public IActionResult Details([Bind(Prefix = "id")] int id)
{
var groceryList = _groceryLists.ReadGroceryList(id);
//Get the user's id from the DB
string userId = _manager.GetUserId(HttpContext.User);
//get the user from the DB
ApplicationUser au = _userManager.ReadAll().FirstOrDefault(p => p.Id == userId);
//Check both ownership rights and if they have permitted to view the list
if (userId.Equals(groceryList.OwnerId) || groceryList.PriviligedPeople.Contains(au))
{
if (groceryList == null)
{
return(RedirectToAction("Index", "Home"));
}
return(View(groceryList));
}
else
{
return(Content("You must be a permitted user to view this list."));
}
}
public IActionResult Create(int listId, CreateGroceryVM cgvm)
{
var list = _groceryLists.ReadGroceryList(listId);
if (list == null)
{
return(NotFound());
}
if (ModelState.IsValid)
{
var item = _groceryItem.CreateGroceryItem(cgvm.CreateGrocery());
list.GroceryItems.Add(item);
_groceryLists.UpdateGroceryList(0, list);
if (IsAjaxRequest())
{
return(Json(cgvm));
}
}
if (IsAjaxRequest())
{
return(Json(cgvm));
}
return(RedirectToAction("Create", "GroceryList", new { listId = listId }));
}
/// <summary>
/// Calls the delete page using a GET request.
/// </summary>
/// <param name="id"></param>
/// <returns></returns>
public IActionResult Delete(int id)
{
var gList = _groceryLists.ReadGroceryList(id);
if (gList == null)
{
return NotFound("Could not find Grocery List.");
}
string userId = _manager.GetUserId(HttpContext.User);
var projectVM = new DeleteGroceryListVM
{
OwnerId = gList.OwnerId,
GroceryItems = gList.GroceryItems,
Id = id,
OwnerName = gList.OwnerName,
AssociativeEntities = gList.AssociativeEntities,
GroceryListName = gList.GroceryListName,
UserId = userId
};
return View(projectVM);
}
