public async Task <IActionResult> Deny(ProcessRequestGroupModel model)
{
var requestGroup = await _dbContext.RequestGroups.GetRequestGroupById(model.RequestGroupId);
if ((await _authorizationService.AuthorizeAsync(User, requestGroup.OrderGroup, Policies.Accept)).Succeeded)
{
if (!requestGroup.CanDeny)
{
return(RedirectToAction("Index", "Home", new { ErrorMessage = "Det går inte att neka denna tillsättning" }));
}
await _orderService.DenyRequestGroupAnswer(requestGroup, User.GetUserId(), User.TryGetImpersonatorId(), model.DenyMessage);
await _dbContext.SaveChangesAsync();
return(RedirectToAction(nameof(View), new { id = requestGroup.OrderGroupId }));
}
return(Forbid());
}
public async Task <IActionResult> Approve(ProcessRequestGroupModel model)
{
var requestGroup = await _dbContext.RequestGroups.GetRequestGroupById(model.RequestGroupId);
if ((await _authorizationService.AuthorizeAsync(User, requestGroup.OrderGroup, Policies.Accept)).Succeeded)
{
if (!requestGroup.CanApprove)
{
_logger.LogError("Wrong status when trying to Approve request group. Status: {requestGroup.Status}, RequestGroupId: {requestGroup.RequestGroupId}", requestGroup.Status, requestGroup.RequestGroupId);
return(RedirectToAction(nameof(View), new { id = requestGroup.OrderGroupId }));
}
await _orderService.ApproveRequestGroupAnswer(requestGroup, User.GetUserId(), User.TryGetImpersonatorId());
await _dbContext.SaveChangesAsync();
return(RedirectToAction(nameof(View), new { id = requestGroup.OrderGroupId }));
}
return(Forbid());
}
