public ActionResult ItemDb(int?filterId, int?itemId)
{
bool isAuthorized = false;
if (filterId != null)
{
isAuthorized = User.Identity.GetUserId() == _context.Filters.SingleOrDefault(i => i.Id == filterId).UserId;
if (!isAuthorized)
{
return(HttpNotFound());
}
return(View("ItemDb", new ItemUserViewModel()
{
FilterId = filterId
}));
}
if (itemId != null)
{
var itemInDb = _context.UsersItems.SingleOrDefault(i => i.Id == itemId);
if (itemInDb == null)
{
return(HttpNotFound());
}
isAuthorized = User.Identity.GetUserId() == _context.Filters.SingleOrDefault(i => i.Id == itemInDb.FilterId).UserId;
if (!isAuthorized)
{
return(HttpNotFound());
}
ItemUserViewModel viewModel = ItemUserModelMap.ItemUserToViewModel(itemInDb);
return(View("ItemDb", viewModel));
}
return(View("MyFilters", "Filters"));
}
public ActionResult ItemSession(int?id)
{
if (id == null)
{
return(View("ItemSession", new ItemUserViewModel()));
}
List <ItemUser> viewModel = Session["ItemsList"] as List <ItemUser>;
if (viewModel == null)
{
return(HttpNotFound());
}
var item = ItemUserModelMap.ItemUserToViewModel(viewModel.SingleOrDefault(i => i.Id == id));
if (item == null)
{
return(HttpNotFound());
}
return(View("ItemSession", item));
}