public ActionResult Edit(int?id)
        {
            var userId       = User.Identity.GetUserId();
            var shoppingList = _context.ShoppingLists.Include(sl => sl.Items).SingleOrDefault(sl => sl.Id == id);

            if (shoppingList == null)
            {
                Response.StatusCode = 404;
                ViewBag.Message     = "Ostoslistaa ei löytynyt";
                return(View("Error"));
            }

            var editAllowedForCurrentUser = _context.ShoppingListShares
                                            .Any(s => s.ShoppingListId == shoppingList.Id && s.ReceiverUserId == userId && s.EditAllowed);

            if (shoppingList.OwnerId != userId && !editAllowedForCurrentUser)
            {
                Response.StatusCode = 403;
                ViewBag.Message     = "Ei oikeutta käsitellä ostoslistaa";
                return(View("Error"));
            }

            var vm = ShoppingListViewModel.Create(shoppingList);

            var shares = _context.ShoppingListShares
                         .Where(s => s.ShoppingListId == shoppingList.Id)
                         .Include(s => s.Receiver);

            List <ShowShareViewModel> shareVms = new List <ShowShareViewModel>();

            foreach (var share in shares)
            {
                shareVms.Add(new ShowShareViewModel
                {
                    UserId   = share.ReceiverUserId,
                    UserName = share.Receiver.UserName
                });
            }

            vm.Shares  = shareVms;
            vm.IsOwner = shoppingList.OwnerId == userId;

            return(View(new ComboViewModel {
                ShoppingListViewModel = vm
            }));
        }
        public ActionResult Edit(ComboViewModel vm)
        {
            if (ModelState.IsValid)
            {
                var userId = User.Identity.GetUserId();
                var list   = _context.ShoppingLists.FirstOrDefault(s => s.Id == vm.ShoppingListViewModel.Id);

                if (list == null)
                {
                    Response.StatusCode = 404;
                    ViewBag.Message     = "Ostoslistaa ei löytynyt";
                    return(View("Error"));
                }

                if (list.OwnerId != userId && !EditAllowedForCurrentUser(list))
                {
                    Response.StatusCode = 403;
                    ViewBag.Message     = "Ei oikeutta käsitellä ostoslistaa";
                    return(View("Error"));
                }

                var item = new ShoppingListItem
                {
                    Name           = vm.ShoppingListItemViewModel.Name,
                    Quantity       = vm.ShoppingListItemViewModel.Quantity,
                    Added          = DateTime.UtcNow,
                    ShoppingListId = vm.ShoppingListViewModel.Id
                };

                _context.ShoppingListItems.Add(item);
                _context.SaveChanges();

                return(RedirectToAction("Edit", "ShoppingLists", new { id = vm.ShoppingListViewModel.Id }));
            }

            var shoppingList = _context.ShoppingLists.Include(sl => sl.Items).SingleOrDefault(sl => sl.Id == vm.ShoppingListViewModel.Id);

            var comboVm = new ComboViewModel
            {
                ShoppingListViewModel = ShoppingListViewModel.Create(shoppingList)
            };

            return(View(comboVm));
        }