public ActionResult UpdateUser(int userId, string name, string surname, string email, string password, string username, int roleId, bool isDeleted = false) { using (var db = new BlogDbContext()) { var user = db.Users.FirstOrDefault(u => u.UserId == userId); if (user != null) { user.Name = name; user.Surname = surname; user.Email = email; user.Username = username; user.RoleId = roleId; if (!string.IsNullOrEmpty(password)) { user.Password = GetMethods.GetHash(password); } user.IsDeleted = Convert.ToBoolean(isDeleted); if (!isDeleted) { var posts = db.Posts.Where(p => p.UserId == userId).ToList(); RestoreUserPosts(posts); } } db.SaveChanges(); return(View("~/Views/Admin/AdminMain.cshtml")); } }
public ActionResult CreateUser(string name, string surname, string email, string password, string username, int roleId) { var isAdmin = CheckMethods.IsCurrentUserAdmin(User.Identity.Name); if (User.Identity.IsAuthenticated && isAdmin) { using (var db = new BlogDbContext()) { var user = new User(); user.Name = name; user.Surname = surname; user.Email = email; user.Username = username; user.Password = GetMethods.GetHash(password); user.RoleId = roleId; db.Users.Add(user); db.SaveChanges(); return(View("~/Views/Admin/AdminMain.cshtml")); } } return(new HttpStatusCodeResult(HttpStatusCode.Forbidden)); }