示例#1
0
        public async Task <IActionResult> Details(int id)
        {
            Role role = await AuthorizationTools.GetRoleAsync(User, _context);

            ViewData.Add("role", role);
            ViewData.Add("id", AuthorizationTools.GetUserDbId(User, _context, role));
            string email = AuthorizationTools.GetEmail(User);

            if (role == Role.ADMIN)
            {
                return(new UnauthorizedResult());
            }

            Application app = _context.JobApplications
                              .Include(x => x.JobOffer)
                              .Include(x => x.Candidate)
                              .Include(x => x.JobOffer.HR)
                              .Include(x => x.JobOffer.HR.Company)
                              .Include(x => x.Comments)
                              .Where(a => a.Id == id)
                              .FirstOrDefault();

            if (app == null)
            {
                return(new NotFoundResult());
            }
            if (role == Role.HR)
            {
                HR us = _context.HRs.Where(c => c.EmailAddress == email).FirstOrDefault();
                if (us == null || us.Id != app.JobOffer.HR.Id)
                {
                    return(new UnauthorizedResult());
                }
                ApplicationWithComment appWithComm = new ApplicationWithComment(app);
                return(View("DetailsHR", appWithComm));
            }
            else
            {
                Candidate us = _context.Candidates.Where(c => c.EmailAddress == email).FirstOrDefault();
                if (us == null || us.Id != app.Candidate.Id)
                {
                    return(new UnauthorizedResult());
                }

                return(View("DetailsCandidate", app));
            }
        }
示例#2
0
        public async Task <ActionResult> CreateCommentAjax(ApplicationWithComment model)
        {
            Role role = await AuthorizationTools.GetRoleAsync(User, _context);

            ViewData.Add("role", role);
            ViewData.Add("id", AuthorizationTools.GetUserDbId(User, _context, role));
            if (model.CommentText == "")
            {
                RedirectToAction("Details", new { id = model.Id });
            }
            if (role != Role.HR)
            {
                return(new UnauthorizedResult());
            }
            Application app = _context.JobApplications
                              .Include(x => x.Comments)
                              .Include(x => x.JobOffer)
                              .Include(x => x.JobOffer.HR)
                              .Where(a => a.Id == model.Id).FirstOrDefault();
            string email = AuthorizationTools.GetEmail(User);
            HR     hr    = _context.HRs.Where(c => c.EmailAddress == email).First();

            if (app.JobOffer.HR != hr)
            {
                return(new UnauthorizedResult());
            }

            Comment comm = new Comment()
            {
                Text = model.CommentText, Application = app
            };

            await _context.Comments.AddAsync(comm);

            await _context.SaveChangesAsync();

            return(RedirectToAction("Details", new { id = model.Id }));
        }