public MasterIncident Create(MasterIncident masterIncident)
        {
            using (ShoutboxContext db = new ShoutboxContext())
            {
                //Html encode all user submitted input to prevent XSS
                masterIncident.IM          = Encoder.HtmlEncode(masterIncident.IM);
                masterIncident.KM          = Encoder.HtmlEncode(masterIncident.KM);
                masterIncident.Description = Encoder.HtmlEncode(masterIncident.Description);
                masterIncident.Active      = true;

                db.Users.Attach(masterIncident.User);
                db.MasterIncidents.Add(masterIncident);
                db.SaveChanges();

                return(db.MasterIncidents.FirstOrDefault(f => f.MasterIncidentID == masterIncident.MasterIncidentID));
            }
        }
Пример #2
0
        public Task CreateMasterIncident(string description, string km, string im)
        {
            User user = _userRepository.GetByLogonUser(Context.User.Identity.Name);

            if (user.Role < Roles.Moderator)
            {
                return(null);
            }

            MasterIncident masterincident = new MasterIncident
            {
                Description = description,
                KM          = km,
                IM          = im,
                Timestamp   = DateTime.Now,
                User        = user
            };

            _MasterIncidentRepository.Create(masterincident);

            return(Clients.All.AddMasterIncident(masterincident.MasterIncidentID, masterincident.Description, masterincident.KM, masterincident.IM, masterincident.Timestamp));
        }