public async Task <IActionResult> EventCreation(EventModel newEvent) { var user = await userManager.GetUserAsync(User); CalendarRepository repo = new CalendarRepository(configModel.ConnectionString); // Ensure that ONLY staff accounts have access to this API endpoint if (user == null || !await userManager.IsInRoleAsync(user, UserHelpers.UserRoles.Staff.ToString())) { return(Utilities.ErrorJson("Not authorized")); } // Validate that the required fields (name and date) are filled out. // Note that in C#, DateTimes are never null, so instead of checking for null, we check for DateTime.MinValue, which is the // default value that ASP.NET's model binding will provide if the date is not included in the API call. if (newEvent.Date == DateTime.MinValue || String.IsNullOrEmpty(newEvent.Name)) { return(Utilities.ErrorJson("The event must have both a name and a date")); } // Insert the new event into the database try { repo.CreateEvent(newEvent.Name, newEvent.Date, String.IsNullOrEmpty(newEvent.Description) ? "" : newEvent.Description); } catch (Exception e) { return(Utilities.ErrorJson(e.Message)); } return(new JsonResult(new { Error = "" })); }