public async Task <ActionResult> Edit(int weekId, int employeeId) { var currentUserId = await sessionAdapter.EmployeeIdAsync(); if (!User.IsInRole(UserRoleName.Admin) && employeeId != currentUserId) { return(RedirectToAction("Edit", new { weekId, employeeId = currentUserId })); } var req = new WeekOfTimeEntriesRequest() { EmployeeId = employeeId, RequestingUserIsAdmin = User.IsInRole(UserRoleName.Admin), RequestingUserName = User.Identity.Name, WeekId = weekId }; var vm = await weekOfTimeEntriesQuery.GetFullTimeEntryViewModelAsync(req); return(View("Week", vm)); }
public async Task <IActionResult> SetTimeForEffort([FromBody] Dictionary <DayOfWeek, Day> saveRequest, [FromRoute(Name = "week-id")] int weekid, [FromRoute(Name = "employee-id")] int employeeId, [FromRoute(Name = "job-id")] int jobId, [FromRoute(Name = "task-id")] int taskId) { var currentUserId = await _sessionAdapter.EmployeeIdAsync(); if (!User.IsInRole(UserRoleName.Admin) && employeeId != currentUserId) { var msg = "You are not allowed to edit another users effort selection."; return(CreateErrorResponse(msg)); } var currentTime = await _weekOfTimeEntriesQuery.GetFullTimeEntryViewModelAsync(new WeekOfTimeEntriesRequest() { EmployeeId = employeeId, RequestingUserIsAdmin = User.IsInRole(UserRoleName.Admin), RequestingUserName = User.SafeUserName(), WeekId = weekid }); var rowToChange = currentTime.TimeEntryRow.FirstOrDefault(x => x.SelectedJobId == jobId & x.SelectedTaskId == taskId); foreach (var day in rowToChange.AllDays()) { day.Hours = saveRequest[day.DayOfWeek].Hours; day.OvertimeHours = saveRequest[day.DayOfWeek].OvertimeHours; } var addResult = await _saveTimeEntriesCommand.SaveTimeEntriesAsync(employeeId, weekid, currentTime); if (addResult.Successful) { NotificationsController.AddNotification(User.SafeUserName(), "Time saved"); return(new StatusCodeResult(StatusCodes.Status200OK)); } else { return(CreateErrorResponse(string.Join(", ", addResult.Errors))); } }