public ActionResult Delete(int id) { var comment = commentsRepo.GetCommentWithId(id); if (comment == null) { throw new HttpException((int)HttpStatusCode.NotFound, "Not found!"); } var commentsHelper = new CommentsHelper(); if (!commentsHelper.CanDelete(comment, User.Identity.GetUserId(), User.IsInRole("Administrator"))) { throw new HttpException((int)HttpStatusCode.Forbidden, "Forbidden!"); } commentsRepo.RemoveCommentWithId(id); if (Request.IsAjaxRequest()) { var commentsFromProjectTask = commentsRepo.GetCommentsForProjectTaskId(comment.ProjectTaskId); var comments = commentsHelper.CommentViewModelsFromComments(commentsFromProjectTask, User.IsInRole("Administrator"), User.Identity.GetUserId()).ToList(); return(Json(comments, JsonRequestBehavior.AllowGet)); } ViewBag.AllUsers = db.Users.ToList(); return(View("~/Views/ProjectTasks/Details.cshtml", comment.ProjectTask)); }
public ActionResult Create(Comment comment) { comment.UserId = User.Identity.GetUserId(); comment.Created = DateTime.Now; comment.ProjectTask = projectTasksRepo.GetProjectTaskById(comment.ProjectTaskId); comment.ApplicationUser = usersRepo.GetUserById(User.Identity.GetUserId()); if (!(coursesRepo.IsInCourse(comment.ProjectTask.Project.Course.Id, comment.UserId, User.IsInRole("Administrator")))) { throw new HttpException((int)HttpStatusCode.Forbidden, "Forbidden!"); } commentsRepo.AddComment(comment); if (Request.IsAjaxRequest()) { var commentsHelper = new CommentsHelper(); var commentsFromProjectTask = commentsRepo.GetCommentsForProjectTaskId(comment.ProjectTaskId); var comments = commentsHelper.CommentViewModelsFromComments(commentsFromProjectTask, User.IsInRole("Administrator"), User.Identity.GetUserId()).ToList(); return(Json(comments, JsonRequestBehavior.AllowGet)); } ViewBag.AllUsers = db.Users.ToList(); return(View("~/Views/ProjectTasks/Details.cshtml", comment.ProjectTask)); }