public MasterIncident Create(MasterIncident masterIncident)
{
using (ShoutboxContext db = new ShoutboxContext())
{
//Html encode all user submitted input to prevent XSS
masterIncident.IM = Encoder.HtmlEncode(masterIncident.IM);
masterIncident.KM = Encoder.HtmlEncode(masterIncident.KM);
masterIncident.Description = Encoder.HtmlEncode(masterIncident.Description);
masterIncident.Active = true;
db.Users.Attach(masterIncident.User);
db.MasterIncidents.Add(masterIncident);
db.SaveChanges();
return(db.MasterIncidents.FirstOrDefault(f => f.MasterIncidentID == masterIncident.MasterIncidentID));
}
}
public Task CreateMasterIncident(string description, string km, string im)
{
User user = _userRepository.GetByLogonUser(Context.User.Identity.Name);
if (user.Role < Roles.Moderator)
{
return(null);
}
MasterIncident masterincident = new MasterIncident
{
Description = description,
KM = km,
IM = im,
Timestamp = DateTime.Now,
User = user
};
_MasterIncidentRepository.Create(masterincident);
return(Clients.All.AddMasterIncident(masterincident.MasterIncidentID, masterincident.Description, masterincident.KM, masterincident.IM, masterincident.Timestamp));
}
