//Helper method. Check if User is Author of a comment on guest paste or Admin private bool IsAuthorisedOnGuest(CommentOnGuest comment) { var isAdmin = this.User.IsInRole("Admin"); var isAuthor = comment.IsAuthor(this.User.Identity.GetUserId()); return(isAdmin || isAuthor); }
public ActionResult EditOnGuest(CommentOnGuest model) { if (ModelState.IsValid) { var db = new CodeItDbContext(); var comment = db.CommentsOnGuest.Find(model.Id); if (comment == null || !IsAuthorisedOnGuest(comment)) { return(HttpNotFound()); } comment.Content = model.Content; comment.TimeCreated = DateTime.Now; db.SaveChanges(); return(RedirectToAction("GuestCodeDetails", "Code", new { id = comment.CodeId })); } return(View(model)); }