public ActionResult Create(TextEditorViewModel model)
{
if (!ModelState.IsValid)
{
return(View("Edit", model));
}
if (model.Id == 0)
{
model.CreatorId = User.Identity.GetUserId();
_context.Notes.Add(model);
}
else
{
var currentUser = User.Identity.GetUserId();
if (_context.Access.SingleOrDefault(a => a.UserId == currentUser && a.NoteId == model.Id && a.CanEdit == true) != null ||
_context.Notes.SingleOrDefault(n => n.CreatorId == currentUser && n.Id == model.Id) != null)
{
var noteInDb = _context.Notes.Single(c => c.Id == model.Id);
noteInDb.Title = model.Title;
noteInDb.Content = model.Content;
TryUpdateModel(noteInDb);
}
}
_context.SaveChanges();
var textModel = new TextAccessViewModel {
textEditorViewModel = model
};
return(View("TextDisplay", textModel));
}
public ActionResult Edit(int id)
{
if (id == 0)
{
return(RedirectToAction("Index"));
}
else
{
var currentUser = User.Identity.GetUserId();
TextEditorViewModel noteInDb = _context.Notes.Single(c => c.Id == id);
TextAccessViewModel noteModel = new TextAccessViewModel {
textEditorViewModel = noteInDb
};
if (noteInDb.CreatorId == currentUser ||
(_context.Access.SingleOrDefault(a => a.UserId == currentUser && a.NoteId == noteInDb.Id && a.CanEdit) != null))
{
return(View("Edit", noteInDb));
}
else
{
return(View("ErrorNote"));
}
}
}
public ActionResult GetNote(int id)
{
if (id == 0)
{
return(RedirectToAction("Index"));
}
else
{
var currentUser = User.Identity.GetUserId();
TextEditorViewModel noteInDb = _context.Notes.Single(c => c.Id == id);
var noteModel = new TextAccessViewModel {
textEditorViewModel = noteInDb
};
var accessibleNotes = _context.Access.SingleOrDefault(a => a.NoteId == id && a.UserId == currentUser && a.CanEdit == true);
if (accessibleNotes == null)
{
accessibleNotes = _context.Access.SingleOrDefault(a => a.NoteId == id && a.UserId == currentUser &&
a.CanEdit == false);
}
if (noteInDb.CreatorId == currentUser || accessibleNotes != null)
{
//It would be nice to have something to protect CreatorId from a note that we pass to this view
return(View("TextDisplay", noteModel));
}
else
{
return(View("ErrorNote"));
}
}
}
public ActionResult Share(TextAccessViewModel helpModel)
{
var model = new AccessHelpModel
{
NoteId = helpModel.NoteId, Username = helpModel.Username, CanEdit = helpModel.CanEdit
};
var currentUserId = User.Identity.GetUserId();
if ((_context.Notes.SingleOrDefault(n => n.CreatorId == currentUserId && n.Id == model.NoteId) != null) ||
(_context.Access.SingleOrDefault(n => n.UserId == currentUserId && n.NoteId == model.NoteId && n.CanEdit == true) != null))
{
if (_context.Users.SingleOrDefault(u => u.UserName == model.Username) != null)
{
string userId = _context.Users.SingleOrDefault(u => u.UserName == model.Username).Id;
if (_context.Access.SingleOrDefault
(
n => n.NoteId == model.NoteId &&
n.UserId == userId &&
n.CanEdit == model.CanEdit
) == null)
{
AccessModel accessModel = new AccessModel {
NoteId = model.NoteId, UserId = userId, CanEdit = model.CanEdit
};
_context.Access.Add(accessModel);
_context.SaveChanges();
}
}
else
{
//Create alert when there is no user with given name
}
//Change the action that You redirect to
return(RedirectToAction("GetNote", new { id = model.NoteId }));
}
return(View("ErrorNote"));
}
