public virtual async Task <IActionResult> NewsItemCreate()
{
if (!await _permissionService.AuthorizeAsync(StandardPermissionProvider.ManageNews))
{
return(AccessDeniedView());
}
//prepare model
var model = await _newsModelFactory.PrepareNewsItemModelAsync(new NewsItemModel(), null);
return(View(model));
}
public virtual async Task <IActionResult> NewsItem(int newsItemId)
{
if (!_newsSettings.Enabled)
{
return(RedirectToRoute("Homepage"));
}
var newsItem = await _newsService.GetNewsByIdAsync(newsItemId);
if (newsItem == null)
{
return(InvokeHttp404());
}
var notAvailable =
//published?
!newsItem.Published ||
//availability dates
!_newsService.IsNewsAvailable(newsItem) ||
//Store mapping
!await _storeMappingService.AuthorizeAsync(newsItem);
//Check whether the current user has a "Manage news" permission (usually a store owner)
//We should allows him (her) to use "Preview" functionality
var hasAdminAccess = await _permissionService.AuthorizeAsync(StandardPermissionProvider.AccessAdminPanel) && await _permissionService.AuthorizeAsync(StandardPermissionProvider.ManageNews);
if (notAvailable && !hasAdminAccess)
{
return(InvokeHttp404());
}
var model = new NewsItemModel();
model = await _newsModelFactory.PrepareNewsItemModelAsync(model, newsItem, true);
//display "edit" (manage) link
if (hasAdminAccess)
{
DisplayEditLink(Url.Action("NewsItemEdit", "News", new { id = newsItem.Id, area = AreaNames.Admin }));
}
return(View(model));
}
