public async Task <ActionResult> Edit(NoticeViewModel vm)
{
using (NoticeManager nm = new NoticeManager())
{
var postedBy = await nm.PostedBy(vm.Id);
var current = await User.Identity.GetApplicationUserAsync();
var notice = await nm.GetAsync(vm.Id);
if (notice.Status == NoticeStatus.Approved)
{
return(Json(JsonViewModel.Error));
}
if ((postedBy.Id == current.Id && notice.IsPendingApproval) ||
await User.Identity.IsModeratorAsync())
{
notice.NoticeId = vm.Id;
notice.HighPriority = vm.isHighPriority;
notice.NoticeBoardId = vm.NoticeBoardId;
notice.Title = vm.Title;
notice.Description = vm.Description;
notice.Status = NoticeStatus.PendingApproval;
var res = await nm.UpdateAsync(notice);
//if (res > 0) ;
// return Json(JsonViewModel.Success);
}
}
// return Json(JsonViewModel.Error);
return(RedirectToAction("Index", "MyPosts"));
}
// Get:Boards/EditNotice/5
public async Task <ActionResult> EditNotice(int id)
{
using (NoticeManager nm = new NoticeManager())
{
var notice = await nm.GetAsync(id);
var board = await db.GetAsync(notice.NoticeBoardId);
// access denied if user is not a staff and the notice board is official
if (board.IsOfficial)
{
if (!await User.Identity.IsStaffAsync())
{
throw new HttpException(403, "Access Denied");
}
}
var vm = NoticeMappings.To <NoticeViewModel>(notice);
return(View(vm));
}
}
public async Task <ActionResult> Delete(int noticeId)
{
using (NoticeManager nm = new NoticeManager())
{
var postedBy = await nm.PostedBy(noticeId);
var current = await User.Identity.GetApplicationUserAsync();
var notice = await nm.GetAsync(noticeId);
if ((postedBy.Id == current.Id && notice.IsPendingApproval) ||
await User.Identity.IsModeratorAsync())
{
var res = await nm.DeleteAsync(noticeId);
//if (res > 0) ;
// return Json(JsonViewModel.Success);
}
}
// return Json(JsonViewModel.Error);
return(RedirectToAction("Index", "Home"));
}