public ActionResult Add(EntryModel entry)
{
if (!User.IsInRole("writer") && !User.IsInRole("chief"))
{
return Redirect("~/Home/AccessError");
}
if (ModelState.IsValid)
{
Entry newEntry;
BlogManager db = new BlogManager();
entry.Created = DateTime.Now;
entry.Author = User.Identity.Name;
newEntry = Mapper.Map<Entry>(entry);
db.Add(newEntry);
db.Save();
return RedirectToAction("ViewEntry", new { id = newEntry.Id });
}
return View(entry);
}
public ActionResult Delete(int id)
{
BlogManager db = new BlogManager();
Entry etr = db.GetEntry(id);
if ((etr.Author == User.Identity.Name && User.IsInRole("writer"))
|| User.IsInRole("chief"))
{
db.Delete(etr);
db.Save();
return RedirectToAction("Index");
}
else
{
return Redirect("~/Home/AccessError");
}
}