewModel = RiskRecommendationViewModel.Create(projectStepId, risk, riskRecommendation); return View(viewModel); } catch (SecurityException) { return this.RedirectToAction<ErrorController>(a => a.NoAccessToStep()); } }
public static RiskRecommendationViewModel Create(int projectStepId, Risk risk, RiskRecommendation riskRecommendation = null) { Check.Require(risk != null, "risk is required."); var viewModel = new RiskRecommendationViewModel() { ProjectStepId = projectStepId, RiskRecommendation = riskRecommendation ?? new RiskRecommendation(), Risk = risk }; return viewModel; }
public ActionResult Edit(int id, int projectStepId, RiskRecommendation riskRecommendation) { // clear the modelstate ModelState.Remove("riskRecommendation.Risk"); try { var projectStep = _projectService.GetProjectStep(projectStepId, CurrentUserId); var recommendationToEdit = Db.RiskRecommendations .Include("Risk").Include("Risk.Project") .Include("Risk.AssessmentType") .Where(a => a.Id == id).Single(); // copy the values recommendationToEdit.Controls = riskRecommendation.Controls; recommendationToEdit.Impact = riskRecommendation.Impact; recommendationToEdit.Feasibility = riskRecommendation.Feasibility; if (ModelState.IsValid) { Db.SaveChanges(); Message = "Risk recommendation has been updated."; return RedirectToAction("Index", recommendationToEdit.Risk.AssessmentType.Controller, new { id = projectStepId, projectId = recommendationToEdit.Risk.Project.Id }); } var viewModel = RiskRecommendationViewModel.Create(projectStepId, recommendationToEdit.Risk, riskRecommendation); return View(viewModel); } catch (SecurityException) { return this.RedirectToAction<ErrorController>(a => a.NoAccessToStep()); } }