public IActionResult StudentSubmission()
{
try
{
string email = User.Identity.Name;
var submissionList = _submissionService.GetSubmissionsForStudent(email);
return(View(submissionList));
}
catch (Exception ex)
{
_logger.LogError(ex.Message + " ip: " + GetIpAddress() + " | Timestamp: " + DateTime.Now + " | Email: " + User.Identity.Name);
return(RedirectToAction("Error", "Home"));
}
}
public override void OnActionExecuting(ActionExecutingContext context)
{
try
{
var currentLoggedInUser = context.HttpContext.User.Identity.Name;
ISubmissionsService subService = (ISubmissionsService)context.HttpContext.RequestServices.GetService(typeof(ISubmissionsService));
var submissions = subService.GetSubmissionsForStudent(currentLoggedInUser);
foreach (var sub in submissions)
{
if (sub.email != currentLoggedInUser)
{
context.Result = new UnauthorizedObjectResult("Access Denied");
}
}
}
catch (Exception ex)
{
context.Result = new BadRequestObjectResult("Bad Request");
}
}
