[ValidateAntiForgeryToken] // Tells ASP.NET MVC that we don't want to be vulnerable to CSRF attacks! public ActionResult Edit(string id, [Bind(Include = "businessUnitCode,title,description,officeAddress1,officeAddresss2,officeAddress3,officePostCode,officeContact,officePhone,officeEmail")] BusinessUnitDetailVM businessUnitVM) { if (ModelState.IsValid) // If validation checks pass... { var efmodel = db.BusinessUnits.FirstOrDefault(bu => bu.businessUnitCode.Equals(businessUnitVM.businessUnitCode, StringComparison.OrdinalIgnoreCase) && bu.Active == true); // Gets the business unit where the code equals the ID from the URL, regardless of case - equals null if not found var model = BusinessUnitDetailVM.buildModel(businessUnitVM, efmodel); // Turns the view model into an edited version of the raw data model db.Entry(model).State = EntityState.Modified; // Tells the database context that the model is being updated db.SaveChanges(); // Saves changes to the database return(RedirectToAction("Index")); // Redirects to the listing of BusinessUnits } return(View(businessUnitVM)); // Returns back to the edit form with the errors from validation }
// GET: BusinessUnits/Edit/5 public ActionResult Edit(string id) { if (String.IsNullOrEmpty(id)) { throw new HttpException(400, "Bad Request"); // If an ID isn't provided in the URL, a HTTP 400 exception is thrown } var thisBu = db.BusinessUnits.FirstOrDefault(bu => bu.businessUnitCode.Equals(id, StringComparison.OrdinalIgnoreCase) && bu.Active == true); // Gets the business unit where the code equals the ID from the URL, regardless of case, and isn't soft deleted - equals null if not found if (thisBu == null) { throw new HttpException(404, "Not Found"); // If the business unit doesn't exist for the given ID, a HTTP 404 exception is thrown } else { var viewModel = BusinessUnitDetailVM.buildViewModel(thisBu); // Passes the business unit to the view model to get an object with formatted data return(View(viewModel)); // Passes the formatted business unit to the Razor view engine to render to the screen, using /Views/BusinessUnits/Edit.cshtml } }
[ValidateAntiForgeryToken] // Tells ASP.NET MVC that we don't want to be vulnerable to CSRF attacks! public ActionResult Create([Bind(Include = "businessUnitCode,title,description,officeAddress1,officeAddresss2,officeAddress3,officePostCode,officeContact,officePhone,officeEmail")] Task1Start.Models.BusinessUnitDetailVM businessUnitVM) { if (ModelState.IsValid) // If validation checks pass... { if (db.BusinessUnits.Count(bu => bu.businessUnitCode.Equals(businessUnitVM.businessUnitCode, StringComparison.OrdinalIgnoreCase) && bu.Active == true) > 0) { ViewBag.Message = "The business unit code is already in use!"; return(View(businessUnitVM)); } else { var model = BusinessUnitDetailVM.buildModel(businessUnitVM); // Passes the view model data and gets back a BusinessUnit model model.Active = true; // Sets the active flag to true (it's not been soft deleted!) db.BusinessUnits.Add(model); // Inserts the data to the database as a new row db.SaveChanges(); // Saves the changes to the database return(RedirectToAction("Index")); // Redirects to the BusinessUnits list } } return(View(businessUnitVM)); // Returns back to the creation form with the errors from validation }